PNG file that randomly contains a ZIP magic number is incorrectly detected as a "corrupt or otherwise unreadable ZIP file"
Open, Needs TriagePublic
Actions

Assigned To

None

Authored By

	Dinoguy1000
	Aug 10 2019, 3:00 PM

Description

Trying to upload the attached PNG file results in an error message "The file is a corrupt or otherwise unreadable ZIP file. It cannot be properly checked for security." Checking it in a hex editor, it turns out that one of the magic numbers for the ZIP format, PK\x05\x06, appears at offset 0xFA4. Can this be fixed? (If not, the error message should at least be clarified.)

AncientElf-ROD-IT-VG.png (160×240 px, 14 KB)

Related Objects

Mentioned Here: T68428: MimeMagic: ZIP types not properly detected

Event Timeline

Dinoguy1000 created this task.Aug 10 2019, 3:00 PM

Restricted Application added a project: Multimedia. · View Herald TranscriptAug 10 2019, 3:00 PM

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

Dinoguy1000 updated the task description. (Show Details)Aug 10 2019, 3:01 PM

Reminds me of T68428: MimeMagic: ZIP types not properly detected (though MimeMagic is now MimeAnalyzer).

Code that checks for PK\x05\x06 is at https://phabricator.wikimedia.org/source/mediawiki/browse/master/includes/libs/mime/MimeAnalyzer.php$808 and https://phabricator.wikimedia.org/source/mediawiki/browse/master/includes/utils/ZipDirectoryReader.php$221

PNG file that randomly contains a ZIP magic number is incorrectly detected as a "corrupt or otherwise unreadable ZIP file"Open, Needs TriagePublicActions

Description

Related Objects

Event Timeline

PNG file that randomly contains a ZIP magic number is incorrectly detected as a "corrupt or otherwise unreadable ZIP file"
Open, Needs TriagePublic
Actions