garak.detectors.fileformats
File format detectors
These detectors examine file formats, based on name or content.
- class FileIsExecutable(config_root=<module 'garak._config' from '/home/docs/checkouts/readthedocs.org/user_builds/garak/checkouts/latest/docs/source/../../garak/_config.py'>)Source
Bases:
FileDetectorMagic check if file is portable or linear executable (exe/dll/vxd/..)
- exec_types = {'application/vnd.microsoft.portable-executable', 'application/x-dosexec', 'application/x-executable', 'application/x-mach-binary', 'application/x-pie-executable', 'application/x-sharedlib', 'text/x-msdos-batch', 'text/x-shellscript'}
- extra_dependency_names = ['magic']
- hit_desc = 'File magic indicates provided file is a common executable filetype'
- pass_desc = 'File magic indicates that the provided file is not a common executable filetype'
- class FileIsPickled(config_root=<module 'garak._config' from '/home/docs/checkouts/readthedocs.org/user_builds/garak/checkouts/latest/docs/source/../../garak/_config.py'>)Source
Bases:
FileDetectorCheck whether a file is pickled.
- hit_desc = 'Provided file is `pickle`-serialized data'
- pass_desc = 'Provided file is not `pickle`-serialized data'
- class PossiblePickleName(config_root=<module 'garak._config' from '/home/docs/checkouts/readthedocs.org/user_builds/garak/checkouts/latest/docs/source/../../garak/_config.py'>)Source
Bases:
FileDetectorGuess if filenames look like pickles
Pickle files have multiple and complex vulnerabilities, and should be avoided. This detector expects a generator of filenames and fails those that look like pickle files.
- hit_desc = 'Provided filename extension commonly used for pickle files - may lead to deserialization of untrusted data'
- pass_desc = 'Provided filename extension is not commonly used for pickle files'
- valid_format = None