Forums Bug Reports [DCC] Long file name & hidden extension

Click me

Above is an article made by irc-junkie.org which reports a bug in the DCC system. As Asmo says, if the file name is "picture.jpg(alot of spaces here).exe" miRC will only show 'picture.jpg'.

same thing was on securityfocus.... yet another good example of why ppl shouldnt be downloading from strangers :tongue:

i dont see how this could be considered a bug. The filename has to fit in the editbox/whatever of any application,not just mIRC, and if every one of them made the editbox longer, then ppl would just add more crud before the real ext. one would hope ppl would at least have enuf sense to check on the full length before opening something, as your reference said.

It certainly isnt anything new that ppl try to hide the real extension of a file by making it so long they hope ppl wont notice, but thanks for reminding ppl to check

If the filename is too long mIRC could/should show an ellipsis […] at the end of the visible line, or some other way to indicate that the filename extends beyond the visible space. Or mIRC could specifically show the file extension on a different line.

Or miRC could simply check for more than 2 spaces between two words, and automatically make that only one spaces, and so on so that whatever.jpg(bunch of spaces).exe becomes whatever.jpg .exe...

Just a thought

The main character used for this form of exploit is a non-breaking space, since regular spaces will usually be converted to underscores. A non-breaking space should really be treated as a non-whitespace character would be, so it wouldn't really be 'proper' for mIRC to strip them like that. Besides, the less interference regarding filenames the better.