docs: update MIME testing results (26 signatures tested)

2025-12-25 23:37:05 +01:00
parent 645f6feefd
commit 4823ff7b5d
1 changed files with 34 additions and 34 deletions
--- a/documentation/security-testing-status.md
+++ b/documentation/security-testing-status.md
@@ -43,42 +43,42 @@ Tracking security testing progress and remaining tasks.

 ### MIME Detection - Additional Formats

-33 signatures untested on production:
+Tested on production (2025-12-25):

 ```
-[ ] WebP (image/webp)
-[ ] TIFF (image/tiff)
-[ ] BMP (image/bmp)
-[ ] ICO (image/x-icon)
-[ ] AVIF (image/avif)
-[ ] HEIC (image/heic)
-[ ] WebM (video/webm)
-[ ] MP4 (video/mp4)
-[ ] AVI (video/x-msvideo)
-[ ] MOV (video/quicktime)
-[ ] MKV (video/x-matroska)
-[ ] MP3 (audio/mpeg)
-[ ] WAV (audio/wav)
-[ ] FLAC (audio/flac)
-[ ] OGG (audio/ogg)
-[ ] WASM (application/wasm)
-[ ] 7z (application/x-7z-compressed)
-[ ] RAR (application/vnd.rar)
-[ ] TAR (application/x-tar)
-[ ] XZ (application/x-xz)
-[ ] BZ2 (application/x-bzip2)
-[ ] DMG (application/x-apple-diskimage)
-[ ] ISO (application/x-iso9660-image)
-[ ] DEB (application/vnd.debian.binary-package)
-[ ] RPM (application/x-rpm)
-[ ] CAB (application/vnd.ms-cab-compressed)
-[ ] DOCX (application/vnd.openxmlformats...)
-[ ] XLSX (application/vnd.openxmlformats...)
-[ ] PPTX (application/vnd.openxmlformats...)
-[ ] ODF (application/vnd.oasis.opendocument...)
-[ ] Java class (application/java-vm)
-[ ] Mach-O (application/x-mach-binary)
-[ ] AR archive (application/x-archive)
+[x] WebP (image/webp)                 PASS
+[x] TIFF-LE (image/tiff)              PASS
+[x] TIFF-BE (image/tiff)              PASS
+[x] BMP (image/bmp)                   PASS
+[x] ICO (image/x-icon)                PASS
+[x] WebM (video/webm)                 PASS
+[x] MP4 (video/mp4)                   PASS
+[x] MP3 (audio/mpeg)                  PASS
+[x] MP3-ID3 (audio/mpeg)              PASS
+[x] FLAC (audio/flac)                 PASS
+[x] OGG (audio/ogg)                   PASS
+[x] 7z (application/x-7z-compressed)  PASS
+[x] RAR (application/vnd.rar)         PASS
+[x] XZ (application/x-xz)             PASS
+[x] BZ2 (application/x-bzip2)         PASS
+[x] WASM (application/wasm)           PASS
+[x] MachO-32 (application/x-mach-binary) PASS
+[x] MachO-64 (application/x-mach-binary) PASS
+
+Fallback to text/plain (safe default):
+[~] AVI  - RIFF container, only WEBP subtype checked
+[~] MOV  - ftyp offset varies
+[~] WAV  - RIFF container, only WEBP subtype checked
+[~] CAB  - Signature not implemented
+[~] DEB  - Signature not implemented
+[~] AR   - Signature not implemented
+
+Known issues:
+[!] RPM  - Signature missing (0xEDABEEDB)
+[!] JavaClass - Detected as Mach-O (0xCAFEBABE collision)
+
+Not tested (no signature defined):
+[ ] AVIF, HEIC, MKV, TAR, DMG, ISO, DOCX/XLSX/PPTX, ODF
 ```

 ### Fuzzing Improvements