https://bugs.kde.org/show_bug.cgi?id=390002
--- Comment #7 from Ingo Klöcker <kloec...@kde.org> --- I had a quick look at what GpgME::data().type() is doing. It looks as if any data that starts with something that looks even remotely like a valid OpenPGP packet is identified as some OpenPGP data. The code trying to identifying the data basically only looks at the first byte. If bit 7 is set, then there is a chance of 31:127 that the data is identified as some kind of OpenPGP data and a chance of 15:127 that the data is identified as GpgME::Data::PGPOther. There is special code to prevent PNG files starting with "\x89PNG" from being identified as some kind of OpenPGP data, but that's the only blacklisting that's done. Given this, I conclude that GpgME::data().type() is not suitable for checking if arbitrary data is some kind of OpenPGP data. In my opinion, it should only be used on data if there are good reasons to assume that this data is indeed OpenPGP data, but if it's not clear what kind of OpenPGP data. For identifying data of type application/octet-stream, we should use file type detection provided by other libraries. Isn't there something in KF5 maybe in KIO that determines the mimetype? Or are we doing the GpgME::data().type() only after KIO returns application/octet-stream? -- You are receiving this mail because: You are watching all bug changes.
