https://bugzilla.wikimedia.org/show_bug.cgi?id=15895
--- Comment #8 from Tim Starling <[email protected]> 2008-12-20 08:03:55 UTC --- (In reply to comment #7) > I took a look at IEContentAnalyzer.php and our own model. > Our models are mostly identical, which is pretty impressive on both sides > given all the quirks in IE's algorithm. > To summarize, I found 4 discrepancies. > We have fixed one signature in our web and here are the other 3 that you might > want to fix: > > image/bmp > Bytes 8 and 9 should zero, rather than different than zero Confirmed. .text:78152D71 xor edi, edi .text:78152D73 inc edi ... .text:78152D9D cmp [esi+8], ax .text:78152DA1 jnz short return_zero .text:78152DA3 jmp short return_edi > image/gif > The signature is case insensitive, rather than case sensitive Confirmed. Calls StrCmpNICA which is case-insensitive. > application/macbinhex40 > The signature is case sensitive, rather than case insensitive Confirmed. Calls StrCmpNCA which is case-sensitive. This is really great, to have the two of us do this independently and then be able to compare the results. You couldn't ask for a more thorough treatment, short of IE going open source and factoring out their own code for us to use. I don't think any of those three changes are exploitable in the typical use case in MediaWiki, so I'll just commit them to the development branch. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
