From 5177b35f61ad66613b2d798c18cc1abf48e89d2a Mon Sep 17 00:00:00 2001 From: Christos Zoulas Date: Fri, 23 May 2003 21:31:56 +0000 Subject: [PATCH] magic changes, signness changes, buffer overflow protection, close files. --- ChangeLog | 10 +++++++ README | 4 +-- doc/file.man | 52 ++++++++++++++++++++--------------- doc/magic.man | 9 ++++--- magic/Magdir/elf | 7 ++++- magic/Magdir/rpm | 7 ++++- magic/Makefile.am | 12 ++++++--- magic/Makefile.in | 12 ++++++--- magic/magic.mime | 69 ++++++++++++++++++++++++++++++++++++++++++++++- src/apprentice.c | 18 ++++++------- src/ascmagic.c | 6 ++++- src/compress.c | 27 +++++++++++-------- src/file.h | 6 ++--- src/fsmagic.c | 6 ++++- src/magic.c | 15 ++++++++--- src/readelf.c | 10 +++---- src/softmagic.c | 18 ++++++------- 17 files changed, 209 insertions(+), 79 deletions(-) diff --git a/ChangeLog b/ChangeLog index 85e1da7a..cdddee96 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +2003-05-23 17:03 Christos Zoulas + + * documentation fixes from Michael Piefel + * magic fixes (various) + * revert basename magic in .mgc name determination + * buffer protection in uncompress, + signness issues, + close files + Maciej W. Rozycki * fix zsh magic diff --git a/README b/README index f367436e..0e97732c 100644 --- a/README +++ b/README @@ -1,5 +1,5 @@ ** README for file(1) Command ** -@(#) $Id: README,v 1.32 2003/03/29 21:40:53 ian Exp $ +@(#) $Id: README,v 1.33 2003/05/23 21:31:56 christos Exp $ This is Release 4.x of Ian Darwin's (copyright but distributable) file(1) command. This version is the standard "file" command for Linux, @@ -39,7 +39,7 @@ In addition, the /etc/magic file is built from a subdirectory for easier(?) maintenance. I will act as a clearinghouse for magic numbers assigned to all sorts of data files that are in reasonable circulation. Send your magic numbers, -in magic(4) format please, to the maintainer, Christos Zoulas. +in magic(5) format please, to the maintainer, Christos Zoulas. LEGAL.NOTICE - read this first. README - read this second (you are currently reading this file). diff --git a/doc/file.man b/doc/file.man index 4ceb9853..b6a253fa 100644 --- a/doc/file.man +++ b/doc/file.man @@ -1,5 +1,5 @@ .TH FILE __CSECTION__ "Copyright but distributable" -.\" $Id: file.man,v 1.48 2003/03/27 22:47:13 christos Exp $ +.\" $Id: file.man,v 1.49 2003/05/23 21:31:57 christos Exp $ .SH NAME file \- determine file type @@ -153,20 +153,20 @@ Any file that cannot be identified as having been written in any of the character sets listed above is simply said to be ``data''. .SH OPTIONS .TP 8 -.B \-b +.B "\-b, \-\-brief" Do not prepend filenames to output lines (brief mode). .TP 8 -.B \-c +.B "\-c, \-\-checking\-printout" Cause a checking printout of the parsed form of the magic file. This is usually used in conjunction with .B \-m to debug a new magic file before installing it. .TP 8 -.B \-C +.B "\-C, \-\-compile" Write a magic.mgc output file that contains a pre-parsed version of file. .TP 8 -.BI \-f " namefile" +.BI "\-f, \-\-files\-from" " namefile" Read the names of the files to be examined from .I namefile (one per line) @@ -176,11 +176,11 @@ Either or at least one filename argument must be present; to test the standard input, use ``\-'' as a filename argument. .TP 8 -.BI \-F " separator" +.BI "\-F, \-\-separator" " separator" Use the specified string as the separator between the filename and the file result returned. Defaults to ``:''. .TP 8 -.B \-i +.B "\-i, \-\-mime" Causes the file command to output mime type strings rather than the more traditional human readable ones. Thus it may say ``text/plain; charset=us-ascii'' @@ -192,27 +192,28 @@ text file types, directories etc), and makes use of an alternative ``magic'' file. (See ``FILES'' section, below). .TP 8 -.B \-k +.B "\-k, \-\-keep\-going" Don't stop at the first match, keep going. .TP 8 -.B \-L +.B "\-L, \-\-dereference" option causes symlinks to be followed, as the like-named option in .BR ls (1). (on systems that support symbolic links). .TP 8 -.BI \-m " list" +.BI "\-m, \-\-magic\-file" " list" Specify an alternate list of files containing magic numbers. This can be a single file, or a colon-separated list of files. +If a compiled magic file is found alongside, it will be used instead. .TP 8 -.B \-n +.B "\-n, \-\-no\-buffer" Force stdout to be flushed after checking each file. This is only useful if checking a list of files. It is intended to be used by programs that want filetype output from a pipe. .TP 8 -.B \-N +.B "\-N, \-\-no\-pad" Don't pad filenames so that they align in the output. .TP 8 -.B \-s +.B "\-s, \-\-special\-files" Normally, .B file only attempts to read and determine the type of argument files which @@ -233,25 +234,32 @@ to disregard the file size as reported by .BR stat (2) since on some systems it reports a zero size for raw disk partitions. .TP 8 -.B \-v +.B "\-v, \-\-version" Print the version of the program and exit. .TP 8 -.B \-z +.B "\-z, \-\-uncompress" Try to look inside compressed files. +.TP 8 +.B "\-\-help" +Print a help message and exit. .SH FILES +.TP .I __MAGIC__.mgc -\- default compiled list of magic numbers -.PP +Default compiled list of magic numbers +.TP .I __MAGIC__ -\- default list of magic numbers -.PP +Default list of magic numbers +.TP .I __MAGIC__.mime.mgc -\- default compiled list of magic numbers, used to output mime types when +Default compiled list of magic numbers, used to output mime types when the -i option is specified. -.PP +.TP .I __MAGIC__.mime -\- default list of magic numbers, used to output mime types when the -i option +Default list of magic numbers, used to output mime types when the -i option is specified. +.TP +.I /etc/magic +Local additions to magic wisdom. .SH ENVIRONMENT The environment variable diff --git a/doc/magic.man b/doc/magic.man index 8fa53e11..e501e2c0 100644 --- a/doc/magic.man +++ b/doc/magic.man @@ -44,7 +44,10 @@ The string type specification can be optionally followed by /[Bbc]*. The ``B'' flag compacts whitespace in the target, which must contain at least one whitespace character. -If the magic has "n" consecutive blanks, the target needs at least "n" +If the magic has +.I n +consecutive blanks, the target needs at least +.I n consecutive blanks to match. The ``b'' flag treats every blank in the target as an optional blank. Finally the ``c'' flag, specifies case insensitive matching: lowercase @@ -177,7 +180,7 @@ the file. The value at that offset is read, and is used again as an offset in the file. Indirect offsets are of the form: -.BI (( x [.[bslBSL]][+-][ y ]). +.BI (( x [.[bslBSL]][+\-][ y ]). The value of .I x is used as an offset in the file. A byte, short or long is read at that offset @@ -237,4 +240,4 @@ indirect offsets. .\" the changes I posted to the S5R2 version. .\" .\" Modified for Ian Darwin's version of the file command. -.\" @(#)$Id: magic.man,v 1.25 2003/03/31 17:52:04 christos Exp $ +.\" @(#)$Id: magic.man,v 1.26 2003/05/23 21:31:57 christos Exp $ diff --git a/magic/Magdir/elf b/magic/Magdir/elf index 9635af76..9844502a 100644 --- a/magic/Magdir/elf +++ b/magic/Magdir/elf @@ -12,9 +12,14 @@ >4 byte 0 invalid class >4 byte 1 32-bit # only for MIPS - in the future, the ABI field of e_flags should be used. +>>18 leshort 8 +>>>36 lelong &0x20 N32 +>>18 leshort 10 +>>>36 lelong &0x20 N32 >>18 beshort 8 +>>>36 belong &0x20 N32 >>18 beshort 10 ->>>36 belong &0x20 N32 +>>>36 belong &0x20 N32 >4 byte 2 64-bit >5 byte 0 invalid byte order >5 byte 1 LSB diff --git a/magic/Magdir/rpm b/magic/Magdir/rpm index 14ad6db9..10228392 100644 --- a/magic/Magdir/rpm +++ b/magic/Magdir/rpm @@ -2,7 +2,7 @@ # # RPM: file(1) magic for Red Hat Packages Erik Troan (ewt@redhat.com) # -0 beshort 0xedab +0 beshort 0xedab >2 beshort 0xeedb RPM >>4 byte x v%d >>6 beshort 0 bin @@ -14,4 +14,9 @@ >>8 beshort 5 PowerPC >>8 beshort 6 68000 >>8 beshort 7 SGI +>>8 beshort 8 RS6000 +>>8 beshort 9 IA64 +>>8 beshort 10 Sparc64 +>>8 beshort 11 MIPSel +>>8 beshort 12 ARM >>10 string x %s diff --git a/magic/Makefile.am b/magic/Makefile.am index 1971943b..3a328d08 100644 --- a/magic/Makefile.am +++ b/magic/Makefile.am @@ -16,10 +16,10 @@ magic: Header Localstuff $(magic_FRAGMENTS) done >> $@ magic.mgc: magic - $(top_builddir)/src/file -C -m $(srcdir)/magic + $(top_builddir)/src/file -C -m magic magic.mime.mgc: magic.mime - $(top_builddir)/src/file -C -m $(srcdir)/magic.mime + $(top_builddir)/src/file -C -m magic.mime magic_FRAGMENTS = \ Magdir/acorn \ @@ -52,6 +52,7 @@ Magdir/citrus \ Magdir/claris \ Magdir/clipper \ Magdir/commands \ +Magdir/communications \ Magdir/compress \ Magdir/console \ Magdir/convex \ @@ -68,12 +69,14 @@ Magdir/editors \ Magdir/elf \ Magdir/encore \ Magdir/epoc \ +Magdir/fcs \ Magdir/filesystems \ Magdir/flash \ Magdir/fonts \ Magdir/frame \ Magdir/freebsd \ Magdir/fsav \ +Magdir/games \ Magdir/gimp \ Magdir/gnu \ Magdir/grace \ @@ -108,6 +111,7 @@ Magdir/mcrypt \ Magdir/mime \ Magdir/mips \ Magdir/mirage \ +Magdir/misctools \ Magdir/mkid \ Magdir/mlssa \ Magdir/mmdf \ @@ -121,6 +125,7 @@ Magdir/netbsd \ Magdir/netscape \ Magdir/news \ Magdir/nitpicker \ +Magdir/ocaml \ Magdir/octave \ Magdir/olf \ Magdir/os2 \ @@ -150,6 +155,7 @@ Magdir/sendmail \ Magdir/sequent \ Magdir/sgml \ Magdir/sharc \ +Magdir/sinclair \ Magdir/sketch \ Magdir/smalltalk \ Magdir/sniffer \ @@ -177,7 +183,7 @@ Magdir/vms \ Magdir/vmware \ Magdir/vorbis \ Magdir/vxl \ -Magdir/wordperfect \ +Magdir/wordprocessors \ Magdir/xdelta \ Magdir/xenix \ Magdir/zilog \ diff --git a/magic/Makefile.in b/magic/Makefile.in index 535bf0d2..6d853132 100644 --- a/magic/Makefile.in +++ b/magic/Makefile.in @@ -159,6 +159,7 @@ Magdir/citrus \ Magdir/claris \ Magdir/clipper \ Magdir/commands \ +Magdir/communications \ Magdir/compress \ Magdir/console \ Magdir/convex \ @@ -175,12 +176,14 @@ Magdir/editors \ Magdir/elf \ Magdir/encore \ Magdir/epoc \ +Magdir/fcs \ Magdir/filesystems \ Magdir/flash \ Magdir/fonts \ Magdir/frame \ Magdir/freebsd \ Magdir/fsav \ +Magdir/games \ Magdir/gimp \ Magdir/gnu \ Magdir/grace \ @@ -215,6 +218,7 @@ Magdir/mcrypt \ Magdir/mime \ Magdir/mips \ Magdir/mirage \ +Magdir/misctools \ Magdir/mkid \ Magdir/mlssa \ Magdir/mmdf \ @@ -228,6 +232,7 @@ Magdir/netbsd \ Magdir/netscape \ Magdir/news \ Magdir/nitpicker \ +Magdir/ocaml \ Magdir/octave \ Magdir/olf \ Magdir/os2 \ @@ -257,6 +262,7 @@ Magdir/sendmail \ Magdir/sequent \ Magdir/sgml \ Magdir/sharc \ +Magdir/sinclair \ Magdir/sketch \ Magdir/smalltalk \ Magdir/sniffer \ @@ -284,7 +290,7 @@ Magdir/vms \ Magdir/vmware \ Magdir/vorbis \ Magdir/vxl \ -Magdir/wordperfect \ +Magdir/wordprocessors \ Magdir/xdelta \ Magdir/xenix \ Magdir/zilog \ @@ -472,10 +478,10 @@ magic: Header Localstuff $(magic_FRAGMENTS) done >> $@ magic.mgc: magic - $(top_builddir)/src/file -C -m $(srcdir)/magic + $(top_builddir)/src/file -C -m magic magic.mime.mgc: magic.mime - $(top_builddir)/src/file -C -m $(srcdir)/magic.mime + $(top_builddir)/src/file -C -m magic.mime # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/magic/magic.mime b/magic/magic.mime index 3112da62..4643cfea 100644 --- a/magic/magic.mime +++ b/magic/magic.mime @@ -200,6 +200,9 @@ 0 string PK\003\004 application/x-zip +# RAR archiver (Greg Roelofs, newt@uchicago.edu) +0 string Rar! application/x-rar + # According to gzip.h, this is the correct byte order for packed data. 0 string \037\036 application/octet-stream # @@ -255,7 +258,7 @@ 0 lelong&0x8080ffff 0x0000041a application/x-arc squeezed 0 lelong&0x8080ffff 0x0000061a application/x-arc crunched -0 leshort 0xea60 application/octet-stream x-arj +0 leshort 0xea60 application/x-arj # LHARC/LHA archiver (Greg Roelofs, newt@uchicago.edu) 2 string -lh0- application/x-lharc lh0 @@ -306,6 +309,7 @@ 0 string \ 0 string \x8aMNG video/x-mng +0 string \x8aJNG video/x-jng #------------------------------------------------------------------------------ # Hierarchical Data Format, used to facilitate scientific data exchange @@ -554,3 +559,65 @@ # Adobe Photoshop 0 string 8BPS image/x-photoshop + +# Felix von Leitner +0 string d8:announce application/x-bittorrent + + +# lotus 1-2-3 document +0 belong 0x00001a00 application/x-123 +0 belong 0x00000200 application/x-123 + +# MS Access database +4 string Standard\ Jet\ DB application/msaccess + +## magic for XBase files +#0 byte 0x02 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x03 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x04 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x05 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x30 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x43 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x7b +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x83 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x8b +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0x8e +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0xb3 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 byte 0xf5 +#>8 leshort >0 +#>>12 leshort 0 application/x-dbf +# +#0 leshort 0x0006 application/x-dbt diff --git a/src/apprentice.c b/src/apprentice.c index 01112840..ad2774b5 100644 --- a/src/apprentice.c +++ b/src/apprentice.c @@ -50,7 +50,7 @@ #endif #ifndef lint -FILE_RCSID("@(#)$Id: apprentice.c,v 1.57 2003/03/28 21:02:03 christos Exp $") +FILE_RCSID("@(#)$Id: apprentice.c,v 1.58 2003/05/23 21:31:58 christos Exp $") #endif /* lint */ #define EATAB {while (isascii((unsigned char) *l) && \ @@ -377,7 +377,7 @@ parse(struct magic_set *ms, struct magic **magicp, uint32_t *nmagicp, char *l, } /* get offset, then skip over it */ - m->offset = (int) strtoul(l, &t, 0); + m->offset = (uint32_t)strtoul(l, &t, 0); if (l == t) if (ms->flags & MAGIC_CHECK) file_magwarn("offset %s invalid", l); @@ -1007,7 +1007,7 @@ apprentice_compile(struct magic_set *ms, struct magic **magicp, return -1; } - if (write(fd, ar, sizeof(ar)) != sizeof(ar)) { + if (write(fd, ar, sizeof(ar)) != (ssize_t)sizeof(ar)) { file_error(ms, "Error writing `%s' (%s)", dbname, strerror(errno)); return -1; @@ -1020,8 +1020,8 @@ apprentice_compile(struct magic_set *ms, struct magic **magicp, return -1; } - if (write(fd, *magicp, sizeof(struct magic) * *nmagicp) - != sizeof(struct magic) * *nmagicp) { + if (write(fd, *magicp, (sizeof(struct magic) * *nmagicp)) + != (ssize_t)(sizeof(struct magic) * *nmagicp)) { file_error(ms, "Error writing `%s' (%s)", dbname, strerror(errno)); return -1; @@ -1038,12 +1038,12 @@ private const char ext[] = ".mgc"; private char * mkdbname(const char *fn, char *buf, size_t bufsiz) { +#ifdef notdef const char *p; if ((p = strrchr(fn, '/')) != NULL) - p++; - else - p = fn; - (void)snprintf(buf, bufsiz, "%s%s", p, ext); + fn = ++p; +#endif + (void)snprintf(buf, bufsiz, "%s%s", fn, ext); return buf; } diff --git a/src/ascmagic.c b/src/ascmagic.c index 3fd3dfb0..a9c1e2e3 100644 --- a/src/ascmagic.c +++ b/src/ascmagic.c @@ -54,7 +54,7 @@ #include "names.h" #ifndef lint -FILE_RCSID("@(#)$Id: ascmagic.c,v 1.37 2003/03/27 18:34:21 christos Exp $") +FILE_RCSID("@(#)$Id: ascmagic.c,v 1.38 2003/05/23 21:31:58 christos Exp $") #endif /* lint */ typedef unsigned long unichar; @@ -106,6 +106,10 @@ file_ascmagic(struct magic_set *ms, const unsigned char *buf, size_t nbytes) while (nbytes > 1 && buf[nbytes - 1] == '\0') nbytes--; + /* nbuf and ubuf relies on this */ + if (nbytes > HOWMANY) + nbytes = HOWMANY; + /* * Then try to determine whether it's any character code we can * identify. Each of these tests, if it succeeds, will leave diff --git a/src/compress.c b/src/compress.c index e498c64b..1b3d6b8f 100644 --- a/src/compress.c +++ b/src/compress.c @@ -56,7 +56,7 @@ #endif #ifndef lint -FILE_RCSID("@(#)$Id: compress.c,v 1.31 2003/03/26 16:25:25 christos Exp $") +FILE_RCSID("@(#)$Id: compress.c,v 1.32 2003/05/23 21:31:58 christos Exp $") #endif @@ -81,8 +81,8 @@ private struct { private int ncompr = sizeof(compr) / sizeof(compr[0]); -private int swrite(int, const void *, size_t); -private int sread(int, void *, size_t); +private ssize_t swrite(int, const void *, size_t); +private ssize_t sread(int, void *, size_t); private size_t uncompressbuf(struct magic_set *, size_t, const unsigned char *, unsigned char **, size_t); #ifdef HAVE_LIBZ @@ -129,7 +129,7 @@ error: /* * `safe' write for sockets and pipes. */ -private int +private ssize_t swrite(int fd, const void *buf, size_t n) { int rv; @@ -154,7 +154,7 @@ swrite(int fd, const void *buf, size_t n) /* * `safe' read for sockets and pipes. */ -private int +private ssize_t sread(int fd, void *buf, size_t n) { int rv; @@ -205,7 +205,7 @@ file_pipe2file(struct magic_set *ms, int fd, const void *startbuf, return -1; } - if (swrite(tfd, startbuf, nbytes) != nbytes) + if (swrite(tfd, startbuf, nbytes) != (ssize_t)nbytes) r = 1; else { while ((r = sread(fd, buf, sizeof(buf))) > 0) @@ -256,25 +256,30 @@ uncompressgzipped(struct magic_set *ms, const unsigned char *old, unsigned char **newch, size_t n) { unsigned char flg = old[3]; - int data_start = 10; + size_t data_start = 10; z_stream z; int rc; - if (flg & FEXTRA) + if (flg & FEXTRA) { + if (data_start+1 >= n) + return 0; data_start += 2 + old[data_start] + old[data_start + 1] * 256; + } if (flg & FNAME) { - while(old[data_start]) + while(data_start < n && old[data_start]) data_start++; data_start++; } if(flg & FCOMMENT) { - while(old[data_start]) + while(data_start < n && old[data_start]) data_start++; data_start++; } if(flg & FHCRC) data_start += 2; + if (data_start >= n) + return 0; if ((*newch = (unsigned char *)malloc(HOWMANY + 1)) == NULL) { return 0; } @@ -355,7 +360,7 @@ uncompressbuf(struct magic_set *ms, size_t method, const unsigned char *old, default: /* parent */ (void) close(fdin[0]); (void) close(fdout[1]); - if (swrite(fdin[1], old, n) != n) { + if (swrite(fdin[1], old, n) != (ssize_t)n) { n = 0; goto err; } diff --git a/src/file.h b/src/file.h index ec862d0b..f27b05d2 100644 --- a/src/file.h +++ b/src/file.h @@ -32,7 +32,7 @@ */ /* * file.h - definitions for file(1) program - * @(#)$Id: file.h,v 1.54 2003/04/04 21:59:27 christos Exp $ + * @(#)$Id: file.h,v 1.55 2003/05/23 21:31:58 christos Exp $ */ #ifndef __file_h__ @@ -125,9 +125,9 @@ struct magic { #define FILE_OPMODULO 7 #define FILE_OPINVERSE 0x80 /* Word 4 */ - int32_t offset; /* offset to magic number */ + uint32_t offset; /* offset to magic number */ /* Word 5 */ - int32_t in_offset; /* offset from indirection */ + uint32_t in_offset; /* offset from indirection */ /* Word 6 */ uint32_t mask; /* mask before comparison with value */ /* Word 7 */ diff --git a/src/fsmagic.c b/src/fsmagic.c index e4916d70..e51373ea 100644 --- a/src/fsmagic.c +++ b/src/fsmagic.c @@ -62,7 +62,7 @@ #undef HAVE_MAJOR #ifndef lint -FILE_RCSID("@(#)$Id: fsmagic.c,v 1.40 2003/03/27 19:09:57 christos Exp $") +FILE_RCSID("@(#)$Id: fsmagic.c,v 1.41 2003/05/23 21:31:58 christos Exp $") #endif /* lint */ protected int @@ -220,6 +220,10 @@ file_fsmagic(struct magic_set *ms, const char *fn, struct stat *sb) tmp = buf; /* in current directory anyway */ } else { + if (tmp - fn + 1 > BUFSIZ) { + file_printf(ms, "path too long: `%s'", fn); + return -1; + } strcpy(buf2, fn); /* take directory part */ buf2[tmp-fn+1] = '\0'; strcat(buf2, buf); /* plus (relative) symlink */ diff --git a/src/magic.c b/src/magic.c index e9154c4c..78142bc6 100644 --- a/src/magic.c +++ b/src/magic.c @@ -64,7 +64,7 @@ #include "patchlevel.h" #ifndef lint -FILE_RCSID("@(#)$Id: magic.c,v 1.6 2003/03/26 15:35:30 christos Exp $") +FILE_RCSID("@(#)$Id: magic.c,v 1.7 2003/05/23 21:31:58 christos Exp $") #endif /* lint */ #ifdef __EMX__ @@ -190,7 +190,7 @@ magic_file(struct magic_set *ms, const char *inname) int fd = 0; unsigned char buf[HOWMANY+1]; /* one extra for terminating '\0' */ struct stat sb; - int nbytes = 0; /* number of bytes read from a datafile */ + ssize_t nbytes = 0; /* number of bytes read from a datafile */ if (file_reset(ms) == -1) return NULL; @@ -225,18 +225,22 @@ magic_file(struct magic_set *ms, const char *inname) */ if ((nbytes = read(fd, (char *)buf, HOWMANY)) == -1) { file_error(ms, "Cannot read `%s' %s", inname, strerror(errno)); + (void)close(fd); return NULL; } if (nbytes == 0) { if (file_printf(ms, (ms->flags & MAGIC_MIME) ? - "application/x-empty" : "empty") == -1) + "application/x-empty" : "empty") == -1) { + (void)close(fd); return NULL; + } } else { buf[nbytes++] = '\0'; /* null-terminate it */ #ifdef __EMX__ switch (file_os2_apptype(ms, inname, buf, nbytes)) { case -1: + (void)close(fd); return NULL; case 0: break; @@ -244,8 +248,10 @@ magic_file(struct magic_set *ms, const char *inname) return ms->o.buf; } #endif - if (file_buffer(ms, buf, (size_t)nbytes) == -1) + if (file_buffer(ms, buf, (size_t)nbytes) == -1) { + (void)close(fd); return NULL; + } #ifdef BUILTIN_ELF if (nbytes > 5) { /* @@ -261,6 +267,7 @@ magic_file(struct magic_set *ms, const char *inname) #endif } + close(fd); return ms->haderr ? NULL : ms->o.buf; } diff --git a/src/readelf.c b/src/readelf.c index f5bfb86c..51cb2dc4 100644 --- a/src/readelf.c +++ b/src/readelf.c @@ -39,7 +39,7 @@ #include "readelf.h" #ifndef lint -FILE_RCSID("@(#)$Id: readelf.c,v 1.31 2003/03/26 15:35:30 christos Exp $") +FILE_RCSID("@(#)$Id: readelf.c,v 1.32 2003/05/23 21:31:59 christos Exp $") #endif #ifdef ELFCORE @@ -219,7 +219,7 @@ dophn_core(struct magic_set *ms, int class, int swap, int fd, off_t off, Elf64_Phdr ph64; size_t offset; unsigned char nbuf[BUFSIZ]; - int bufsize; + ssize_t bufsize; if (size != ph_size) { file_error(ms, "Corrupted program header size"); @@ -256,7 +256,7 @@ dophn_core(struct magic_set *ms, int class, int swap, int fd, off_t off, } offset = 0; for (;;) { - if (offset >= bufsize) + if (offset >= (size_t)bufsize) break; offset = donote(ms, nbuf, offset, (size_t)bufsize, class, swap, 4); @@ -465,7 +465,7 @@ donote(struct magic_set *ms, unsigned char *nbuf, size_t offset, size_t size, return size; return size; } else if (os_style != OS_STYLE_NETBSD && nh_type == NT_PRPSINFO) { - int i, j; + size_t i, j; unsigned char c; /* * Extract the program name. We assume @@ -634,7 +634,7 @@ dophn_exec(struct magic_set *ms, int class, int swap, int fd, off_t off, } offset = 0; for (;;) { - if (offset >= bufsize) + if (offset >= (size_t)bufsize) break; offset = donote(ms, nbuf, offset, (size_t)bufsize, class, swap, ph_align); diff --git a/src/softmagic.c b/src/softmagic.c index 4a718fae..110ccd83 100644 --- a/src/softmagic.c +++ b/src/softmagic.c @@ -44,7 +44,7 @@ #ifndef lint -FILE_RCSID("@(#)$Id: softmagic.c,v 1.58 2003/03/26 15:35:30 christos Exp $") +FILE_RCSID("@(#)$Id: softmagic.c,v 1.59 2003/05/23 21:31:59 christos Exp $") #endif /* lint */ private int match(struct magic_set *, struct magic *, uint32_t, @@ -105,8 +105,8 @@ private int match(struct magic_set *ms, struct magic *magic, uint32_t nmagic, const unsigned char *s, size_t nbytes) { - int magindex = 0; - int cont_level = 0; + uint32_t magindex = 0; + unsigned int cont_level = 0; int need_separator = 0; union VALUETYPE p; int32_t oldoff = 0; @@ -439,7 +439,7 @@ mconvert(struct magic_set *ms, union VALUETYPE *p, struct magic *m) case FILE_PSTRING: { char *ptr1 = p->s, *ptr2 = ptr1 + 1; - int n = *p->s; + unsigned int n = *p->s; if (n >= sizeof(p->s)) n = sizeof(p->s) - 1; while (n--) @@ -606,7 +606,7 @@ private int mget(struct magic_set *ms, union VALUETYPE *p, const unsigned char *s, struct magic *m, size_t nbytes) { - int32_t offset = m->offset; + uint32_t offset = m->offset; if (m->type == FILE_REGEX) { /* @@ -631,10 +631,9 @@ mget(struct magic_set *ms, union VALUETYPE *p, const unsigned char *s, * the usefulness of padding with zeroes eludes me, it * might even cause problems */ - int32_t have = nbytes - offset; memset(p, 0, sizeof(union VALUETYPE)); - if (have > 0) - memcpy(p, s + offset, (size_t)have); + if (offset < nbytes) + memcpy(p, s + offset, nbytes - offset); } if ((ms->flags & MAGIC_DEBUG) != 0) { @@ -966,7 +965,8 @@ mget(struct magic_set *ms, union VALUETYPE *p, const unsigned char *s, break; } - if (offset + sizeof(union VALUETYPE) > nbytes) + if (nbytes < sizeof(union VALUETYPE) || + nbytes - sizeof(union VALUETYPE) < offset) return 0; memcpy(p, s + offset, sizeof(union VALUETYPE)); -- 2.40.0