From a7e6687df63ac7149f7b77b9c1e3ac66cc19220a Mon Sep 17 00:00:00 2001 From: Anatol Belski Date: Sun, 29 Mar 2015 18:22:42 +0200 Subject: [PATCH] updated libmagic.patch --- ext/fileinfo/libmagic.patch | 744 ++++++++++-------------------------- 1 file changed, 211 insertions(+), 533 deletions(-) diff --git a/ext/fileinfo/libmagic.patch b/ext/fileinfo/libmagic.patch index 523a8be5475..2e5b09fdd14 100644 --- a/ext/fileinfo/libmagic.patch +++ b/ext/fileinfo/libmagic.patch @@ -1,7 +1,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c ---- libmagic.orig/apprentice.c 2015-01-01 18:07:34.000000000 +0100 -+++ libmagic/apprentice.c 2015-03-29 07:34:29.445231500 +0200 -@@ -29,31 +29,36 @@ +--- libmagic.orig/apprentice.c Mon Feb 9 15:48:48 2015 ++++ libmagic/apprentice.c Sun Mar 29 16:51:28 2015 +@@ -29,6 +29,8 @@ * apprentice - make one pass through /etc/magic, learning its secrets. */ @@ -10,8 +10,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c #include "file.h" #ifndef lint --FILE_RCSID("@(#)$File: apprentice.c,v 1.229 2015/01/01 17:07:34 christos Exp $") -+FILE_RCSID("@(#)$File: apprentice.c,v 1.230 2015/01/02 21:29:39 christos Exp $") +@@ -36,24 +38,27 @@ #endif /* lint */ #include "magic.h" @@ -368,18 +367,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c if (errs == -1) { for (i = 0; i < MAGIC_SETS; i++) { -@@ -964,8 +902,9 @@ - *ml->magic[magindex].mimetype == '\0') - magindex++; - -- printf("Strength = %3" SIZE_T_FORMAT "u : %s [%s]\n", -+ printf("Strength = %3" SIZE_T_FORMAT "u@%u: %s [%s]\n", - apprentice_magic_strength(m), -+ ml->magic[magindex].lineno, - ml->magic[magindex].desc, - ml->magic[magindex].mimetype); - } -@@ -1061,7 +1000,7 @@ +@@ -1062,7 +1000,7 @@ mset[i].max += ALLOC_INCR; if ((mp = CAST(struct magic_entry *, @@ -388,7 +376,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c NULL) { file_oomem(ms, sizeof(*mp) * mset[i].max); return -1; -@@ -1082,13 +1021,19 @@ +@@ -1083,13 +1021,19 @@ load_1(struct magic_set *ms, int action, const char *fn, int *errs, struct magic_entry_set *mset) { @@ -412,7 +400,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c if (errno != ENOENT) file_error(ms, errno, "cannot read magic file `%s'", fn); -@@ -1098,8 +1043,7 @@ +@@ -1099,8 +1043,7 @@ memset(&me, 0, sizeof(me)); /* read and parse this file */ @@ -422,7 +410,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c if (len == 0) /* null line, garbage, etc */ continue; if (line[len - 1] == '\n') { -@@ -1157,8 +1101,8 @@ +@@ -1158,8 +1101,8 @@ } if (me.mp) (void)addentry(ms, &me, mset); @@ -433,7 +421,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c } /* -@@ -1237,7 +1181,7 @@ +@@ -1238,7 +1181,7 @@ mentrycount += me[i].cont_count; slen = sizeof(**ma) * mentrycount; @@ -442,7 +430,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c file_oomem(ms, slen); return -1; } -@@ -1259,8 +1203,8 @@ +@@ -1260,8 +1203,8 @@ if (me == NULL) return; for (i = 0; i < nme; i++) @@ -453,7 +441,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c } private struct magic_map * -@@ -1269,18 +1213,19 @@ +@@ -1270,18 +1213,19 @@ int errs = 0; uint32_t i, j; size_t files = 0, maxfiles = 0; @@ -478,7 +466,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c { file_oomem(ms, sizeof(*map)); return NULL; -@@ -1291,22 +1236,26 @@ +@@ -1292,22 +1236,26 @@ (void)fprintf(stderr, "%s\n", usg_hdr); /* load directory or file */ @@ -513,7 +501,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c continue; } if (files >= maxfiles) { -@@ -1314,23 +1263,22 @@ +@@ -1315,23 +1263,22 @@ maxfiles = (maxfiles + 1) * 2; mlen = maxfiles * sizeof(*filearr); if ((filearr = CAST(char **, @@ -543,7 +531,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c } else load_1(ms, action, fn, &errs, mset); if (errs) -@@ -1795,7 +1743,7 @@ +@@ -1796,7 +1743,7 @@ if (me->cont_count == me->max_count) { struct magic *nm; size_t cnt = me->max_count + ALLOC_CHUNK; @@ -552,7 +540,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c sizeof(*nm) * cnt))) == NULL) { file_oomem(ms, sizeof(*nm) * cnt); return -1; -@@ -1810,7 +1758,7 @@ +@@ -1811,7 +1758,7 @@ static const size_t len = sizeof(*m) * ALLOC_CHUNK; if (me->mp != NULL) return 1; @@ -561,7 +549,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c file_oomem(ms, len); return -1; } -@@ -1983,7 +1931,7 @@ +@@ -1984,7 +1931,7 @@ m->type = get_standard_integer_type(l, &l); else if (*l == 's' && !isalpha((unsigned char)l[1])) { m->type = FILE_STRING; @@ -570,7 +558,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c } } } -@@ -2004,7 +1952,7 @@ +@@ -2005,7 +1952,7 @@ m->mask_op = 0; if (*l == '~') { @@ -579,7 +567,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c m->mask_op |= FILE_OPINVERSE; else if (ms->flags & MAGIC_CHECK) file_magwarn(ms, "'~' invalid for string types"); -@@ -2013,7 +1961,7 @@ +@@ -2014,7 +1961,7 @@ m->str_range = 0; m->str_flags = m->type == FILE_PSTRING ? PSTRING_1_LE : 0; if ((op = get_op(*l)) != -1) { @@ -588,7 +576,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c int r; if (op != FILE_OPDIVIDE) { -@@ -2118,11 +2066,6 @@ +@@ -2119,11 +2066,6 @@ if (check_format(ms, m) == -1) return -1; } @@ -600,7 +588,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c m->mimetype[0] = '\0'; /* initialise MIME type to none */ return 0; } -@@ -2194,12 +2137,12 @@ +@@ -2195,7 +2137,7 @@ private int parse_extra(struct magic_set *ms, struct magic_entry *me, const char *line, @@ -609,33 +597,16 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c { size_t i; const char *l = line; - struct magic *m = &me->mp[me->cont_count == 0 ? 0 : me->cont_count - 1]; -- char *buf = (char *)m + off; -+ char *buf = CAST(char *, CAST(void *, m)) + off; - - if (buf[0] != '\0') { - len = nt ? strlen(buf) : len; -@@ -2248,7 +2191,8 @@ - { +@@ -2264,7 +2206,7 @@ struct magic *m = &me->mp[0]; -- return parse_extra(ms, me, line, offsetof(struct magic, apple), -+ return parse_extra(ms, me, line, -+ CAST(off_t, offsetof(struct magic, apple)), - sizeof(m->apple), "APPLE", "!+-./", 0); - } - -@@ -2261,7 +2205,8 @@ - { - struct magic *m = &me->mp[0]; - -- return parse_extra(ms, me, line, offsetof(struct magic, mimetype), -+ return parse_extra(ms, me, line, + return parse_extra(ms, me, line, +- CAST(off_t, offsetof(struct magic, mimetype)), + CAST(zend_off_t, offsetof(struct magic, mimetype)), sizeof(m->mimetype), "MIME", "+-/.", 1); } -@@ -2514,14 +2459,18 @@ +@@ -2517,14 +2459,18 @@ return -1; } if (m->type == FILE_REGEX) { @@ -661,7 +632,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c } return 0; case FILE_FLOAT: -@@ -2851,68 +2800,144 @@ +@@ -2854,68 +2800,144 @@ private struct magic_map * apprentice_map(struct magic_set *ms, const char *fn) { @@ -835,7 +806,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c return NULL; } -@@ -2939,7 +2964,7 @@ +@@ -2942,7 +2964,7 @@ version = ptr[1]; if (version != VERSIONNO) { file_error(ms, 0, "File %s supports only version %d magic " @@ -844,7 +815,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c VERSIONNO, dbname, version); return -1; } -@@ -2989,14 +3014,18 @@ +@@ -2992,14 +3014,18 @@ struct magic m; uint32_t h[2 + MAGIC_SETS]; } hdr; @@ -867,7 +838,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c file_error(ms, errno, "cannot open `%s'", dbname); goto out; } -@@ -3005,24 +3034,25 @@ +@@ -3008,24 +3034,25 @@ hdr.h[1] = VERSIONNO; memcpy(hdr.h + 2, map->nmagic, nm); @@ -898,7 +869,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c return rv; } -@@ -3056,16 +3086,18 @@ +@@ -3059,16 +3086,18 @@ q++; /* Compatibility with old code that looked in .mime */ if (ms->flags & MAGIC_MIME) { @@ -923,7 +894,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c /* Compatibility with old code that looked in .mime */ if (strstr(p, ".mime") != NULL) -@@ -3155,7 +3187,7 @@ +@@ -3158,7 +3187,7 @@ m->offset = swap4((uint32_t)m->offset); m->in_offset = swap4((uint32_t)m->in_offset); m->lineno = swap4((uint32_t)m->lineno); @@ -933,8 +904,8 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c m->str_flags = swap4(m->str_flags); } diff -u libmagic.orig/ascmagic.c libmagic/ascmagic.c ---- libmagic.orig/ascmagic.c 2015-02-09 15:48:48.696256615 +0100 -+++ libmagic/ascmagic.c 2015-03-08 17:04:58.634221598 +0100 +--- libmagic.orig/ascmagic.c Mon Feb 9 15:48:48 2015 ++++ libmagic/ascmagic.c Wed Mar 18 20:10:15 2015 @@ -139,7 +139,7 @@ /* malloc size is a conservative overestimate; could be improved, or at least realloced after conversion. */ @@ -955,13 +926,13 @@ diff -u libmagic.orig/ascmagic.c libmagic/ascmagic.c return rv; } diff -u libmagic.orig/cdf.c libmagic/cdf.c ---- libmagic.orig/cdf.c 2014-12-04 16:56:46.000000000 +0100 -+++ libmagic/cdf.c 2015-03-29 07:35:28.000580700 +0200 +--- libmagic.orig/cdf.c Thu Mar 5 15:25:12 2015 ++++ libmagic/cdf.c Sun Mar 29 16:51:28 2015 @@ -35,7 +35,7 @@ #include "file.h" #ifndef lint --FILE_RCSID("@(#)$File: cdf.c,v 1.69 2014/12/04 15:56:46 christos Exp $") +-FILE_RCSID("@(#)$File: cdf.c,v 1.75 2015/02/27 21:16:55 christos Exp $") +FILE_RCSID("@(#)$File: cdf.c,v 1.73 2015/01/11 16:58:25 christos Exp $") #endif @@ -984,30 +955,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c #include #include #include -@@ -73,8 +83,11 @@ - #define CDF_TOLE8(x) ((uint64_t)(NEED_SWAP ? _cdf_tole8(x) : (uint64_t)(x))) - #define CDF_TOLE4(x) ((uint32_t)(NEED_SWAP ? _cdf_tole4(x) : (uint32_t)(x))) - #define CDF_TOLE2(x) ((uint16_t)(NEED_SWAP ? _cdf_tole2(x) : (uint16_t)(x))) --#define CDF_TOLE(x) (sizeof(x) == 2 ? CDF_TOLE2(x) : (sizeof(x) == 4 ? \ -- CDF_TOLE4(x) : CDF_TOLE8(x))) -+#define CDF_TOLE(x) (/*CONSTCOND*/sizeof(x) == 2 ? \ -+ CDF_TOLE2(CAST(uint16_t, x)) : \ -+ (/*CONSTCOND*/sizeof(x) == 4 ? \ -+ CDF_TOLE4(CAST(uint32_t, x)) : \ -+ CDF_TOLE8(CAST(uint64_t, x)))) - #define CDF_GETUINT32(x, y) cdf_getuint32(x, y) - - -@@ -271,7 +284,7 @@ - const char *e = ((const char *)p) + tail; - size_t ss = sst->sst_dirlen < h->h_min_size_standard_stream ? - CDF_SHORT_SEC_SIZE(h) : CDF_SEC_SIZE(h); -- (void)&line; -+ /*LINTED*/(void)&line; - if (e >= b && (size_t)(e - b) <= ss * sst->sst_len) - return 0; - DPRINTF(("%d: offset begin %p < end %p || %" SIZE_T_FORMAT "u" -@@ -283,11 +296,11 @@ +@@ -286,11 +296,11 @@ } static ssize_t @@ -1021,7 +969,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c errno = EINVAL; return -1; } -@@ -300,7 +313,10 @@ +@@ -303,7 +313,10 @@ if (info->i_fd == -1) return -1; @@ -1033,7 +981,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c return -1; return (ssize_t)len; -@@ -312,7 +328,7 @@ +@@ -315,7 +328,7 @@ char buf[512]; (void)memcpy(cdf_bo.s, "\01\02\03\04", 4); @@ -1042,7 +990,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c return -1; cdf_unpack_header(h, buf); cdf_swap_header(h); -@@ -346,7 +362,7 @@ +@@ -349,7 +362,7 @@ size_t ss = CDF_SEC_SIZE(h); size_t pos = CDF_SEC_POS(h, id); assert(ss == len); @@ -1051,136 +999,59 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c } ssize_t -@@ -744,24 +760,33 @@ - const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, - const cdf_dir_t *dir, const char *name, cdf_stream_t *scn) - { -- size_t i; - const cdf_directory_t *d; -- size_t name_len = strlen(name) + 1; -+ int i = cdf_find_stream(dir, name, CDF_DIR_TYPE_USER_STREAM); -+ -+ if (i <= 0) -+ return -1; -+ -+ d = &dir->dir_tab[i - 1]; -+ return cdf_read_sector_chain(info, h, sat, ssat, sst, -+ d->d_stream_first_sector, d->d_size, scn); -+} -+ -+int -+cdf_find_stream(const cdf_dir_t *dir, const char *name, int type) -+{ -+ size_t i, name_len = strlen(name) + 1; +@@ -1026,33 +1039,31 @@ + CDF_SHORT_SEC_SIZE(h) : CDF_SEC_SIZE(h); + const char *b = CAST(const char *, sst->sst_tab); + const char *eb = b + ss * sst->sst_len; +- size_t nr, i, j, k; ++ size_t nr, i, k; + cdf_catalog_entry_t *ce; + uint16_t reclen; + const uint16_t *np; - for (i = dir->dir_len; i > 0; i--) -- if (dir->dir_tab[i - 1].d_type == CDF_DIR_TYPE_USER_STREAM && -+ if (dir->dir_tab[i - 1].d_type == type && - cdf_namecmp(name, dir->dir_tab[i - 1].d_name, name_len) - == 0) +- for (nr = 0;; nr++) { ++ for (nr = 0; b < eb; nr++) { + memcpy(&reclen, b, sizeof(reclen)); + reclen = CDF_TOLE2(reclen); + if (reclen == 0) break; -+ if (i > 0) -+ return i; - -- if (i == 0) { -- DPRINTF(("Cannot find user stream `%s'\n", name)); -- errno = ESRCH; -- return -1; -- } -- d = &dir->dir_tab[i - 1]; -- return cdf_read_sector_chain(info, h, sat, ssat, sst, -- d->d_stream_first_sector, d->d_size, scn); -+ DPRINTF(("Cannot find type %d `%s'\n", type, name)); -+ errno = ESRCH; -+ return 0; - } - - int -@@ -998,9 +1023,13 @@ - } - - --#define extract_catalog_field(f, l) \ -- memcpy(&ce[i].f, b + (l), sizeof(ce[i].f)); \ -- ce[i].f = CDF_TOLE(ce[i].f) -+#define extract_catalog_field(t, f, l) \ -+ if (b + l + sizeof(cep->f) > eb) { \ -+ cep->ce_namlen = 0; \ -+ break; \ -+ } \ -+ memcpy(&cep->f, b + (l), sizeof(cep->f)); \ -+ ce[i].f = CAST(t, CDF_TOLE(cep->f)) - - int - cdf_unpack_catalog(const cdf_header_t *h, const cdf_stream_t *sst, -@@ -1026,23 +1055,36 @@ + b += reclen; +- if (b > eb) +- break; + } +- nr--; + *cat = CAST(cdf_catalog_t *, malloc(sizeof(cdf_catalog_t) + nr * sizeof(*ce))); - (*cat)->cat_num = nr; ++ (*cat)->cat_num = nr; ce = (*cat)->cat_e; -+ memset(ce, 0, nr * sizeof(*ce)); + memset(ce, 0, nr * sizeof(*ce)); b = CAST(const char *, sst->sst_tab); -- for (i = 0; i < nr; i++) { -- extract_catalog_field(ce_namlen, 0); -- extract_catalog_field(ce_num, 2); -- extract_catalog_field(ce_timestamp, 6); -- reclen = ce[i].ce_namlen; -- ce[i].ce_namlen = -- sizeof(ce[i].ce_name) / sizeof(ce[i].ce_name[0]) - 1; -- if (ce[i].ce_namlen > reclen - 14) -- ce[i].ce_namlen = reclen - 14; -- np = CAST(const uint16_t *, (b + 16)); -- for (k = 0; k < ce[i].ce_namlen; k++) { -- ce[i].ce_name[k] = np[k]; -- CDF_TOLE2(ce[i].ce_name[k]); +- for (j = i = 0; i < nr; b += reclen) { +- cdf_catalog_entry_t *cep = &ce[j]; + for (i = 0; i < nr; i++, b += reclen) { + cdf_catalog_entry_t *cep = &ce[i]; -+ uint16_t rlen; -+ -+ extract_catalog_field(uint16_t, ce_namlen, 0); + uint16_t rlen; + + extract_catalog_field(uint16_t, ce_namlen, 0); +- extract_catalog_field(uint16_t, ce_num, 4); +- extract_catalog_field(uint64_t, ce_timestamp, 8); + extract_catalog_field(uint16_t, ce_num, 2); + extract_catalog_field(uint64_t, ce_timestamp, 6); -+ reclen = cep->ce_namlen; -+ -+ if (reclen < 14) { -+ cep->ce_namlen = 0; -+ continue; - } -- ce[i].ce_name[ce[i].ce_namlen] = 0; -- b += reclen; -+ -+ cep->ce_namlen = __arraycount(cep->ce_name) - 1; -+ rlen = reclen - 14; -+ if (cep->ce_namlen > rlen) -+ cep->ce_namlen = rlen; -+ -+ np = CAST(const uint16_t *, CAST(const void *, (b + 16))); -+ if (CAST(const char *, np + cep->ce_namlen) > eb) { -+ cep->ce_namlen = 0; -+ break; -+ } -+ -+ for (k = 0; k < cep->ce_namlen; k++) -+ cep->ce_name[k] = np[k]; /* XXX: CDF_TOLE2? */ -+ cep->ce_name[cep->ce_namlen] = 0; + reclen = cep->ce_namlen; + + if (reclen < 14) { +@@ -1074,10 +1085,7 @@ + for (k = 0; k < cep->ce_namlen; k++) + cep->ce_name[k] = np[k]; /* XXX: CDF_TOLE2? */ + cep->ce_name[cep->ce_namlen] = 0; +- j = i; +- i++; } +- (*cat)->cat_num = j; return 0; } -@@ -1188,11 +1230,12 @@ - } - void --cdf_dump(void *v, size_t len) -+cdf_dump(const void *v, size_t len) - { - size_t i, j; -- unsigned char *p = v; -+ const unsigned char *p = v; - char abuf[16]; -+ - (void)fprintf(stderr, "%.4x: ", 0); - for (i = 0, j = 0; i < len; i++, p++) { - (void)fprintf(stderr, "%.2x ", *p); -@@ -1224,7 +1267,7 @@ +@@ -1259,7 +1267,7 @@ cdf_directory_t *d; char name[__arraycount(d->d_name)]; cdf_stream_t scn; @@ -1189,7 +1060,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c static const char *types[] = { "empty", "user storage", "user stream", "lockbytes", "property", "root storage" }; -@@ -1279,7 +1322,7 @@ +@@ -1314,7 +1322,7 @@ cdf_dump_property_info(const cdf_property_info_t *info, size_t count) { cdf_timestamp_t tp; @@ -1198,22 +1069,32 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c char buf[64]; size_t i, j; -@@ -1327,10 +1370,10 @@ - cdf_print_elapsed_time(buf, sizeof(buf), tp); - (void)fprintf(stderr, "timestamp %s\n", buf); - } else { -- char buf[26]; -+ char tbuf[26]; - cdf_timestamp_to_timespec(&ts, tp); - (void)fprintf(stderr, "timestamp %s", -- cdf_ctime(&ts.tv_sec, buf)); -+ cdf_ctime(&ts.tv_sec, tbuf)); - } - break; - case CDF_CLIPBOARD: +@@ -1436,10 +1444,7 @@ + cdf_dir_t dir; + cdf_info_t info; + const cdf_directory_t *root; +-#ifdef __linux__ +-#define getprogname() __progname +- extern char *__progname; +-#endif ++ + if (argc < 2) { + (void)fprintf(stderr, "Usage: %s \n", getprogname()); + return -1; +@@ -1491,8 +1496,8 @@ + else + cdf_dump_summary_info(&h, &scn); + #endif +- if (cdf_read_user_stream(&info, &h, &sat, &ssat, &sst, +- &dir, "Catalog", &scn) == -1) ++ if (cdf_read_catalog(&info, &h, &sat, &ssat, &sst, &dir, ++ &scn) == -1) + warn("Cannot read catalog"); + #ifdef CDF_DEBUG + else diff -u libmagic.orig/cdf.h libmagic/cdf.h ---- libmagic.orig/cdf.h 2015-02-09 15:48:48.697256626 +0100 -+++ libmagic/cdf.h 2015-03-08 17:04:58.634221598 +0100 +--- libmagic.orig/cdf.h Mon Feb 9 15:48:48 2015 ++++ libmagic/cdf.h Sun Mar 29 18:04:24 2015 @@ -35,10 +35,12 @@ #ifndef _H_CDF_ #define _H_CDF_ @@ -1228,20 +1109,7 @@ diff -u libmagic.orig/cdf.h libmagic/cdf.h #endif #ifdef __DJGPP__ #define timespec timeval -@@ -57,7 +59,11 @@ - - typedef struct { - uint64_t h_magic; --#define CDF_MAGIC 0xE11AB1A1E011CFD0LL -+#if defined(PHP_WIN32) && _MSC_VER <= 1500 -+# define CDF_MAGIC 0xE11AB1A1E011CFD0i64 -+#else -+# define CDF_MAGIC 0xE11AB1A1E011CFD0LL -+#endif - uint64_t h_uuid[2]; - uint16_t h_revision; - uint16_t h_version; -@@ -280,9 +286,9 @@ +@@ -280,9 +282,9 @@ cdf_catalog_entry_t cat_e[0]; } cdf_catalog_t; @@ -1255,8 +1123,8 @@ diff -u libmagic.orig/cdf.h libmagic/cdf.h void cdf_swap_header(cdf_header_t *); void cdf_unpack_header(cdf_header_t *, char *); diff -u libmagic.orig/cdf_time.c libmagic/cdf_time.c ---- libmagic.orig/cdf_time.c 2015-02-09 15:48:48.697256626 +0100 -+++ libmagic/cdf_time.c 2015-03-08 17:04:58.634221598 +0100 +--- libmagic.orig/cdf_time.c Mon Feb 9 15:48:48 2015 ++++ libmagic/cdf_time.c Wed Mar 18 20:10:15 2015 @@ -96,7 +96,7 @@ } @@ -1306,9 +1174,9 @@ diff -u libmagic.orig/cdf_time.c libmagic/cdf_time.c static const cdf_timestamp_t tst = 0x01A5E403C2D59C00ULL; static const char *ref = "Sat Apr 23 01:30:00 1977"; diff -u libmagic.orig/compress.c libmagic/compress.c ---- libmagic.orig/compress.c 2015-02-09 15:48:48.697256626 +0100 -+++ libmagic/compress.c 2015-03-08 17:04:58.634221598 +0100 -@@ -32,6 +32,7 @@ +--- libmagic.orig/compress.c Sun Mar 29 13:11:40 2015 ++++ libmagic/compress.c Sun Mar 29 18:14:23 2015 +@@ -32,10 +32,11 @@ * uncompress(method, old, n, newch) - uncompress old into new, * using method, return sizeof new */ @@ -1316,16 +1184,21 @@ diff -u libmagic.orig/compress.c libmagic/compress.c #include "file.h" #ifndef lint -@@ -46,7 +47,7 @@ - #include - #include - #include +-FILE_RCSID("@(#)$File: compress.c,v 1.78 2015/01/02 21:29:39 christos Exp $") ++FILE_RCSID("@(#)$File: compress.c,v 1.77 2014/12/12 16:33:01 christos Exp $") + #endif + + #include "magic.h" +@@ -51,7 +52,7 @@ + typedef void (*sig_t)(int); + # endif /* HAVE_SIG_T */ + #endif -#if !defined(__MINGW32__) && !defined(WIN32) +#ifndef PHP_WIN32 #include #endif #ifdef HAVE_SYS_WAIT_H -@@ -60,6 +61,9 @@ +@@ -65,6 +66,9 @@ #include #endif @@ -1335,7 +1208,7 @@ diff -u libmagic.orig/compress.c libmagic/compress.c private const struct { const char magic[8]; size_t maglen; -@@ -87,8 +91,7 @@ +@@ -92,8 +96,7 @@ #define NODATA ((size_t)~0) private ssize_t swrite(int, const void *, size_t); @@ -1345,18 +1218,17 @@ diff -u libmagic.orig/compress.c libmagic/compress.c private size_t uncompressbuf(struct magic_set *, int, size_t, const unsigned char *, unsigned char **, size_t); #ifdef BUILTIN_DECOMPRESS -@@ -137,7 +140,9 @@ - } - error: +@@ -148,7 +151,8 @@ + #ifdef HAVE_SIGNAL_H (void)signal(SIGPIPE, osigpipe); + #endif - free(newbuf); -+ + if (newbuf) + efree(newbuf); ms->flags |= MAGIC_COMPRESS; return rv; } -@@ -171,7 +176,7 @@ +@@ -182,7 +186,7 @@ * `safe' read for sockets and pipes. */ protected ssize_t @@ -1365,7 +1237,7 @@ diff -u libmagic.orig/compress.c libmagic/compress.c { ssize_t rv; #ifdef FIONREAD -@@ -219,7 +224,7 @@ +@@ -230,7 +234,7 @@ nocheck: do @@ -1374,7 +1246,7 @@ diff -u libmagic.orig/compress.c libmagic/compress.c case -1: if (errno == EINTR) continue; -@@ -296,13 +301,14 @@ +@@ -307,13 +311,14 @@ return -1; } (void)close(tfd); @@ -1391,7 +1263,7 @@ diff -u libmagic.orig/compress.c libmagic/compress.c #ifdef BUILTIN_DECOMPRESS #define FHCRC (1 << 1) -@@ -339,7 +345,7 @@ +@@ -350,7 +355,7 @@ if (data_start >= n) return 0; @@ -1400,7 +1272,7 @@ diff -u libmagic.orig/compress.c libmagic/compress.c return 0; } -@@ -400,19 +406,16 @@ +@@ -411,19 +416,16 @@ case 0: /* child */ (void) close(0); if (fd != -1) { @@ -1424,7 +1296,7 @@ diff -u libmagic.orig/compress.c libmagic/compress.c (void) close(fdout[0]); (void) close(fdout[1]); #ifndef DEBUG -@@ -463,37 +466,21 @@ +@@ -474,37 +476,21 @@ /*NOTREACHED*/ default: /* parent */ @@ -1467,7 +1339,7 @@ diff -u libmagic.orig/compress.c libmagic/compress.c *newch = NULL; goto err; } else { -@@ -505,27 +492,16 @@ +@@ -516,27 +502,16 @@ if (fdin[1] != -1) (void) close(fdin[1]); (void) close(fdout[0]); @@ -1502,8 +1374,8 @@ diff -u libmagic.orig/compress.c libmagic/compress.c -#endif +#endif /* if PHP_FILEINFO_UNCOMPRESS */ diff -u libmagic.orig/elfclass.h libmagic/elfclass.h ---- libmagic.orig/elfclass.h 2015-02-09 15:48:48.697256626 +0100 -+++ libmagic/elfclass.h 2015-03-08 17:04:58.634221598 +0100 +--- libmagic.orig/elfclass.h Mon Feb 9 15:48:48 2015 ++++ libmagic/elfclass.h Wed Mar 18 20:10:15 2015 @@ -41,7 +41,7 @@ return toomany(ms, "program headers", phnum); flags |= FLAGS_IS_CORE; @@ -1532,8 +1404,8 @@ diff -u libmagic.orig/elfclass.h libmagic/elfclass.h fsize, elf_getu16(swap, elfhdr.e_machine), (int)elf_getu16(swap, elfhdr.e_shstrndx), diff -u libmagic.orig/file.h libmagic/file.h ---- libmagic.orig/file.h 2015-02-21 15:02:19.072577151 +0100 -+++ libmagic/file.h 2015-03-08 17:06:17.755287758 +0100 +--- libmagic.orig/file.h Sat Feb 21 15:02:19 2015 ++++ libmagic/file.h Wed Mar 18 20:10:15 2015 @@ -33,11 +33,9 @@ #ifndef __file_h__ #define __file_h__ @@ -1737,10 +1609,11 @@ diff -u libmagic.orig/file.h libmagic/file.h #if defined(HAVE_MMAP) && defined(HAVE_SYS_MMAN_H) && !defined(QUICK) #define QUICK -@@ -596,6 +541,14 @@ +@@ -595,6 +540,14 @@ + #endif #else #define FILE_RCSID(id) - #endif ++#endif + +#ifdef PHP_WIN32 +#define FINFO_LSEEK_FUNC _lseek @@ -1748,13 +1621,12 @@ diff -u libmagic.orig/file.h libmagic/file.h +#else +#define FINFO_LSEEK_FUNC lseek +#define FINFO_READ_FUNC read -+#endif + #endif #ifndef __RCSID #define __RCSID(a) - #endif diff -u libmagic.orig/fsmagic.c libmagic/fsmagic.c ---- libmagic.orig/fsmagic.c 2015-02-09 15:48:48.698256636 +0100 -+++ libmagic/fsmagic.c 2015-03-08 17:07:38.405361548 +0100 +--- libmagic.orig/fsmagic.c Mon Feb 9 15:48:48 2015 ++++ libmagic/fsmagic.c Wed Mar 18 20:10:15 2015 @@ -63,27 +63,21 @@ # define minor(dev) ((dev) & 0xff) #endif @@ -2105,8 +1977,8 @@ diff -u libmagic.orig/fsmagic.c libmagic/fsmagic.c return ret; } diff -u libmagic.orig/funcs.c libmagic/funcs.c ---- libmagic.orig/funcs.c 2015-02-09 15:48:48.698256636 +0100 -+++ libmagic/funcs.c 2015-03-08 17:07:38.405361548 +0100 +--- libmagic.orig/funcs.c Mon Feb 9 15:48:48 2015 ++++ libmagic/funcs.c Wed Mar 18 20:10:15 2015 @@ -31,7 +31,6 @@ #endif /* lint */ @@ -2491,8 +2363,8 @@ diff -u libmagic.orig/funcs.c libmagic/funcs.c } + diff -u libmagic.orig/magic.c libmagic/magic.c ---- libmagic.orig/magic.c 2015-02-09 15:48:48.699256647 +0100 -+++ libmagic/magic.c 2015-03-08 17:07:38.406361561 +0100 +--- libmagic.orig/magic.c Mon Feb 9 15:48:48 2015 ++++ libmagic/magic.c Wed Mar 18 20:10:15 2015 @@ -25,11 +25,6 @@ * SUCH DAMAGE. */ @@ -2881,8 +2753,8 @@ diff -u libmagic.orig/magic.c libmagic/magic.c public const char * magic_error(struct magic_set *ms) diff -u libmagic.orig/magic.h libmagic/magic.h ---- libmagic.orig/magic.h 2015-02-21 15:03:56.526696736 +0100 -+++ libmagic/magic.h 2015-03-08 17:04:58.635221612 +0100 +--- libmagic.orig/magic.h Sat Feb 21 15:03:56 2015 ++++ libmagic/magic.h Wed Mar 18 20:10:15 2015 @@ -88,6 +88,7 @@ const char *magic_getpath(const char *, int); @@ -2900,8 +2772,8 @@ diff -u libmagic.orig/magic.h libmagic/magic.h int magic_errno(magic_t); diff -u libmagic.orig/patchlevel.h libmagic/patchlevel.h ---- libmagic.orig/patchlevel.h 2015-02-09 15:48:48.699256647 +0100 -+++ libmagic/patchlevel.h 2015-03-08 17:06:17.752287718 +0100 +--- libmagic.orig/patchlevel.h Mon Feb 9 15:48:48 2015 ++++ libmagic/patchlevel.h Wed Mar 18 20:10:15 2015 @@ -1,34 +1,43 @@ #define FILE_VERSION_MAJOR 5 -#define patchlevel 6 @@ -2966,8 +2838,8 @@ diff -u libmagic.orig/patchlevel.h libmagic/patchlevel.h * Revision 1.69 2008/07/02 15:27:05 christos * welcome to 4.25 diff -u libmagic.orig/print.c libmagic/print.c ---- libmagic.orig/print.c 2015-02-09 15:48:48.699256647 +0100 -+++ libmagic/print.c 2015-03-08 17:04:58.635221612 +0100 +--- libmagic.orig/print.c Mon Feb 9 15:48:48 2015 ++++ libmagic/print.c Wed Mar 18 20:10:15 2015 @@ -28,13 +28,17 @@ /* * print.c - debugging printout routines @@ -3196,7 +3068,7 @@ diff -u libmagic.orig/print.c libmagic/print.c - time_t t; - struct tm *tm, tmz; + time_t t = (time_t)v; -+ struct tm *tm; ++ struct tm *tm = NULL; if (flags & FILE_T_WINDOWS) { - struct timespec ts; @@ -3239,13 +3111,13 @@ diff -u libmagic.orig/print.c libmagic/print.c if (tm == NULL) goto out; diff -u libmagic.orig/readcdf.c libmagic/readcdf.c ---- libmagic.orig/readcdf.c 2014-12-04 16:56:46.000000000 +0100 -+++ libmagic/readcdf.c 2015-03-29 07:36:37.097532800 +0200 -@@ -26,19 +26,29 @@ +--- libmagic.orig/readcdf.c Thu Mar 5 15:25:12 2015 ++++ libmagic/readcdf.c Sun Mar 29 18:07:48 2015 +@@ -26,15 +26,21 @@ #include "file.h" #ifndef lint --FILE_RCSID("@(#)$File: readcdf.c,v 1.49 2014/12/04 15:56:46 christos Exp $") +-FILE_RCSID("@(#)$File: readcdf.c,v 1.51 2015/01/11 16:58:25 christos Exp $") +FILE_RCSID("@(#)$File: readcdf.c,v 1.50 2015/01/02 21:29:39 christos Exp $") #endif @@ -3265,15 +3137,7 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c #include "cdf.h" #include "magic.h" - -+#ifndef __arraycount -+#define __arraycount(a) (sizeof(a) / sizeof(a[0])) -+#endif -+ - #define NOTMIME(ms) (((ms)->flags & MAGIC_MIME) == 0) - - static const struct nv { -@@ -67,20 +77,32 @@ +@@ -71,6 +77,10 @@ { NULL, NULL, }, }; @@ -3284,15 +3148,7 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c static const struct cv { uint64_t clsid[2]; const char *mime; - } clsid2mime[] = { - { -- { 0x00000000000c1084ULL, 0x46000000000000c0ULL }, -+#ifdef PHP_WIN32 -+ { 0x00000000000c1084ui64, 0x46000000000000c0ui64 }, -+#else -+ { 0x00000000000c1084LLU, 0x46000000000000c0LLU }, -+#endif - "x-msi", +@@ -81,7 +91,7 @@ }, { { 0, 0 }, NULL, @@ -3300,16 +3156,19 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c + } }, clsid2desc[] = { { -- { 0x00000000000c1084ULL, 0x46000000000000c0ULL }, -+#ifdef PHP_WIN32 -+ { 0x00000000000c1084ui64, 0x46000000000000c0ui64 }, -+#else -+ { 0x00000000000c1084LLU, 0x46000000000000c0LLU }, -+#endif - "MSI Installer", - }, - { { 0, 0 }, -@@ -104,23 +126,14 @@ + { 0x00000000000c1084ULL, 0x46000000000000c0ULL }, +@@ -100,10 +110,6 @@ + if (clsid[0] == cv[i].clsid[0] && clsid[1] == cv[i].clsid[1]) + return cv[i].mime; + } +-#ifdef CDF_DEBUG +- fprintf(stderr, "unknown mime %" PRIx64 ", %" PRIx64 "\n", clsid[0], +- clsid[1]); +-#endif + return NULL; + } + +@@ -112,26 +118,14 @@ { size_t i; const char *rv = NULL; @@ -3327,6 +3186,9 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c rv = nv[i].mime; break; } +-#ifdef CDF_DEBUG +- fprintf(stderr, "unknown app %s\n", vbuf); +-#endif -#ifdef USE_C_LOCALE - (void)uselocale(old_lc_ctype); - freelocale(c_lc_ctype); @@ -3335,7 +3197,7 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c return rv; } -@@ -130,12 +143,14 @@ +@@ -141,12 +135,14 @@ { size_t i; cdf_timestamp_t tp; @@ -3351,18 +3213,7 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c if (!NOTMIME(ms) && root_storage) str = cdf_clsid_to_mime(root_storage->d_storage_uuid, clsid2mime); -@@ -204,8 +219,8 @@ - case CDF_FILETIME: - tp = info[i].pi_tp; - if (tp != 0) { -- char tbuf[64]; -- if (tp < 1000000000000000LL) { -+ char tbuf[64]; -+ if (tp < 1000000000000000LL) { - cdf_print_elapsed_time(tbuf, - sizeof(tbuf), tp); - if (NOTMIME(ms) && file_printf(ms, -@@ -213,8 +228,11 @@ +@@ -224,8 +220,11 @@ return -1; } else { char *c, *ec; @@ -3376,167 +3227,18 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c if (c != NULL && (ec = strchr(c, '\n')) != NULL) *ec = '\0'; -@@ -343,6 +361,90 @@ - } - #endif +@@ -362,7 +361,7 @@ + int i; -+private int -+cdf_file_catalog_info(struct magic_set *ms, const cdf_info_t *info, -+ const cdf_header_t *h, const cdf_sat_t *sat, const cdf_sat_t *ssat, -+ const cdf_stream_t *sst, const cdf_dir_t *dir, cdf_stream_t *scn) -+{ -+ int i; -+ -+ if ((i = cdf_read_user_stream(info, h, sat, ssat, sst, + if ((i = cdf_read_user_stream(info, h, sat, ssat, sst, +- dir, "Catalog", scn)) == -1) + dir, "Catalog", scn)) <= 0) -+ return i; -+#ifdef CDF_DEBUG -+ cdf_dump_catalog(&h, &scn); -+#endif -+ if ((i = cdf_file_catalog(ms, h, scn)) == -1) -+ return -1; -+ return i; -+} -+ -+private struct sinfo { -+ const char *name; -+ const char *mime; -+ const char *sections[5]; -+ const int types[5]; -+} sectioninfo[] = { -+ { "Encrypted", "encrypted", -+ { -+ "EncryptedPackage", NULL, NULL, NULL, NULL, -+ }, -+ { -+ CDF_DIR_TYPE_USER_STREAM, 0, 0, 0, 0, -+ -+ }, -+ }, -+ { "QuickBooks", "quickbooks", -+ { -+#if 0 -+ "TaxForms", "PDFTaxForms", "modulesInBackup", -+#endif -+ "mfbu_header", NULL, NULL, NULL, NULL, -+ }, -+ { -+#if 0 -+ CDF_DIR_TYPE_USER_STORAGE, -+ CDF_DIR_TYPE_USER_STORAGE, -+ CDF_DIR_TYPE_USER_STREAM, -+#endif -+ CDF_DIR_TYPE_USER_STREAM, -+ 0, 0, 0, 0 -+ }, -+ }, -+}; -+ -+private int -+cdf_file_dir_info(struct magic_set *ms, const cdf_dir_t *dir) -+{ -+ size_t sd, j; -+ -+ for (sd = 0; sd < __arraycount(sectioninfo); sd++) { -+ const struct sinfo *si = §ioninfo[sd]; -+ for (j = 0; si->sections[j]; j++) { -+ if (cdf_find_stream(dir, si->sections[j], si->types[j]) -+ <= 0) { -+#ifdef CDF_DEBUG -+ fprintf(stderr, "Can't read %s\n", -+ si->sections[j]); -+#endif -+ break; -+ } -+ } -+ if (si->sections[j] != NULL) -+ continue; -+ if (NOTMIME(ms)) { -+ if (file_printf(ms, "CDFV2 %s", si->name) == -1) -+ return -1; -+ } else { -+ if (file_printf(ms, "application/CDFV2-%s", -+ si->mime) == -1) -+ return -1; -+ } -+ return 1; -+ } -+ return -1; -+} -+ - protected int - file_trycdf(struct magic_set *ms, int fd, const unsigned char *buf, - size_t nbytes) -@@ -354,7 +456,6 @@ - cdf_dir_t dir; - int i; - const char *expn = ""; -- const char *corrupt = "corrupt: "; - const cdf_directory_t *root_storage; - - info.i_fd = fd; -@@ -435,30 +536,21 @@ - - if ((i = cdf_read_summary_info(&info, &h, &sat, &ssat, &sst, &dir, - &scn)) == -1) { -- if (errno == ESRCH) { -- if ((i = cdf_read_catalog(&info, &h, &sat, &ssat, &sst, -- &dir, &scn)) == -1) { -- corrupt = expn; -- if ((i = cdf_read_encrypted_package(&info, &h, -- &sat, &ssat, &sst, &dir, &scn)) == -1) -- expn = "No summary info"; -- else { -- expn = "Encrypted"; -- i = -1; -- } -- goto out4; -- } --#ifdef CDF_DEBUG -- cdf_dump_catalog(&h, &scn); --#endif -- if ((i = cdf_file_catalog(ms, &h, &scn)) -- < 0) -- expn = "Can't expand catalog"; -- } else { -+ if (errno != ESRCH) { - expn = "Cannot read summary info"; -- } -- goto out4; -- } -+ goto out4; -+ } -+ i = cdf_file_catalog_info(ms, &info, &h, &sat, &ssat, &sst, -+ &dir, &scn); -+ if (i > 0) -+ goto out4; -+ i = cdf_file_dir_info(ms, &dir); -+ if (i < 0) -+ expn = "Cannot read section info"; -+ goto out4; -+ } -+ -+ + return i; #ifdef CDF_DEBUG - cdf_dump_summary_info(&h, &scn); - #endif -@@ -509,11 +601,10 @@ - "Composite Document File V2 Document") == -1) - return -1; - if (*expn) -- if (file_printf(ms, ", %s%s", corrupt, expn) == -1) -+ if (file_printf(ms, ", %s", expn) == -1) - return -1; - } else { -- if (file_printf(ms, "application/CDFV2-%s", -- *corrupt ? "corrupt" : "encrypted") == -1) -+ if (file_printf(ms, "application/CDFV2-unknown") == -1) - return -1; - } - i = 1; + cdf_dump_catalog(&h, &scn); diff -u libmagic.orig/softmagic.c libmagic/softmagic.c ---- libmagic.orig/softmagic.c 2015-02-21 15:02:19.073577163 +0100 -+++ libmagic/softmagic.c 2015-03-08 17:07:38.406361561 +0100 +--- libmagic.orig/softmagic.c Sat Feb 21 15:02:19 2015 ++++ libmagic/softmagic.c Sun Mar 29 17:55:55 2015 @@ -36,11 +36,19 @@ #endif /* lint */ @@ -3682,34 +3384,34 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c break; \ } \ -@@ -1087,7 +1081,7 @@ - const char *last; /* end of search region */ - const char *buf; /* start of search region */ - const char *end; -- size_t lines, linecnt, bytecnt; -+ size_t lines, linecnt, bytecnt, bytecnt_max; +@@ -1095,16 +1089,18 @@ + return 0; + } - if (s == NULL) { - ms->search.s_len = 0; -@@ -1103,8 +1097,15 @@ - bytecnt = m->str_range; +- if (m->str_flags & REGEX_LINE_COUNT) { +- linecnt = m->str_range; +- bytecnt = linecnt * 80; +- } else { +- linecnt = 0; +- bytecnt = m->str_range; ++ /* bytecnt checks are to be kept for PHP, see cve-2014-3538. ++ PCRE might get stuck if the input buffer is too big. */ ++ linecnt = m->str_range; ++ bytecnt = linecnt * 80; ++ ++ if (bytecnt == 0) { ++ bytecnt = 1 << 14; } - if (bytecnt == 0 || bytecnt > nbytes - offset) - bytecnt = nbytes - offset; -+ /* XXX bytecnt_max is to be kept for PHP, see cve-2014-3538. -+ PCRE might stuck if the input buffer is too big. To ensure -+ the correctness, the check for bytecnt > nbytes is also -+ kept (might be abundant). */ -+ bytecnt_max = nbytes - offset; -+ bytecnt_max = bytecnt_max > (1 << 14) ? (1 << 14) : bytecnt_max; -+ bytecnt_max = bytecnt > nbytes ? nbytes : bytecnt_max; -+ if (bytecnt == 0 || bytecnt > bytecnt_max) -+ bytecnt = bytecnt_max; ++ if (bytecnt > nbytes) { ++ bytecnt = nbytes; ++ } buf = RCAST(const char *, s) + offset; end = last = RCAST(const char *, s) + bytecnt; -@@ -1221,9 +1222,6 @@ +@@ -1221,9 +1217,6 @@ m->type, m->flag, offset, o, nbytes, indir_level, *name_count); mdebug(offset, (char *)(void *)p, sizeof(union VALUETYPE)); @@ -3719,7 +3421,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c } if (m->flag & INDIR) { -@@ -1593,9 +1591,6 @@ +@@ -1593,9 +1586,6 @@ if ((ms->flags & MAGIC_DEBUG) != 0) { mdebug(offset, (char *)(void *)p, sizeof(union VALUETYPE)); @@ -3729,26 +3431,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c } } -@@ -1647,7 +1642,7 @@ - break; - - case FILE_REGEX: -- if (nbytes < offset) -+ if (OFFSET_OOB(nbytes, offset, 0)) - return 0; - break; - -@@ -1656,8 +1651,7 @@ - offset += CAST(uint32_t, o); - if (offset == 0) - return 0; -- -- if (nbytes < offset) -+ if (OFFSET_OOB(nbytes, offset, 0)) - return 0; - - if ((pb = file_push_buffer(ms)) == NULL) -@@ -1676,19 +1670,19 @@ +@@ -1676,15 +1666,15 @@ if (rv == 1) { if ((ms->flags & (MAGIC_MIME|MAGIC_APPLE)) == 0 && file_printf(ms, F(ms, m, "%u"), offset) == -1) { @@ -3767,12 +3450,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c return rv; case FILE_USE: -- if (nbytes < offset) -+ if (OFFSET_OOB(nbytes, offset, 0)) - return 0; - rbuf = m->value.s; - if (*rbuf == '^') { -@@ -1799,6 +1793,41 @@ +@@ -1799,6 +1789,41 @@ return file_strncmp(a, b, len, flags); } @@ -3814,7 +3492,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c private int magiccheck(struct magic_set *ms, struct magic *m) { -@@ -1959,73 +1988,111 @@ +@@ -1959,73 +1984,111 @@ break; } case FILE_REGEX: { @@ -3987,8 +3665,8 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c } case FILE_INDIRECT: diff -u libmagic.orig/strcasestr.c libmagic/strcasestr.c ---- libmagic.orig/strcasestr.c 2015-02-09 15:48:48.700256658 +0100 -+++ libmagic/strcasestr.c 2015-03-08 17:04:58.635221612 +0100 +--- libmagic.orig/strcasestr.c Mon Feb 9 15:48:48 2015 ++++ libmagic/strcasestr.c Wed Mar 18 20:10:15 2015 @@ -39,6 +39,8 @@ #include "file.h"