summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc7903.txt
diff options
context:
space:
mode:
authorThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
committerThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
commit4bfd864f10b68b71482b35c818559068ef8d5797 (patch)
treee3989f47a7994642eb325063d46e8f08ffa681dc /doc/rfc/rfc7903.txt
parentea76e11061bda059ae9f9ad130a9895cc85607db (diff)
doc: Add RFC documents
Diffstat (limited to 'doc/rfc/rfc7903.txt')
-rw-r--r--doc/rfc/rfc7903.txt675
1 files changed, 675 insertions, 0 deletions
diff --git a/doc/rfc/rfc7903.txt b/doc/rfc/rfc7903.txt
new file mode 100644
index 0000000..957b1f1
--- /dev/null
+++ b/doc/rfc/rfc7903.txt
@@ -0,0 +1,675 @@
+
+
+
+
+
+
+Independent Submission S. Leonard
+Request for Comments: 7903 Penango, Inc.
+Category: Informational September 2016
+ISSN: 2070-1721
+
+
+ Windows Image Media Types
+
+Abstract
+
+ This document registers media types for certain image formats
+ promulgated in Microsoft Windows, namely image/wmf, image/x-wmf,
+ image/emf, image/x-emf, and image/bmp for use with Windows Metafile,
+ Enhanced Metafile, and Windows Bitmap formats. Originally designed
+ for Microsoft Windows 2.0 and 3.0, these image files are intended to
+ be portable between applications and devices, and they may contain
+ both vector and raster graphics.
+
+Status of This Memo
+
+ This document is not an Internet Standards Track specification; it is
+ published for informational purposes.
+
+ This is a contribution to the RFC Series, independently of any other
+ RFC stream. The RFC Editor has chosen to publish this document at
+ its discretion and makes no statement about its value for
+ implementation or deployment. Documents approved for publication by
+ the RFC Editor are not a candidate for any level of Internet
+ Standard; see Section 2 of RFC 7841.
+
+ Information about the current status of this document, any errata,
+ and how to provide feedback on it may be obtained at
+ http://www.rfc-editor.org/info/rfc7903.
+
+Copyright Notice
+
+ Copyright (c) 2016 IETF Trust and the persons identified as the
+ document authors. All rights reserved.
+
+ This document is subject to BCP 78 and the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info) in effect on the date of
+ publication of this document. Please review these documents
+ carefully, as they describe your rights and restrictions with respect
+ to this document.
+
+
+
+
+
+
+Leonard Informational [Page 1]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+Table of Contents
+
+ 1. Introduction ....................................................2
+ 1.1. Windows Metafiles ..........................................2
+ 1.2. Windows Bitmaps ............................................3
+ 2. Windows Metafile Media Type Registration Application ............4
+ 3. Enhanced Metafile Media Type Registration Application ...........6
+ 4. Windows Bitmap Media Type Registration Application ..............9
+ 5. IANA Considerations ............................................11
+ 6. Security Considerations ........................................11
+ 7. References .....................................................11
+ 7.1. Normative References ......................................11
+ 7.2. Informative References ....................................11
+ Author's Address ..................................................12
+
+1. Introduction
+
+1.1. Windows Metafiles
+
+ Long before the invention of Scalable Vector Graphics, Microsoft
+ Corporation recognized the value of recording images in a format that
+ its applications and operating systems could easily render
+ irrespective of the output device. With the release of Windows 3.0,
+ Microsoft released its Windows Metafile (WMF) format, which can
+ contain vector and raster graphics in one package. As a binary
+ format that needed to work on 16-bit machines, WMF is comprised of a
+ sequence of record structures. Each record contains drawing
+ commands, object definitions, and configuration settings. When a
+ metafile is processed, the image can be rendered on a display, output
+ to a printer or plotter, stored in memory, or saved to some
+ persistent storage. Reflecting the relationship to the Windows
+ Graphics Device Interface (GDI) API, WMF data is "played" to a
+ playback device context in the same manner that PostScript content is
+ treated as an executable program that results in the output of the
+ original document.
+
+ As Microsoft's first 32-bit operating system, Windows NT 3.1
+ introduced an overhaul to the Windows API ("Win32") and the in-memory
+ formats upon which those APIs relied. The Enhanced Metafile (EMF)
+ format was created at this time, using 32-bit values instead of WMF's
+ 16-bit values. In Windows XP, Microsoft extended EMF with "EMF+",
+ adding support for Windows GDI+.
+
+ Many implementations of WMF and EMF were created because of Windows'
+ commercial success in the 1990s. A large body of free and
+ commercially available clip art and other artwork exists in this
+ format. Furthermore, WMF content appears non-normatively in certain
+
+
+
+
+Leonard Informational [Page 2]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+ standards (e.g., [OOXML]); the usage is common enough that an
+ implementer would almost certainly need to support it for basic
+ interoperability.
+
+ Microsoft publicly documented the WMF format as early as the 1992
+ Windows 3.1 SDK. Since 2007, Microsoft has released the format
+ specifications [MS-WMF], [MS-EMF], and [MS-EMF+] under its Open
+ Specification Promise [MS-OSP].
+
+1.2. Windows Bitmaps
+
+ Long before the invention of Portable Network Graphics (PNG),
+ Microsoft Corporation and IBM Corporation needed to record images in
+ a format that their applications and operating systems could easily
+ render on low-end machines (Intel 80286). The resulting "BMP" format
+ contains a single raster graphic with basic header fields that can be
+ easily mapped (or "blitted") to locations in memory. As computing
+ moved from 16-bit to 32-bit, BMP evolved to contain 32-bit
+ structures. As the '90s wore on, the venerable BMP got boosts with
+ support for additional color spaces, color profiles, and compression
+ formats. The same basic format can be used to convey 2-bit black-
+ and-white bitmaps with a 1-bit alpha mask from the '80s, and full-
+ color Ultra HD images on leading-edge displays. BMP is a building
+ block of other formats, including Windows Metafiles, Windows Icons,
+ and Windows Cursors.
+
+ Many implementations of BMP were created because of Windows'
+ commercial success in the 1990s. Usage of the format for interchange
+ has declined since the advent of PNG (for lossless raster graphics)
+ and JPEG (for lossy raster graphics); however, a large body of free
+ and commercially available BMP artwork exists. Since Windows Icons
+ are a building block of "favicon.ico" web technology, an implementer
+ would almost certainly need to support this format for basic
+ interoperability.
+
+ Microsoft publicly documented the BMP format as early as the 1992
+ Windows 3.1 SDK (in the Windows Metafile documentation). Since 2007
+ Microsoft has released the format specification [MS-WMF], which
+ includes most components of the Windows Bitmap format, under its Open
+ Specification Promise [MS-OSP]. See Section 2.2.2.9 of [MS-WMF]
+ (DeviceIndependentBitmap Object). BMP data begins with a
+ BITMAPFILEHEADER and is followed by one of the bitmap headers
+ (BITMAPINFOHEADER, BITMAPV4HEADER, or BITMAPV5HEADER), optional color
+ table data, bitmap data, and optional profile data, in that order
+ [BMPSTOR].
+
+
+
+
+
+
+Leonard Informational [Page 3]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+ Implementers need to be aware of the [MICE] vulnerability, and to
+ guard against it. Some details are included in the completed
+ registration template.
+
+2. Windows Metafile Media Type Registration Application
+
+ Type name: image
+
+ Subtype name: wmf
+
+ Required parameters: None.
+
+ Optional parameters:
+
+ DEFAULT_CHARSET: The character set intended when the CharacterSet
+ enumeration (see the WMF specification) specifies
+ DEFAULT_CHARSET. The value of this parameter is a charset from
+ the IANA "Character Sets" registry
+ <http://www.iana.org/assignments/character-sets>. When this
+ parameter is not specified, DEFAULT_CHARSET has the following
+ meaning in the WMF specification: "a character set based on the
+ current system locale; for example, when the system locale is
+ United States English, the default character set is
+ ANSI_CHARSET" (which is Windows-1252, more or less). That is,
+ when not specified, the default character set is system
+ dependent. This optional parameter is new to this registration
+ and may not enjoy widespread support for some time. Therefore,
+ EMF instead of WMF (or if necessary under the circumstances,
+ embedded EMF within WMF) is a more sensible choice when text is
+ present.
+
+ Encoding considerations: Binary.
+
+ Security considerations:
+
+ The Windows Metafile format's security history is punctuated in
+ 2005-2006 with the disclosure of the Metafile Image Code Execution
+ ("MICE") vulnerability. MICE won the 2007 Pwnie Award for "Mass
+ 0wnage" and "Breaking the Internet". The official Microsoft
+ security bulletin describes that the flaw occurs because Windows
+ Metafiles can set the SETABORTPROC value of the MetafileEscapes
+ enumeration (accessible via the META_ESCAPE record), allowing for
+ arbitrary code execution, i.e., "active content".
+
+ Windows Metafiles can contain Enhanced Metafiles using the
+ META_ESCAPE_ENHANCED_METAFILE record; thus, the security
+ considerations of EMF apply to WMF.
+
+
+
+
+Leonard Informational [Page 4]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+ Windows Metafiles are historically very buggy. As the original
+ intent was to replicate Windows GDI calls, flaws in GDI, or in a
+ display or printer driver implementing the backend to GDI, could
+ be exploitable. WMF implementations not backed by Windows GDI
+ have different risks: namely, while a malicious WMF author may not
+ consider the non-Windows GDI implementation as a primary target,
+ WMF has many "corner case" records for which an implementation's
+ processing may not have received the same level of scrutiny as the
+ Windows implementation. "Fuzzing" the implementation is
+ appropriate.
+
+ As a "basic" image format, the image/wmf media type does not
+ employ executable content and provides no facilities for privacy
+ or integrity.
+
+ Interoperability considerations:
+
+ Windows Metafile is the original 16-bit metafile format; it was
+ released in 1990 at what some computer historians might consider
+ the "zenith" of the desktop publishing revolution. Accordingly,
+ there is a large body of free and commercially available clip art
+ that is still in use, either independently or embedded in
+ productivity documents (word processing documents, desktop
+ publishing documents, slideshows, presentations, spreadsheets, and
+ workbooks). For example, references to WMF content appear (non-
+ normatively) in Office Open XML. To say that support for this
+ format is necessary for interoperability would not be an
+ understatement.
+
+ Accommodations for comments or arbitrary data storage in Windows
+ Metafiles are virtually non-existent. However, Windows Metafiles
+ can contain Enhanced Metafiles using the
+ META_ESCAPE_ENHANCED_METAFILE record, so an implementation that
+ handles Windows Metafiles is also expected to handle enhanced
+ metafile content. Windows Metafiles can store and output text
+ strings (see META_TEXTOUT and META_EXTTEXTOUT records), but the
+ encodings of the strings may be ambiguous. Unicode encodings are
+ not possible without the DEFAULT_CHARSET parameter defined in this
+ registration.
+
+ The previously unregistered type image/x-wmf is also in wide use.
+ Accordingly, it is registered as a deprecated alias.
+
+ Published specification:
+
+ WMF: Microsoft Corporation, "[MS-WMF]: Windows Metafile Format",
+ v20160714 (Rev 13.1), July 2016,
+ <http://msdn.microsoft.com/library/cc250370>.
+
+
+
+Leonard Informational [Page 5]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+ Applications that use this media type:
+
+ Office productivity applications; clip art applications; desktop
+ publishing applications; some web browsers (e.g., Internet
+ Explorer).
+
+ Fragment identifier considerations: None.
+
+ Additional information:
+
+ Deprecated alias names for this type: image/x-wmf
+
+ Magic number(s): D7 CD C6 9A (little-endian DWORD 0x9AC6CDD7)
+
+ File extension(s): .wmf
+
+ Macintosh file type code(s):
+ None. A uniform type identifier (UTI) of "com.microsoft.wmf"
+ is suggested.
+
+ Person & email address to contact for further information:
+
+ Sean Leonard <dev+ietf@seantek.com>
+
+ Restrictions on usage: None.
+
+ Author/Change controller: Sean Leonard <dev+ietf@seantek.com>
+
+ Intended usage: COMMON
+
+ Provisional registration? No
+
+3. Enhanced Metafile Media Type Registration Application
+
+ Type name: image
+
+ Subtype name: emf
+
+ Required parameters: None.
+
+ Optional parameters: None.
+
+ Encoding considerations: Binary.
+
+
+
+
+
+
+
+
+Leonard Informational [Page 6]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+ Security considerations:
+
+ Enhanced Metafiles are not afflicted with the Metafile Image Code
+ Execution ("MICE") vulnerability. There has been no public
+ disclosure of vulnerabilities specific to EMF or EMF+ to date.
+ Neither EMF nor EMF+ are designed to contain "active content".
+ Nonetheless, Enhanced Metafiles can contain Encapsulated
+ PostScript (EPS) data; thus, the security considerations of
+ PostScript processing may also apply to EMF.
+
+ As the original intent was to replicate Windows GDI calls, flaws
+ in GDI, or in a display or printer driver implementing the backend
+ to GDI, could be exploitable with maliciously crafted EMF content.
+ EMF implementations not backed by Windows GDI have different
+ risks: namely, while a malicious EMF author may not consider the
+ non-Windows GDI implementation as a primary target, EMF has many
+ "corner case" records for which an implementation's processing may
+ not have received the same level of scrutiny as the Windows
+ implementation. "Fuzzing" the implementation is appropriate. It
+ is also possible that EMF+ data is "safe" while EMF data contains
+ an exploit (or vice versa); the EMF+-aware implementation (such as
+ an application designed for GDI+ on Windows XP or above) would
+ skip the "unsafe" data while another implementation would fall
+ prey to the exploit.
+
+ As a "basic" image format, the image/emf media type does not
+ employ executable content and provides no facilities for privacy
+ or integrity.
+
+ Interoperability considerations:
+
+ Enhanced Metafile is the 32-bit metafile format; it was released
+ in 1992 along with Windows NT 3.1. There is a large body of free
+ and commercially available clip art that is still in use, either
+ independently or embedded in productivity documents (word
+ processing documents, desktop publishing documents, slideshows,
+ presentations, spreadsheets, and workbooks). To say that support
+ for this format is necessary for interoperability would not be an
+ understatement.
+
+ Enhanced Metafiles have extensive accommodations for comments and
+ arbitrary data storage. Enhanced Metafiles can store and output
+ text strings. Mercifully, the encodings of these strings are
+ well-defined. Record examples include EMR_EXTTEXTOUTA (US-ASCII),
+ EMR_EXTTEXTOUTW (UTF16-LE), EMR_POLYTEXTOUTA (US-ASCII),
+ EMR_POLYTEXTOUTW (UTF16-LE), and EMR_SMALLTEXTOUT (UTF16-LE or the
+ low-order 8 bits of UTF16-LE -- effectively ISO-8859-1 --
+ depending on ETO_SMALL_CHARS).
+
+
+
+Leonard Informational [Page 7]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+ Enhanced Metafiles can contain Encapsulated PostScript (EPS) data
+ in the EpsData object. The FormatSignature EPS_SIGNATURE
+ (0x46535045, in little-endian) is used instead of
+ ENHMETA_SIGNAUTRE (0x464D4520, in little-endian) in such a case.
+
+ Windows XP introduced the GDI+ API, along with EMF+. EMF+ is
+ actually an embedded format in which GDI+ commands are stored as
+ EMF comment records (EMR_COMMENT_EMFPLUS record type). Content
+ containing EMF+ data can be identified as "EMF+ Only" (only EMF+;
+ the EMF records are not sufficient to reconstitute the drawing) or
+ "EMF+ Dual" (both EMF records alone or EMF+ records alone, when
+ played back, are sufficient to reconstitute the drawing). Support
+ for EMF+ records may not be as extensive as support for the
+ original EMF records.
+
+ The previously unregistered type image/x-emf is also in wide use.
+ Accordingly, it is registered as a deprecated alias.
+
+ Published specification:
+
+ EMF: Microsoft Corporation, "[MS-EMF]: Enhanced Metafile Format",
+ v20160714 (Rev 12.0), July 2016,
+ <http://msdn.microsoft.com/library/cc230514>.
+
+ EMF+: Microsoft Corporation, "[MS-EMFPLUS]: Enhanced Metafile
+ Format Plus Extensions", v20160714 (Rev 14.1), July 2016,
+ <http://msdn.microsoft.com/library/cc230724>.
+
+ Applications that use this media type:
+
+ Office productivity applications; clip art applications; desktop
+ publishing applications; some web browsers (e.g., Internet
+ Explorer).
+
+ Fragment identifier considerations: None.
+
+ Additional information:
+
+ Deprecated alias names for this type: image/x-emf
+
+ Magic number(s):
+ 01 00 00 00 (little-endian DWORD 0x00000001), corresponding to
+ the EMR_HEADER Type field.
+ The next field (EMR_HEADER Size) should be at least 88 (little-
+ endian DWORD 0x00000050).
+
+ File extension(s): .emf (for both EMF and EMF+ content)
+
+
+
+
+Leonard Informational [Page 8]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+ Macintosh file type code(s):
+ None. A uniform type identifier (UTI) of "com.microsoft.emf"
+ is suggested.
+
+ Person & email address to contact for further information:
+
+ Sean Leonard <dev+ietf@seantek.com>
+
+ Restrictions on usage: None.
+
+ Author/Change controller: Sean Leonard <dev+ietf@seantek.com>
+
+ Intended usage: COMMON
+
+ Provisional registration? No
+
+4. Windows Bitmap Media Type Registration Application
+
+ Type name: image
+
+ Subtype name: bmp
+
+ Required parameters: None.
+
+ Optional parameters: None.
+
+ Encoding considerations: Binary.
+
+ Security considerations:
+
+ Bitmaps have a mostly unremarkable security history.
+
+ Because BMP data can encapsulate JPEG or PNG data (BI_JPEG, BI_PNG
+ values of the Compression enumeration in Section 2.1.1.7 of the
+ WMF specification), the security considerations of JPEG and PNG
+ processing may also apply to BMP.
+
+ As a "basic" image format, the image/bmp media type does not
+ employ executable content and provides no facilities for privacy
+ or integrity.
+
+ Interoperability considerations:
+
+ Uncompressed Windows Bitmaps can be rather large. If there is a
+ need to compress an image, modern applications should consider
+ emitting JPEG or PNG data instead of embedding them in BMP
+ payloads.
+
+
+
+
+Leonard Informational [Page 9]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+ Published specification:
+
+ WMF: Microsoft Corporation, "[MS-WMF]: Windows Metafile Format",
+ v20160714 (Rev 13.1), July 2016,
+ <http://msdn.microsoft.com/library/cc250370>.
+
+ BMP: Microsoft Corporation, "Bitmap Storage", MSDN ID dd183391,
+ <http://msdn.microsoft.com/library/dd183391>.
+
+ Applications that use this media type:
+
+ Office productivity applications; clip art applications; desktop
+ publishing applications; web browsers; graphics processing
+ applications.
+
+ Fragment identifier considerations: None.
+
+ Additional information:
+
+ Magic number(s):
+ 42 4D ("BM"), meaning "bitmap". The next field
+ (BITMAPFILEHEADER bfSize) is a little-endian DWORD indicating
+ the size of the bitmap content in bytes.
+
+ File extension(s): .bmp, .dib
+
+ Macintosh file type code(s):
+ "BMP ", "BMPf", or "BMPp". Apple has promulgated a uniform
+ type identifier (UTI) of "com.microsoft.bmp".
+
+ Person & email address to contact for further information:
+
+ Sean Leonard <dev+ietf@seantek.com>
+
+ Restrictions on usage: None.
+
+ Author/Change controller: Sean Leonard <dev+ietf@seantek.com>
+
+ Intended usage: COMMON
+
+ Provisional registration? No
+
+
+
+
+
+
+
+
+
+
+Leonard Informational [Page 10]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+5. IANA Considerations
+
+ IANA has registered the media types image/wmf, image/x-wmf,
+ image/emf, image/x-emf, and image/bmp in the standards tree using the
+ applications provided in Sections 2, 3, and 4 of this document.
+
+6. Security Considerations
+
+ See the registration templates for their respective security
+ considerations.
+
+ The Metafile Image Code Execution (MICE) vulnerability won the 2007
+ Pwnie Award for "Mass 0wnage" and "Breaking the Internet" [PWNIES07].
+
+7. References
+
+7.1. Normative References
+
+ [BMPSTOR] Microsoft Corporation, "Bitmap Storage", MSDN ID dd183391,
+ <http://msdn.microsoft.com/library/dd183391>.
+
+ [MS-EMF] Microsoft Corporation, "[MS-EMF]: Enhanced Metafile
+ Format", v20160714 (Rev 12.0), July 2016,
+ <http://msdn.microsoft.com/library/cc230514>.
+
+ [MS-EMF+] Microsoft Corporation, "[MS-EMFPLUS]: Enhanced Metafile
+ Format Plus Extensions", v20160714 (Rev 14.1), July 2016,
+ <http://msdn.microsoft.com/library/cc230724>.
+
+ [MS-WMF] Microsoft Corporation, "[MS-WMF]: Windows Metafile
+ Format", v20160714 (Rev 13.1), July 2016,
+ <http://msdn.microsoft.com/library/cc250370>.
+
+7.2. Informative References
+
+ [MICE] Microsoft Corporation, "Vulnerability in Graphics
+ Rendering Engine Could Allow Remote Code Execution
+ (912919)", MS06-001, V1.0, January 2006,
+ <https://technet.microsoft.com/library/security/ms06-001>.
+
+ [MS-OSP] Microsoft Corporation, "Open Specification Promise",
+ February 2007, <https://msdn.microsoft.com/
+ en-us/openspecifications/dn646765>.
+
+ [OOXML] Ecma International, "Office Open XML File Formats",
+ Standard ECMA-376, Fourth Edition, ISO/IEC 29500, December
+ 2012, <http://www.ecma-international.org/publications/
+ standards/Ecma-376.htm>.
+
+
+
+Leonard Informational [Page 11]
+
+RFC 7903 Windows Image Media Types September 2016
+
+
+ [PWNIES07] Pwnie Awards LLC, "Winners of Pwnie Awards 2007", 2007,
+ <http://pwnies.com/archive/2007/winners/>.
+
+Author's Address
+
+ Sean Leonard
+ Penango, Inc.
+ 5900 Wilshire Boulevard
+ 21st Floor
+ Los Angeles, CA 90036
+ United States of America
+
+ Email: dev+ietf@seantek.com
+ URI: http://www.penango.com/
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Leonard Informational [Page 12]
+