View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000705 | file | General | public | 2025-12-29 18:23 | 2026-01-10 16:23 |
| Reporter | bana | Assigned To | christos | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | feedback | Resolution | open | ||
| Summary | 0000705: Question: Parsing untrusted data | ||||
| Description | During some code reviews in other applications I came across multiple uses of file and libmagic where untrusted and sometimes even suspected malicious files were parsed to determine the file type. This seems kinda dangerous to me but I have not found any clear warnings or recommendations that would indicate if there are any recommended options to do this more safely or if this should be avoided altogether. Considering how many application depend on this code, I am wondering if some general advice could be added to the documentation / man page Thank you | ||||
| Tags | No tags attached. | ||||
|
|
Well, file is written in C and is bound to have bugs (it has had in the past). Some mitigations: 1. libmagic is constantly fuzzed by https://issues.oss-fuzz.com/issues?q=cc:zoulasc@gmail.com 2. you can compile it with sandboxing on linux so that it can execute system calls maliciously. 3. you can run in in a container or separate cgroup. |
