--On Tuesday, December 05, 2006 8:47 PM -0500 "David F. Skoll"
<[EMAIL PROTECTED]> wrote:
I'm not very familiar with GIF and JPEG, but I have worked extensively
with TIFF. With a TIFF image, you can play many wacky tricks and
stuff data in the image file in countless weird ways. I don't know if
it's possible to "validate" a TIFF image.
IIRC, TIFF is a "catch-all" format that's highly-extensible, sorta like
XML. Yet XML is designed to validate. TIFF can have parts with arbitrary
content. I seem to recall the Amiga multimedia formats worked like that. At
one point someone was using the bento box as a model for data packaging.
JPEG and GIF are much simpler, but I bet they're still complex
enough to make validation iffy.
True at least for GIF. JPEG and I think PNG are also extensible, like TIFF.
But any extensible format requires a reader that understands the
extensions. It would be sufficient for me if the validator were itself
extensible with a yes/no/maybe answer similar to SPF.
In thinking about computing costs, it occurs to me that the validator could
be fed a time limit (measured in CPU time) at which point it rejects the
file as "too complex". There should also be a memory limit. Both of these
should catch those classes of file bombs.
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
