More explicit explanation about file integrity.

hansphp · May 30, 2022 · d1b32f2 · d1b32f2
1 parent 61cb63a
commit d1b32f2
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/5.0/en/0x20-V12-Files-Resources.md b/5.0/en/0x20-V12-Files-Resources.md
@@ -21,7 +21,7 @@ Although zip bombs are eminently testable using penetration testing techniques,
 
 | # | Description | L1 | L2 | L3 | CWE |
 | :---: | :--- | :---: | :---: | :---: | :---: |
-| **12.2.1** | Verify that files obtained from untrusted sources are validated to be of expected type based on the file's content. | | ✓ | ✓ | 434 |
+| **12.2.1** | Verify that files obtained from untrusted sources are validated to be of expected type based on the file's content. Not just checking the file signature. For example, an image file should have properties such as width and height. | | ✓ | ✓ | 434 |
 
 ## V12.3 File Execution