如何以编程方式确定文件的真实扩展名/类型? [英] How can I determine a file's true extension/type programmatically?

问题描述

我正在处理一个脚本，该脚本将处理用户上载到服务器的内容，并且我想知道，作为附加的安全层:

I am working on a script that will process user uploads to the server, and as an added layer of security I'd like to know:

有没有一种方法可以检测文件的真实扩展名/文件类型，并确保它不是另一种被不同扩展名掩盖的文件类型?

Is there a way to detect a file's true extension/file type, and ensure that it is not another file type masked with a different extension?

每种类型/扩展名都有字节戳或某些唯一标识符吗?

Is there a byte stamp or some unique identifier for each type/extension?

我希望能够检测到有人没有在他们上传的文件上应用其他扩展名.

I'd like to be able to detect that someone hasn't applied a different extension onto the file they are uploading.

推荐答案

不是，不是.

您将需要读取每个文件的前几个字节，并将其解释为已知文件类型的有限集合的标头.大多数文件具有不同的文件头，在MP3的前几个字节或前几个千字节中都有某种元数据.

You will need to read the first few bytes of each file and interpret it as a header for a finite set of known filetypes. Most files have distinct file headers, some sort of metadata in the first few bytes or first few kilobytes in the case of MP3.

您的程序将必须简单地尝试为每种接受的文件类型解析文件.

Your program will have to simply try parsing the file for each of your accepted filetypes.

对于我的程序，我在try-catch块中将上载的图像发送到imagemagick，如果该图像爆炸了，则我认为它是不良图像.这应该被认为是不安全的，因为我正在将任意的(用户提供的)二进制数据加载到外部程序中，该程序通常是攻击的载体.在这里，我相信imageMagick不会对我的系统做任何事情.

For my program, I send the uploaded image to imagemagick in a try-catch block, and if it blows up, then I guess it was a bad image. This should be considered insecure, because I am loading arbitrary (user supplied) binary data into an external program, which is generally an attack vector. here, I am trusting imageMagick to not do anything to my system.

我建议为要使用的重要文件类型编写自己的处理程序，以避免任何攻击媒介.

I recommend writing your own handlers for the significant filetypes you intend to use, to avoid any attack vectors.

我发现在PHP中有一些工具可以为您完成此操作.

I see in PHP there are some tools to do this for you.

此外，MIME类型是用户浏览器要求文件的类型.在代码中读取它们并对其执行操作既方便又有用，但这不是一种安全的方法，因为任何向您发送错误文件的人都会轻易地伪造MIME标头.这是一种前线防御，可以防止期望JPEG的代码进入PNG，但如果有人在.exe中嵌入病毒并将其命名为JPEG，则没有理由不对MIME类型进行欺骗.

Also, MIME types are what the user's browser claims the file to be. It is handy and useful to read those and act on them in your code, but it is not a secure method, because anyone sending you bad files will fake the MIME headers easily. It's sort of a front line defense to keep your code that expects a JPEG from barfing on a PNG, but if someone embedded a virus in a .exe and named it JPEG, there's no reason not to have spoofed the MIME type.

这篇关于如何以编程方式确定文件的真实扩展名/类型?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！