l v said:
ImageMagick's identify command will list a file's format regardless of
it's name.
Len
----------------------------------------
Thank you all for your responses.
( Normally I only respond to responses
on the 2nd Tuesday of each month,
but this calls for an exception.)
I see that ImageMagick would do what I asked for. Thank you.
(--I may get around to installing it some day, --even though
there must be some good reason why ActiveState doesn't provide it.
(--maybe something to do with gif-laws?))
I found however that there is (-of course) a module
targeted at the specific task, --namely File::MMagic:
use File::MMagic;
my $MM = new File::MMagic;
print $MM->checktype_filename("Untitled.jpg");
__END__
That printed
"image/gif"
for me, since I'd renamed an "Untitled.gif" to "Untitled.jpg" before running it.
(for Windows Meta Files it responds with:
application/octet-stream
which is good enough for me, although it should probably respond with:
application/x-msmetafile
or
image/x-wmf
or something like that.)
(I changed those file-extensions just to check if MMagic actually looks at the
"magic" header-bytes to determine file-type (as its name - "MMagic" -suggests)
or only looks at file-extensions to determine file type.
This was because something I'd read by someone who'd read the doc
said he was left unsure about that. I think that was because MMagic
*can* consider file-extensions, and because he was using perl on Windows
and "knew" that Windows only ever goes by file-extension.
(Someone more used to shebang (sharp-bang: #!) type environments might
have made the opposite assumption.)
That's the heart of the problem though.
MSG said he was afraid that I
"have completely missed the point of this whole wmf issue:"
And, normally, that'd be a safe assumption about me.
(I know about malware only in principle, not in detail.
My interest has never gone in that direction.
But this case is quite different.
This case is easy to understand.
(Much easier even than buffer-overruns etc)
As everyone should know by now the problem is not in shimgvw.dll.
But neither is it in the archaic 16-bit function in gdi32.dll,
(the heart of windows) that lets arbitrary code run.
And it's not in the Paint program, or any other program that
renders wmf files with the gdi32.dll, and so might render evil.
Because if that was all there was to it, then you'd just treat
wmfs exactly like exes, - with filters and permissions.
Or disabling them altogether.
The real problem is of course that
a wmf --- can be a jpg.
Etc.
The real problem is this:
"MIME Type Detection in Internet Explorer"
http://msdn.microsoft.com/workshop/networking/moniker/overview/appendix_a.asp
it's Windows going by:
quote:
1) The server-supplied MIME type, if available
2) An examination of the actual contents associated with a downloaded URL
3) The file name associated with the downloaded content (assumed to be derived from the associated URL)
4) Registry settings (file extension/MIME type associations or registered applications) in effect during the download
...
quote:
FindMimeFromData
contains hard-coded tests for (currently 26) separate MIME types
(see Known MIME Types). This means that if a given buffer contains data
in the format of one of these MIME types, a test exists in FindMimeFromData
that is designed (by scanning through the buffer contents) to recognize
the corresponding MIME type.
Etc.
~greg
