From b9daf0a408acb4099eda268ed80203f83ecd3fa5 Mon Sep 17 00:00:00 2001 From: Emmanuel Odeke Date: Tue, 24 Nov 2015 02:57:01 -0700 Subject: [PATCH] net/http: add more audio/video mime sniffing Following the spec at https://mimesniff.spec.whatwg.org/#matching-an-audio-or-video-type-pattern Adds signatures for: + audio/aiff + audio/basic + audio/midi + audio/mpeg + video/avi Updates the signature for: + application/ogg Also updates the pattern matching algorithm in https://mimesniff.spec.whatwg.org/#matching-a-mime-type-pattern by implementing clause 4 that dictates that the number of bytes in the pattern must match the number of bytes in the mask. Fixes #13383 Change-Id: Ie321f392e6570299c17176adf1c75f62f357e1e8 Reviewed-on: https://go-review.googlesource.com/17132 Reviewed-by: Brad Fitzpatrick Run-TryBot: Brad Fitzpatrick TryBot-Result: Gobot Gobot --- src/net/http/sniff.go | 37 ++++++++++++++++++++++++++++++++++++- src/net/http/sniff_test.go | 11 +++++++++++ 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/src/net/http/sniff.go b/src/net/http/sniff.go index 54986b9956..0d21b44a56 100644 --- a/src/net/http/sniff.go +++ b/src/net/http/sniff.go @@ -91,12 +91,41 @@ var sniffSignatures = []sniffSig{ ct: "image/webp", }, &exactSig{[]byte("\x00\x00\x01\x00"), "image/vnd.microsoft.icon"}, - &exactSig{[]byte("\x4F\x67\x67\x53\x00"), "application/ogg"}, &maskedSig{ mask: []byte("\xFF\xFF\xFF\xFF\x00\x00\x00\x00\xFF\xFF\xFF\xFF"), pat: []byte("RIFF\x00\x00\x00\x00WAVE"), ct: "audio/wave", }, + &maskedSig{ + mask: []byte("\xFF\xFF\xFF\xFF\x00\x00\x00\x00\xFF\xFF\xFF\xFF"), + pat: []byte("FORM\x00\x00\x00\x00AIFF"), + ct: "audio/aiff", + }, + &maskedSig{ + mask: []byte("\xFF\xFF\xFF\xFF"), + pat: []byte(".snd"), + ct: "audio/basic", + }, + &maskedSig{ + mask: []byte("OggS\x00"), + pat: []byte("\x4F\x67\x67\x53\x00"), + ct: "application/ogg", + }, + &maskedSig{ + mask: []byte("\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF"), + pat: []byte("MThd\x00\x00\x00\x06"), + ct: "audio/midi", + }, + &maskedSig{ + mask: []byte("\xFF\xFF\xFF"), + pat: []byte("ID3"), + ct: "audio/mpeg", + }, + &maskedSig{ + mask: []byte("\xFF\xFF\xFF\xFF\x00\x00\x00\x00\xFF\xFF\xFF\xFF"), + pat: []byte("RIFF\x00\x00\x00\x00AVI "), + ct: "video/avi", + }, &exactSig{[]byte("\x1A\x45\xDF\xA3"), "video/webm"}, &exactSig{[]byte("\x52\x61\x72\x20\x1A\x07\x00"), "application/x-rar-compressed"}, &exactSig{[]byte("\x50\x4B\x03\x04"), "application/zip"}, @@ -126,9 +155,15 @@ type maskedSig struct { } func (m *maskedSig) match(data []byte, firstNonWS int) string { + // pattern matching algorithm section 6 + // https://mimesniff.spec.whatwg.org/#pattern-matching-algorithm + if m.skipWS { data = data[firstNonWS:] } + if len(m.pat) != len(m.mask) { + return "" + } if len(data) < len(m.mask) { return "" } diff --git a/src/net/http/sniff_test.go b/src/net/http/sniff_test.go index e0085516da..ac404bfa72 100644 --- a/src/net/http/sniff_test.go +++ b/src/net/http/sniff_test.go @@ -39,7 +39,18 @@ var sniffTests = []struct { {"GIF 87a", []byte(`GIF87a`), "image/gif"}, {"GIF 89a", []byte(`GIF89a...`), "image/gif"}, + // Audio types. + {"MIDI audio", []byte("MThd\x00\x00\x00\x06\x00\x01"), "audio/midi"}, + {"MP3 audio/MPEG audio", []byte("ID3\x03\x00\x00\x00\x00\x0f"), "audio/mpeg"}, + {"WAV audio #1", []byte("RIFFb\xb8\x00\x00WAVEfmt \x12\x00\x00\x00\x06"), "audio/wave"}, + {"WAV audio #2", []byte("RIFF,\x00\x00\x00WAVEfmt \x12\x00\x00\x00\x06"), "audio/wave"}, + {"AIFF audio #1", []byte("FORM\x00\x00\x00\x00AIFFCOMM\x00\x00\x00\x12\x00\x01\x00\x00\x57\x55\x00\x10\x40\x0d\xf3\x34"), "audio/aiff"}, + {"OGG audio", []byte("OggS\x00\x02\x00\x00\x00\x00\x00\x00\x00\x00\x7e\x46\x00\x00\x00\x00\x00\x00\x1f\xf6\xb4\xfc\x01\x1e\x01\x76\x6f\x72"), "application/ogg"}, + + // Video types. {"MP4 video", []byte("\x00\x00\x00\x18ftypmp42\x00\x00\x00\x00mp42isom<\x06t\xbfmdat"), "video/mp4"}, + {"AVI video #1", []byte("RIFF,O\n\x00AVI LISTÀ"), "video/avi"}, + {"AVI video #2", []byte("RIFF,\n\x00\x00AVI LISTÀ"), "video/avi"}, } func TestDetectContentType(t *testing.T) {