Hello community, here is the log from the commit of package file.3341 for openSUSE:13.1:Update checked in at 2014-12-27 21:05:31 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/file.3341 (Old) and /work/SRC/openSUSE:13.1:Update/.file.3341.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "file.3341" Changes: -------- New Changes file: --- /dev/null 2014-12-25 22:38:16.200041506 +0100 +++ /work/SRC/openSUSE:13.1:Update/.file.3341.new/file.changes 2014-12-27 21:05:34.000000000 +0100 @@ -0,0 +1,972 @@ +------------------------------------------------------------------- +Wed Dec 17 13:52:19 UTC 2014 - [email protected] + +- Port and add upstream patches + 0001-limit-the-number-of-program-and-section-header-numbe.patch + 0002-Stop-reporting-bad-capabilities-after-the-first-few.patch + 0003-reduce-recursion-level-from-20-to-10-and-make-a-symb.patch + 0004-adjust-limits-better-from-NetBSD.patch + 0005-bump-recursion-to-15-and-allow-it-to-be-set-from-the.patch + 0006-Don-t-bail-if-there-was-no-error-buf-could-have-been.patch + to fix CVE-2014-8116 and CVE-2014-8117 (bsc#910252 and bsc#910253) + +------------------------------------------------------------------- +Thu Oct 23 11:36:19 UTC 2014 - [email protected] + +- Add patch file-5.20-CVE-2014-3710.patch to fic bsc#902367 + CVE-2014-3710: file: out-of-bounds read in elf note headers + +------------------------------------------------------------------- +Mon Mar 17 14:04:24 UTC 2014 - [email protected] + +- Add patch + 0001-off-by-one-in-out-of-bounds-calculations-Jan-Kaluza.patch + to finally fix bnc#866750 + +------------------------------------------------------------------- +Tue Mar 4 16:01:58 UTC 2014 - [email protected] + +- Add the upstream patch + 0001-PR-313-Aaron-Reffett-Check-properly-for-exceeding-th.patch + to solve bnc#866750 - file: crash when parsing some PE executables +- Modify the upstream patch + 0001-prevent-infinite-recursion.patch + to fit with former applied patch + +------------------------------------------------------------------- +Tue Mar 4 13:19:51 UTC 2014 - [email protected] + +- Add the upstream patches + 0001-count-indirect-recursion-as-recursion.patch + 0001-prevent-infinite-recursion.patch + to solve bnc#864589 - CVE-2014-1943: file: infinite recursion + +------------------------------------------------------------------- +Tue Nov 19 11:19:50 UTC 2013 - [email protected] + +- Submit it to openSUSE:13.1 to solve bnc#847062 + +------------------------------------------------------------------- +Mon Nov 4 00:30:41 UTC 2013 - [email protected] + +- Set RPM groups + +------------------------------------------------------------------- +Tue Oct 1 10:42:40 UTC 2013 - [email protected] + +- Add changes of Andreas Stieger + +------------------------------------------------------------------- +Mon Sep 30 14:27:34 UTC 2013 - [email protected] + +- Update to file version 5.15 (bug fix release, no new featuress) + * Don't mix errors and regular output if there was an error + * in magic_descriptor() don't close the file and try to restore + its position + * Don't treat magic as an error if offset was past EOF (Christoph Biedl) + * Fix spacing issues in softmagic and elf (Jan Kaluza) + * Fix segmentation fault with multiple magic_load commands. + * The way "default" was implemented was not very useful because + the "if something was printed at that level" was not easily + controlled by the user, and the format was bound to a string + which is too restrictive. Add a "clear" for that level keyword + and make "default" void. + * disallow strength setting in "name" entries +- Adjust for upstream changes: + * file-5.14-tex.dif + * file-5.07-elf.dif + * file-5.12-ocloexec.patch + * file-5.12-nitpick.dif + * file-5.13.dif +- Drop patches, applied upstream: + * file-5.13-whitespace.patch + * elf-invalid-byte-order.patch + +------------------------------------------------------------------- +Sun Sep 29 00:46:01 UTC 2013 - [email protected] + +- add file-5.15-clear-invalid.patch to fix an invalid format + +------------------------------------------------------------------- +Sun May 26 10:31:25 UTC 2013 - [email protected] + +- elf-invalid-byte-order.patch: remove bogus "invalid byte order" from elf + magic + +------------------------------------------------------------------- +Sun May 26 08:01:55 UTC 2013 - [email protected] + +- file-5.13-whitespace.patch: remove extra whitespace in ELF magic, breaks + libtool + +------------------------------------------------------------------- +Fri Mar 29 06:56:37 UTC 2013 - [email protected] + +- Refresh patches and remove the visibility patch that I + upstreamed few releases ago in a different form. + +------------------------------------------------------------------- +Fri Mar 22 10:13:29 UTC 2013 - [email protected] + +- Update to file version 5.14 (also mainly bug fixes) + * fix recursive magic separator printing + * limit recursion level for mget + * fix pread() related breakage in cdf + * handle offsets properly in recursive "use" +- Remove patch file-5.13-return.patch + +------------------------------------------------------------------- +Tue Feb 26 17:33:36 UTC 2013 - [email protected] + +- Add patch file-5.13-return.patch: avoid doubled return + +------------------------------------------------------------------- +Fri Feb 22 10:14:36 UTC 2013 - [email protected] + +- Update to file version 5.13 (mainly bug fixes) + * add elf reading of debug info to determine if file is stripped + * use pread() + * change mime description size from 64 to 80 to accommodate OOXML. + * Warn about inconsistent continuation levels. + * Change fsmagic to add a space after it prints. + * Make getline public so that file can link against it. + Perhaps it is better to rename it, or hide it differently. + Fixes builds on platforms that do not provide it. + * Add SuS d{,1,2,4,8}, u{,1,2,4,8} and document + what long, int, short, etc is (Guy Harris) + * add magic_version function and constant + * Redo memory allocation and de-allocation. + (prevents double frees on non mmap platforms) + * Fix bug with name/use having to do with passing + found state from the parent to the child and back. + +------------------------------------------------------------------- +Tue Feb 19 09:05:31 UTC 2013 - [email protected] + +- Use %libname macro and make that file-magic obsoletes libmagic-data + compare with bnc# 804323 to avoid trouble with interim package name + +------------------------------------------------------------------- +Wed Jan 23 13:00:47 UTC 2013 - [email protected] + +- Make if build on ppc64, that is re-add the configure check for + sizeof long long otherwise readelf fail on ppc64 + +------------------------------------------------------------------- +Tue Jan 22 16:22:05 UTC 2013 - [email protected] + +- Update to file version 5.12 + * Warn about inconsistent continuation levels. + * Change fsmagic to add a space after it prints. + * Make getline public so that file can link against it. + Perhaps it is better to rename it, or hide it differently. + Fixes builds on platforms that do not provide it. + * Add SuS d{,1,2,4,8}, u{,1,2,4,8} and document + what long, int, short, etc is (Guy Harris) + * add magic_version function and constant + * Redo memory allocation and de-allocation. + (prevents double frees on non mmap platforms) + * Fix bug with name/use having to do with passing + found state from the parent to the child and back. + * Only print elf capabilities for archs we know (Jan Kaluza) + * Add "name" and "use" file types in order to look + inside mach-o files. + * add string/T (Jan Kaluza) + * search for $HOME/.magic.mgc if it is there first + * fix reads from a pipe, and preserve errno + * use ctime_r, asctime_r + * Fixes for indirect offsets to handle apple disk formats +- Also includes our extfs-minix patch + +------------------------------------------------------------------- +Mon Nov 26 15:23:01 UTC 2012 - [email protected] + +- Add file-5.11-extfs-minix.dif: Change detection order of ext2/3/4 + fs and minix to avoid the for the free inode numbers 4991,5007, + 9320,9336 and multiple of 65536 the ext2/3/4 fs will be detected + as minix fs (bnc#788435) + +------------------------------------------------------------------- +Sat Oct 27 18:37:13 UTC 2012 - [email protected] + +- implement shared library policy for libmagic1 + +------------------------------------------------------------------- +Tue Sep 18 10:24:58 UTC 2012 - [email protected] + +- Add small patch to make clear if file follows symbloc links or not ++++ 775 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.1:Update/.file.3341.new/file.changes New Changes file: --- /dev/null 2014-12-25 22:38:16.200041506 +0100 +++ /work/SRC/openSUSE:13.1:Update/.file.3341.new/python-magic.changes 2014-12-27 21:05:34.000000000 +0100 @@ -0,0 +1,36 @@ +------------------------------------------------------------------- +Tue Oct 1 10:43:20 UTC 2013 - [email protected] + +- Make if ready for file 5.15 + +------------------------------------------------------------------- +Tue Mar 12 10:37:20 UTC 2013 - [email protected] + +- Run pre_checkin.sh + +------------------------------------------------------------------- +Tue Mar 27 07:57:55 UTC 2012 - [email protected] + +- ran pre_checkin.sh + +------------------------------------------------------------------- +Sun Sep 18 17:17:12 UTC 2011 - [email protected] + +- Apply packaging guidelines (remove redundant/obsolete + tags/sections from specfile, etc.) + +------------------------------------------------------------------- +Mon Aug 29 11:17:14 UTC 2011 - [email protected] + +- ran pre_checkin.sh + +------------------------------------------------------------------- +Tue Apr 15 11:58:17 CEST 2008 - [email protected] + +- Also change version number in python-magic.spec + +------------------------------------------------------------------- +Mon Jan 28 18:10:23 CET 2008 - [email protected] + +- Split off from file. + New: ---- 0001-PR-313-Aaron-Reffett-Check-properly-for-exceeding-th.patch 0001-count-indirect-recursion-as-recursion.patch 0001-limit-the-number-of-program-and-section-header-numbe.patch 0001-off-by-one-in-out-of-bounds-calculations-Jan-Kaluza.patch 0001-prevent-infinite-recursion.patch 0002-Stop-reporting-bad-capabilities-after-the-first-few.patch 0003-reduce-recursion-level-from-20-to-10-and-make-a-symb.patch 0004-adjust-limits-better-from-NetBSD.patch 0005-bump-recursion-to-15-and-allow-it-to-be-set-from-the.patch 0006-Don-t-bail-if-there-was-no-error-buf-could-have-been.patch baselibs.conf file-4.20-ssd.dif file-4.20-xen.dif file-4.21-scribus.dif file-4.21-xcursor.dif file-4.24-autoconf.dif file-4.24-cromfs.dif file-4.24-mips.dif file-4.24-solv.dif file-5.07-biorad.dif file-5.07-clicfs.dif file-5.07-elf.dif file-5.07-iso9660.dif file-5.07-option.dif file-5.12-endian.patch file-5.12-javacheck.dif file-5.12-nitpick.dif file-5.12-ocloexec.patch file-5.12-zip.dif file-5.12-zip2.0.dif file-5.14-misc.dif file-5.14-printf.dif file-5.14-tex.dif file-5.15-clear-invalid.patch file-5.15.dif file-5.15.tar.gz file-5.20-CVE-2014-3710.patch file-rpmlintrc file.changes file.spec pre_checkin.sh python-magic.changes python-magic.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ file.spec ++++++ # # spec file for package file # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define somajor 1 %define libname libmagic%{somajor} Name: file BuildRequires: findutils BuildRequires: libtool BuildRequires: zlib-devel Url: http://www.darwinsys.com/file/ # bug437293 %ifarch ppc64 Obsoletes: file-64bit %endif # # Set Version also in python-magic.spec Version: 5.15 Release: 0 Summary: A Tool to Determine File Types License: BSD-2-Clause Group: Productivity/File utilities Source: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz Source2: baselibs.conf Patch: file-5.15.dif Patch1: file-5.14-misc.dif Patch4: file-4.24-autoconf.dif Patch5: file-5.14-tex.dif Patch7: file-4.20-ssd.dif Patch8: file-4.20-xen.dif Patch9: file-5.07-elf.dif Patch10: file-5.14-printf.dif Patch11: file-5.12-zip.dif Patch12: file-5.07-option.dif Patch13: file-4.21-scribus.dif Patch15: file-4.21-xcursor.dif Patch20: file-4.24-mips.dif Patch22: file-4.24-cromfs.dif Patch25: file-5.12-javacheck.dif Patch26: file-4.24-solv.dif Patch27: file-5.12-zip2.0.dif Patch28: file-5.07-iso9660.dif Patch31: file-5.07-biorad.dif Patch32: file-5.07-clicfs.dif Patch33: file-5.12-ocloexec.patch Patch34: file-5.12-endian.patch Patch35: file-5.12-nitpick.dif Patch36: file-5.15-clear-invalid.patch Patch38: file-5.20-CVE-2014-3710.patch # PATCH-FIX-USTREAM bnc#866750 - file: crash when parsing some PE executables Patch99: 0001-PR-313-Aaron-Reffett-Check-properly-for-exceeding-th.patch # PATCH-FIX-USTREAM bnc#864589 - CVE-2014-1943: file: infinite recursion Patch100: 0001-prevent-infinite-recursion.patch # PATCH-FIX-USTREAM bnc#864589 - CVE-2014-1943: file: infinite recursion Patch101: 0001-count-indirect-recursion-as-recursion.patch # PATCH-FIX-USTREAM last patch for bnc#866750 - CVE-2014-2270: file: crash when parsing some PE executables Patch102: 0001-off-by-one-in-out-of-bounds-calculations-Jan-Kaluza.patch # PATCH-FIX-USTREAM bsc#910252 and bsc#910253 Patch42: 0001-limit-the-number-of-program-and-section-header-numbe.patch # PATCH-FIX-USTREAM bsc#910252 and bsc#910253 Patch43: 0002-Stop-reporting-bad-capabilities-after-the-first-few.patch # PATCH-FIX-USTREAM bsc#910252 and bsc#910253 Patch44: 0003-reduce-recursion-level-from-20-to-10-and-make-a-symb.patch # PATCH-FIX-USTREAM bsc#910252 and bsc#910253 Patch45: 0004-adjust-limits-better-from-NetBSD.patch # PATCH-FIX-USTREAM bsc#910252 and bsc#910253 Patch46: 0005-bump-recursion-to-15-and-allow-it-to-be-set-from-the.patch # PATCH-FIX-USTREAM bsc#910252 and bsc#910253 Patch47: 0006-Don-t-bail-if-there-was-no-error-buf-could-have-been.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %global _sysconfdir /etc %global _miscdir %{_datadir}/misc %description With the file command, you can obtain information on the file type of a specified file. File type recognition is controlled by the file /etc/magic, which contains the classification criteria. This command is used by apsfilter to permit automatic printing of different file types. %package -n file-magic Summary: The magic files for libmagic to use Group: Productivity/File utilities Obsoletes: libmagic-data %description -n file-magic This package contains the basic magic files that libmagic reads and uses to estimate a file's type. %package -n %libname Summary: Library with file's functionality Group: System/Libraries Requires: file-magic = %{version} %description -n %libname This library reads magic files and detects file types. Used by file command %package -n file-devel Summary: Include Files and Libraries mandatory for Development Group: Development/Libraries/C and C++ Provides: file:/usr/include/magic.h Requires: %libname = %{version} Requires: glibc-devel %description -n file-devel This package contains all necessary include files and libraries needed to develop applications that require the magic "file" interface. %prep %setup -q -n file-%{version} %patch99 -p0 %patch100 -p0 %patch101 -p0 %patch102 -p0 %patch1 -p0 -b .misc %patch4 -p0 -b .conf %patch5 -p0 -b .tex %patch7 -p0 -b .ssd %patch8 -p0 -b .xen %patch9 -p0 -b .elf %patch10 -p0 -b .prtf %patch11 -p0 -b .zip %patch12 -p0 -b .opt %patch13 -p0 -b .scri %patch15 -p0 -b .xcur %ifarch mips %patch20 -p0 -b .mips %endif %patch22 -p0 -b .cromfs %patch25 -p0 -b .javacheck %patch26 -p0 -b .solv %patch27 -p0 -b .zip2.0 %patch28 -p0 -b .iso9600 %patch31 -p0 -b .biorad %patch32 -p0 -b .clicfs %patch33 -p0 -b .clexe %patch34 -p0 -b .endian %patch35 -p0 -b .nitpick %patch36 -p1 -b .clear %patch38 -p0 -b .cve20143710 %patch42 -p0 %patch43 -p0 %patch44 -p0 -b .44 %patch45 -p0 -b .45 %patch46 -p0 -b .46 %patch47 -p0 -b .47 %patch -b .0 test -s src/magic.h.in || cp -p src/magic.h src/magic.h.in %build export LANG=POSIX export LC_ALL=POSIX rm -f Magdir/*,v Magdir/*~ rm -f ltcf-c.sh ltconfig ltmain.sh autoreconf -fiv CFLAGS="$RPM_OPT_FLAGS -DHOWMANY=69632" %configure --disable-silent-rules --datadir=%{_miscdir} --disable-static --with-pic --enable-fsect-man5 %{__make} %{?_smp_mflags} pkgdatadir='$(datadir)' %if 0%{?build_python_bindings:1} pushd python python setup.py build popd %endif %install export LANG=POSIX export LC_ALL=POSIX mkdir %{buildroot}/etc make DESTDIR=%{buildroot} install pkgdatadir='$(datadir)' rm -vf %{buildroot}%{_sysconfdir}/magic echo '# Localstuff: file(1) magic(5) for locally observed files' > %{buildroot}%{_sysconfdir}/magic echo '# global magic file is %{_miscdir}/magic(.mgc)' >> %{buildroot}%{_sysconfdir}/magic %{nil install -s dcore %{buildroot}%{_bindir}} # Check out that the binary does not bail out: LD_LIBRARY_PATH=%{buildroot}%{_libdir} export LD_LIBRARY_PATH find %{buildroot}%{_bindir}/file %{_bindir}/ /%{_lib}/ %{_libdir}/ | \ xargs %{buildroot}%{_bindir}/file -m %{buildroot}%{_miscdir}/magic unset LD_LIBRARY_PATH %{__rm} -f %{buildroot}%{_libdir}/*.la %post -n %libname -p /sbin/ldconfig %postun -n %libname -p /sbin/ldconfig %files -n %libname %defattr (644,root,root,755) %{_libdir}/lib*.so.* %files -n file-magic %defattr (644,root,root,755) %config(noreplace) %{_sysconfdir}/magic %{_miscdir}/magic %{_miscdir}/magic.mgc %doc %{_mandir}/man5/magic.5.gz %files %defattr (644,root,root,755) %{nil %{_bindir}/dcore} %attr(755,root,root) %{_bindir}/file %doc %{_mandir}/man1/file.1.gz %doc COPYING AUTHORS NEWS ChangeLog %files -n file-devel %defattr (644,root,root,755) %{_libdir}/lib*.so %{_includedir}/magic.h %doc %{_mandir}/man3/libmagic.3.gz %doc README COPYING AUTHORS NEWS ChangeLog %changelog ++++++ python-magic.spec ++++++ # # spec file for package python-magic # # Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: python-magic %define build_python_bindings 1 BuildRequires: findutils BuildRequires: libtool BuildRequires: python-devel BuildRequires: zlib-devel Url: http://www.darwinsys.com/file/ Version: 5.15 Release: 0 Summary: Python module to use libmagic License: BSD-3-Clause and BSD-4-Clause Group: Development/Languages/Python %py_requires Source99: file.spec %{expand:%(sed -n -e '/^Source:/,/^BuildRoot:/p' <%_sourcedir/file.spec)} %global _sysconfdir /etc %global _miscdir %{_datadir}/misc %description This package contains the python binding that require the magic "file" interface. %prep %{expand:%(sed -n -e '/^%%prep/,/^%%install/p' <%_sourcedir/file.spec | sed -e '1d' -e '$d')} %install pushd python python setup.py install --root=%{buildroot} \ --prefix=%{_prefix} \ --record-rpm=../python_files popd %files -f python_files %defattr(-,root,root) %doc python/README python/example.py %changelog ++++++ 0001-PR-313-Aaron-Reffett-Check-properly-for-exceeding-th.patch ++++++ >From 447558595a3650db2886cd2f416ad0beba965801 Mon Sep 17 00:00:00 2001 From: Christos Zoulas <[email protected]> Date: Wed, 8 Jan 2014 22:22:54 +0000 Subject: [PATCH] PR/313: Aaron Reffett: Check properly for exceeding the offset. --- src/softmagic.c | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git src/softmagic.c src/softmagic.c index ec71364..ac9c18b 100644 --- src/softmagic.c +++ src/softmagic.c @@ -71,6 +71,7 @@ private void cvt_16(union VALUETYPE *, const struct magic *); private void cvt_32(union VALUETYPE *, const struct magic *); private void cvt_64(union VALUETYPE *, const struct magic *); +#define OFFSET_OOB(n, o, i) ((n) < (o) || (i) >= ((n) - (o))) /* * softmagic - lookup one file in parsed, in-memory copy of database * Passed the name and FILE * of one file to be typed. @@ -1223,7 +1224,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, } switch (in_type = cvt_flip(m->in_type, flip)) { case FILE_BYTE: - if (nbytes < offset || nbytes < (offset + 1)) + if (OFFSET_OOB(nbytes, offset, 1)) return 0; if (off) { switch (m->in_op & FILE_OPS_MASK) { @@ -1258,7 +1259,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, offset = ~offset; break; case FILE_BESHORT: - if (nbytes < offset || nbytes < (offset + 2)) + if (OFFSET_OOB(nbytes, offset, 2)) return 0; if (off) { switch (m->in_op & FILE_OPS_MASK) { @@ -1310,7 +1311,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, offset = ~offset; break; case FILE_LESHORT: - if (nbytes < offset || nbytes < (offset + 2)) + if (OFFSET_OOB(nbytes, offset, 2)) return 0; if (off) { switch (m->in_op & FILE_OPS_MASK) { @@ -1362,7 +1363,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, offset = ~offset; break; case FILE_SHORT: - if (nbytes < offset || nbytes < (offset + 2)) + if (OFFSET_OOB(nbytes, offset, 2)) return 0; if (off) { switch (m->in_op & FILE_OPS_MASK) { @@ -1399,7 +1400,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, break; case FILE_BELONG: case FILE_BEID3: - if (nbytes < offset || nbytes < (offset + 4)) + if (OFFSET_OOB(nbytes, offset, 4)) return 0; if (off) { switch (m->in_op & FILE_OPS_MASK) { @@ -1470,7 +1471,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, break; case FILE_LELONG: case FILE_LEID3: - if (nbytes < offset || nbytes < (offset + 4)) + if (OFFSET_OOB(nbytes, offset, 4)) return 0; if (off) { switch (m->in_op & FILE_OPS_MASK) { @@ -1540,7 +1541,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, offset = ~offset; break; case FILE_MELONG: - if (nbytes < offset || nbytes < (offset + 4)) + if (OFFSET_OOB(nbytes, offset, 4)) return 0; if (off) { switch (m->in_op & FILE_OPS_MASK) { @@ -1610,7 +1611,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, offset = ~offset; break; case FILE_LONG: - if (nbytes < offset || nbytes < (offset + 4)) + if (OFFSET_OOB(nbytes, offset, 4)) return 0; if (off) { switch (m->in_op & FILE_OPS_MASK) { @@ -1687,14 +1688,14 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, /* Verify we have enough data to match magic type */ switch (m->type) { case FILE_BYTE: - if (nbytes < (offset + 1)) /* should alway be true */ + if (OFFSET_OOB(nbytes, offset, 1)) return 0; break; case FILE_SHORT: case FILE_BESHORT: case FILE_LESHORT: - if (nbytes < (offset + 2)) + if (OFFSET_OOB(nbytes, offset, 2)) return 0; break; @@ -1713,31 +1714,31 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, case FILE_FLOAT: case FILE_BEFLOAT: case FILE_LEFLOAT: - if (nbytes < (offset + 4)) + if (OFFSET_OOB(nbytes, offset, 4)) return 0; break; case FILE_DOUBLE: case FILE_BEDOUBLE: case FILE_LEDOUBLE: - if (nbytes < (offset + 8)) + if (OFFSET_OOB(nbytes, offset, 8)) return 0; break; case FILE_STRING: case FILE_PSTRING: case FILE_SEARCH: - if (nbytes < (offset + m->vallen)) + if (OFFSET_OOB(nbytes, offset, m->vallen)) return 0; break; case FILE_REGEX: - if (nbytes < offset) + if (OFFSET_OOB(nbytes, offset, 0)) return 0; break; case FILE_INDIRECT: - if (nbytes < offset) + if (OFFSET_OOB(nbytes, offset, 0)) return 0; sbuf = ms->o.buf; soffset = ms->offset; @@ -1761,7 +1762,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, return rv; case FILE_USE: - if (nbytes < offset) + if (OFFSET_OOB(nbytes, offset, 0)) return 0; sbuf = m->value.s; if (*sbuf == '^') { -- 1.7.9.2 ++++++ 0001-count-indirect-recursion-as-recursion.patch ++++++ >From cc9e74dfeca5265ad725acc926ef0b8d2a18ee70 Mon Sep 17 00:00:00 2001 From: Christos Zoulas <[email protected]> Date: Wed, 12 Feb 2014 23:20:53 +0000 Subject: [PATCH] count indirect recursion as recursion. diff --git src/ascmagic.c src/ascmagic.c index 7455a2e..38e490d 100644 --- src/ascmagic.c +++ src/ascmagic.c @@ -147,7 +147,7 @@ file_ascmagic_with_encoding(struct magic_set *ms, const unsigned char *buf, == NULL) goto done; if ((rv = file_softmagic(ms, utf8_buf, - (size_t)(utf8_end - utf8_buf), TEXTTEST, text)) == 0) + (size_t)(utf8_end - utf8_buf), 0, TEXTTEST, text)) == 0) rv = -1; } diff --git src/file.h src/file.h index ba6f05d..65509ab 100644 --- src/file.h +++ src/file.h @@ -439,7 +439,7 @@ protected int file_encoding(struct magic_set *, const unsigned char *, size_t, unichar **, size_t *, const char **, const char **, const char **); protected int file_is_tar(struct magic_set *, const unsigned char *, size_t); protected int file_softmagic(struct magic_set *, const unsigned char *, size_t, - int, int); + size_t, int, int); protected int file_apprentice(struct magic_set *, const char *, int); protected int file_magicfind(struct magic_set *, const char *, struct mlist *); protected uint64_t file_signextend(struct magic_set *, struct magic *, diff --git src/funcs.c src/funcs.c index 7f45bb9..6dcbf34 100644 --- src/funcs.c +++ src/funcs.c @@ -230,7 +230,7 @@ file_buffer(struct magic_set *ms, int fd, const char *inname __attribute__ ((unu /* try soft magic tests */ if ((ms->flags & MAGIC_NO_CHECK_SOFT) == 0) - if ((m = file_softmagic(ms, ubuf, nb, BINTEST, + if ((m = file_softmagic(ms, ubuf, nb, 0, BINTEST, looks_text)) != 0) { if ((ms->flags & MAGIC_DEBUG) != 0) (void)fprintf(stderr, "softmagic %d\n", m); diff --git src/softmagic.c src/softmagic.c index e0db1c7..286bd15 100644 --- src/softmagic.c +++ src/softmagic.c @@ -79,13 +79,13 @@ private void cvt_64(union VALUETYPE *, const struct magic *); /*ARGSUSED1*/ /* nbytes passed for regularity, maybe need later */ protected int file_softmagic(struct magic_set *ms, const unsigned char *buf, size_t nbytes, - int mode, int text) + size_t level, int mode, int text) { struct mlist *ml; int rv, printed_something = 0, need_separator = 0; for (ml = ms->mlist[0]->next; ml != ms->mlist[0]; ml = ml->next) if ((rv = match(ms, ml->magic, ml->nmagic, buf, nbytes, 0, mode, - text, 0, 0, &printed_something, &need_separator, + text, 0, level, &printed_something, &need_separator, NULL)) != 0) return rv; @@ -1747,7 +1747,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, ms->o.buf = NULL; ms->offset = 0; rv = file_softmagic(ms, s + offset, nbytes - offset, - BINTEST, text); + recursion_level, BINTEST, text); if ((ms->flags & MAGIC_DEBUG) != 0) fprintf(stderr, "indirect @offs=%u[%d]\n", offset, rv); rbuf = ms->o.buf; -- 1.7.9.2 ++++++ 0001-limit-the-number-of-program-and-section-header-numbe.patch ++++++ >From b4c01141e5367f247b84dcaf6aefbb4e741842b8 Mon Sep 17 00:00:00 2001 From: Christos Zoulas <[email protected]> Date: Sat, 22 Nov 2014 16:04:29 +0000 Subject: [PATCH] - limit the number of program and section header number of sections to be processed to avoid excessive processing time. - if a bad note is found, return 0 to stop processing immediately. --- src/elfclass.h | 24 ++++++++++++++++-------- src/readelf.c | 20 ++++++++++++++++---- 2 files changed, 32 insertions(+), 12 deletions(-) diff --git src/elfclass.h src/elfclass.h index 010958a..0826ce3 100644 --- src/elfclass.h +++ src/elfclass.h @@ -35,10 +35,12 @@ switch (type) { #ifdef ELFCORE case ET_CORE: + phnum = elf_getu16(swap, elfhdr.e_phnum); + if (phnum > MAX_PHNUM) + return toomany(ms, "program", phnum); flags |= FLAGS_IS_CORE; if (dophn_core(ms, clazz, swap, fd, - (off_t)elf_getu(swap, elfhdr.e_phoff), - elf_getu16(swap, elfhdr.e_phnum), + (off_t)elf_getu(swap, elfhdr.e_phoff), phnum, (size_t)elf_getu16(swap, elfhdr.e_phentsize), fsize, &flags) == -1) return -1; @@ -46,18 +48,24 @@ #endif case ET_EXEC: case ET_DYN: + phnum = elf_getu16(swap, elfhdr.e_phnum); + if (phnum > MAX_PHNUM) + return toomany(ms, "program", phnum); + shnum = elf_getu16(swap, elfhdr.e_shnum); + if (shnum > MAX_SHNUM) + return toomany(ms, "section", shnum); if (dophn_exec(ms, clazz, swap, fd, - (off_t)elf_getu(swap, elfhdr.e_phoff), - elf_getu16(swap, elfhdr.e_phnum), + (off_t)elf_getu(swap, elfhdr.e_phoff), phnum, (size_t)elf_getu16(swap, elfhdr.e_phentsize), - fsize, &flags, elf_getu16(swap, elfhdr.e_shnum)) - == -1) + fsize, &flags, shnum) == -1) return -1; /*FALLTHROUGH*/ case ET_REL: + shnum = elf_getu16(swap, elfhdr.e_shnum); + if (shnum > MAX_SHNUM) + return toomany(ms, "section", shnum); if (doshn(ms, clazz, swap, fd, - (off_t)elf_getu(swap, elfhdr.e_shoff), - elf_getu16(swap, elfhdr.e_shnum), + (off_t)elf_getu(swap, elfhdr.e_shoff), shnum, (size_t)elf_getu16(swap, elfhdr.e_shentsize), fsize, &flags, elf_getu16(swap, elfhdr.e_machine), (int)elf_getu16(swap, elfhdr.e_shstrndx)) == -1) diff --git src/readelf.c src/readelf.c index 9ebdebd..dd4672b 100644 --- src/readelf.c +++ src/readelf.c @@ -60,6 +60,18 @@ private uint16_t getu16(int, uint16_t); private uint32_t getu32(int, uint32_t); private uint64_t getu64(int, uint64_t); +#define MAX_PHNUM 256 +#define MAX_SHNUM 1024 + +private int +toomany(struct magic_set *ms, const char *name, uint16_t num) +{ + if (file_printf(ms, ", too many %s header sections (%u)", name, num + ) == -1) + return -1; + return 0; +} + private uint16_t getu16(int swap, uint16_t value) { @@ -499,13 +511,13 @@ donote(struct magic_set *ms, void *vbuf, size_t offset, size_t size, if (namesz & 0x80000000) { (void)file_printf(ms, ", bad note name size 0x%lx", (unsigned long)namesz); - return offset; + return 0; } if (descsz & 0x80000000) { (void)file_printf(ms, ", bad note description size 0x%lx", (unsigned long)descsz); - return offset; + return 0; } @@ -1240,7 +1252,7 @@ file_tryelf(struct magic_set *ms, int fd, const unsigned char *buf, int flags = 0; Elf32_Ehdr elf32hdr; Elf64_Ehdr elf64hdr; - uint16_t type; + uint16_t type, phnum, shnum; if (ms->flags & (MAGIC_MIME|MAGIC_APPLE)) return 0; -- 1.7.9.2 ++++++ 0001-off-by-one-in-out-of-bounds-calculations-Jan-Kaluza.patch ++++++ >From 70c65d2e1841491f59168db1f905e8b14083fb1c Mon Sep 17 00:00:00 2001 From: Christos Zoulas <[email protected]> Date: Tue, 4 Mar 2014 17:42:19 +0000 Subject: [PATCH] off by one in out of bounds calculations (Jan Kaluza) --- src/softmagic.c | 4 +- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git src/softmagic.c src/softmagic.c index 170de95..5ed3998 100644 --- src/softmagic.c +++ src/softmagic.c @@ -72,7 +72,7 @@ private void cvt_16(union VALUETYPE *, const struct magic *); private void cvt_32(union VALUETYPE *, const struct magic *); private void cvt_64(union VALUETYPE *, const struct magic *); -#define OFFSET_OOB(n, o, i) ((n) < (o) || (i) >= ((n) - (o))) +#define OFFSET_OOB(n, o, i) ((n) < (o) || (i) > ((n) - (o))) /* * softmagic - lookup one file in parsed, in-memory copy of database * Passed the name and FILE * of one file to be typed. -- 1.7.9.2 ++++++ 0001-prevent-infinite-recursion.patch ++++++ >From 3c081560c23f20b2985c285338b52c7aae9fdb0f Mon Sep 17 00:00:00 2001 From: Christos Zoulas <[email protected]> Date: Tue, 11 Feb 2014 15:41:25 +0000 Subject: [PATCH] prevent infinite recursion. --- src/softmagic.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git src/softmagic.c src/softmagic.c index ac9c18b..e0db1c7 100644 --- src/softmagic.c +++ src/softmagic.c @@ -1738,6 +1738,8 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, break; case FILE_INDIRECT: + if (offset == 0) + return 0; if (OFFSET_OOB(nbytes, offset, 0)) return 0; sbuf = ms->o.buf; -- 1.7.9.2 ++++++ 0002-Stop-reporting-bad-capabilities-after-the-first-few.patch ++++++ >From d7cdad007c507e6c79f51f058dd77fab70ceb9f6 Mon Sep 17 00:00:00 2001 From: Christos Zoulas <[email protected]> Date: Sat, 22 Nov 2014 23:57:44 +0000 Subject: [PATCH] Stop reporting bad capabilities after the first few. --- src/readelf.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git src/readelf.c src/readelf.c index dd4672b..20fcb7f 100644 --- src/readelf.c +++ src/readelf.c @@ -919,6 +919,7 @@ doshn(struct magic_set *ms, int clazz, int swap, int fd, off_t off, int num, Elf32_Shdr sh32; Elf64_Shdr sh64; int stripped = 1; + size_t nbadcap = 0; void *nbuf; off_t noff, coff, name_off; uint64_t cap_hw1 = 0; /* SunOS 5.x hardware capabilites */ @@ -1007,6 +1008,8 @@ doshn(struct magic_set *ms, int clazz, int swap, int fd, off_t off, int num, goto skip; } + if (nbadcap > 5) + break; if (lseek(fd, xsh_offset, SEEK_SET) == (off_t)-1) { file_badseek(ms); return -1; @@ -1072,6 +1075,8 @@ doshn(struct magic_set *ms, int clazz, int swap, int fd, off_t off, int num, (unsigned long long)xcap_tag, (unsigned long long)xcap_val) == -1) return -1; + if (nbadcap++ > 2) + coff = xsh_size; break; } } -- 1.7.9.2 ++++++ 0003-reduce-recursion-level-from-20-to-10-and-make-a-symb.patch ++++++ >From 6f737ddfadb596d7d4a993f7ed2141ffd664a81c Mon Sep 17 00:00:00 2001 From: Christos Zoulas <[email protected]> Date: Sun, 23 Nov 2014 13:54:27 +0000 Subject: [PATCH] - reduce recursion level from 20 to 10 and make a symbolic constant for it. - pull out the guts of saving and restoring the output buffer into functions and take care not to overwrite the error message if an error happened. --- src/file.h | 8 ++++++++ src/funcs.c | 40 ++++++++++++++++++++++++++++++++++++++++ src/softmagic.c | 37 ++++++++++++++++++++++--------------- 3 files changed, 70 insertions(+), 15 deletions(-) --- src/file.h +++ src/file.h 2014-12-17 00:00:00.000000000 +0000 @@ -468,6 +468,14 @@ protected int file_os2_apptype(struct ma #endif /* __EMX__ */ +typedef struct { + char *buf; + uint32_t offset; +} file_pushbuf_t; + +protected file_pushbuf_t *file_push_buffer(struct magic_set *); +protected char *file_pop_buffer(struct magic_set *, file_pushbuf_t *); + #ifndef COMPILE_ONLY extern const char *file_names[]; extern const size_t file_nnames; --- src/funcs.c +++ src/funcs.c 2014-12-17 00:00:00.000000000 +0000 @@ -462,3 +462,43 @@ file_replace(struct magic_set *ms, const return nm; } } + +protected file_pushbuf_t * +file_push_buffer(struct magic_set *ms) +{ + file_pushbuf_t *pb; + + if (ms->event_flags & EVENT_HAD_ERR) + return NULL; + + if ((pb = (CAST(file_pushbuf_t *, malloc(sizeof(*pb))))) == NULL) + return NULL; + + pb->buf = ms->o.buf; + pb->offset = ms->offset; + + ms->o.buf = NULL; + ms->offset = 0; + + return pb; +} + +protected char * +file_pop_buffer(struct magic_set *ms, file_pushbuf_t *pb) +{ + char *rbuf; + + if (ms->event_flags & EVENT_HAD_ERR) { + free(pb->buf); + free(pb); + return NULL; + } + + rbuf = ms->o.buf; + + ms->o.buf = pb->buf; + ms->offset = pb->offset; + + free(pb); + return rbuf; +} --- src/softmagic.c +++ src/softmagic.c 2014-12-17 00:00:00.000000000 +0000 @@ -63,6 +63,9 @@ private void cvt_32(union VALUETYPE *, c private void cvt_64(union VALUETYPE *, const struct magic *); #define OFFSET_OOB(n, o, i) ((n) < (o) || (i) > ((n) - (o))) + +#define MAX_RECURSION_LEVEL 10 + /* * softmagic - lookup one file in parsed, in-memory copy of database * Passed the name and FILE * of one file to be typed. @@ -1124,14 +1127,15 @@ mget(struct magic_set *ms, const unsigne int flip, int recursion_level, int *printed_something, int *need_separator, int *returnval) { - uint32_t soffset, offset = ms->offset; + uint32_t offset = ms->offset; uint32_t count = m->str_range; int rv, oneed_separator, in_type; - char *sbuf, *rbuf; + file_pushbuf_t *pb; + char *rbuf; union VALUETYPE *p = &ms->ms_value; struct mlist ml; - if (recursion_level >= 20) { + if (recursion_level >= MAX_RECURSION_LEVEL) { file_error(ms, 0, "recursion nesting exceeded"); return -1; } @@ -1709,17 +1713,20 @@ mget(struct magic_set *ms, const unsigne return 0; if (OFFSET_OOB(nbytes, offset, 0)) return 0; - sbuf = ms->o.buf; - soffset = ms->offset; - ms->o.buf = NULL; - ms->offset = 0; + + if ((pb = file_push_buffer(ms)) == NULL) + return -1; + rv = file_softmagic(ms, s + offset, nbytes - offset, recursion_level, BINTEST, text); + if ((ms->flags & MAGIC_DEBUG) != 0) fprintf(stderr, "indirect @offs=%u[%d]\n", offset, rv); - rbuf = ms->o.buf; - ms->o.buf = sbuf; - ms->offset = soffset; + + rbuf = file_pop_buffer(ms, pb); + if (rbuf == NULL) + return -1; + if (rv == 1) { if ((ms->flags & (MAGIC_MIME|MAGIC_APPLE)) == 0 && file_printf(ms, m->desc, offset) == -1) @@ -1733,13 +1740,13 @@ mget(struct magic_set *ms, const unsigne case FILE_USE: if (OFFSET_OOB(nbytes, offset, 0)) return 0; - sbuf = m->value.s; - if (*sbuf == '^') { - sbuf++; + rbuf = m->value.s; + if (*rbuf == '^') { + rbuf++; flip = !flip; } - if (file_magicfind(ms, sbuf, &ml) == -1) { - file_error(ms, 0, "cannot find entry `%s'", sbuf); + if (file_magicfind(ms, rbuf, &ml) == -1) { + file_error(ms, 0, "cannot find entry `%s'", rbuf); return -1; } ++++++ 0004-adjust-limits-better-from-NetBSD.patch ++++++ >From 8a905717660395b38ec4966493f6f1cf2f33946c Mon Sep 17 00:00:00 2001 From: Christos Zoulas <[email protected]> Date: Thu, 27 Nov 2014 15:16:00 +0000 Subject: [PATCH] adjust limits better (from NetBSD) --- src/readelf.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git src/readelf.c src/readelf.c index 83dd51b..e41f9d9 100644 --- src/readelf.c +++ src/readelf.c @@ -60,8 +60,8 @@ private uint16_t getu16(int, uint16_t); private uint32_t getu32(int, uint32_t); private uint64_t getu64(int, uint64_t); -#define MAX_PHNUM 256 -#define MAX_SHNUM 1024 +#define MAX_PHNUM 128 +#define MAX_SHNUM 32768 private int toomany(struct magic_set *ms, const char *name, uint16_t num) -- 1.7.9.2 ++++++ 0005-bump-recursion-to-15-and-allow-it-to-be-set-from-the.patch ++++++ >From 90018fe22ff8b74a22fcd142225b0a00f3f12677 Mon Sep 17 00:00:00 2001 From: Christos Zoulas <[email protected]> Date: Thu, 27 Nov 2014 15:40:36 +0000 Subject: [PATCH] bump recursion to 15, and allow it to be set from the command line. --- src/apprentice.c | 3 ++- src/file.c | 19 +++++++++++++++++-- src/file.h | 4 +++- src/file_opts.h | 1 + src/magic.c | 28 +++++++++++++++++++++++++++- src/magic.h.in | 6 +++++- src/softmagic.c | 19 +++++++++---------- 7 files changed, 64 insertions(+), 16 deletions(-) diff --git src/apprentice.c src/apprentice.c index 2052c78..3d6cb51 100644 --- src/apprentice.c +++ src/apprentice.c @@ -524,6 +524,7 @@ file_ms_alloc(int flags) ms->mlist[i] = NULL; ms->file = "unknown"; ms->line = 0; + ms->max_recursion = FILE_MAX_RECURSION; return ms; free: free(ms); diff --git src/file.c src/file.c index b6c2c38..ac85f69 100644 --- src/file.c +++ src/file.c @@ -103,7 +103,7 @@ private const struct option long_options #undef OPT_LONGONLY {0, 0, NULL, 0} }; -#define OPTSTRING "bcCde:f:F:hiklLm:nNprsvz0" +#define OPTSTRING "bcCde:f:F:hiklLm:nNprR:svz0" private const struct { const char *name; @@ -142,6 +142,7 @@ main(int argc, char *argv[]) size_t i; int action = 0, didsomefiles = 0, errflg = 0; int flags = 0, e = 0; + size_t max_recursion = 0; struct magic_set *magic = NULL; int longindex; const char *magicfile = NULL; /* where the magic is */ @@ -251,6 +252,9 @@ main(int argc, char *argv[]) case 'r': flags |= MAGIC_RAW; break; + case 'R': + max_recursion = atoi(optarg); + break; case 's': flags |= MAGIC_DEVICES; break; @@ -303,6 +307,8 @@ main(int argc, char *argv[]) strerror(errno)); return 1; } + + switch(action) { case FILE_CHECK: c = magic_check(magic, magicfile); @@ -326,6 +332,15 @@ main(int argc, char *argv[]) if (magic == NULL) if ((magic = load(magicfile, flags)) == NULL) return 1; + if (max_recursion) { + if (magic_setparam(magic, MAGIC_PARAM_MAX_RECURSION, + &max_recursion) == -1) { + (void)fprintf(stderr, + "%s: Can't set recurision %s\n", progname, + strerror(errno)); + return 1; + } + } break; } diff --git src/file.h src/file.h index fa0f616..52a0cb8 100644 --- src/file.h +++ src/file.h @@ -401,6 +401,8 @@ struct magic_set { /* FIXME: Make the string dynamically allocated so that e.g. strings matched in files can be longer than MAXstring */ union VALUETYPE ms_value; /* either number or string */ + size_t max_recursion; +#define FILE_MAX_RECURSION 15 }; /* Type for Unicode characters */ diff --git src/file_opts.h src/file_opts.h index db34eb7..9cb1d01 100644 --- src/file_opts.h +++ src/file_opts.h @@ -44,6 +44,7 @@ OPT('0', "print0", 0, " terminate filenames with ASCII NUL\n") OPT('p', "preserve-date", 0, " preserve access times on files\n") #endif OPT('r', "raw", 0, " don't translate unprintable chars to \\ooo\n") +OPT('R', "recursion", 0, " set maximum recursion level\n") OPT('s', "special-files", 0, " treat special (block/char devices) files as\n" " ordinary ones\n") OPT('C', "compile", 0, " compile file specified by -m\n") diff --git src/magic.c src/magic.c index b2b87c9..e561796 100644 --- src/magic.c +++ src/magic.c @@ -536,3 +536,29 @@ magic_version(void) { return MAGIC_VERSION; } + +public int +magic_setparam(struct magic_set *ms, int param, const void *val) +{ + switch (param) { + case MAGIC_PARAM_MAX_RECURSION: + ms->max_recursion = *(const size_t *)val; + return 0; + default: + errno = EINVAL; + return -1; + } +} + +public int +magic_getparam(struct magic_set *ms, int param, void *val) +{ + switch (param) { + case MAGIC_PARAM_MAX_RECURSION: + *(size_t *)val = ms->max_recursion; + return 0; + default: + errno = EINVAL; + return -1; + } +} diff --git src/magic.h.in src/magic.h.in index 4a35705..9bf7d29 100644 --- src/magic.h.in +++ src/magic.h.in @@ -101,6 +101,10 @@ int magic_check(magic_t, const char *); int magic_list(magic_t, const char *); int magic_errno(magic_t); +#define MAGIC_PARAM_MAX_RECURSION 0 +int magic_setparam(magic_t, int, const void *); +int magic_getparam(magic_t, int, void *); + #ifdef __cplusplus }; #endif diff --git src/softmagic.c src/softmagic.c index 15dfce5..5fa2810 100644 --- src/softmagic.c +++ src/softmagic.c @@ -47,10 +47,10 @@ FILE_RCSID("@(#)$File: softmagic.c,v 1.1 private int match(struct magic_set *, struct magic *, uint32_t, - const unsigned char *, size_t, size_t, int, int, int, int, int *, int *, + const unsigned char *, size_t, size_t, int, int, int, size_t, int *, int *, int *); private int mget(struct magic_set *, const unsigned char *, - struct magic *, size_t, size_t, unsigned int, int, int, int, int, int *, + struct magic *, size_t, size_t, unsigned int, int, int, int, size_t, int *, int *, int *); private int magiccheck(struct magic_set *, struct magic *); private int32_t mprint(struct magic_set *, struct magic *); @@ -64,8 +64,6 @@ private void cvt_64(union VALUETYPE *, const struct magic *); #define OFFSET_OOB(n, o, i) ((n) < (o) || (i) > ((n) - (o))) -#define MAX_RECURSION_LEVEL 10 - /* * softmagic - lookup one file in parsed, in-memory copy of database * Passed the name and FILE * of one file to be typed. @@ -136,8 +134,8 @@ file_fmtcheck(struct magic_set *ms, const struct magic *m, const char *def, private int match(struct magic_set *ms, struct magic *magic, uint32_t nmagic, const unsigned char *s, size_t nbytes, size_t offset, int mode, int text, - int flip, int recursion_level, int *printed_something, int *need_separator, - int *returnval) + int flip, size_t recursion_level, int *printed_something, + int *need_separator, int *returnval) { uint32_t magindex = 0; unsigned int cont_level = 0; @@ -1217,7 +1215,7 @@ mcopy(struct magic_set *ms, union VALUETYPE *p, int type, int indir, private int mget(struct magic_set *ms, const unsigned char *s, struct magic *m, size_t nbytes, size_t o, unsigned int cont_level, int mode, int text, - int flip, int recursion_level, int *printed_something, + int flip, size_t recursion_level, int *printed_something, int *need_separator, int *returnval) { uint32_t offset = ms->offset; @@ -1228,8 +1226,9 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, union VALUETYPE *p = &ms->ms_value; struct mlist ml; - if (recursion_level >= MAX_RECURSION_LEVEL) { - file_error(ms, 0, "recursion nesting exceeded"); + if (recursion_level >= ms->max_recursion) { + file_error(ms, 0, "recursion nesting (%zu) exceeded", + recursion_level); return -1; } -- 1.7.9.2 ++++++ 0006-Don-t-bail-if-there-was-no-error-buf-could-have-been.patch ++++++ >From 6bf45271eb8e0e6577b92042ce2003ba998d1686 Mon Sep 17 00:00:00 2001 From: Christos Zoulas <[email protected]> Date: Thu, 4 Dec 2014 15:22:05 +0000 Subject: [PATCH] Don't bail if there was no error, buf could have been NULL on entry. --- src/softmagic.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git src/softmagic.c src/softmagic.c index cd34890..0c36cd8 100644 --- src/softmagic.c +++ src/softmagic.c @@ -1700,7 +1700,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, fprintf(stderr, "indirect @offs=%u[%d]\n", offset, rv); rbuf = file_pop_buffer(ms, pb); - if (rbuf == NULL) + if (rbuf == NULL && ms->event_flags & EVENT_HAD_ERR) return -1; if (rv == 1) { -- 1.7.9.2 ++++++ baselibs.conf ++++++ libmagic1 ++++++ file-4.20-ssd.dif ++++++ --- magic/Localstuff +++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 @@ -14,3 +14,12 @@ >33 string >\0 (%s) 2 string \000\022 TeX font metric data >33 string >\0 (%s) + +# XXX some MS Structured Storage Documents such as Adobe PageMaker[tm] +# files interfere with the Microsoft Office Document and the SSD starting +# sequence \320\317\021\340\241\261\032\341. Anyone who knows +# more details about the scheme of such SSDs and can help to extend this to all +# type of SSD, please let us know. E.g. how is the offset to the `Root Entry' +# determined? +512 search/531 R\0o\0o\0t\0\ \0E\0n\0t\0r\0y Structured Storage +>&109 search/17 P\0a\0g\0e\0M\0a\0k\0e\0r PageMaker ++++++ file-4.20-xen.dif ++++++ --- magic/Localstuff +++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 @@ -23,3 +23,9 @@ # determined? 512 search/531 R\0o\0o\0t\0\ \0E\0n\0t\0r\0y Structured Storage >&109 search/17 P\0a\0g\0e\0M\0a\0k\0e\0r PageMaker + +# File magic for Xen, the virtual machine monitor for x86 +0 string LinuxGuestRecord Xen saved domain +#>2 regex \(name\ [^)]*\) %s +>20 search/256 (name (name +>>&1 string x %s...) ++++++ file-4.21-scribus.dif ++++++ --- magic/Localstuff +++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 @@ -29,3 +29,7 @@ #>2 regex \(name\ [^)]*\) %s >20 search/256 (name (name >>&1 string x %s...) + +# File magic for Scribus, an Open Source Desktop Publishing system +0 string \<SCRIBUSUTF8\ Version Scribus Document +0 string \<SCRIBUSUTF8NEW\ Version Scribus Document ++++++ file-4.21-xcursor.dif ++++++ --- magic/Localstuff +++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 @@ -33,3 +33,6 @@ # File magic for Scribus, an Open Source Desktop Publishing system 0 string \<SCRIBUSUTF8\ Version Scribus Document 0 string \<SCRIBUSUTF8NEW\ Version Scribus Document + +# File magic for X11 cursor data files +0 string Xcur\020\000 X11 cursor data ++++++ file-4.24-autoconf.dif ++++++ --- doc/Makefile.am +++ doc/Makefile.am 2013-09-30 00:00:00.000000000 +0000 @@ -5,7 +5,8 @@ else man_MAGIC = magic.4 endif fsect = @fsect@ -man_MANS = file.1 $(man_MAGIC) libmagic.3 +#man_MANS = file.1 $(man_MAGIC) libmagic.3 +man_MANS = file.1 magic.5 libmagic.3 EXTRA_DIST = file.man magic.man libmagic.man CLEANFILES = $(man_MANS) @@ -17,7 +18,8 @@ file.1: Makefile file.man -e s@__VERSION__@${VERSION}@g \ -e s@__MAGIC__@${MAGIC}@g $(srcdir)/file.man > $@ -magic.${fsect}: Makefile magic.man +#magic.${fsect}: Makefile magic.man +magic.5: Makefile magic.man @rm -f $@ sed -e s@__CSECTION__@1@g \ -e s@__FSECTION__@${fsect}@g \ --- src/readelf.h +++ src/readelf.h 2013-09-30 00:00:00.000000000 +0000 @@ -34,7 +34,10 @@ #ifndef __fake_elf_h__ #define __fake_elf_h__ +#include <features.h> + #if HAVE_STDINT_H +__BEGIN_DECLS #include <stdint.h> #endif @@ -339,4 +342,5 @@ typedef struct { #define AV_386_SSE4_1 0x00800000 #define AV_386_SSE4_2 0x01000000 +__END_DECLS #endif ++++++ file-4.24-cromfs.dif ++++++ --- magic/Localstuff +++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 @@ -36,3 +36,16 @@ # File magic for X11 cursor data files 0 string Xcur\020\000 X11 cursor data + +# File magic for CROM File System + +0 string CROMFS CROMFS +>6 string >\0 \b version %2.2s, +>8 ulequad >0 \b block data at %lld, +>16 ulequad >0 \b fblock table at %lld, +>24 ulequad >0 \b inode table at %lld, +>32 ulequad >0 \b root at %lld, +>40 ulelong >0 \b fblock size = %ld, +>44 ulelong >0 \b block size = %ld, +>48 ulequad >0 \b bytes = %lld + ++++++ file-4.24-mips.dif ++++++ --- magic/Magdir/elf +++ magic/Magdir/elf 2008-04-14 16:57:32.740393508 +0200 @@ -51,26 +51,26 @@ >>18 leshort 8 # only for 32-bit >>>4 byte 1 ->>>>36 lelong&0xf0000000 0x00000000 MIPS-I ->>>>36 lelong&0xf0000000 0x10000000 MIPS-II ->>>>36 lelong&0xf0000000 0x20000000 MIPS-III ->>>>36 lelong&0xf0000000 0x30000000 MIPS-IV ->>>>36 lelong&0xf0000000 0x40000000 MIPS-V ->>>>36 lelong&0xf0000000 0x50000000 MIPS32 ->>>>36 lelong&0xf0000000 0x60000000 MIPS64 ->>>>36 lelong&0xf0000000 0x70000000 MIPS32 rel2 ->>>>36 lelong&0xf0000000 0x80000000 MIPS64 rel2 +#>>>>36 lelong&0xf0000000 0x00000000 MIPS-I +#>>>>36 lelong&0xf0000000 0x10000000 MIPS-II +#>>>>36 lelong&0xf0000000 0x20000000 MIPS-III +#>>>>36 lelong&0xf0000000 0x30000000 MIPS-IV +#>>>>36 lelong&0xf0000000 0x40000000 MIPS-V +#>>>>36 lelong&0xf0000000 0x50000000 MIPS32 +#>>>>36 lelong&0xf0000000 0x60000000 MIPS64 +#>>>>36 lelong&0xf0000000 0x70000000 MIPS32 rel2 +#>>>>36 lelong&0xf0000000 0x80000000 MIPS64 rel2 # only for 64-bit >>>4 byte 2 ->>>>48 lelong&0xf0000000 0x00000000 MIPS-I ->>>>48 lelong&0xf0000000 0x10000000 MIPS-II ->>>>48 lelong&0xf0000000 0x20000000 MIPS-III ->>>>48 lelong&0xf0000000 0x30000000 MIPS-IV ->>>>48 lelong&0xf0000000 0x40000000 MIPS-V ->>>>48 lelong&0xf0000000 0x50000000 MIPS32 ->>>>48 lelong&0xf0000000 0x60000000 MIPS64 ->>>>48 lelong&0xf0000000 0x70000000 MIPS32 rel2 ->>>>48 lelong&0xf0000000 0x80000000 MIPS64 rel2 +#>>>>48 lelong&0xf0000000 0x00000000 MIPS-I +#>>>>48 lelong&0xf0000000 0x10000000 MIPS-II +#>>>>48 lelong&0xf0000000 0x20000000 MIPS-III +#>>>>48 lelong&0xf0000000 0x30000000 MIPS-IV +#>>>>48 lelong&0xf0000000 0x40000000 MIPS-V +#>>>>48 lelong&0xf0000000 0x50000000 MIPS32 +#>>>>48 lelong&0xf0000000 0x60000000 MIPS64 +#>>>>48 lelong&0xf0000000 0x70000000 MIPS32 rel2 +#>>>>48 lelong&0xf0000000 0x80000000 MIPS64 rel2 >>18 leshort 9 Amdahl - invalid byte order, >>18 leshort 10 MIPS (deprecated), >>18 leshort 11 RS6000 - invalid byte order, @@ -181,26 +181,26 @@ >>18 beshort 8 # only for 32-bit >>>4 byte 1 ->>>>36 belong&0xf0000000 0x00000000 MIPS-I ->>>>36 belong&0xf0000000 0x10000000 MIPS-II ->>>>36 belong&0xf0000000 0x20000000 MIPS-III ->>>>36 belong&0xf0000000 0x30000000 MIPS-IV ->>>>36 belong&0xf0000000 0x40000000 MIPS-V ->>>>36 belong&0xf0000000 0x50000000 MIPS32 ->>>>36 belong&0xf0000000 0x60000000 MIPS64 ->>>>36 belong&0xf0000000 0x70000000 MIPS32 rel2 ->>>>36 belong&0xf0000000 0x80000000 MIPS64 rel2 +#>>>>36 belong&0xf0000000 0x00000000 MIPS-I +#>>>>36 belong&0xf0000000 0x10000000 MIPS-II +#>>>>36 belong&0xf0000000 0x20000000 MIPS-III +#>>>>36 belong&0xf0000000 0x30000000 MIPS-IV +#>>>>36 belong&0xf0000000 0x40000000 MIPS-V +#>>>>36 belong&0xf0000000 0x50000000 MIPS32 +#>>>>36 belong&0xf0000000 0x60000000 MIPS64 +#>>>>36 belong&0xf0000000 0x70000000 MIPS32 rel2 +#>>>>36 belong&0xf0000000 0x80000000 MIPS64 rel2 # only for 64-bit >>>4 byte 2 ->>>>48 belong&0xf0000000 0x00000000 MIPS-I ->>>>48 belong&0xf0000000 0x10000000 MIPS-II ->>>>48 belong&0xf0000000 0x20000000 MIPS-III ->>>>48 belong&0xf0000000 0x30000000 MIPS-IV ->>>>48 belong&0xf0000000 0x40000000 MIPS-V ->>>>48 belong&0xf0000000 0x50000000 MIPS32 ->>>>48 belong&0xf0000000 0x60000000 MIPS64 ->>>>48 belong&0xf0000000 0x70000000 MIPS32 rel2 ->>>>48 belong&0xf0000000 0x80000000 MIPS64 rel2 +#>>>>48 belong&0xf0000000 0x00000000 MIPS-I +#>>>>48 belong&0xf0000000 0x10000000 MIPS-II +#>>>>48 belong&0xf0000000 0x20000000 MIPS-III +#>>>>48 belong&0xf0000000 0x30000000 MIPS-IV +#>>>>48 belong&0xf0000000 0x40000000 MIPS-V +#>>>>48 belong&0xf0000000 0x50000000 MIPS32 +#>>>>48 belong&0xf0000000 0x60000000 MIPS64 +#>>>>48 belong&0xf0000000 0x70000000 MIPS32 rel2 +#>>>>48 belong&0xf0000000 0x80000000 MIPS64 rel2 >>18 beshort 9 Amdahl, >>18 beshort 10 MIPS (deprecated), >>18 beshort 11 RS6000, ++++++ file-4.24-solv.dif ++++++ --- magic/Localstuff +++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 @@ -49,3 +49,7 @@ >44 ulelong >0 \b block size = %ld, >48 ulequad >0 \b bytes = %lld +# libsatsolver solv file + +0 string SOLV Sat-solver solv file, +>4 belong x version %ld ++++++ file-5.07-biorad.dif ++++++ --- magic/Magdir/images +++ magic/Magdir/images 2013-09-30 00:00:00.000000000 +0000 @@ -640,6 +640,8 @@ # http://web.archive.org/web/20050317223257/www.cs.ubc.ca/spider/ladic/text/biorad.txt # Samples: http://www.loci.wisc.edu/software/sample-data 14 leshort <2 +>4 leshort >0 +>49 byte 0 >62 leshort <2 >>54 leshort 12345 Bio-Rad .PIC Image File >>>0 leshort >0 %hd x ++++++ file-5.07-clicfs.dif ++++++ --- magic/Localstuff +++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 @@ -53,3 +53,11 @@ 0 string SOLV Sat-solver solv file, >4 belong x version %ld + +# coolo's clicfs + +0 string/b CLIC ClicFS +>4 byte x \b Version %c +>5 byte x \b%c +>6 long >0 +>>6 pstring/l >0 \b, Target "%s" ++++++ file-5.07-elf.dif ++++++ --- src/readelf.c +++ src/readelf.c 2013-09-30 13:41:16.000000000 +0000 @@ -708,7 +708,7 @@ core: default: if (xnh_type == NT_PRPSINFO && *flags & FLAGS_IS_CORE) { /*###709 [cc] warning: declaration of 'i' shadows previous non-variable%%%*/ - size_t i, j; + size_t i, j, m = 0; unsigned char c; /* * Extract the program name. We assume @@ -720,7 +720,9 @@ core: * If the characters aren't all printable, * reject it. */ - for (i = 0; i < NOFFSETS; i++) { + if (os_style == OS_STYLE_SVR4) + m = 1; + for (i = m; i < NOFFSETS; i++) { unsigned char *cname, *cp; size_t reloffset = prpsoffsets(i); size_t noffset = doff + reloffset; ++++++ file-5.07-iso9660.dif ++++++ --- magic/Magdir/filesystems +++ magic/Magdir/filesystems 2013-09-30 00:00:00.000000000 +0000 @@ -1946,6 +1946,7 @@ 32769 string CD001 # !:mime application/x-iso9660-image >38913 string !NSR0 ISO 9660 CD-ROM filesystem data +!:mime application/x-iso9660-image >38913 string NSR0 UDF filesystem data >>38917 string 1 (version 1.0) >>38917 string 2 (version 1.5) ++++++ file-5.07-option.dif ++++++ --- src/file.c +++ src/file.c 2013-09-30 00:00:00.000000000 +0000 @@ -195,6 +195,8 @@ main(int argc, char *argv[]) flags |= MAGIC_DEBUG|MAGIC_CHECK; break; case 'e': + if (!optarg) + usage(); for (i = 0; i < sizeof(nv) / sizeof(nv[0]); i++) if (strcmp(nv[i].name, optarg) == 0) break; @@ -206,7 +208,7 @@ main(int argc, char *argv[]) break; case 'f': - if(action) + if(action || !optarg) usage(); if (magic == NULL) if ((magic = load(magicfile, flags)) == NULL) @@ -215,6 +217,8 @@ main(int argc, char *argv[]) ++didsomefiles; break; case 'F': + if (!optarg) + usage(); separator = optarg; break; case 'i': @@ -227,6 +231,8 @@ main(int argc, char *argv[]) action = FILE_LIST; break; case 'm': + if (!optarg) + usage(); magicfile = optarg; break; case 'n': ++++++ file-5.12-endian.patch ++++++ --- src/apprentice.c +++ src/apprentice.c 2013-09-30 00:00:00.000000000 +0000 @@ -48,6 +48,7 @@ FILE_RCSID("@(#)$File: apprentice.c,v 1. #include <sys/mman.h> #endif #include <dirent.h> +#include <byteswap.h> #define EATAB {while (isascii((unsigned char) *l) && \ isspace((unsigned char) *l)) ++l;} @@ -115,9 +116,11 @@ private struct mlist *mlist_alloc(void); private void mlist_free(struct mlist *); private void byteswap(struct magic *, uint32_t); private void bs1(struct magic *); -private uint16_t swap2(uint16_t); -private uint32_t swap4(uint32_t); -private uint64_t swap8(uint64_t); + +#define swap2(x) bswap_16(x) +#define swap4(x) bswap_32(x) +#define swap8(x) bswap_64(x) + private char *mkdbname(struct magic_set *, const char *, int); private struct magic_map *apprentice_map(struct magic_set *, const char *); private void apprentice_unmap(struct magic_map *); @@ -2809,67 +2812,6 @@ byteswap(struct magic *magic, uint32_t n } /* - * swap a short - */ -private uint16_t -swap2(uint16_t sv) -{ - uint16_t rv; - uint8_t *s = (uint8_t *)(void *)&sv; - uint8_t *d = (uint8_t *)(void *)&rv; - d[0] = s[1]; - d[1] = s[0]; - return rv; -} - -/* - * swap an int - */ -private uint32_t -swap4(uint32_t sv) -{ - uint32_t rv; - uint8_t *s = (uint8_t *)(void *)&sv; - uint8_t *d = (uint8_t *)(void *)&rv; - d[0] = s[3]; - d[1] = s[2]; - d[2] = s[1]; - d[3] = s[0]; - return rv; -} - -/* - * swap a quad - */ -private uint64_t -swap8(uint64_t sv) -{ - uint64_t rv; - uint8_t *s = (uint8_t *)(void *)&sv; - uint8_t *d = (uint8_t *)(void *)&rv; -#if 0 - d[0] = s[3]; - d[1] = s[2]; - d[2] = s[1]; - d[3] = s[0]; - d[4] = s[7]; - d[5] = s[6]; - d[6] = s[5]; - d[7] = s[4]; -#else - d[0] = s[7]; - d[1] = s[6]; - d[2] = s[5]; - d[3] = s[4]; - d[4] = s[3]; - d[5] = s[2]; - d[6] = s[1]; - d[7] = s[0]; -#endif - return rv; -} - -/* * byteswap a single magic entry */ private void --- src/cdf.c +++ src/cdf.c 2013-09-30 00:00:00.000000000 +0000 @@ -50,6 +50,7 @@ FILE_RCSID("@(#)$File: cdf.c,v 1.53 2013 #ifdef HAVE_LIMITS_H #include <limits.h> #endif +#include <byteswap.h> #ifndef EFTYPE #define EFTYPE EINVAL @@ -75,56 +76,9 @@ static union { #define CDF_TOLE2(x) ((uint16_t)(NEED_SWAP ? _cdf_tole2(x) : (uint16_t)(x))) #define CDF_GETUINT32(x, y) cdf_getuint32(x, y) - -/* - * swap a short - */ -static uint16_t -_cdf_tole2(uint16_t sv) -{ - uint16_t rv; - uint8_t *s = (uint8_t *)(void *)&sv; - uint8_t *d = (uint8_t *)(void *)&rv; - d[0] = s[1]; - d[1] = s[0]; - return rv; -} - -/* - * swap an int - */ -static uint32_t -_cdf_tole4(uint32_t sv) -{ - uint32_t rv; - uint8_t *s = (uint8_t *)(void *)&sv; - uint8_t *d = (uint8_t *)(void *)&rv; - d[0] = s[3]; - d[1] = s[2]; - d[2] = s[1]; - d[3] = s[0]; - return rv; -} - -/* - * swap a quad - */ -static uint64_t -_cdf_tole8(uint64_t sv) -{ - uint64_t rv; - uint8_t *s = (uint8_t *)(void *)&sv; - uint8_t *d = (uint8_t *)(void *)&rv; - d[0] = s[7]; - d[1] = s[6]; - d[2] = s[5]; - d[3] = s[4]; - d[4] = s[3]; - d[5] = s[2]; - d[6] = s[1]; - d[7] = s[0]; - return rv; -} +#define _cdf_tole2(x) bswap_16(x) +#define _cdf_tole4(x) bswap_32(x) +#define _cdf_tole8(x) bswap_64(x) /* * grab a uint32_t from a possibly unaligned address, and return it in ++++++ file-5.12-javacheck.dif ++++++ --- magic/Magdir/cafebabe +++ magic/Magdir/cafebabe 2013-09-30 00:00:00.000000000 +0000 @@ -15,7 +15,7 @@ # might add another one or two as time goes by... # ### JAVA START ### -0 belong 0xcafebabe +0 belong 0xcafebabe Cafe Babe !:mime application/x-java-applet >4 belong >30 compiled Java class data, >>6 beshort x version %d. ++++++ file-5.12-nitpick.dif ++++++ --- src/file.c +++ src/file.c 2013-09-30 00:00:00.000000000 +0000 @@ -94,10 +94,12 @@ private const char *separator = ":"; /* private const struct option long_options[] = { #define OPT(shortname, longname, opt, doc) \ {longname, opt, NULL, shortname}, +#define OPT_POSIX OPT #define OPT_LONGONLY(longname, opt, doc) \ {longname, opt, NULL, 0}, #include "file_opts.h" #undef OPT +#undef OPT_POSIX #undef OPT_LONGONLY {0, 0, NULL, 0} }; @@ -525,6 +527,7 @@ docprint(const char *opts) private void help(void) { + const unsigned long posix = (unsigned long)getenv("POSIXLY_CORRECT"); (void)fputs( "Usage: file [OPTION...] [FILE...]\n" "Determine type of FILEs.\n" @@ -532,11 +535,16 @@ help(void) #define OPT(shortname, longname, opt, doc) \ fprintf(stdout, " -%c, --" longname, shortname), \ docprint(doc); +#define OPT_POSIX(shortname, longname, opt, doc) \ + fprintf(stdout, " -%c, --" longname "%s", shortname, \ + (shortname == 'L') ? (posix ? " (default)" : "") : (posix ? "" : " (default)")), \ + docprint(doc); #define OPT_LONGONLY(longname, opt, doc) \ fprintf(stdout, " --" longname), \ docprint(doc); #include "file_opts.h" #undef OPT +#undef OPT_POSIX #undef OPT_LONGONLY fprintf(stdout, "\nReport bugs to http://bugs.gw.com/\n";); exit(0); --- src/file_opts.h +++ src/file_opts.h 2013-09-30 13:44:17.000000000 +0000 @@ -34,8 +34,8 @@ OPT_LONGONLY("mime-encoding", 0, " OPT('k', "keep-going", 0, " don't stop at the first match\n") OPT('l', "list", 0, " list magic strength\n") #ifdef S_IFLNK -OPT('L', "dereference", 0, " follow symlinks (default)\n") -OPT('h', "no-dereference", 0, " don't follow symlinks\n") +OPT_POSIX('L', "dereference", 0, " follow symlinks\n") +OPT_POSIX('h', "no-dereference", 0, " don't follow symlinks\n") #endif OPT('n', "no-buffer", 0, " do not buffer output\n") OPT('N', "no-pad", 0, " do not pad output\n") ++++++ file-5.12-ocloexec.patch ++++++ --- src/apprentice.c +++ src/apprentice.c 2013-09-30 00:00:00.000000000 +0000 @@ -938,7 +938,7 @@ load_1(struct magic_set *ms, int action, ssize_t len; struct magic_entry me; - FILE *f = fopen(ms->file = fn, "r"); + FILE *f = fopen(ms->file = fn, "re"); if (f == NULL) { if (errno != ENOENT) file_error(ms, errno, "cannot read magic file `%s'", @@ -2599,7 +2599,7 @@ apprentice_map(struct magic_set *ms, con if (dbname == NULL) goto error; - if ((fd = open(dbname, O_RDONLY|O_BINARY)) == -1) + if ((fd = open(dbname, O_RDONLY|O_BINARY|O_CLOEXEC)) == -1) goto error; if (fstat(fd, &st) == -1) { @@ -2711,7 +2711,7 @@ apprentice_compile(struct magic_set *ms, if (dbname == NULL) goto out; - if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, 0644)) == -1) + if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY|O_CLOEXEC, 0644)) == -1) { file_error(ms, errno, "cannot open `%s'", dbname); goto out; --- src/compress.c +++ src/compress.c 2013-09-30 00:00:00.000000000 +0000 @@ -250,7 +250,7 @@ file_pipe2file(struct magic_set *ms, int #else { int te; - tfd = mkstemp(buf); + tfd = mkostemp(buf, O_CLOEXEC); te = errno; (void)unlink(buf); errno = te; --- src/file.c +++ src/file.c 2013-09-30 00:00:00.000000000 +0000 @@ -390,7 +390,7 @@ unwrap(struct magic_set *ms, const char f = stdin; wid = 1; } else { - if ((f = fopen(fn, "r")) == NULL) { + if ((f = fopen(fn, "re")) == NULL) { (void)fprintf(stderr, "%s: Cannot open `%s' (%s).\n", progname, fn, strerror(errno)); return 1; --- src/magic.c +++ src/magic.c 2013-09-30 00:00:00.000000000 +0000 @@ -372,7 +372,7 @@ file_or_fd(struct magic_set *ms, const c else pos = lseek(fd, (off_t)0, SEEK_CUR); } else { - int flags = O_RDONLY|O_BINARY; + int flags = O_RDONLY|O_BINARY|O_CLOEXEC; if (stat(inname, &sb) == 0 && S_ISFIFO(sb.st_mode)) { #ifdef O_NONBLOCK ++++++ file-5.12-zip.dif ++++++ --- magic/Magdir/archive +++ magic/Magdir/archive 2013-09-30 00:00:00.000000000 +0000 @@ -589,6 +589,19 @@ # Zip archives (Greg Roelofs, c/o [email protected]) 0 string PK\005\006 Zip archive data (empty) 0 string PK\003\004 +>30 ubelong !0x6d696d65 +>>4 byte 0x00 Zip archive data +!:mime application/zip +>>4 byte 0x09 Zip archive data, at least v0.9 to extract +!:mime application/zip +>>4 byte 0x0a Zip archive data, at least v1.0 to extract +!:mime application/zip +>>4 byte 0x0b Zip archive data, at least v1.1 to extract +!:mime application/zip +>>0x161 string WINZIP Zip archive data, WinZIP self-extracting +!:mime application/zip +>>4 byte 0x14 Zip archive data, at least v2.0 to extract +!:mime application/zip # Specialised zip formats which start with a member named 'mimetype' # (stored uncompressed, with no 'extra field') containing the file's MIME type. ++++++ file-5.12-zip2.0.dif ++++++ --- magic/Magdir/archive +++ magic/Magdir/archive 2013-09-30 00:00:00.000000000 +0000 @@ -585,6 +585,10 @@ # PKZIP multi-volume archive 0 string PK\x07\x08PK\x03\x04 Zip multi-volume archive data, at least PKZIP v2.50 to extract !:mime application/zip +>30 ubelong 0x6d696d65 Zip archive data, at least v2.0 to extract +>>34 ubelong 0x74797065 \b, mime type +>>>38 regex application/[a-z\+\-]+ \b %s +!:mime application/unknown+zip # Zip archives (Greg Roelofs, c/o [email protected]) 0 string PK\005\006 Zip archive data (empty) ++++++ file-5.14-misc.dif ++++++ --- magic/Magdir/audio +++ magic/Magdir/audio 2013-09-30 00:00:00.000000000 +0000 @@ -129,7 +129,7 @@ # Oct 31, 1995 # fixed by <[email protected]> 2003-06-24 # Too short... -#0 string MTM MultiTracker Module sound file +#0 string MTM MultiTracker Module sound data #0 string if Composer 669 Module sound data #0 string JN Composer 669 Module sound data (extended format) 0 string MAS_U ULT(imate) Module sound data --- magic/Magdir/bsdi +++ magic/Magdir/bsdi 2013-09-30 00:00:00.000000000 +0000 @@ -11,7 +11,7 @@ >32 byte 0x6a (uses shared libs) # same as in SunOS 4.x, except for static shared libraries -0 belong&077777777 0600413 sparc demand paged +0 belong&077777777 0600413 SPARC demand paged >0 byte &0x80 >>20 belong <4096 shared library >>20 belong =4096 dynamically linked executable @@ -20,13 +20,13 @@ >16 belong >0 not stripped >36 belong 0xb4100001 (uses shared libs) -0 belong&077777777 0600410 sparc pure +0 belong&077777777 0600410 SPARC pure >0 byte &0x80 dynamically linked executable >0 byte ^0x80 executable >16 belong >0 not stripped >36 belong 0xb4100001 (uses shared libs) -0 belong&077777777 0600407 sparc +0 belong&077777777 0600407 SPARC >0 byte &0x80 dynamically linked executable >0 byte ^0x80 executable >16 belong >0 not stripped --- magic/Magdir/mach +++ magic/Magdir/mach 2013-09-30 00:00:00.000000000 +0000 @@ -121,7 +121,7 @@ >>>4 belong&0x00ffffff 1 mc88100 >>>4 belong&0x00ffffff 2 mc88110 >>>4 belong&0x00ffffff >2 mc88000 subarchitecture=%ld ->>0 belong&0x00ffffff 14 sparc +>>0 belong&0x00ffffff 14 SPARC >>0 belong&0x00ffffff 15 i860g >>0 belong&0x00ffffff 16 alpha >>0 belong&0x00ffffff 17 rs6000 --- magic/Magdir/netbsd +++ magic/Magdir/netbsd 2013-09-30 00:00:00.000000000 +0000 @@ -100,25 +100,25 @@ 0 belong&0377777777 045200507 a.out NetBSD/powerpc core >12 string >\0 from '%s' -0 belong&0377777777 042400413 a.out NetBSD/sparc demand paged +0 belong&0377777777 042400413 a.out NetBSD/SPARC demand paged >0 byte &0x80 >>20 belong <8192 shared library >>20 belong =8192 dynamically linked executable >>20 belong >8192 dynamically linked executable >0 byte ^0x80 executable >16 belong >0 not stripped -0 belong&0377777777 042400410 a.out NetBSD/sparc pure +0 belong&0377777777 042400410 a.out NetBSD/SPARC pure >0 byte &0x80 dynamically linked executable >0 byte ^0x80 executable >16 belong >0 not stripped -0 belong&0377777777 042400407 a.out NetBSD/sparc +0 belong&0377777777 042400407 a.out NetBSD/SPARC >0 byte &0x80 dynamically linked executable >0 byte ^0x80 >>0 byte &0x40 position independent >>20 belong !0 executable >>20 belong =0 object file >16 belong >0 not stripped -0 belong&0377777777 042400507 a.out NetBSD/sparc core +0 belong&0377777777 042400507 a.out NetBSD/SPARC core >12 string >\0 from '%s' >32 belong !0 (signal %d) --- magic/Magdir/sun +++ magic/Magdir/sun 2013-09-30 00:00:00.000000000 +0000 @@ -9,7 +9,7 @@ # are in aout, as they're indistinguishable from other big-endian # 32-bit a.out files. # -0 belong&077777777 0600413 a.out SunOS sparc demand paged +0 belong&077777777 0600413 a.out SunOS SPARC demand paged >0 byte &0x80 >>20 belong <4096 shared library >>20 belong =4096 dynamically linked executable @@ -17,12 +17,12 @@ >0 byte ^0x80 executable >16 belong >0 not stripped -0 belong&077777777 0600410 a.out SunOS sparc pure +0 belong&077777777 0600410 a.out SunOS SPARC pure >0 byte &0x80 dynamically linked executable >0 byte ^0x80 executable >16 belong >0 not stripped -0 belong&077777777 0600407 a.out SunOS sparc +0 belong&077777777 0600407 a.out SunOS SPARC >0 byte &0x80 dynamically linked executable >0 byte ^0x80 executable >16 belong >0 not stripped ++++++ file-5.14-printf.dif ++++++ --- src/apprentice.c +++ src/apprentice.c 2013-09-30 00:00:00.000000000 +0000 @@ -2072,8 +2072,16 @@ check_format_type(const char *ptr, int t quad = 1; /*FALLTHROUGH*/ case FILE_FMT_NUM: + if (*ptr == '#') + ptr++; + if (*ptr == ' ') + ptr++; if (*ptr == '-') ptr++; + if (*ptr == '+') + ptr++; + if (*ptr == '\'') + ptr++; if (*ptr == '.') ptr++; while (isdigit((unsigned char)*ptr)) ptr++; @@ -2115,6 +2123,9 @@ check_format_type(const char *ptr, int t default: return -1; } + case 'o': + case 'x': + case 'X': case 'd': return 0; default: ++++++ file-5.14-tex.dif ++++++ --- magic/Localstuff +++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 @@ -5,3 +5,12 @@ # $File: Localstuff,v 1.4 2003/03/23 04:17:27 christos Exp $ # Add any locally observed files here. Remember: # text if readable, executable if runnable binary, data if unreadable. + +# XXX promoted from tex so that *.tfm is not mis-identified as mc68k file. +# There is no way to detect TeX Font Metric (*.tfm) files without +# breaking them apart and reading the data. The following patterns +# match most *.tfm files generated by METAFONT or afm2tfm. +2 string \000\021 TeX font metric data +>33 string >\0 (%s) +2 string \000\022 TeX font metric data +>33 string >\0 (%s) ++++++ file-5.15-clear-invalid.patch ++++++ From: Andreas Stieger <[email protected]> Date: Sun, 29 Sep 2013 01:47:57 +0100 Subject: [PATCH] remove clear instruction Upstream: no References: http://mx.gw.com/pipermail/file/2013/001227.html http://mx.gw.com/pipermail/file/2013/001225.html fixed build warning: [ 205s] /usr/share/misc/magic, 5352: Warning: type `clear x' invalid --- magic/Magdir/elf | 1 - 1 file changed, 1 deletion(-) Index: file-5.15/magic/Magdir/elf =================================================================== --- file-5.15.orig/magic/Magdir/elf 2013-09-29 01:42:19.000000000 +0100 +++ file-5.15/magic/Magdir/elf 2013-09-29 01:43:25.000000000 +0100 @@ -30,7 +30,6 @@ #>>>(0x38+0xcc) string >\0 of '%s' #>>>(0x38+0x10) lelong >0 (signal %d), >16 leshort &0xff00 processor-specific, ->18 clear x >18 leshort 0 no machine, >18 leshort 1 AT&T WE32100 >18 leshort 2 SPARC ++++++ file-5.15.dif ++++++ --- magic/Magdir/elf +++ magic/Magdir/elf 2013-09-30 00:00:00.000000000 +0000 @@ -129,7 +129,7 @@ >18 leshort 47 Renesas H8/300H, >18 leshort 48 Renesas H8S, >18 leshort 49 Renesas H8/500, ->18 leshort 50 IA-64, +>18 leshort 50 IA-64 (Intel 64 bit architecture), >18 leshort 51 Stanford MIPS-X, >18 leshort 52 Motorola Coldfire, >18 leshort 53 Motorola M68HC12, --- magic/Magdir/linux +++ magic/Magdir/linux 2013-09-30 00:00:00.000000000 +0000 @@ -97,22 +97,44 @@ # and Nicolas Lichtmaier <[email protected]> # All known start with: b8 c0 07 8e d8 b8 00 90 8e c0 b9 00 01 29 f6 29 # Linux kernel boot images (i386 arch) (Wolfram Kleff) -514 string HdrS Linux kernel +514 string HdrS Linux !:strength + 55 ->510 leshort 0xAA55 x86 boot executable ->>518 leshort >0x1ff ->>>529 byte 0 zImage, ->>>529 byte 1 bzImage, ->>>(526.s+0x200) string >\0 version %s, ->>498 leshort 1 RO-rootFS, ->>498 leshort 0 RW-rootFS, ->>508 leshort >0 root_dev 0x%X, ->>502 leshort >0 swap_dev 0x%X, ->>504 leshort >0 RAMdisksize %u KB, ->>506 leshort 0xFFFF Normal VGA ->>506 leshort 0xFFFE Extended VGA ->>506 leshort 0xFFFD Prompt for Videomode ->>506 leshort >0 Video mode %d +>510 leshort 0xAA55 \b/x86 Kernel +>510 leshort <0xAA55 Kernel +>510 leshort >0xAA55 Kernel +>518 leshort 0x0105 \b, Setup Version 0x105, zImage +>518 leshort >0x0105 \b, Setup Version %#hx +>>529 byte 0 \b, zImage +>>529 byte 1 \b, bzImage +>>>(526.s+0x205) byte 32 +>>>>(526.s+0x200) string >\0 \b, Version %5.5s +>>>(526.s+0x206) byte 32 +>>>>(526.s+0x200) string >\0 \b, Version %6.6s +>>>(526.s+0x207) byte 32 +>>>>(526.s+0x200) string >\0 \b, Version %7.7s +>>>(526.s+0x205) byte 45 +>>>>(526.s+0x200) string >\0 \b, Version %5.5s +>>>(526.s+0x206) byte 45 +>>>>(526.s+0x200) string >\0 \b, Version %6.6s +>>>(526.s+0x207) byte 45 +>>>>(526.s+0x200) string >\0 \b, Version %7.7s +>>>(526.s+0x208) byte 45 +>>>>(526.s+0x200) string >\0 \b, Version %8.8s +>>>(526.s+0x209) byte 45 +>>>>(526.s+0x200) string >\0 \b, Version %9.9s +>>>(526.s+0x20a) byte 45 +>>>>(526.s+0x200) string >\0 \b, Version %10.10s +>>>(526.s+0x20b) byte 45 +>>>>(526.s+0x200) string >\0 \b, Version %11.11s +>>498 leshort 1 \b, RO-rootFS +>>498 leshort 0 \b, RW-rootFS +>>508 leshort >0 \b, root_dev 0x%X +>>502 leshort >0 \b, swap_dev 0x%X +>>504 leshort >0 \b, RAMdisksize %u KB +>>506 leshort 0xFFFF \b, Normal VGA +>>506 leshort 0xFFFE \b, Extended VGA +>>506 leshort 0xFFFD \b, Prompt for Videomode +>>506 leshort >0 \b, Video mode %d # This also matches new kernels, which were caught above by "HdrS". 0 belong 0xb8c0078e Linux kernel >0x1e3 string Loading version 1.3.79 or older --- magic/Magdir/msad +++ magic/Magdir/msad 2013-09-30 00:00:00.000000000 +0000 @@ -0,0 +1,5 @@ +#------------------------------------------------------------------------------ +# msad: file(1) magic for msad +# Microsoft visual C +# This must precede the heuristic for raw G3 data +4 string Standard\ Jet\ DB Microsoft Access Database --- magic/Magdir/msdos +++ magic/Magdir/msdos 2013-09-30 00:00:00.000000000 +0000 @@ -99,9 +99,9 @@ >>>(0x3c.l+22) leshort&0x0200 >0 (stripped to external PDB) >>>(0x3c.l+22) leshort&0x1000 >0 system file >>>(0x3c.l+24) leshort 0x010b ->>>>(0x3c.l+232) lelong >0 Mono/.Net assembly +>>>>(0x3c.l+232) lelong >0 \b, Mono/.Net assembly >>>(0x3c.l+24) leshort 0x020b ->>>>(0x3c.l+248) lelong >0 Mono/.Net assembly +>>>>(0x3c.l+248) lelong >0 \b, Mono/.Net assembly # hooray, there's a DOS extender using the PE format, with a valid PE # executable inside (which just prints a message and exits if run in win) --- magic/Makefile.am +++ magic/Makefile.am 2013-09-30 00:00:00.000000000 +0000 @@ -5,7 +5,7 @@ MAGIC_FRAGMENT_BASE = Magdir MAGIC_DIR = $(top_srcdir)/magic MAGIC_FRAGMENT_DIR = $(MAGIC_DIR)/$(MAGIC_FRAGMENT_BASE) -pkgdata_DATA = magic.mgc +pkgdata_DATA = magic.mgc magic EXTRA_DIST = \ $(MAGIC_DIR)/Header \ @@ -20,7 +20,6 @@ $(MAGIC_FRAGMENT_DIR)/amigaos \ $(MAGIC_FRAGMENT_DIR)/animation \ $(MAGIC_FRAGMENT_DIR)/aout \ $(MAGIC_FRAGMENT_DIR)/apl \ -$(MAGIC_FRAGMENT_DIR)/apple \ $(MAGIC_FRAGMENT_DIR)/applix \ $(MAGIC_FRAGMENT_DIR)/archive \ $(MAGIC_FRAGMENT_DIR)/assembler \ @@ -74,7 +73,6 @@ $(MAGIC_FRAGMENT_DIR)/epoc \ $(MAGIC_FRAGMENT_DIR)/erlang \ $(MAGIC_FRAGMENT_DIR)/esri \ $(MAGIC_FRAGMENT_DIR)/fcs \ -$(MAGIC_FRAGMENT_DIR)/filesystems \ $(MAGIC_FRAGMENT_DIR)/flash \ $(MAGIC_FRAGMENT_DIR)/fonts \ $(MAGIC_FRAGMENT_DIR)/fortran \ @@ -112,6 +110,8 @@ $(MAGIC_FRAGMENT_DIR)/isz \ $(MAGIC_FRAGMENT_DIR)/java \ $(MAGIC_FRAGMENT_DIR)/javascript \ $(MAGIC_FRAGMENT_DIR)/jpeg \ +$(MAGIC_FRAGMENT_DIR)/linux \ +$(MAGIC_FRAGMENT_DIR)/filesystems \ $(MAGIC_FRAGMENT_DIR)/karma \ $(MAGIC_FRAGMENT_DIR)/kde \ $(MAGIC_FRAGMENT_DIR)/keepass \ @@ -119,7 +119,6 @@ $(MAGIC_FRAGMENT_DIR)/kml \ $(MAGIC_FRAGMENT_DIR)/lecter \ $(MAGIC_FRAGMENT_DIR)/lex \ $(MAGIC_FRAGMENT_DIR)/lif \ -$(MAGIC_FRAGMENT_DIR)/linux \ $(MAGIC_FRAGMENT_DIR)/lisp \ $(MAGIC_FRAGMENT_DIR)/llvm \ $(MAGIC_FRAGMENT_DIR)/lua \ @@ -127,7 +126,6 @@ $(MAGIC_FRAGMENT_DIR)/luks \ $(MAGIC_FRAGMENT_DIR)/m4 \ $(MAGIC_FRAGMENT_DIR)/mach \ $(MAGIC_FRAGMENT_DIR)/macos \ -$(MAGIC_FRAGMENT_DIR)/macintosh \ $(MAGIC_FRAGMENT_DIR)/magic \ $(MAGIC_FRAGMENT_DIR)/mail.news \ $(MAGIC_FRAGMENT_DIR)/make \ @@ -146,10 +144,10 @@ $(MAGIC_FRAGMENT_DIR)/misctools \ $(MAGIC_FRAGMENT_DIR)/mkid \ $(MAGIC_FRAGMENT_DIR)/mlssa \ $(MAGIC_FRAGMENT_DIR)/mmdf \ -$(MAGIC_FRAGMENT_DIR)/modem \ $(MAGIC_FRAGMENT_DIR)/motorola \ $(MAGIC_FRAGMENT_DIR)/mozilla \ $(MAGIC_FRAGMENT_DIR)/msdos \ +$(MAGIC_FRAGMENT_DIR)/modem \ $(MAGIC_FRAGMENT_DIR)/msooxml \ $(MAGIC_FRAGMENT_DIR)/msx \ $(MAGIC_FRAGMENT_DIR)/msvc \ @@ -192,6 +190,8 @@ $(MAGIC_FRAGMENT_DIR)/pyramid \ $(MAGIC_FRAGMENT_DIR)/python \ $(MAGIC_FRAGMENT_DIR)/revision \ $(MAGIC_FRAGMENT_DIR)/riff \ +$(MAGIC_FRAGMENT_DIR)/apple \ +$(MAGIC_FRAGMENT_DIR)/macintosh \ $(MAGIC_FRAGMENT_DIR)/rinex \ $(MAGIC_FRAGMENT_DIR)/rpm \ $(MAGIC_FRAGMENT_DIR)/rtf \ @@ -261,8 +261,20 @@ $(MAGIC_FRAGMENT_DIR)/zfs \ $(MAGIC_FRAGMENT_DIR)/zilog \ $(MAGIC_FRAGMENT_DIR)/zyxel +RAW = magic MAGIC = magic.mgc -CLEANFILES = ${MAGIC} $(MAGIC_FRAGMENT_DIR)/Localstuff +CLEANFILES = ${MAGIC} $(MAGIC_DIR)/Localstuff ${RAW} + +${RAW}: $(MAGIC_DIR)/Header $(MAGIC_DIR)/Localstuff $(EXTRA_DIST) + cat /dev/null > $@ + for frag in $(EXTRA_DIST); do \ + if test -f $(srcdir)/$$frag; then \ + f=$(srcdir)/$$frag; \ + else \ + f=$$frag; \ + fi; \ + cat $$f; \ + done >> $@ # FIXME: Build file natively as well so that it can be used to compile # the target's magic file; for now we bail if the local version does not match @@ -274,19 +286,22 @@ FILE_COMPILE = $(top_builddir)/src/file$ FILE_COMPILE_DEP = $(FILE_COMPILE) endif -${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) - @rm -fr magic - @mkdir magic && cp -p $(EXTRA_DIST) magic - @(if expr "${FILE_COMPILE}" : '.*/.*' > /dev/null; then \ - echo "Using ${FILE_COMPILE} to generate ${MAGIC}" > /dev/null; \ - else \ - v=$$(file --version | sed -e s/file-// -e q); \ - if [ "$$v" != "${PACKAGE_VERSION}" ]; then \ - echo "Cannot use the installed version of file ($$v) to"; \ - echo "cross-compile file ${PACKAGE_VERSION}"; \ - echo "Please install file ${PACKAGE_VERSION} locally first"; \ - exit 1; \ - fi; \ - fi) - $(FILE_COMPILE) -C -m magic - @rm -fr magic +${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) $(RAW) + $(FILE_COMPILE) -C -m $(RAW) + +#${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) +# @rm -fr magic +# @mkdir magic && cp -p $(EXTRA_DIST) magic +# @(if expr "${FILE_COMPILE}" : '.*/.*' > /dev/null; then \ +# echo "Using ${FILE_COMPILE} to generate ${MAGIC}" > /dev/null; \ +# else \ +# v=$$(file --version | sed -e s/file-// -e q); \ +# if [ "$$v" != "${PACKAGE_VERSION}" ]; then \ +# echo "Cannot use the installed version of file ($$v) to"; \ +# echo "cross-compile file ${PACKAGE_VERSION}"; \ +# echo "Please install file ${PACKAGE_VERSION} locally first"; \ +# exit 1; \ +# fi; \ +# fi) +# $(FILE_COMPILE) -C -m magic +# @rm -fr magic --- magic/Makefile.in +++ magic/Makefile.in 2013-09-30 14:05:30.000000000 +0000 @@ -203,7 +203,7 @@ top_srcdir = @top_srcdir@ MAGIC_FRAGMENT_BASE = Magdir MAGIC_DIR = $(top_srcdir)/magic MAGIC_FRAGMENT_DIR = $(MAGIC_DIR)/$(MAGIC_FRAGMENT_BASE) -pkgdata_DATA = magic.mgc +pkgdata_DATA = magic.mgc magic EXTRA_DIST = \ $(MAGIC_DIR)/Header \ $(MAGIC_DIR)/Localstuff \ @@ -217,7 +217,6 @@ $(MAGIC_FRAGMENT_DIR)/amigaos \ $(MAGIC_FRAGMENT_DIR)/animation \ $(MAGIC_FRAGMENT_DIR)/aout \ $(MAGIC_FRAGMENT_DIR)/apl \ -$(MAGIC_FRAGMENT_DIR)/apple \ $(MAGIC_FRAGMENT_DIR)/applix \ $(MAGIC_FRAGMENT_DIR)/archive \ $(MAGIC_FRAGMENT_DIR)/assembler \ @@ -271,7 +270,6 @@ $(MAGIC_FRAGMENT_DIR)/epoc \ $(MAGIC_FRAGMENT_DIR)/erlang \ $(MAGIC_FRAGMENT_DIR)/esri \ $(MAGIC_FRAGMENT_DIR)/fcs \ -$(MAGIC_FRAGMENT_DIR)/filesystems \ $(MAGIC_FRAGMENT_DIR)/flash \ $(MAGIC_FRAGMENT_DIR)/fonts \ $(MAGIC_FRAGMENT_DIR)/fortran \ @@ -309,6 +307,8 @@ $(MAGIC_FRAGMENT_DIR)/isz \ $(MAGIC_FRAGMENT_DIR)/java \ $(MAGIC_FRAGMENT_DIR)/javascript \ $(MAGIC_FRAGMENT_DIR)/jpeg \ +$(MAGIC_FRAGMENT_DIR)/linux \ +$(MAGIC_FRAGMENT_DIR)/filesystems \ $(MAGIC_FRAGMENT_DIR)/karma \ $(MAGIC_FRAGMENT_DIR)/kde \ $(MAGIC_FRAGMENT_DIR)/keepass \ @@ -316,7 +316,6 @@ $(MAGIC_FRAGMENT_DIR)/kml \ $(MAGIC_FRAGMENT_DIR)/lecter \ $(MAGIC_FRAGMENT_DIR)/lex \ $(MAGIC_FRAGMENT_DIR)/lif \ -$(MAGIC_FRAGMENT_DIR)/linux \ $(MAGIC_FRAGMENT_DIR)/lisp \ $(MAGIC_FRAGMENT_DIR)/llvm \ $(MAGIC_FRAGMENT_DIR)/lua \ @@ -324,7 +323,6 @@ $(MAGIC_FRAGMENT_DIR)/luks \ $(MAGIC_FRAGMENT_DIR)/m4 \ $(MAGIC_FRAGMENT_DIR)/mach \ $(MAGIC_FRAGMENT_DIR)/macos \ -$(MAGIC_FRAGMENT_DIR)/macintosh \ $(MAGIC_FRAGMENT_DIR)/magic \ $(MAGIC_FRAGMENT_DIR)/mail.news \ $(MAGIC_FRAGMENT_DIR)/make \ @@ -343,10 +341,10 @@ $(MAGIC_FRAGMENT_DIR)/misctools \ $(MAGIC_FRAGMENT_DIR)/mkid \ $(MAGIC_FRAGMENT_DIR)/mlssa \ $(MAGIC_FRAGMENT_DIR)/mmdf \ -$(MAGIC_FRAGMENT_DIR)/modem \ $(MAGIC_FRAGMENT_DIR)/motorola \ $(MAGIC_FRAGMENT_DIR)/mozilla \ $(MAGIC_FRAGMENT_DIR)/msdos \ +$(MAGIC_FRAGMENT_DIR)/modem \ $(MAGIC_FRAGMENT_DIR)/msooxml \ $(MAGIC_FRAGMENT_DIR)/msx \ $(MAGIC_FRAGMENT_DIR)/msvc \ @@ -389,6 +387,8 @@ $(MAGIC_FRAGMENT_DIR)/pyramid \ $(MAGIC_FRAGMENT_DIR)/python \ $(MAGIC_FRAGMENT_DIR)/revision \ $(MAGIC_FRAGMENT_DIR)/riff \ +$(MAGIC_FRAGMENT_DIR)/apple \ +$(MAGIC_FRAGMENT_DIR)/macintosh \ $(MAGIC_FRAGMENT_DIR)/rinex \ $(MAGIC_FRAGMENT_DIR)/rpm \ $(MAGIC_FRAGMENT_DIR)/rtf \ @@ -458,10 +458,22 @@ $(MAGIC_FRAGMENT_DIR)/zfs \ $(MAGIC_FRAGMENT_DIR)/zilog \ $(MAGIC_FRAGMENT_DIR)/zyxel +RAW = magic MAGIC = magic.mgc -CLEANFILES = ${MAGIC} $(MAGIC_FRAGMENT_DIR)/Localstuff +CLEANFILES = ${MAGIC} $(MAGIC_FRAGMENT_DIR)/Localstuff ${RAW} @IS_CROSS_COMPILE_FALSE@FILE_COMPILE = $(top_builddir)/src/file${EXEEXT} +${RAW}: $(MAGIC_DIR)/Header $(MAGIC_DIR)/Localstuff $(EXTRA_DIST) + cat /dev/null > $@ + for frag in $(EXTRA_DIST); do \ + if test -f $(srcdir)/$$frag; then \ + f=$(srcdir)/$$frag; \ + else \ + f=$$frag; \ + fi; \ + cat $$f; \ + done >> $@ + # FIXME: Build file natively as well so that it can be used to compile # the target's magic file; for now we bail if the local version does not match @IS_CROSS_COMPILE_TRUE@FILE_COMPILE = file${EXEEXT} @@ -676,23 +688,25 @@ uninstall-am: uninstall-pkgdataDATA mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ uninstall uninstall-am uninstall-pkgdataDATA +${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) $(RAW) + $(FILE_COMPILE) -C -m $(RAW -${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) - @rm -fr magic - @mkdir magic && cp -p $(EXTRA_DIST) magic - @(if expr "${FILE_COMPILE}" : '.*/.*' > /dev/null; then \ - echo "Using ${FILE_COMPILE} to generate ${MAGIC}" > /dev/null; \ - else \ - v=$$(file --version | sed -e s/file-// -e q); \ - if [ "$$v" != "${PACKAGE_VERSION}" ]; then \ - echo "Cannot use the installed version of file ($$v) to"; \ - echo "cross-compile file ${PACKAGE_VERSION}"; \ - echo "Please install file ${PACKAGE_VERSION} locally first"; \ - exit 1; \ - fi; \ - fi) - $(FILE_COMPILE) -C -m magic - @rm -fr magic +#${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) +# @rm -fr magic +# @mkdir magic && cp -p $(EXTRA_DIST) magic +# @(if expr "${FILE_COMPILE}" : '.*/.*' > /dev/null; then \ +# echo "Using ${FILE_COMPILE} to generate ${MAGIC}" > /dev/null; \ +# else \ +# v=$$(file --version | sed -e s/file-// -e q); \ +# if [ "$$v" != "${PACKAGE_VERSION}" ]; then \ +# echo "Cannot use the installed version of file ($$v) to"; \ +# echo "cross-compile file ${PACKAGE_VERSION}"; \ +# echo "Please install file ${PACKAGE_VERSION} locally first"; \ +# exit 1; \ +# fi; \ +# fi) +# $(FILE_COMPILE) -C -m magic +# @rm -fr magic # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. --- src/Makefile.am +++ src/Makefile.am 2013-09-30 00:00:00.000000000 +0000 @@ -1,4 +1,4 @@ -MAGIC = $(pkgdatadir)/magic +MAGIC = $(sysconfdir)/magic:$(pkgdatadir)/magic lib_LTLIBRARIES = libmagic.la include_HEADERS = magic.h --- src/dcore.c +++ src/dcore.c 2013-09-30 00:00:00.000000000 +0000 @@ -0,0 +1,207 @@ +/* + * Show goo about ELF core files + * Jeremy Fitzhardinge <[email protected]> 1996 + */ +#include <unistd.h> +#include <fcntl.h> +#include <stdlib.h> +#include <stdio.h> +#include <sys/types.h> +#include <string.h> +#if defined __GLIBC__ && __GLIBC__ >= 2 +#include <elf.h> +#include <sys/procfs.h> +# ifndef NT_PRFPREG +# define NT_PRFPREG 2 +# endif +# ifndef NT_TASKSTRUCT +# define NT_TASKSTRUCT 4 +# endif +#else +#include <linux/elf.h> +#include <linux/elfcore.h> +#endif + +static void fperror(const char *str) +{ + perror(str); + exit(1); +} + +static size_t myread(int fd, void *buf, size_t sz) +{ + size_t ret; + + if ((ret = read(fd, buf, sz)) != sz) + fperror("read failed"); + return ret; +} + +static void print_prstatus(const prstatus_t *pr) +{ + unsigned i; + static const char *regs[] = { "ebx", "ecx", "edx", "esi", "edi", "ebp", + "eax", "ds", "es", "fs", "gs", + "orig_eax", "eip", "cs", + "efl", "uesp", "ss"}; + + printf(" pid=%d ppid=%d pgrp=%d sid=%d\n", + pr->pr_pid, pr->pr_ppid, pr->pr_pgrp, pr->pr_sid); + for(i = 0; i < NGREG; i++) + { + unsigned long val = pr->pr_reg[i]; + printf(" %-2u %-5s=%08lx %lu\n", i, regs[i], val, val); + } +} + +static void print_prpsinfo(const prpsinfo_t *ps) +{ + printf(" uid=%d gid=%d\n", ps->pr_uid, ps->pr_gid); + printf(" comm=%s\n", ps->pr_fname); + printf(" psargs=%s\n", ps->pr_psargs); +} + +#define roundup(x, y) ((((x)+((y)-1))/(y))*(y)) + +static void do_note(int fd, Elf32_Phdr *phdr) +{ + off_t here = lseek(fd, 0, SEEK_CUR); + int size = phdr->p_filesz; + char *raw = alloca(size), *end; + end = raw+size; + + lseek(fd, phdr->p_offset, SEEK_SET); + myread(fd, raw, size); + + while(raw < end) + { + Elf32_Nhdr *note = (Elf32_Nhdr *)raw; + const char *str; + const char *name, *desc; + + raw += sizeof(*note); + name = raw; + raw += roundup(note->n_namesz, sizeof(long)); + desc = raw; + raw += roundup(note->n_descsz, sizeof(long)); + + printf(" name=%.*s", (int)note->n_namesz, name); + + if(strncmp(name, "CORE", note->n_namesz) != 0) + { + printf("\n"); + continue; + } + + switch(note->n_type) + { +#define X(x) case x: str = #x; break; + X(NT_PRSTATUS); + X(NT_PRFPREG); + X(NT_PRPSINFO); + X(NT_TASKSTRUCT); +#undef X + default: + str = "???"; + } + printf(" n_type=%s n_descsz=%ld\n", + str, note->n_descsz); + switch(note->n_type) + { + case NT_PRSTATUS: + print_prstatus((prstatus_t *)desc); + break; + case NT_PRPSINFO: + print_prpsinfo((prpsinfo_t *)desc); + break; + } + } + lseek(fd, here, SEEK_SET); +} + +int main(int argc, char *argv[]) +{ + int fd; + Elf32_Ehdr elf; + int i; + + if (argc != 2) + { + fprintf(stderr, "Usage: %s corefile\n", argv[0]); + exit(1); + } + + if ((fd = open(argv[1], O_RDONLY)) == -1) + fperror("open of core"); + + myread(fd, &elf, sizeof(elf)); + + if (memcmp(ELFMAG, elf.e_ident, SELFMAG) != 0) + printf("bad magic\n"); + + if (elf.e_ident[EI_CLASS] != ELFCLASS32) + printf("wrong class\n"); + + if (elf.e_ident[EI_DATA] != ELFDATA2LSB) + printf("wrong endianess\n"); + + if (elf.e_ident[EI_VERSION] != EV_CURRENT) + printf("wrong version\n"); + + { + const char *str; + switch(elf.e_type) + { +#define C(x) case ET_##x: str = #x; break; + C(NONE); + C(REL); + C(EXEC); + C(DYN); + C(CORE); +#undef C + default: str = "???"; break; + } + printf("elf file type ET_%s\n", str); + } + + if (elf.e_machine != EM_386 && elf.e_machine != EM_486) + printf("not i386 or i486\n"); + + if (elf.e_ehsize != sizeof(elf)) + printf("wrong header size\n"); + + if (elf.e_phentsize != sizeof(Elf32_Phdr)) + printf("wrong phdr size\n"); + + if (lseek(fd, elf.e_phoff, SEEK_SET) != (off_t)elf.e_phoff) + fperror("lseek to phdr failed\n"); + + for(i = 0; i < elf.e_phnum; i++) + { + Elf32_Phdr phdr; + const char *str; + + myread(fd, &phdr, sizeof(phdr)); + switch(phdr.p_type) + { +#define C(x) case PT_##x: str = #x; break; + C(NULL); + C(LOAD); + C(DYNAMIC); + C(INTERP); + C(NOTE); + C(SHLIB); + C(PHDR); +#undef C + default: + str = "???"; break; + } + printf("type PT_%s off=%ld vaddr=%lx filesz=%ld flags=%lx\n", + str, phdr.p_offset, phdr.p_vaddr, phdr.p_filesz, + (unsigned long)phdr.p_flags); + if (phdr.p_type == PT_NOTE) + do_note(fd, &phdr); + } + exit(0); +} + ++++++ file-5.20-CVE-2014-3710.patch ++++++ --- src/readelf.c | 7 +++++++ 1 file changed, 7 insertions(+) --- src/readelf.c +++ src/readelf.c @@ -477,6 +477,13 @@ donote(struct magic_set *ms, void *vbuf, size_t offset, size_t size, uint32_t namesz, descsz; unsigned char *nbuf = CAST(unsigned char *, vbuf); + if (xnh_sizeof + offset > size) { + /* + * We're out of note headers. + */ + return xnh_sizeof + offset; + } + (void)memcpy(xnh_addr, &nbuf[offset], xnh_sizeof); offset += xnh_sizeof; ++++++ file-rpmlintrc ++++++ addFilter(".*Warning:.*using.*regular.*magic.*file.*/usr/share/misc/magic.*") addFilter(".*E:.*shlib-fixed-dependency.*") addFilter(".*W:.*no-dependency-on.*") addFilter(".*W:.*name-repeated-in-summary.*") ++++++ pre_checkin.sh ++++++ #!/bin/bash # This script is called automatically during autobuild checkin. version=$(grep '^Version:.*' file.spec) sed -ri "s,^Version:.*,$version," python-magic.spec -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
