Developer Forum

Sorry to aks this question again, but I need to know, if we can blame a
problem on somebody else :-)

Our application fails on reading BMP files into a database. It turns out,
that the files, although they have extension .BMP are JFIF JPEG files. The
first bytes of the file tells me that (thanks Remy Lebeau).

So, is this normal, or do those file have a wrong extension?

Thanks for your help
Jacob

Whats your definition of normal? Its not *unusual* to encounter this sort
of thing. Thats why those other programs were able to open the file. They
were aware that you cant count on the extension matching the encoding
format, and they instead identified the encoding by the contents.


Typically jpg's would have a jpg extension, and bitmaps would have a .bmp
extension, if thats what you're asking.

Saying it's 'wrong' is subjective, as - as far as I know - there's no laws
or m *** edicts that mandate the file extension match the internal file
format. It's customary to match the encoding with the file extension, but
there's nothing enforcing that.

Jacob Havkrog schrieb:

I'm sorry if this sounds a little bit harsh, but if you think over it
again, you can answer it yourself.

--
The day after tomorrow is the third day of the rest of your life.

...und wech
Danny <dannys9 (at) gmx (dot) de>

They have the wrong extension.


Gambit

Lots of people think that they all they need to do to get their new file
working in their old program is rename it to match the extension the
program is expecting. You end up with PDFs renamed as Word documents,
bitmaps renamed as JPEGs. It's a descent into madness, I tell you! :)

Cheers,
Nicholas Sherlock

Lots of people think that they all they need to do to get their new file
working in their old program is rename it to match the extension the
program is expecting. You end up with PDFs renamed as Word documents,
bitmaps renamed as JPEGs. It's a descent into madness, I tell you! :)

Cheers,
Nicholas Sherlock

Well the fun thing is that it might actually work sometimes. If the software
just expects an extension and then uses a general object like TPicture to
load the file, you can thus fool the software.

Well, TPicture is a wrong example, but some software that actually checks
content instead of extension, like GraphicEx for instance.

Nils


"Nicholas Sherlock" < XXXX@XXXXX.COM > schreef in bericht

I have a report in QC (#12434) suggesting a redesign of TPicture and
TGraphic that would allow for content validation and not rely on extensions
anymore.


Gambit

Hi Remy,


Makes sense yes.. although it also has some added overhead.

Another thing to keep in mind, not that I think it will be a danger
directly.. but just spawing off a loader for the correct type, whenever the
extension is wrong, might be dangerous from a security perspective. Suppose
format "jpg" could contain a virus, and a general loader is used which is
affected, someone might send a "bmp" file, disguised as "jpg", and when
opening this seemingly innocent file, you would still get infected.

Nils

"Remy Lebeau (TeamB)" < XXXX@XXXXX.COM > schreef in bericht

Any kind of dynamic logic will. I'm sure CodeGear can better optimize it, I
merely provided a sample implementation to get the idea across.


Gambit