Currently, files that have a file extension that does not match their real mime
type are rejected ONLY if the real type can be determined. You could upload a
bunch of random bytes as a JPG. Note that the real mime type is determined by
$wgMimeDetectorCommand, finfo_open or mime_content_tye, depending on setup.
I suggest to change this behavior, see the patch attached. The patch does the
following:
IF the mime type can not be determined BUT the file extension is listed in
mime.info ($wgMimeInfoFile), reject the file. IF the mime type can not be
determined AND the file extension is NOT listed in mime.info, allow the file.
The only possible problem I see is this:
IF an "obscure" file type is allowed BUT that type is not recognized by the mime
detection AND the file extension is listed in mime.info, such files will be
rejected. The solution would be to remove that file type from mime.info (or
change the method of mime detection).
Version: 1.6.x
Severity: normal
OS: Linux
Platform: PC