Reduce false positives for PHP in MimeMagic
(bug 16583) This was detecting PHP if any of a few three-byte strings
occurred anywhere in the first 1024 bytes of the file. This is too
paranoid -- it creates a significant number of false positives for
binary files, reportedly on the order of about one every 4096 uploads.
It's hard to see what security advantage this check every conveyed,
because it only looks in the first 1024 bytes anyway. For the purposes
of upload it could surely be removed entirely, but I didn't check all
callers, so maybe some caller wants to guess whether the file is PHP for
some purpose other than banning it. So for now I only removed the
checks for the shortest strings, which were most likely to get hit.
dépôts / lhc / web / wiklou.git / commit