1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
|
Index: php5-5.3.3/ext/fileinfo/libmagic/softmagic.c
===================================================================
--- php5-5.3.3.orig/ext/fileinfo/libmagic/softmagic.c 2015-01-25 13:36:13.000000000 +0100
+++ php5-5.3.3/ext/fileinfo/libmagic/softmagic.c 2015-01-25 13:36:13.000000000 +0100
@@ -175,6 +175,8 @@
continue;
}
+ if ((e = handle_annotation(ms, m)) != 0)
+ return e;
/*
* If we are going to print something, we'll need to print
* a blank before we print something else.
@@ -182,8 +184,6 @@
if (*m->desc) {
need_separator = 1;
printed_something = 1;
- if ((e = handle_annotation(ms, m)) != 0)
- return e;
if (print_sep(ms, firstline) == -1)
return -1;
}
@@ -257,13 +257,13 @@
ms->c.li[cont_level].got_match = 0;
break;
}
+ if ((e = handle_annotation(ms, m)) != 0)
+ return e;
/*
* If we are going to print something,
* make sure that we have a separator first.
*/
if (*m->desc) {
- if ((e = handle_annotation(ms, m)) != 0)
- return e;
if (!printed_something) {
printed_something = 1;
if (print_sep(ms, firstline)
@@ -433,7 +433,7 @@
return -1;
t = ms->offset + strlen(p->s);
if (m->type == FILE_PSTRING)
- t++;
+ t += file_pstring_length_size(m);
}
break;
@@ -595,7 +595,7 @@
p->s[strcspn(p->s, "\n")] = '\0';
t = ms->offset + strlen(p->s);
if (m->type == FILE_PSTRING)
- t++;
+ t += file_pstring_length_size(m);
return t;
}
@@ -780,6 +780,27 @@
return 1;
}
case FILE_PSTRING: {
+ size_t sz = file_pstring_length_size(m);
+ char *ptr1 = p->s, *ptr2 = ptr1 + sz;
+ size_t len = file_pstring_get_length(m, ptr1);
+ sz = sizeof(p->s) - sz; /* maximum length of string */
+ if (len >= sz) {
+ /*
+ * The size of the pascal string length (sz)
+ * is 1, 2, or 4. We need at least 1 byte for NUL
+ * termination, but we've already truncated the
+ * string by p->s, so we need to deduct sz.
+ * Because we can use one of the bytes of the length
+ * after we shifted as NUL termination.
+ */
+ len = sz;
+ }
+ while (len--)
+ *ptr1++ = *ptr2++;
+ *ptr1 = '\0';
+ return 1;
+
+/* original stuff before patch
char *ptr1 = p->s, *ptr2 = ptr1 + 1;
size_t len = *p->s;
if (len >= sizeof(p->s))
@@ -788,12 +809,13 @@
*ptr1++ = *ptr2++;
*ptr1 = '\0';
#if 0
- /* Why? breaks magic numbers that end with \xa */
+ / * Why? breaks magic numbers that end with \xa * /
len = strlen(p->s);
if (len-- && p->s[len] == '\n')
p->s[len] = '\0';
#endif
return 1;
+*/
}
case FILE_BESHORT:
p->h = (short)((p->hs[0]<<8)|(p->hs[1]));
Index: php5-5.3.3/ext/fileinfo/libmagic/apprentice.c
===================================================================
--- php5-5.3.3.orig/ext/fileinfo/libmagic/apprentice.c 2015-01-25 13:36:13.000000000 +0100
+++ php5-5.3.3/ext/fileinfo/libmagic/apprentice.c 2015-01-25 13:36:13.000000000 +0100
@@ -872,6 +872,12 @@
if ((ms->flags & MAGIC_CHECK) == 0)
return 0;
+ if (m->type != FILE_PSTRING && (m->str_flags & PSTRING_LEN) != 0) {
+ file_magwarn(ms,
+ "'/BHhLl' modifiers are only allowed for pascal strings\n");
+ return -1;
+ }
+
switch (m->type) {
case FILE_BESTRING16:
case FILE_LESTRING16:
@@ -1234,8 +1240,7 @@
++l;
}
m->str_range = 0;
- m->str_flags = 0;
- m->num_mask = 0;
+ m->str_flags = m->type == FILE_PSTRING ? PSTRING_1_LE : 0;
if ((op = get_op(*l)) != -1) {
if (!IS_LIBMAGIC_STRING(m->type)) {
uint64_t val;
@@ -1281,6 +1286,32 @@
case CHAR_REGEX_OFFSET_START:
m->str_flags |= REGEX_OFFSET_START;
break;
+ case CHAR_PSTRING_1_LE:
+ if (m->type != FILE_PSTRING)
+ goto bad;
+ m->str_flags |= PSTRING_1_LE;
+ break;
+ case CHAR_PSTRING_2_BE:
+ if (m->type != FILE_PSTRING)
+ goto bad;
+ m->str_flags |= PSTRING_2_BE;
+ break;
+ case CHAR_PSTRING_2_LE:
+ if (m->type != FILE_PSTRING)
+ goto bad;
+ m->str_flags |= PSTRING_2_LE;
+ break;
+ case CHAR_PSTRING_4_BE:
+ if (m->type != FILE_PSTRING)
+ goto bad;
+ m->str_flags |= PSTRING_4_BE;
+ break;
+ case CHAR_PSTRING_4_LE:
+ if (m->type != FILE_PSTRING)
+ goto bad;
+ m->str_flags |= PSTRING_4_LE;
+ break;
+ bad:
default:
if (ms->flags & MAGIC_CHECK)
file_magwarn(ms,
@@ -1903,7 +1934,7 @@
*p = '\0';
m->vallen = p - origp;
if (m->type == FILE_PSTRING)
- m->vallen++;
+ m->vallen += file_pstring_length_size(m);
return s;
}
@@ -2328,6 +2359,8 @@
m->in_offset = swap4((uint32_t)m->in_offset);
m->lineno = swap4((uint32_t)m->lineno);
if (IS_LIBMAGIC_STRING(m->type)) {
+ if (m->type == FILE_PSTRING)
+ printf("flags! %d\n", m->str_flags);
m->str_range = swap4(m->str_range);
m->str_flags = swap4(m->str_flags);
}
@@ -2336,3 +2369,42 @@
m->num_mask = swap8(m->num_mask);
}
}
+
+protected size_t
+file_pstring_length_size(const struct magic *m)
+{
+ switch (m->str_flags & PSTRING_LEN) {
+ case PSTRING_1_LE:
+ return 1;
+ case PSTRING_2_LE:
+ case PSTRING_2_BE:
+ return 2;
+ case PSTRING_4_LE:
+ case PSTRING_4_BE:
+ return 4;
+ default:
+ abort(); /* Impossible */
+ return 1;
+ }
+}
+
+protected size_t
+file_pstring_get_length(const struct magic *m, const char *s)
+{
+ switch (m->str_flags & PSTRING_LEN) {
+ case PSTRING_1_LE:
+ return *s;
+ case PSTRING_2_LE:
+ return (s[1] << 8) | s[0];
+ case PSTRING_2_BE:
+ return (s[0] << 8) | s[1];
+ case PSTRING_4_LE:
+ return (s[3] << 24) | (s[2] << 16) | (s[1] << 8) | s[0];
+ case PSTRING_4_BE:
+ return (s[0] << 24) | (s[1] << 16) | (s[2] << 8) | s[3];
+ default:
+ abort(); /* Impossible */
+ return 1;
+ }
+}
+
Index: php5-5.3.3/ext/fileinfo/libmagic/file.h
===================================================================
--- php5-5.3.3.orig/ext/fileinfo/libmagic/file.h 2015-01-25 13:36:13.000000000 +0100
+++ php5-5.3.3/ext/fileinfo/libmagic/file.h 2015-01-25 13:43:01.000000000 +0100
@@ -132,13 +132,21 @@
/* Word 1 */
uint16_t cont_level; /* level of ">" */
uint8_t flag;
-#define INDIR 0x01 /* if '(...)' appears */
-#define OFFADD 0x02 /* if '>&' or '>...(&' appears */
-#define INDIROFFADD 0x04 /* if '>&(' appears */
-#define UNSIGNED 0x08 /* comparison is unsigned */
-#define NOSPACE 0x10 /* suppress space character before output */
-#define BINTEST 0x20 /* test is for a binary type (set only
+#define INDIR 0x001 /* if '(...)' appears */
+#define OFFADD 0x002 /* if '>&' or '>...(&' appears */
+#define INDIROFFADD 0x004 /* if '>&(' appears */
+#define UNSIGNED 0x008 /* comparison is unsigned */
+#define NOSPACE 0x010 /* suppress space character before output */
+#define BINTEST 0x020 /* test is for a binary type (set only
for top-level tests) */
+#define PSTRING_1_BE 0x040
+#define PSTRING_1_LE 0x040
+#define PSTRING_2_BE 0x080
+#define PSTRING_2_LE 0x100
+#define PSTRING_4_BE 0x200
+#define PSTRING_4_LE 0x400
+#define PSTRING_LEN \
+ (PSTRING_1_BE|PSTRING_2_LE|PSTRING_2_BE|PSTRING_4_LE|PSTRING_4_BE)
#define TEXTTEST 0 /* for passing to file_softmagic */
uint8_t factor;
@@ -279,11 +287,17 @@
#define STRING_IGNORE_LOWERCASE BIT(2)
#define STRING_IGNORE_UPPERCASE BIT(3)
#define REGEX_OFFSET_START BIT(4)
-#define CHAR_COMPACT_BLANK 'B'
-#define CHAR_COMPACT_OPTIONAL_BLANK 'b'
+#define CHAR_COMPACT_BLANK 'W'
+#define CHAR_COMPACT_OPTIONAL_BLANK 'w'
#define CHAR_IGNORE_LOWERCASE 'c'
#define CHAR_IGNORE_UPPERCASE 'C'
#define CHAR_REGEX_OFFSET_START 's'
+#define CHAR_PSTRING_1_BE 'B'
+#define CHAR_PSTRING_1_LE 'B'
+#define CHAR_PSTRING_2_BE 'H'
+#define CHAR_PSTRING_2_LE 'h'
+#define CHAR_PSTRING_4_BE 'L'
+#define CHAR_PSTRING_4_LE 'l'
#define STRING_IGNORE_CASE (STRING_IGNORE_LOWERCASE|STRING_IGNORE_UPPERCASE)
#define STRING_DEFAULT_RANGE 100
@@ -388,6 +402,8 @@
protected int file_check_mem(struct magic_set *, unsigned int);
protected int file_looks_utf8(const unsigned char *, size_t, unichar *,
size_t *);
+protected size_t file_pstring_length_size(const struct magic *);
+protected size_t file_pstring_get_length(const struct magic *, const char *);
#ifdef __EMX__
protected int file_os2_apptype(struct magic_set *, const char *, const void *,
size_t);
|
