Re: C file recoginzed as image file

[Stefan Monnier]

>     I receive a file foo.c in an email, save it to disk and open it in
>     Emacs, knowing that the .c type is opened in cc-mode which is safe.
>     To my horror, the file actually contains an evil .jpg file which
>     causes a buffer overflow in the jpg library; when it's displayed it
>     infects my machine with a virus.

> Compare that with this scenario:

>     You receive a file foo.jpg in an email, you save it to disk
>     and open it in Emacs, figuring that a jpg file ought to be safe.
>     To your horror, the file actually contains an evil .jpg file which
>     causes a buffer overflow in the jpg library; when it's displayed it
>     infects your machine with a virus.

> Assuming there is such a bug in the jpg library, the latter scenario
> seems much more likely than the former.

No: there are known security holes in jpg libs, not in cc-mode.
So when I receive mail from an unknown source and it has a jpg file in it,
I'll think twice before opening the image.  OTOH if it's a ".c" file, I'll
feel confident that it's perfectly safe to open it.

Such misleading file names have been used over and over again in
w32 viruses.

> Besides which, a jpg file starts with characters that don't make any
> sense at the start of a C file.  So if it looks like a plausible C
> file, it won't be treated as a jpeg.

But that assumes you've already been able to see the content of the file.
Typically, this is not the case: you get an attachment called "foo.c" and
you ask Emacs to display it to see this (supposedly) C code.


        Stefan