diff options
Diffstat (limited to 'src/softmagic.c')
| -rw-r--r-- | src/softmagic.c | 31 |
1 files changed, 19 insertions, 12 deletions
diff --git a/src/softmagic.c b/src/softmagic.c index 0e9d433ddd99b..b9e975374b403 100644 --- a/src/softmagic.c +++ b/src/softmagic.c @@ -32,7 +32,7 @@ #include "file.h" #ifndef lint -FILE_RCSID("@(#)$File: softmagic.c,v 1.238 2016/10/24 18:02:17 christos Exp $") +FILE_RCSID("@(#)$File: softmagic.c,v 1.249 2017/06/19 18:30:25 christos Exp $") #endif /* lint */ #include "magic.h" @@ -192,6 +192,7 @@ flush: while (magindex < nmagic - 1 && magic[magindex + 1].cont_level != 0) magindex++; + cont_level = 0; continue; /* Skip to next top-level test*/ } @@ -370,6 +371,7 @@ flush: case -1: case 0: flush = 1; + cont_level--; break; default: break; @@ -1017,9 +1019,8 @@ private int mconvert(struct magic_set *ms, struct magic *m, int flip) { union VALUETYPE *p = &ms->ms_value; - uint8_t type; - switch (type = cvt_flip(m->type, flip)) { + switch (cvt_flip(m->type, flip)) { case FILE_BYTE: if (cvt_8(p, m) == -1) goto out; @@ -1184,7 +1185,7 @@ mcopy(struct magic_set *ms, union VALUETYPE *p, int type, int indir, case FILE_DER: case FILE_SEARCH: if (offset > nbytes) - offset = nbytes; + offset = CAST(uint32_t, nbytes); ms->search.s = RCAST(const char *, s) + offset; ms->search.s_len = nbytes - offset; ms->search.offset = offset; @@ -1198,7 +1199,7 @@ mcopy(struct magic_set *ms, union VALUETYPE *p, int type, int indir, const char *end; size_t lines, linecnt, bytecnt; - if (s == NULL) { + if (s == NULL || nbytes < offset) { ms->search.s_len = 0; ms->search.s = NULL; return 0; @@ -1260,7 +1261,8 @@ mcopy(struct magic_set *ms, union VALUETYPE *p, int type, int indir, if (*dst == '\0') { if (type == FILE_BESTRING16 ? *(src - 1) != '\0' : - *(src + 1) != '\0') + ((src + 1 < esrc) && + *(src + 1) != '\0')) *dst = ' '; } } @@ -1365,7 +1367,7 @@ mget(struct magic_set *ms, const unsigned char *s, struct magic *m, return -1; if ((ms->flags & MAGIC_DEBUG) != 0) { - fprintf(stderr, "mget(type=%d, flag=%x, offset=%u, o=%" + fprintf(stderr, "mget(type=%d, flag=%#x, offset=%u, o=%" SIZE_T_FORMAT "u, " "nbytes=%" SIZE_T_FORMAT "u, il=%hu, nc=%hu)\n", m->type, m->flag, offset, o, nbytes, @@ -1632,6 +1634,7 @@ file_strncmp(const char *s1, const char *s2, size_t len, uint32_t flags) */ const unsigned char *a = (const unsigned char *)s1; const unsigned char *b = (const unsigned char *)s2; + const unsigned char *eb = b + len; uint64_t v; /* @@ -1646,6 +1649,10 @@ file_strncmp(const char *s1, const char *s2, size_t len, uint32_t flags) } else { /* combine the others */ while (len-- > 0) { + if (b >= eb) { + v = 1; + break; + } if ((flags & STRING_IGNORE_LOWERCASE) && islower(*a)) { if ((v = tolower(*b++) - *a++) != '\0') @@ -1661,7 +1668,7 @@ file_strncmp(const char *s1, const char *s2, size_t len, uint32_t flags) a++; if (isspace(*b++)) { if (!isspace(*a)) - while (isspace(*b)) + while (b < eb && isspace(*b)) b++; } else { @@ -1672,7 +1679,7 @@ file_strncmp(const char *s1, const char *s2, size_t len, uint32_t flags) else if ((flags & STRING_COMPACT_OPTIONAL_WHITESPACE) && isspace(*a)) { a++; - while (isspace(*b)) + while (b < eb && isspace(*b)) b++; } else { @@ -1843,13 +1850,13 @@ magiccheck(struct magic_set *ms, struct magic *m) for (idx = 0; m->str_range == 0 || idx < m->str_range; idx++) { if (slen + idx > ms->search.s_len) - break; + return 0; v = file_strncmp(m->value.s, ms->search.s + idx, slen, m->str_flags); if (v == 0) { /* found match */ ms->search.offset += idx; - ms->search.rm_len = m->str_range - idx; + ms->search.rm_len = ms->search.s_len - idx; break; } } @@ -1887,7 +1894,7 @@ magiccheck(struct magic_set *ms, struct magic *m) copy[--slen] = '\0'; search = copy; } else { - search = ms->search.s; + search = CCAST(char *, ""); copy = NULL; } rc = file_regexec(&rx, (const char *)search, |