Do not allow file type spoofing if the header bytes are not recognized

lib/carrierwave/sanitized_file.rb

@@ -341,7 +341,7 @@ def existing_content_type
     end
 
     def mime_magic_content_type
-      MimeMagic.by_magic(File.open(path)).try(:type) if path
+      MimeMagic.by_magic(File.open(path)).try(:type) || 'invalid/invalid' if path
     rescue Errno::ENOENT
       nil
     end

spec/sanitized_file_spec.rb

@@ -230,6 +230,7 @@
 
     it "handles Mime::Type object" do
       file = File.open(file_path('sponsored.doc'))
+      file.stub(:content_type) { 'application/msword' }
 
       sanitized_file = CarrierWave::SanitizedFile.new(file)
       allow(sanitized_file).to receive(:file).and_return(file)
@@ -253,6 +254,17 @@
       expect(sanitized_file.content_type).to eq("application/zip")
     end
 
+    it "does not allow spoofing of the mime type if the mime type is not detectable" do
+      file = File.open(file_path('spoof.png'))
+
+      sanitized_file = CarrierWave::SanitizedFile.new(file)
+
+      lambda { sanitized_file.content_type }.should_not raise_error
+
+      sanitized_file.content_type.should_not == 'image/png'
+      sanitized_file.content_type.should == 'invalid/invalid'
+    end
+
     it "does not raise an error if the path is not present" do
       sanitized_file = CarrierWave::SanitizedFile.new(nil)
 

spec/spec_helper.rb

@@ -66,7 +66,9 @@ def stub_stringio(filename, mime_type=nil, fake_name=nil)
       end
 
       def stub_file(filename, mime_type=nil, fake_name=nil)
-        File.open(file_path(filename))
+        f = File.open(file_path(filename))
+        f.stub(:content_type) { mime_type } if mime_type
+        return f
       end
     end
 

spec/uploader/proxy_spec.rb

@@ -65,6 +65,7 @@
     end
 
     context "when the file has been cached" do
+      let(:test_file_name) { 'landscape.jpg' }
       before { uploader.cache!(test_file) }
 
       it { is_expected.to eq('image/jpeg') }