From 9e73005be0150e14c26df2abea2b9dd5e57e951c Mon Sep 17 00:00:00 2001 From: zyppe <210hcl@gmail.com> Date: Wed, 7 Feb 2024 23:00:46 +0800 Subject: [PATCH] Initialize for file --- .file.metadata | 1 + .gitignore | 1 + ...-spinpx-limit-size-of-file_printable.patch | 105 +++ CVE-2019-18218-46a8443f.patch | 43 + baselibs.conf | 5 + bsc1189996-9fbe768a.patch | 21 + file-4.20-ssd.dif | 15 + file-4.20-xen.dif | 12 + file-4.21-scribus.dif | 10 + file-4.21-xcursor.dif | 9 + file-4.24-autoconf.dif | 46 + file-5.12-zip.dif | 32 + file-5.14-tex.dif | 15 + file-5.15-clear-invalid.patch | 23 + file-5.16-ocloexec.patch | 69 ++ file-5.17-option.dif | 42 + file-5.18-javacheck.dif | 11 + file-5.19-biorad.dif | 15 + file-5.19-clicfs.dif | 14 + file-5.19-cromfs.dif | 19 + file-5.19-misc.dif | 11 + file-5.19-printf.dif | 19 + file-5.19-solv.dif | 10 + file-5.19-zip2.0.dif | 18 + file-5.22-elf.dif | 26 + file-5.23-endian.patch | 167 ++++ file-5.28-btrfs-image.dif | 62 ++ file-5.32-ncurses-6.1.patch | 24 + file-5.32.dif | 590 ++++++++++++ file-a642587a9c.patch | 20 + file-rpmlintrc | 4 + file-secure_getenv.patch | 79 ++ file.changes | 862 ++++++++++++++++++ file.spec | 203 +++++ fix_of_backport_PR-62.patch | 44 + 35 files changed, 2647 insertions(+) create mode 100644 .file.metadata create mode 100644 .gitignore create mode 100644 0002-PR-62-spinpx-limit-size-of-file_printable.patch create mode 100644 CVE-2019-18218-46a8443f.patch create mode 100644 baselibs.conf create mode 100644 bsc1189996-9fbe768a.patch create mode 100644 file-4.20-ssd.dif create mode 100644 file-4.20-xen.dif create mode 100644 file-4.21-scribus.dif create mode 100644 file-4.21-xcursor.dif create mode 100644 file-4.24-autoconf.dif create mode 100644 file-5.12-zip.dif create mode 100644 file-5.14-tex.dif create mode 100644 file-5.15-clear-invalid.patch create mode 100644 file-5.16-ocloexec.patch create mode 100644 file-5.17-option.dif create mode 100644 file-5.18-javacheck.dif create mode 100644 file-5.19-biorad.dif create mode 100644 file-5.19-clicfs.dif create mode 100644 file-5.19-cromfs.dif create mode 100644 file-5.19-misc.dif create mode 100644 file-5.19-printf.dif create mode 100644 file-5.19-solv.dif create mode 100644 file-5.19-zip2.0.dif create mode 100644 file-5.22-elf.dif create mode 100644 file-5.23-endian.patch create mode 100644 file-5.28-btrfs-image.dif create mode 100644 file-5.32-ncurses-6.1.patch create mode 100644 file-5.32.dif create mode 100644 file-a642587a9c.patch create mode 100644 file-rpmlintrc create mode 100644 file-secure_getenv.patch create mode 100644 file.changes create mode 100644 file.spec create mode 100644 fix_of_backport_PR-62.patch diff --git a/.file.metadata b/.file.metadata new file mode 100644 index 0000000..c907e12 --- /dev/null +++ b/.file.metadata @@ -0,0 +1 @@ +beaedc6c020b42c0406209ce5549b7d643339563510dd78366f89f208584bb87 file-5.32.tar.gz diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a73464e --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +file-5.32.tar.gz diff --git a/0002-PR-62-spinpx-limit-size-of-file_printable.patch b/0002-PR-62-spinpx-limit-size-of-file_printable.patch new file mode 100644 index 0000000..6e352f5 --- /dev/null +++ b/0002-PR-62-spinpx-limit-size-of-file_printable.patch @@ -0,0 +1,105 @@ +From d65781527c8134a1202b2649695d48d5701ac60b Mon Sep 17 00:00:00 2001 +From: Christos Zoulas +Date: Mon, 18 Feb 2019 17:46:56 +0000 +Subject: PR/62: spinpx: limit size of file_printable. + +--- + src/file.h | 2 +- + src/funcs.c | 7 ++++--- + src/readelf.c | 5 +++-- + src/softmagic.c | 12 +++++++----- + 4 files changed, 15 insertions(+), 11 deletions(-) + +--- src/file.h ++++ src/file.h 2019-02-21 08:22:09.328231492 +0000 +@@ -491,7 +491,7 @@ protected int file_looks_utf8(const unsi + size_t *); + protected size_t file_pstring_length_size(const struct magic *); + protected size_t file_pstring_get_length(const struct magic *, const char *); +-protected char * file_printable(char *, size_t, const char *); ++protected char * file_printable(char *, size_t, const char *, size_t); + #ifdef __EMX__ + protected int file_os2_apptype(struct magic_set *, const char *, const void *, + size_t); +--- src/funcs.c ++++ src/funcs.c 2019-02-21 08:22:09.328231492 +0000 +@@ -581,12 +581,13 @@ file_pop_buffer(struct magic_set *ms, fi + * convert string to ascii printable format. + */ + protected char * +-file_printable(char *buf, size_t bufsiz, const char *str) ++file_printable(char *buf, size_t bufsiz, const char *str, size_t slen) + { +- char *ptr, *eptr; ++ char *ptr, *eptr = buf + bufsiz - 1; + const unsigned char *s = (const unsigned char *)str; ++ const unsigned char *es = s + slen; + +- for (ptr = buf, eptr = ptr + bufsiz - 1; ptr < eptr && *s; s++) { ++ for (ptr = buf; ptr < eptr && s < es && *s; s++) { + if (isprint(*s)) { + *ptr++ = *s; + continue; +--- src/readelf.c ++++ src/readelf.c 2019-02-21 08:23:53.362253570 +0000 +@@ -725,7 +725,7 @@ do_core_note(struct magic_set *ms, unsig + if (file_printf(ms, ", from '%.31s', pid=%u, uid=%u, " + "gid=%u, nlwps=%u, lwp=%u (signal %u/code %u)", + file_printable(sbuf, sizeof(sbuf), +- CAST(char *, pi.cpi_name)), ++ RCAST(char *, pi.cpi_name), sizeof(pi.cpi_name)), + elf_getu32(swap, pi.cpi_pid), + elf_getu32(swap, pi.cpi_euid), + elf_getu32(swap, pi.cpi_egid), +@@ -1566,7 +1566,8 @@ dophn_exec(struct magic_set *ms, int cla + return -1; + if (interp[0]) + if (file_printf(ms, ", interpreter %s", +- file_printable(ibuf, sizeof(ibuf), interp)) == -1) ++ file_printable(ibuf, sizeof(ibuf), interp, sizeof(interp))) ++ == -1) + return -1; + return 0; + } +--- src/softmagic.c ++++ src/softmagic.c 2019-02-21 08:27:12.158474664 +0000 +@@ -544,8 +544,8 @@ mprint(struct magic_set *ms, struct magi + case FILE_LESTRING16: + if (m->reln == '=' || m->reln == '!') { + if (file_printf(ms, F(ms, m, "%s"), +- file_printable(sbuf, sizeof(sbuf), m->value.s)) +- == -1) ++ file_printable(sbuf, sizeof(sbuf), m->value.s, ++ sizeof(m->value.s))) == -1) + return -1; + t = ms->offset + m->vallen; + } +@@ -572,7 +572,8 @@ mprint(struct magic_set *ms, struct magi + } + + if (file_printf(ms, F(ms, m, "%s"), +- file_printable(sbuf, sizeof(sbuf), str)) == -1) ++ file_printable(sbuf, sizeof(sbuf), str, ++ sizeof(p->s) - (str - p->s))) == -1) + return -1; + + if (m->type == FILE_PSTRING) +@@ -678,7 +679,7 @@ mprint(struct magic_set *ms, struct magi + return -1; + } + rval = file_printf(ms, F(ms, m, "%s"), +- file_printable(sbuf, sizeof(sbuf), cp)); ++ file_printable(sbuf, sizeof(sbuf), cp, ms->search.rm_len)); + free(cp); + + if (rval == -1) +@@ -705,7 +706,8 @@ mprint(struct magic_set *ms, struct magi + break; + case FILE_DER: + if (file_printf(ms, F(ms, m, "%s"), +- file_printable(sbuf, sizeof(sbuf), ms->ms_value.s)) == -1) ++ file_printable(sbuf, sizeof(sbuf), ms->ms_value.s, ++ sizeof(ms->ms_value.s))) == -1) + return -1; + t = ms->offset; + break; diff --git a/CVE-2019-18218-46a8443f.patch b/CVE-2019-18218-46a8443f.patch new file mode 100644 index 0000000..14ecbb2 --- /dev/null +++ b/CVE-2019-18218-46a8443f.patch @@ -0,0 +1,43 @@ +From 46a8443f76cec4b41ec736eca396984c74664f84 Mon Sep 17 00:00:00 2001 +From: Christos Zoulas +Date: Mon, 26 Aug 2019 14:31:39 +0000 +Subject: [PATCH] Limit the number of elements in a vector (found by oss-fuzz) + +--- + src/cdf.c | 7 +++---- + src/cdf.h | 1 + + 2 files changed, 4 insertions(+), 4 deletions(-) + +--- src/cdf.c ++++ src/cdf.c 2019-10-22 13:05:01.410441092 +0000 +@@ -955,8 +955,9 @@ cdf_read_property_info(const cdf_stream_ + goto out; + } + nelements = CDF_GETUINT32(q, 1); +- if (nelements == 0) { +- DPRINTF(("CDF_VECTOR with nelements == 0\n")); ++ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) { ++ DPRINTF(("CDF_VECTOR with nelements == %" ++ SIZE_T_FORMAT "u\n", nelements)); + goto out; + } + slen = 2; +@@ -998,8 +999,6 @@ cdf_read_property_info(const cdf_stream_ + goto out; + inp += nelem; + } +- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n", +- nelements)); + for (j = 0; j < nelements && i < sh.sh_properties; + j++, i++) + { +--- src/cdf.h ++++ src/cdf.h 2019-10-22 13:05:01.422440872 +0000 +@@ -48,6 +48,7 @@ + typedef int32_t cdf_secid_t; + + #define CDF_LOOP_LIMIT 10000 ++#define CDF_ELEMENT_LIMIT 100000 + + #define CDF_SECID_NULL 0 + #define CDF_SECID_FREE -1 diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..d52d7b2 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,5 @@ +libmagic1 + requires "file-magic = " +file-devel + requires -file- + requires "libmagic1- = " diff --git a/bsc1189996-9fbe768a.patch b/bsc1189996-9fbe768a.patch new file mode 100644 index 0000000..f955a06 --- /dev/null +++ b/bsc1189996-9fbe768a.patch @@ -0,0 +1,21 @@ +From 9fbe768a87d3c4d46058e9cd2e190320815d931a Mon Sep 17 00:00:00 2001 +From: Christos Zoulas +Date: Tue, 5 Sep 2017 20:41:59 +0000 +Subject: [PATCH] Reset to the end of the buffer if not enough lines were + found. Found by clusterfuzz. + +--- + src/softmagic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- src/softmagic.c ++++ src/softmagic.c 2021-09-07 11:47:35.241613655 +0000 +@@ -1234,7 +1234,7 @@ mcopy(struct magic_set *ms, union VALUET + b++; + } + if (lines) +- last = RCAST(const char *, s) + bytecnt; ++ last = end; + + ms->search.s = buf; + ms->search.s_len = last - buf; diff --git a/file-4.20-ssd.dif b/file-4.20-ssd.dif new file mode 100644 index 0000000..dd2fb88 --- /dev/null +++ b/file-4.20-ssd.dif @@ -0,0 +1,15 @@ +--- magic/Localstuff ++++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 +@@ -14,3 +14,12 @@ + >33 string >\0 (%s) + 2 string \000\022 TeX font metric data + >33 string >\0 (%s) ++ ++# XXX some MS Structured Storage Documents such as Adobe PageMaker[tm] ++# files interfere with the Microsoft Office Document and the SSD starting ++# sequence \320\317\021\340\241\261\032\341. Anyone who knows ++# more details about the scheme of such SSDs and can help to extend this to all ++# type of SSD, please let us know. E.g. how is the offset to the `Root Entry' ++# determined? ++512 search/531 R\0o\0o\0t\0\ \0E\0n\0t\0r\0y Structured Storage ++>&109 search/17 P\0a\0g\0e\0M\0a\0k\0e\0r PageMaker diff --git a/file-4.20-xen.dif b/file-4.20-xen.dif new file mode 100644 index 0000000..84a4b23 --- /dev/null +++ b/file-4.20-xen.dif @@ -0,0 +1,12 @@ +--- magic/Localstuff ++++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 +@@ -23,3 +23,9 @@ + # determined? + 512 search/531 R\0o\0o\0t\0\ \0E\0n\0t\0r\0y Structured Storage + >&109 search/17 P\0a\0g\0e\0M\0a\0k\0e\0r PageMaker ++ ++# File magic for Xen, the virtual machine monitor for x86 ++0 string LinuxGuestRecord Xen saved domain ++#>2 regex \(name\ [^)]*\) %s ++>20 search/256 (name (name ++>>&1 string x %s...) diff --git a/file-4.21-scribus.dif b/file-4.21-scribus.dif new file mode 100644 index 0000000..6540049 --- /dev/null +++ b/file-4.21-scribus.dif @@ -0,0 +1,10 @@ +--- magic/Localstuff ++++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 +@@ -29,3 +29,7 @@ + #>2 regex \(name\ [^)]*\) %s + >20 search/256 (name (name + >>&1 string x %s...) ++ ++# File magic for Scribus, an Open Source Desktop Publishing system ++0 string \ $@ + +-magic.${fsect}: Makefile magic.man ++#magic.${fsect}: Makefile magic.man ++magic.5: Makefile magic.man + @rm -f $@ + sed -e s@__CSECTION__@1@g \ + -e s@__FSECTION__@${fsect}@g \ +--- src/readelf.h ++++ src/readelf.h 2017-05-24 10:58:47.226494450 +0000 +@@ -34,7 +34,10 @@ + #ifndef __fake_elf_h__ + #define __fake_elf_h__ + ++#include ++ + #if HAVE_STDINT_H ++__BEGIN_DECLS + #include + #endif + +@@ -430,4 +433,5 @@ typedef struct { + #define AV_386_SSE4_1 0x00800000 + #define AV_386_SSE4_2 0x01000000 + ++__END_DECLS + #endif diff --git a/file-5.12-zip.dif b/file-5.12-zip.dif new file mode 100644 index 0000000..eea31a0 --- /dev/null +++ b/file-5.12-zip.dif @@ -0,0 +1,32 @@ +--- + magic/Magdir/archive | 19 +++++++++++++++++++ + 1 file changed, 19 insertions(+) + +--- magic/Magdir/archive ++++ magic/Magdir/archive 2016-04-18 11:37:48.369637727 +0000 +@@ -776,6 +776,25 @@ + !:mime application/zip + !:ext zip/cbz + 0 string PK\003\004 ++>30 ubelong !0x6d696d65 ++>>4 byte 0x00 Zip archive data ++!:mime application/zip ++!:ext zip/cbz ++>>4 byte 0x09 Zip archive data, at least v0.9 to extract ++!:mime application/zip ++!:ext zip/cbz ++>>4 byte 0x0a Zip archive data, at least v1.0 to extract ++!:mime application/zip ++!:ext zip/cbz ++>>4 byte 0x0b Zip archive data, at least v1.1 to extract ++!:mime application/zip ++!:ext zip/cbz ++>>0x161 string WINZIP Zip archive data, WinZIP self-extracting ++!:mime application/zip ++!:ext zip/cbz ++>>4 byte 0x14 Zip archive data, at least v2.0 to extract ++!:mime application/zip ++!:ext zip/cbz + + # Specialised zip formats which start with a member named 'mimetype' + # (stored uncompressed, with no 'extra field') containing the file's MIME type. diff --git a/file-5.14-tex.dif b/file-5.14-tex.dif new file mode 100644 index 0000000..3c98f36 --- /dev/null +++ b/file-5.14-tex.dif @@ -0,0 +1,15 @@ +--- magic/Localstuff ++++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 +@@ -5,3 +5,12 @@ + # $File: Localstuff,v 1.5 2007/01/12 17:38:27 christos Exp $ + # Add any locally observed files here. Remember: + # text if readable, executable if runnable binary, data if unreadable. ++ ++# XXX promoted from tex so that *.tfm is not mis-identified as mc68k file. ++# There is no way to detect TeX Font Metric (*.tfm) files without ++# breaking them apart and reading the data. The following patterns ++# match most *.tfm files generated by METAFONT or afm2tfm. ++2 string \000\021 TeX font metric data ++>33 string >\0 (%s) ++2 string \000\022 TeX font metric data ++>33 string >\0 (%s) diff --git a/file-5.15-clear-invalid.patch b/file-5.15-clear-invalid.patch new file mode 100644 index 0000000..b904be0 --- /dev/null +++ b/file-5.15-clear-invalid.patch @@ -0,0 +1,23 @@ +From: Andreas Stieger +Date: Sun, 29 Sep 2013 01:47:57 +0100 +Subject: [PATCH] remove clear instruction +Upstream: no +References: http://mx.gw.com/pipermail/file/2013/001227.html http://mx.gw.com/pipermail/file/2013/001225.html + +fixed build warning: +[ 205s] /usr/share/misc/magic, 5352: Warning: type `clear x' invalid + +--- + file-5.28/magic/Magdir/elf | 1 - + 1 file changed, 1 deletion(-) + +--- file-5.28/magic/Magdir/elf ++++ file-5.28/magic/Magdir/elf 2016-08-16 11:50:06.748513191 +0000 +@@ -56,7 +56,6 @@ + #>>>(0x38+0xcc) string >\0 of '%s' + #>>>(0x38+0x10) lelong >0 (signal %d), + >16 leshort &0xff00 processor-specific, +->18 clear x + >18 leshort 0 no machine, + >18 leshort 1 AT&T WE32100, + >18 leshort 2 SPARC, diff --git a/file-5.16-ocloexec.patch b/file-5.16-ocloexec.patch new file mode 100644 index 0000000..4e5971b --- /dev/null +++ b/file-5.16-ocloexec.patch @@ -0,0 +1,69 @@ +--- + src/apprentice.c | 6 +++--- + src/compress.c | 2 +- + src/file.c | 2 +- + src/magic.c | 2 +- + 4 files changed, 6 insertions(+), 6 deletions(-) + +--- src/apprentice.c ++++ src/apprentice.c 2017-09-13 10:32:02.149905845 +0000 +@@ -1146,7 +1146,7 @@ load_1(struct magic_set *ms, int action, + ssize_t len; + struct magic_entry me; + +- FILE *f = fopen(ms->file = fn, "r"); ++ FILE *f = fopen(ms->file = fn, "re"); + if (f == NULL) { + if (errno != ENOENT) + file_error(ms, errno, "cannot read magic file `%s'", +@@ -3032,7 +3032,7 @@ apprentice_map(struct magic_set *ms, con + if (dbname == NULL) + goto error; + +- if ((fd = open(dbname, O_RDONLY|O_BINARY)) == -1) ++ if ((fd = open(dbname, O_RDONLY|O_BINARY|O_CLOEXEC)) == -1) + goto error; + + if (fstat(fd, &st) == -1) { +@@ -3169,7 +3169,7 @@ apprentice_compile(struct magic_set *ms, + if (dbname == NULL) + goto out; + +- if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, 0644)) == -1) ++ if ((fd = open(dbname, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY|O_CLOEXEC, 0644)) == -1) + { + file_error(ms, errno, "cannot open `%s'", dbname); + goto out; +--- src/compress.c ++++ src/compress.c 2017-09-13 10:32:02.149905845 +0000 +@@ -394,7 +394,7 @@ file_pipe2file(struct magic_set *ms, int + #else + { + int te; +- tfd = mkstemp(buf); ++ tfd = mkostemp(buf, O_CLOEXEC); + te = errno; + (void)unlink(buf); + errno = te; +--- src/file.c ++++ src/file.c 2017-09-13 10:32:02.149905845 +0000 +@@ -471,7 +471,7 @@ unwrap(struct magic_set *ms, const char + f = stdin; + wid = 1; + } else { +- if ((f = fopen(fn, "r")) == NULL) { ++ if ((f = fopen(fn, "re")) == NULL) { + (void)fprintf(stderr, "%s: Cannot open `%s' (%s).\n", + progname, fn, strerror(errno)); + return 1; +--- src/magic.c ++++ src/magic.c 2017-09-13 10:32:02.149905845 +0000 +@@ -442,7 +442,7 @@ file_or_fd(struct magic_set *ms, const c + else + pos = lseek(fd, (off_t)0, SEEK_CUR); + } else { +- int flags = O_RDONLY|O_BINARY; ++ int flags = O_RDONLY|O_BINARY|O_CLOEXEC; + int okstat = stat(inname, &sb) == 0; + + if (okstat && S_ISFIFO(sb.st_mode)) { diff --git a/file-5.17-option.dif b/file-5.17-option.dif new file mode 100644 index 0000000..0627c86 --- /dev/null +++ b/file-5.17-option.dif @@ -0,0 +1,42 @@ +--- + src/file.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +--- src/file.c ++++ src/file.c 2016-06-01 10:13:21.169126906 +0000 +@@ -225,6 +225,8 @@ main(int argc, char *argv[]) + flags |= MAGIC_ERROR; + break; + case 'e': ++ if (!optarg) ++ usage(); + for (i = 0; i < sizeof(nv) / sizeof(nv[0]); i++) + if (strcmp(nv[i].name, optarg) == 0) + break; +@@ -236,7 +238,7 @@ main(int argc, char *argv[]) + break; + + case 'f': +- if(action) ++ if(action || !optarg) + usage(); + if (magic == NULL) + if ((magic = load(magicfile, flags)) == NULL) +@@ -246,6 +248,8 @@ main(int argc, char *argv[]) + ++didsomefiles; + break; + case 'F': ++ if (!optarg) ++ usage(); + separator = optarg; + break; + case 'i': +@@ -258,6 +262,8 @@ main(int argc, char *argv[]) + action = FILE_LIST; + break; + case 'm': ++ if (!optarg) ++ usage(); + magicfile = optarg; + break; + case 'n': diff --git a/file-5.18-javacheck.dif b/file-5.18-javacheck.dif new file mode 100644 index 0000000..5655e30 --- /dev/null +++ b/file-5.18-javacheck.dif @@ -0,0 +1,11 @@ +--- magic/Magdir/cafebabe ++++ magic/Magdir/cafebabe 2014-03-28 10:15:13.354235294 +0000 +@@ -15,7 +15,7 @@ + # might add another one or two as time goes by... + # + ### JAVA START ### +-0 belong 0xcafebabe ++0 belong 0xcafebabe Cafe Babe + >4 belong >30 compiled Java class data, + !:mime application/x-java-applet + >>6 beshort x version %d. diff --git a/file-5.19-biorad.dif b/file-5.19-biorad.dif new file mode 100644 index 0000000..4b3959c --- /dev/null +++ b/file-5.19-biorad.dif @@ -0,0 +1,15 @@ +--- + magic/Magdir/images | 2 ++ + 1 file changed, 2 insertions(+) + +--- magic/Magdir/images ++++ magic/Magdir/images 2017-09-13 10:31:09.318884599 +0000 +@@ -1021,6 +1021,8 @@ + # http://web.archive.org/web/20050317223257/www.cs.ubc.ca/spider/ladic/text/biorad.txt + # Samples: http://www.loci.wisc.edu/software/sample-data + 14 leshort <2 ++>4 leshort >0 ++>49 byte 0 + >62 leshort <2 + >>54 leshort 12345 Bio-Rad .PIC Image File + >>>0 leshort >0 %d x diff --git a/file-5.19-clicfs.dif b/file-5.19-clicfs.dif new file mode 100644 index 0000000..3f23f7d --- /dev/null +++ b/file-5.19-clicfs.dif @@ -0,0 +1,14 @@ +--- magic/Localstuff ++++ magic/Localstuff 2013-09-30 00:00:00.000000000 +0000 +@@ -53,3 +53,11 @@ + + 0 string SOLV Sat-solver solv file, + >4 belong x version %d ++ ++# coolo's clicfs ++ ++0 string/b CLIC ClicFS ++>4 byte x \b Version %c ++>5 byte x \b%c ++>6 long >0 ++>>6 pstring/l >0 \b, Target "%s" diff --git a/file-5.19-cromfs.dif b/file-5.19-cromfs.dif new file mode 100644 index 0000000..ceef33c --- /dev/null +++ b/file-5.19-cromfs.dif @@ -0,0 +1,19 @@ +--- magic/Localstuff ++++ magic/Localstuff 2014-06-25 08:49:53.486735323 +0000 +@@ -36,3 +36,16 @@ + + # File magic for X11 cursor data files + 0 string Xcur\020\000 X11 cursor data ++ ++# File magic for CROM File System ++ ++0 string CROMFS CROMFS ++>6 string >\0 \b version %2.2s, ++>8 ulequad >0 \b block data at %lld, ++>16 ulequad >0 \b fblock table at %lld, ++>24 ulequad >0 \b inode table at %lld, ++>32 ulequad >0 \b root at %lld, ++>40 ulelong >0 \b fblock size = %d, ++>44 ulelong >0 \b block size = %d, ++>48 ulequad >0 \b bytes = %lld ++ diff --git a/file-5.19-misc.dif b/file-5.19-misc.dif new file mode 100644 index 0000000..086f129 --- /dev/null +++ b/file-5.19-misc.dif @@ -0,0 +1,11 @@ +--- magic/Magdir/audio ++++ magic/Magdir/audio 2013-09-30 00:00:00.000000000 +0000 +@@ -129,7 +129,7 @@ + # Oct 31, 1995 + # fixed by 2003-06-24 + # Too short... +-#0 string MTM MultiTracker Module sound file ++#0 string MTM MultiTracker Module sound data + #0 string if Composer 669 Module sound data + #0 string JN Composer 669 Module sound data (extended format) + 0 string MAS_U ULT(imate) Module sound data diff --git a/file-5.19-printf.dif b/file-5.19-printf.dif new file mode 100644 index 0000000..d6ee8c4 --- /dev/null +++ b/file-5.19-printf.dif @@ -0,0 +1,19 @@ +--- + src/apprentice.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- src/apprentice.c ++++ src/apprentice.c 2017-09-13 10:30:42.203386956 +0000 +@@ -2400,6 +2400,12 @@ check_format_type(const char *ptr, int t + ptr++; + if (*ptr == '#') + ptr++; ++ if (*ptr == ' ') ++ ptr++; ++ if (*ptr == '+') ++ ptr++; ++ if (*ptr == '\'') ++ ptr++; + #define CHECKLEN() do { \ + for (len = cnt = 0; isdigit((unsigned char)*ptr); ptr++, cnt++) \ + len = len * 10 + (*ptr - '0'); \ diff --git a/file-5.19-solv.dif b/file-5.19-solv.dif new file mode 100644 index 0000000..1c33db7 --- /dev/null +++ b/file-5.19-solv.dif @@ -0,0 +1,10 @@ +--- magic/Localstuff ++++ magic/Localstuff 2014-06-25 08:53:43.110735387 +0000 +@@ -49,3 +49,7 @@ + >44 ulelong >0 \b block size = %d, + >48 ulequad >0 \b bytes = %lld + ++# libsatsolver solv file ++ ++0 string SOLV Sat-solver solv file, ++>4 belong x version %d diff --git a/file-5.19-zip2.0.dif b/file-5.19-zip2.0.dif new file mode 100644 index 0000000..8a49f25 --- /dev/null +++ b/file-5.19-zip2.0.dif @@ -0,0 +1,18 @@ +--- + magic/Magdir/archive | 5 +++++ + 1 file changed, 5 insertions(+) + +--- magic/Magdir/archive ++++ magic/Magdir/archive 2016-04-18 11:39:51.791354756 +0000 +@@ -770,6 +770,11 @@ + 0 string PK\x07\x08PK\x03\x04 Zip multi-volume archive data, at least PKZIP v2.50 to extract + !:mime application/zip + !:ext zip/cbz ++>30 ubelong 0x6d696d65 Zip archive data, at least v2.0 to extract ++>>34 ubelong 0x74797065 \b, mime type ++>>>38 regex application/[a-z+-]+ \b %s ++!:mime application/unknown+zip ++!:ext zip/cbz + + # Zip archives (Greg Roelofs, c/o zip-bugs@wkuvx1.wku.edu) + 0 string PK\005\006 Zip archive data (empty) diff --git a/file-5.22-elf.dif b/file-5.22-elf.dif new file mode 100644 index 0000000..8715618 --- /dev/null +++ b/file-5.22-elf.dif @@ -0,0 +1,26 @@ +--- + src/readelf.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +--- src/readelf.c ++++ src/readelf.c 2016-11-24 09:07:31.806925998 +0000 +@@ -742,7 +742,7 @@ do_core_note(struct magic_set *ms, unsig + + default: + if (type == NT_PRPSINFO && *flags & FLAGS_IS_CORE) { +- size_t i, j; ++ size_t i, j, m = 0; + unsigned char c; + /* + * Extract the program name. We assume +@@ -754,7 +754,9 @@ do_core_note(struct magic_set *ms, unsig + * If the characters aren't all printable, + * reject it. + */ +- for (i = 0; i < NOFFSETS; i++) { ++ if (os_style == OS_STYLE_SVR4) ++ m = 1; ++ for (i = m; i < NOFFSETS; i++) { + unsigned char *cname, *cp; + size_t reloffset = prpsoffsets(i); + size_t noffset = doff + reloffset; diff --git a/file-5.23-endian.patch b/file-5.23-endian.patch new file mode 100644 index 0000000..e94c75c --- /dev/null +++ b/file-5.23-endian.patch @@ -0,0 +1,167 @@ +--- + src/apprentice.c | 70 ++++--------------------------------------------------- + src/cdf.c | 53 +++-------------------------------------- + 2 files changed, 10 insertions(+), 113 deletions(-) + +--- src/apprentice.c ++++ src/apprentice.c 2017-09-13 10:32:39.981204996 +0000 +@@ -54,6 +54,7 @@ FILE_RCSID("@(#)$File: apprentice.c,v 1. + #if defined(HAVE_LIMITS_H) + #include + #endif ++#include + + #ifndef SSIZE_MAX + #define MAXMAGIC_SIZE ((ssize_t)0x7fffffff) +@@ -132,9 +133,11 @@ private struct mlist *mlist_alloc(void); + private void mlist_free(struct mlist *); + private void byteswap(struct magic *, uint32_t); + private void bs1(struct magic *); +-private uint16_t swap2(uint16_t); +-private uint32_t swap4(uint32_t); +-private uint64_t swap8(uint64_t); ++ ++#define swap2(x) bswap_16(x) ++#define swap4(x) bswap_32(x) ++#define swap8(x) bswap_64(x) ++ + private char *mkdbname(struct magic_set *, const char *, int); + private struct magic_map *apprentice_buf(struct magic_set *, struct magic *, + size_t); +@@ -3260,67 +3263,6 @@ byteswap(struct magic *magic, uint32_t n + } + + /* +- * swap a short +- */ +-private uint16_t +-swap2(uint16_t sv) +-{ +- uint16_t rv; +- uint8_t *s = (uint8_t *)(void *)&sv; +- uint8_t *d = (uint8_t *)(void *)&rv; +- d[0] = s[1]; +- d[1] = s[0]; +- return rv; +-} +- +-/* +- * swap an int +- */ +-private uint32_t +-swap4(uint32_t sv) +-{ +- uint32_t rv; +- uint8_t *s = (uint8_t *)(void *)&sv; +- uint8_t *d = (uint8_t *)(void *)&rv; +- d[0] = s[3]; +- d[1] = s[2]; +- d[2] = s[1]; +- d[3] = s[0]; +- return rv; +-} +- +-/* +- * swap a quad +- */ +-private uint64_t +-swap8(uint64_t sv) +-{ +- uint64_t rv; +- uint8_t *s = (uint8_t *)(void *)&sv; +- uint8_t *d = (uint8_t *)(void *)&rv; +-#if 0 +- d[0] = s[3]; +- d[1] = s[2]; +- d[2] = s[1]; +- d[3] = s[0]; +- d[4] = s[7]; +- d[5] = s[6]; +- d[6] = s[5]; +- d[7] = s[4]; +-#else +- d[0] = s[7]; +- d[1] = s[6]; +- d[2] = s[5]; +- d[3] = s[4]; +- d[4] = s[3]; +- d[5] = s[2]; +- d[6] = s[1]; +- d[7] = s[0]; +-#endif +- return rv; +-} +- +-/* + * byteswap a single magic entry + */ + private void +--- src/cdf.c ++++ src/cdf.c 2017-09-13 10:32:39.981204996 +0000 +@@ -50,6 +50,7 @@ FILE_RCSID("@(#)$File: cdf.c,v 1.106 201 + #ifdef HAVE_LIMITS_H + #include + #endif ++#include + + #ifndef EFTYPE + #define EFTYPE EINVAL +@@ -109,55 +110,9 @@ cdf_calloc(const char *file __attribute_ + return calloc(n, u); + } + +-/* +- * swap a short +- */ +-static uint16_t +-_cdf_tole2(uint16_t sv) +-{ +- uint16_t rv; +- uint8_t *s = (uint8_t *)(void *)&sv; +- uint8_t *d = (uint8_t *)(void *)&rv; +- d[0] = s[1]; +- d[1] = s[0]; +- return rv; +-} +- +-/* +- * swap an int +- */ +-static uint32_t +-_cdf_tole4(uint32_t sv) +-{ +- uint32_t rv; +- uint8_t *s = (uint8_t *)(void *)&sv; +- uint8_t *d = (uint8_t *)(void *)&rv; +- d[0] = s[3]; +- d[1] = s[2]; +- d[2] = s[1]; +- d[3] = s[0]; +- return rv; +-} +- +-/* +- * swap a quad +- */ +-static uint64_t +-_cdf_tole8(uint64_t sv) +-{ +- uint64_t rv; +- uint8_t *s = (uint8_t *)(void *)&sv; +- uint8_t *d = (uint8_t *)(void *)&rv; +- d[0] = s[7]; +- d[1] = s[6]; +- d[2] = s[5]; +- d[3] = s[4]; +- d[4] = s[3]; +- d[5] = s[2]; +- d[6] = s[1]; +- d[7] = s[0]; +- return rv; +-} ++#define _cdf_tole2(x) bswap_16(x) ++#define _cdf_tole4(x) bswap_32(x) ++#define _cdf_tole8(x) bswap_64(x) + + /* + * grab a uint32_t from a possibly unaligned address, and return it in diff --git a/file-5.28-btrfs-image.dif b/file-5.28-btrfs-image.dif new file mode 100644 index 0000000..ba4986a --- /dev/null +++ b/file-5.28-btrfs-image.dif @@ -0,0 +1,62 @@ +From 27ec95a88943d858433a492940c694bac4bc54d0 Mon Sep 17 00:00:00 2001 +From: Jeff Mahoney +Date: Thu, 20 Oct 2016 11:29:21 -0400 +Subject: [PATCH] Add BTRFS Filesystem Metadata Image +Patch-mainline: Submitted to file@mx.gw.com, 20 Oct 2016 + +The btrfs-image in its uncompressed form contains a directly usable +superblock. Rather than duplicate the superblock printer, split +that out and use it with both the on-disk superblock and the ones +contained within the image. + + + + + +diff --git a/magic/Magdir/filesystems b/magic/Magdir/filesystems +--- a/magic/Magdir/filesystems ++++ b/magic/Magdir/filesystems +@@ -2245,20 +2245,29 @@ + >>0x10060 string >\0 lockproto %s) + + # Russell Coker +-0x10040 string _BHRfS_M BTRFS Filesystem +->0x1012b string >\0 label "%s", +->0x10090 lelong x sectorsize %d, +->0x10094 lelong x nodesize %d, +->0x10098 lelong x leafsize %d, +->0x10020 belong x UUID=%08x- +->0x10024 beshort x \b%04x- +->0x10026 beshort x \b%04x- +->0x10028 beshort x \b%04x- +->0x1002a beshort x \b%04x +->0x1002c belong x \b%08x, +->0x10078 lequad x %lld/ +->0x10070 lequad x \b%lld bytes used, +->0x10088 lequad x %lld devices ++0x10040 string _BHRfS_M ++>0x10000 use btrfs_super_block ++0 name btrfs_super_block ++>0x40 string _BHRfS_M BTRFS Filesystem ++>0x12b string >\0 label "%s", ++>0x90 lelong x sectorsize %d, ++>0x94 lelong x nodesize %d, ++>0x98 lelong x leafsize %d, ++>0x20 belong x UUID=%08x- ++>0x24 beshort x \b%04x- ++>0x26 beshort x \b%04x- ++>0x28 beshort x \b%04x- ++>0x2a beshort x \b%04x ++>0x2c belong x \b%08x, ++>0x78 lequad x %lld/ ++>0x70 lequad x \b%lld bytes used, ++>0x88 lequad x %lld devices ++ ++0 lequad 0xbd5c25e27295668b BTRFS Filesystem Metadata Image ++>20 byte 1 \b, zlib compressed ++>20 byte 0 \b, uncompressed ++>>0x440 string _BHRfS_M \b, contains ++>>>0x400 use btrfs_super_block + + # dvdisaster's .ecc + # From: "Nelson A. de Oliveira" diff --git a/file-5.32-ncurses-6.1.patch b/file-5.32-ncurses-6.1.patch new file mode 100644 index 0000000..ef5aab7 --- /dev/null +++ b/file-5.32-ncurses-6.1.patch @@ -0,0 +1,24 @@ +--- + magic/Magdir/terminfo | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +--- magic/Magdir/terminfo ++++ magic/Magdir/terminfo 2018-01-22 10:32:38.596762352 +0000 +@@ -19,6 +19,17 @@ + # no extension + #!:ext + # ++#------------------------------------------------------------------------------ ++# The following was added for ncurses6 development: ++#------------------------------------------------------------------------------ ++# ++0 string \036\002 ++# imitate the legacy compiled-format, to get the entry-name printed ++>16 ubyte >32 ++# namelist, if more than 1 separated by "|" like "st|stterm| simpleterm 0.4.1" ++>>12 regex \^[a-zA-Z0-9][a-zA-Z0-9.][^|]* Compiled 32-bit terminfo entry "%-s" ++!:mime application/x-terminfo2 ++# + # While the compiled terminfo uses little-endian format irregardless of + # platform, SystemV screen dumps do not. They came later, and that detail was + # overlooked. diff --git a/file-5.32.dif b/file-5.32.dif new file mode 100644 index 0000000..230faea --- /dev/null +++ b/file-5.32.dif @@ -0,0 +1,590 @@ +--- + magic/Magdir/elf | 2 + magic/Magdir/linux | 36 +++++---- + magic/Magdir/msad | 5 + + magic/Magdir/msdos | 6 - + magic/Makefile.am | 61 +++++++++------ + magic/Makefile.in | 60 +++++++++------ + src/Makefile.am | 2 + src/dcore.c | 207 +++++++++++++++++++++++++++++++++++++++++++++++++++++ + 8 files changed, 312 insertions(+), 67 deletions(-) + +--- magic/Magdir/elf ++++ magic/Magdir/elf 2017-09-13 10:34:21.207329793 +0000 +@@ -128,7 +128,7 @@ + >18 leshort 47 Renesas H8/300H, + >18 leshort 48 Renesas H8S, + >18 leshort 49 Renesas H8/500, +->18 leshort 50 IA-64, ++>18 leshort 50 IA-64 (Intel 64 bit architecture), + >18 leshort 51 Stanford MIPS-X, + >18 leshort 52 Motorola Coldfire, + >18 leshort 53 Motorola M68HC12, +--- magic/Magdir/linux ++++ magic/Magdir/linux 2017-09-13 10:34:21.207329793 +0000 +@@ -101,23 +101,27 @@ + # and Nicolas Lichtmaier + # All known start with: b8 c0 07 8e d8 b8 00 90 8e c0 b9 00 01 29 f6 29 + # Linux kernel boot images (i386 arch) (Wolfram Kleff) +-514 string HdrS Linux kernel ++514 string HdrS Linux + !:strength + 55 +->510 leshort 0xAA55 x86 boot executable +->>518 leshort >0x1ff +->>>529 byte 0 zImage, +->>>529 byte 1 bzImage, +->>>526 lelong >0 +->>>>(526.s+0x200) string >\0 version %s, +->>498 leshort 1 RO-rootFS, +->>498 leshort 0 RW-rootFS, +->>508 leshort >0 root_dev 0x%X, +->>502 leshort >0 swap_dev 0x%X, +->>504 leshort >0 RAMdisksize %u KB, +->>506 leshort 0xFFFF Normal VGA +->>506 leshort 0xFFFE Extended VGA +->>506 leshort 0xFFFD Prompt for Videomode +->>506 leshort >0 Video mode %d ++>510 leshort 0xAA55 \b/x86 Kernel ++>510 leshort <0xAA55 Kernel ++>510 leshort >0xAA55 Kernel ++>518 leshort 0x0105 \b, Setup Version 0x105, zImage ++>518 leshort >0x0105 \b, Setup Version %#x ++>518 leshort >0x1ff ++>>529 byte 0 \b, zImage ++>>529 byte 1 \b, bzImage ++>>526 lelong >0 ++>>>(526.s+0x200) string >\0 \b, Version %s ++>>498 leshort 1 \b, RO-rootFS ++>>498 leshort 0 \b, RW-rootFS ++>>508 leshort >0 \b, root_dev 0x%X ++>>502 leshort >0 \b, swap_dev 0x%X ++>>504 leshort >0 \b, RAMdisksize %u KB ++>>506 leshort 0xFFFF \b, Normal VGA ++>>506 leshort 0xFFFE \b, Extended VGA ++>>506 leshort 0xFFFD \b, Prompt for Videomode ++>>506 leshort >0 \b, Video mode %d + # This also matches new kernels, which were caught above by "HdrS". + 0 belong 0xb8c0078e Linux kernel + >0x1e3 string Loading version 1.3.79 or older +--- magic/Magdir/msad ++++ magic/Magdir/msad 2017-09-13 10:34:21.207329793 +0000 +@@ -0,0 +1,5 @@ ++#------------------------------------------------------------------------------ ++# msad: file(1) magic for msad ++# Microsoft visual C ++# This must precede the heuristic for raw G3 data ++4 string Standard\ Jet\ DB Microsoft Access Database +--- magic/Magdir/msdos ++++ magic/Magdir/msdos 2017-09-13 10:34:21.211329718 +0000 +@@ -104,9 +104,9 @@ + >>>(0x3c.l+22) leshort&0x0200 >0 (stripped to external PDB) + >>>(0x3c.l+22) leshort&0x1000 >0 system file + >>>(0x3c.l+24) leshort 0x010b +->>>>(0x3c.l+232) lelong >0 Mono/.Net assembly ++>>>>(0x3c.l+232) lelong >0 \b, Mono/.Net assembly + >>>(0x3c.l+24) leshort 0x020b +->>>>(0x3c.l+248) lelong >0 Mono/.Net assembly ++>>>>(0x3c.l+248) lelong >0 \b, Mono/.Net assembly + + # hooray, there's a DOS extender using the PE format, with a valid PE + # executable inside (which just prints a message and exits if run in win) +@@ -473,7 +473,7 @@ + # negative offset, must not lead into PSP + >1 short <-259 + # that offset must be accessible +->>(1,s+65539) byte x ++>>(1.s+65539) byte x + >>>0 use msdos-com + + # updated by Joerg Jenderek at Oct 2008,2015 +--- magic/Makefile.am ++++ magic/Makefile.am 2017-09-13 10:34:21.211329718 +0000 +@@ -5,7 +5,7 @@ MAGIC_FRAGMENT_BASE = Magdir + MAGIC_DIR = $(top_srcdir)/magic + MAGIC_FRAGMENT_DIR = $(MAGIC_DIR)/$(MAGIC_FRAGMENT_BASE) + +-pkgdata_DATA = magic.mgc ++pkgdata_DATA = magic.mgc magic + + EXTRA_DIST = \ + $(MAGIC_DIR)/Header \ +@@ -23,7 +23,6 @@ $(MAGIC_FRAGMENT_DIR)/animation \ + $(MAGIC_FRAGMENT_DIR)/aout \ + $(MAGIC_FRAGMENT_DIR)/apache \ + $(MAGIC_FRAGMENT_DIR)/apl \ +-$(MAGIC_FRAGMENT_DIR)/apple \ + $(MAGIC_FRAGMENT_DIR)/application \ + $(MAGIC_FRAGMENT_DIR)/applix \ + $(MAGIC_FRAGMENT_DIR)/apt \ +@@ -87,7 +86,6 @@ $(MAGIC_FRAGMENT_DIR)/epoc \ + $(MAGIC_FRAGMENT_DIR)/erlang \ + $(MAGIC_FRAGMENT_DIR)/esri \ + $(MAGIC_FRAGMENT_DIR)/fcs \ +-$(MAGIC_FRAGMENT_DIR)/filesystems \ + $(MAGIC_FRAGMENT_DIR)/finger \ + $(MAGIC_FRAGMENT_DIR)/flash \ + $(MAGIC_FRAGMENT_DIR)/flif \ +@@ -129,6 +127,8 @@ $(MAGIC_FRAGMENT_DIR)/isz \ + $(MAGIC_FRAGMENT_DIR)/java \ + $(MAGIC_FRAGMENT_DIR)/javascript \ + $(MAGIC_FRAGMENT_DIR)/jpeg \ ++$(MAGIC_FRAGMENT_DIR)/linux \ ++$(MAGIC_FRAGMENT_DIR)/filesystems \ + $(MAGIC_FRAGMENT_DIR)/karma \ + $(MAGIC_FRAGMENT_DIR)/kde \ + $(MAGIC_FRAGMENT_DIR)/keepass \ +@@ -137,7 +137,6 @@ $(MAGIC_FRAGMENT_DIR)/kml \ + $(MAGIC_FRAGMENT_DIR)/lecter \ + $(MAGIC_FRAGMENT_DIR)/lex \ + $(MAGIC_FRAGMENT_DIR)/lif \ +-$(MAGIC_FRAGMENT_DIR)/linux \ + $(MAGIC_FRAGMENT_DIR)/lisp \ + $(MAGIC_FRAGMENT_DIR)/llvm \ + $(MAGIC_FRAGMENT_DIR)/lua \ +@@ -145,7 +144,6 @@ $(MAGIC_FRAGMENT_DIR)/luks \ + $(MAGIC_FRAGMENT_DIR)/m4 \ + $(MAGIC_FRAGMENT_DIR)/mach \ + $(MAGIC_FRAGMENT_DIR)/macos \ +-$(MAGIC_FRAGMENT_DIR)/macintosh \ + $(MAGIC_FRAGMENT_DIR)/magic \ + $(MAGIC_FRAGMENT_DIR)/mail.news \ + $(MAGIC_FRAGMENT_DIR)/make \ +@@ -167,10 +165,10 @@ $(MAGIC_FRAGMENT_DIR)/misctools \ + $(MAGIC_FRAGMENT_DIR)/mkid \ + $(MAGIC_FRAGMENT_DIR)/mlssa \ + $(MAGIC_FRAGMENT_DIR)/mmdf \ +-$(MAGIC_FRAGMENT_DIR)/modem \ + $(MAGIC_FRAGMENT_DIR)/motorola \ + $(MAGIC_FRAGMENT_DIR)/mozilla \ + $(MAGIC_FRAGMENT_DIR)/msdos \ ++$(MAGIC_FRAGMENT_DIR)/modem \ + $(MAGIC_FRAGMENT_DIR)/msooxml \ + $(MAGIC_FRAGMENT_DIR)/msx \ + $(MAGIC_FRAGMENT_DIR)/msvc \ +@@ -222,6 +220,8 @@ $(MAGIC_FRAGMENT_DIR)/python \ + $(MAGIC_FRAGMENT_DIR)/qt \ + $(MAGIC_FRAGMENT_DIR)/revision \ + $(MAGIC_FRAGMENT_DIR)/riff \ ++$(MAGIC_FRAGMENT_DIR)/apple \ ++$(MAGIC_FRAGMENT_DIR)/macintosh \ + $(MAGIC_FRAGMENT_DIR)/rpm \ + $(MAGIC_FRAGMENT_DIR)/rtf \ + $(MAGIC_FRAGMENT_DIR)/ruby \ +@@ -295,8 +295,20 @@ $(MAGIC_FRAGMENT_DIR)/zfs \ + $(MAGIC_FRAGMENT_DIR)/zilog \ + $(MAGIC_FRAGMENT_DIR)/zyxel + ++RAW = magic + MAGIC = magic.mgc +-CLEANFILES = ${MAGIC} $(MAGIC_FRAGMENT_DIR)/Localstuff ++CLEANFILES = ${MAGIC} $(MAGIC_DIR)/Localstuff ${RAW} ++ ++${RAW}: $(MAGIC_DIR)/Header $(MAGIC_DIR)/Localstuff $(EXTRA_DIST) ++ cat /dev/null > $@ ++ for frag in $(EXTRA_DIST); do \ ++ if test -f $(srcdir)/$$frag; then \ ++ f=$(srcdir)/$$frag; \ ++ else \ ++ f=$$frag; \ ++ fi; \ ++ cat $$f; \ ++ done >> $@ + + # FIXME: Build file natively as well so that it can be used to compile + # the target's magic file; for now we bail if the local version does not match +@@ -308,19 +320,22 @@ FILE_COMPILE = $(top_builddir)/src/file$ + FILE_COMPILE_DEP = $(FILE_COMPILE) + endif + +-${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) +- @rm -fr magic +- @mkdir magic && cp -p $(EXTRA_DIST) magic +- @(if expr "${FILE_COMPILE}" : '.*/.*' > /dev/null; then \ +- echo "Using ${FILE_COMPILE} to generate ${MAGIC}" > /dev/null; \ +- else \ +- v=$$(${FILE_COMPILE} --version | sed -e s/file-// -e q); \ +- if [ "$$v" != "${PACKAGE_VERSION}" ]; then \ +- echo "Cannot use the installed version of file ($$v) to"; \ +- echo "cross-compile file ${PACKAGE_VERSION}"; \ +- echo "Please install file ${PACKAGE_VERSION} locally first"; \ +- exit 1; \ +- fi; \ +- fi) +- $(FILE_COMPILE) -C -m magic +- @rm -fr magic ++${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) $(RAW) ++ $(FILE_COMPILE) -C -m $(RAW) ++ ++#${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) ++# @rm -fr magic ++# @mkdir magic && cp -p $(EXTRA_DIST) magic ++# @(if expr "${FILE_COMPILE}" : '.*/.*' > /dev/null; then \ ++# echo "Using ${FILE_COMPILE} to generate ${MAGIC}" > /dev/null; \ ++# else \ ++# v=$$(${FILE_COMPILE} --version | sed -e s/file-// -e q); \ ++# if [ "$$v" != "${PACKAGE_VERSION}" ]; then \ ++# echo "Cannot use the installed version of file ($$v) to"; \ ++# echo "cross-compile file ${PACKAGE_VERSION}"; \ ++# echo "Please install file ${PACKAGE_VERSION} locally first"; \ ++# exit 1; \ ++# fi; \ ++# fi) ++# $(FILE_COMPILE) -C -m magic ++# @rm -fr magic +--- magic/Makefile.in ++++ magic/Makefile.in 2017-09-13 10:34:21.211329718 +0000 +@@ -278,7 +278,7 @@ top_srcdir = @top_srcdir@ + MAGIC_FRAGMENT_BASE = Magdir + MAGIC_DIR = $(top_srcdir)/magic + MAGIC_FRAGMENT_DIR = $(MAGIC_DIR)/$(MAGIC_FRAGMENT_BASE) +-pkgdata_DATA = magic.mgc ++pkgdata_DATA = magic.mgc magic + EXTRA_DIST = \ + $(MAGIC_DIR)/Header \ + $(MAGIC_DIR)/Localstuff \ +@@ -295,7 +295,6 @@ $(MAGIC_FRAGMENT_DIR)/animation \ + $(MAGIC_FRAGMENT_DIR)/aout \ + $(MAGIC_FRAGMENT_DIR)/apache \ + $(MAGIC_FRAGMENT_DIR)/apl \ +-$(MAGIC_FRAGMENT_DIR)/apple \ + $(MAGIC_FRAGMENT_DIR)/application \ + $(MAGIC_FRAGMENT_DIR)/applix \ + $(MAGIC_FRAGMENT_DIR)/apt \ +@@ -359,7 +358,6 @@ $(MAGIC_FRAGMENT_DIR)/epoc \ + $(MAGIC_FRAGMENT_DIR)/erlang \ + $(MAGIC_FRAGMENT_DIR)/esri \ + $(MAGIC_FRAGMENT_DIR)/fcs \ +-$(MAGIC_FRAGMENT_DIR)/filesystems \ + $(MAGIC_FRAGMENT_DIR)/finger \ + $(MAGIC_FRAGMENT_DIR)/flash \ + $(MAGIC_FRAGMENT_DIR)/flif \ +@@ -401,6 +399,8 @@ $(MAGIC_FRAGMENT_DIR)/isz \ + $(MAGIC_FRAGMENT_DIR)/java \ + $(MAGIC_FRAGMENT_DIR)/javascript \ + $(MAGIC_FRAGMENT_DIR)/jpeg \ ++$(MAGIC_FRAGMENT_DIR)/linux \ ++$(MAGIC_FRAGMENT_DIR)/filesystems \ + $(MAGIC_FRAGMENT_DIR)/karma \ + $(MAGIC_FRAGMENT_DIR)/kde \ + $(MAGIC_FRAGMENT_DIR)/keepass \ +@@ -409,7 +409,6 @@ $(MAGIC_FRAGMENT_DIR)/kml \ + $(MAGIC_FRAGMENT_DIR)/lecter \ + $(MAGIC_FRAGMENT_DIR)/lex \ + $(MAGIC_FRAGMENT_DIR)/lif \ +-$(MAGIC_FRAGMENT_DIR)/linux \ + $(MAGIC_FRAGMENT_DIR)/lisp \ + $(MAGIC_FRAGMENT_DIR)/llvm \ + $(MAGIC_FRAGMENT_DIR)/lua \ +@@ -417,7 +416,6 @@ $(MAGIC_FRAGMENT_DIR)/luks \ + $(MAGIC_FRAGMENT_DIR)/m4 \ + $(MAGIC_FRAGMENT_DIR)/mach \ + $(MAGIC_FRAGMENT_DIR)/macos \ +-$(MAGIC_FRAGMENT_DIR)/macintosh \ + $(MAGIC_FRAGMENT_DIR)/magic \ + $(MAGIC_FRAGMENT_DIR)/mail.news \ + $(MAGIC_FRAGMENT_DIR)/make \ +@@ -439,10 +437,10 @@ $(MAGIC_FRAGMENT_DIR)/misctools \ + $(MAGIC_FRAGMENT_DIR)/mkid \ + $(MAGIC_FRAGMENT_DIR)/mlssa \ + $(MAGIC_FRAGMENT_DIR)/mmdf \ +-$(MAGIC_FRAGMENT_DIR)/modem \ + $(MAGIC_FRAGMENT_DIR)/motorola \ + $(MAGIC_FRAGMENT_DIR)/mozilla \ + $(MAGIC_FRAGMENT_DIR)/msdos \ ++$(MAGIC_FRAGMENT_DIR)/modem \ + $(MAGIC_FRAGMENT_DIR)/msooxml \ + $(MAGIC_FRAGMENT_DIR)/msx \ + $(MAGIC_FRAGMENT_DIR)/msvc \ +@@ -494,6 +492,8 @@ $(MAGIC_FRAGMENT_DIR)/python \ + $(MAGIC_FRAGMENT_DIR)/qt \ + $(MAGIC_FRAGMENT_DIR)/revision \ + $(MAGIC_FRAGMENT_DIR)/riff \ ++$(MAGIC_FRAGMENT_DIR)/apple \ ++$(MAGIC_FRAGMENT_DIR)/macintosh \ + $(MAGIC_FRAGMENT_DIR)/rpm \ + $(MAGIC_FRAGMENT_DIR)/rtf \ + $(MAGIC_FRAGMENT_DIR)/ruby \ +@@ -567,10 +567,22 @@ $(MAGIC_FRAGMENT_DIR)/zfs \ + $(MAGIC_FRAGMENT_DIR)/zilog \ + $(MAGIC_FRAGMENT_DIR)/zyxel + ++RAW = magic + MAGIC = magic.mgc +-CLEANFILES = ${MAGIC} $(MAGIC_FRAGMENT_DIR)/Localstuff ++CLEANFILES = ${MAGIC} $(MAGIC_FRAGMENT_DIR)/Localstuff ${RAW} + @IS_CROSS_COMPILE_FALSE@FILE_COMPILE = $(top_builddir)/src/file${EXEEXT} + ++${RAW}: $(MAGIC_DIR)/Header $(MAGIC_DIR)/Localstuff $(EXTRA_DIST) ++ cat /dev/null > $@ ++ for frag in $(EXTRA_DIST); do \ ++ if test -f $(srcdir)/$$frag; then \ ++ f=$(srcdir)/$$frag; \ ++ else \ ++ f=$$frag; \ ++ fi; \ ++ cat $$f; \ ++ done >> $@ ++ + # FIXME: Build file natively as well so that it can be used to compile + # the target's magic file; for now we bail if the local version does not match + @IS_CROSS_COMPILE_TRUE@FILE_COMPILE = file${EXEEXT} +@@ -792,23 +804,25 @@ uninstall-am: uninstall-pkgdataDATA + + .PRECIOUS: Makefile + ++${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) $(RAW) ++ $(FILE_COMPILE) -C -m $(RAW) + +-${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) +- @rm -fr magic +- @mkdir magic && cp -p $(EXTRA_DIST) magic +- @(if expr "${FILE_COMPILE}" : '.*/.*' > /dev/null; then \ +- echo "Using ${FILE_COMPILE} to generate ${MAGIC}" > /dev/null; \ +- else \ +- v=$$(${FILE_COMPILE} --version | sed -e s/file-// -e q); \ +- if [ "$$v" != "${PACKAGE_VERSION}" ]; then \ +- echo "Cannot use the installed version of file ($$v) to"; \ +- echo "cross-compile file ${PACKAGE_VERSION}"; \ +- echo "Please install file ${PACKAGE_VERSION} locally first"; \ +- exit 1; \ +- fi; \ +- fi) +- $(FILE_COMPILE) -C -m magic +- @rm -fr magic ++#${MAGIC}: $(EXTRA_DIST) $(FILE_COMPILE_DEP) ++# @rm -fr magic ++# @mkdir magic && cp -p $(EXTRA_DIST) magic ++# @(if expr "${FILE_COMPILE}" : '.*/.*' > /dev/null; then \ ++# echo "Using ${FILE_COMPILE} to generate ${MAGIC}" > /dev/null; \ ++# else \ ++# v=$$(${FILE_COMPILE} --version | sed -e s/file-// -e q); \ ++# if [ "$$v" != "${PACKAGE_VERSION}" ]; then \ ++# echo "Cannot use the installed version of file ($$v) to"; \ ++# echo "cross-compile file ${PACKAGE_VERSION}"; \ ++# echo "Please install file ${PACKAGE_VERSION} locally first"; \ ++# exit 1; \ ++# fi; \ ++# fi) ++# $(FILE_COMPILE) -C -m magic ++# @rm -fr magic + + # Tell versions [3.59,3.63) of GNU make to not export all variables. + # Otherwise a system limit (for SysV at least) may be exceeded. +--- src/Makefile.am ++++ src/Makefile.am 2017-09-13 10:34:21.227329422 +0000 +@@ -1,4 +1,4 @@ +-MAGIC = $(pkgdatadir)/magic ++MAGIC = $(sysconfdir)/magic:$(pkgdatadir)/magic + lib_LTLIBRARIES = libmagic.la + nodist_include_HEADERS = magic.h + +--- src/dcore.c ++++ src/dcore.c 2017-09-13 10:34:21.227329422 +0000 +@@ -0,0 +1,207 @@ ++/* ++ * Show goo about ELF core files ++ * Jeremy Fitzhardinge 1996 ++ */ ++#include ++#include ++#include ++#include ++#include ++#include ++#if defined __GLIBC__ && __GLIBC__ >= 2 ++#include ++#include ++# ifndef NT_PRFPREG ++# define NT_PRFPREG 2 ++# endif ++# ifndef NT_TASKSTRUCT ++# define NT_TASKSTRUCT 4 ++# endif ++#else ++#include ++#include ++#endif ++ ++static void fperror(const char *str) ++{ ++ perror(str); ++ exit(1); ++} ++ ++static size_t myread(int fd, void *buf, size_t sz) ++{ ++ size_t ret; ++ ++ if ((ret = read(fd, buf, sz)) != sz) ++ fperror("read failed"); ++ return ret; ++} ++ ++static void print_prstatus(const prstatus_t *pr) ++{ ++ unsigned i; ++ static const char *regs[] = { "ebx", "ecx", "edx", "esi", "edi", "ebp", ++ "eax", "ds", "es", "fs", "gs", ++ "orig_eax", "eip", "cs", ++ "efl", "uesp", "ss"}; ++ ++ printf(" pid=%d ppid=%d pgrp=%d sid=%d\n", ++ pr->pr_pid, pr->pr_ppid, pr->pr_pgrp, pr->pr_sid); ++ for(i = 0; i < NGREG; i++) ++ { ++ unsigned long val = pr->pr_reg[i]; ++ printf(" %-2u %-5s=%08lx %lu\n", i, regs[i], val, val); ++ } ++} ++ ++static void print_prpsinfo(const prpsinfo_t *ps) ++{ ++ printf(" uid=%d gid=%d\n", ps->pr_uid, ps->pr_gid); ++ printf(" comm=%s\n", ps->pr_fname); ++ printf(" psargs=%s\n", ps->pr_psargs); ++} ++ ++#define roundup(x, y) ((((x)+((y)-1))/(y))*(y)) ++ ++static void do_note(int fd, Elf32_Phdr *phdr) ++{ ++ off_t here = lseek(fd, 0, SEEK_CUR); ++ int size = phdr->p_filesz; ++ char *raw = alloca(size), *end; ++ end = raw+size; ++ ++ lseek(fd, phdr->p_offset, SEEK_SET); ++ myread(fd, raw, size); ++ ++ while(raw < end) ++ { ++ Elf32_Nhdr *note = (Elf32_Nhdr *)raw; ++ const char *str; ++ const char *name, *desc; ++ ++ raw += sizeof(*note); ++ name = raw; ++ raw += roundup(note->n_namesz, sizeof(long)); ++ desc = raw; ++ raw += roundup(note->n_descsz, sizeof(long)); ++ ++ printf(" name=%.*s", (int)note->n_namesz, name); ++ ++ if(strncmp(name, "CORE", note->n_namesz) != 0) ++ { ++ printf("\n"); ++ continue; ++ } ++ ++ switch(note->n_type) ++ { ++#define X(x) case x: str = #x; break; ++ X(NT_PRSTATUS); ++ X(NT_PRFPREG); ++ X(NT_PRPSINFO); ++ X(NT_TASKSTRUCT); ++#undef X ++ default: ++ str = "???"; ++ } ++ printf(" n_type=%s n_descsz=%ld\n", ++ str, note->n_descsz); ++ switch(note->n_type) ++ { ++ case NT_PRSTATUS: ++ print_prstatus((prstatus_t *)desc); ++ break; ++ case NT_PRPSINFO: ++ print_prpsinfo((prpsinfo_t *)desc); ++ break; ++ } ++ } ++ lseek(fd, here, SEEK_SET); ++} ++ ++int main(int argc, char *argv[]) ++{ ++ int fd; ++ Elf32_Ehdr elf; ++ int i; ++ ++ if (argc != 2) ++ { ++ fprintf(stderr, "Usage: %s corefile\n", argv[0]); ++ exit(1); ++ } ++ ++ if ((fd = open(argv[1], O_RDONLY)) == -1) ++ fperror("open of core"); ++ ++ myread(fd, &elf, sizeof(elf)); ++ ++ if (memcmp(ELFMAG, elf.e_ident, SELFMAG) != 0) ++ printf("bad magic\n"); ++ ++ if (elf.e_ident[EI_CLASS] != ELFCLASS32) ++ printf("wrong class\n"); ++ ++ if (elf.e_ident[EI_DATA] != ELFDATA2LSB) ++ printf("wrong endianess\n"); ++ ++ if (elf.e_ident[EI_VERSION] != EV_CURRENT) ++ printf("wrong version\n"); ++ ++ { ++ const char *str; ++ switch(elf.e_type) ++ { ++#define C(x) case ET_##x: str = #x; break; ++ C(NONE); ++ C(REL); ++ C(EXEC); ++ C(DYN); ++ C(CORE); ++#undef C ++ default: str = "???"; break; ++ } ++ printf("elf file type ET_%s\n", str); ++ } ++ ++ if (elf.e_machine != EM_386 && elf.e_machine != EM_486) ++ printf("not i386 or i486\n"); ++ ++ if (elf.e_ehsize != sizeof(elf)) ++ printf("wrong header size\n"); ++ ++ if (elf.e_phentsize != sizeof(Elf32_Phdr)) ++ printf("wrong phdr size\n"); ++ ++ if (lseek(fd, elf.e_phoff, SEEK_SET) != (off_t)elf.e_phoff) ++ fperror("lseek to phdr failed\n"); ++ ++ for(i = 0; i < elf.e_phnum; i++) ++ { ++ Elf32_Phdr phdr; ++ const char *str; ++ ++ myread(fd, &phdr, sizeof(phdr)); ++ switch(phdr.p_type) ++ { ++#define C(x) case PT_##x: str = #x; break; ++ C(NULL); ++ C(LOAD); ++ C(DYNAMIC); ++ C(INTERP); ++ C(NOTE); ++ C(SHLIB); ++ C(PHDR); ++#undef C ++ default: ++ str = "???"; break; ++ } ++ printf("type PT_%s off=%ld vaddr=%lx filesz=%ld flags=%lx\n", ++ str, phdr.p_offset, phdr.p_vaddr, phdr.p_filesz, ++ (unsigned long)phdr.p_flags); ++ if (phdr.p_type == PT_NOTE) ++ do_note(fd, &phdr); ++ } ++ exit(0); ++} ++ diff --git a/file-a642587a9c.patch b/file-a642587a9c.patch new file mode 100644 index 0000000..1ff798c --- /dev/null +++ b/file-a642587a9c.patch @@ -0,0 +1,20 @@ +commit a642587a9c9e2dd7feacdf513c3643ce26ad3c22 +Author: Christos Zoulas +Date: Sat Jun 9 16:00:06 2018 +0000 + + Avoid reading past the end of buffer (Rui Reis) + +diff --git src/readelf.c src/readelf.c +index 79c83f9f..1f41b461 100644 +--- src/readelf.c ++++ src/readelf.c 2018-06-12 14:09:58.530783129 +0000 +@@ -826,7 +826,8 @@ do_core_note(struct magic_set *ms, unsig + + cname = (unsigned char *) + &nbuf[doff + prpsoffsets(i)]; +- for (cp = cname; *cp && isprint(*cp); cp++) ++ for (cp = cname; cp < nbuf + size && *cp ++ && isprint(*cp); cp++) + continue; + /* + * Linux apparently appends a space at the end diff --git a/file-rpmlintrc b/file-rpmlintrc new file mode 100644 index 0000000..b75023b --- /dev/null +++ b/file-rpmlintrc @@ -0,0 +1,4 @@ +addFilter(".*Warning:.*using.*regular.*magic.*file.*/usr/share/misc/magic.*") +addFilter(".*W:.*no-dependency-on file.*/file-libs/libfile.*") +addFilter(".*W:.*name-repeated-in-summary.*") +addFilter(".*E:.*shlib-fixed-dependency.*") diff --git a/file-secure_getenv.patch b/file-secure_getenv.patch new file mode 100644 index 0000000..a5f6fa1 --- /dev/null +++ b/file-secure_getenv.patch @@ -0,0 +1,79 @@ +--- + file-5.29/configure.ac | 2 ++ + file-5.29/src/file.c | 2 +- + file-5.29/src/file.h | 8 ++++++++ + file-5.29/src/magic.c | 10 +++++----- + 4 files changed, 16 insertions(+), 6 deletions(-) + +Index: file-5.32/configure.ac +=================================================================== +--- file-5.32.orig/configure.ac ++++ file-5.32/configure.ac +@@ -97,6 +97,8 @@ AC_CHECK_TYPE([sig_t],[AC_DEFINE([HAVE_S + #include + #endif]) + ++AC_CHECK_FUNCS([__secure_getenv secure_getenv]) ++ + dnl Checks for typedefs, structures, and compiler characteristics. + AC_C_CONST + AC_TYPE_OFF_T +Index: file-5.32/src/file.h +=================================================================== +--- file-5.32.orig/src/file.h ++++ file-5.32/src/file.h +@@ -615,4 +615,12 @@ static const char *rcsid(const char *p) + #define __RCSID(a) + #endif + ++#ifndef HAVE_SECURE_GETENV ++# ifdef HAVE___SECURE_GETENV ++# define secure_getenv __secure_getenv ++# else ++# error neither secure_getenv nor __secure_getenv is available ++# endif ++#endif ++ + #endif /* __file_h__ */ +Index: file-5.32/src/magic.c +=================================================================== +--- file-5.32.orig/src/magic.c ++++ file-5.32/src/magic.c +@@ -185,7 +185,7 @@ get_default_magic(void) + free(default_magic); + default_magic = NULL; + } +- if ((home = getenv("HOME")) == NULL) ++ if ((home = secure_getenv("HOME")) == NULL) + return MAGIC; + + if (asprintf(&hmagicpath, "%s/.magic.mgc", home) < 0) +@@ -222,16 +222,16 @@ out: + } + + /* First, try to get a magic file from user-application data */ +- if ((home = getenv("LOCALAPPDATA")) != NULL) ++ if ((home = secure_getenv("LOCALAPPDATA")) != NULL) + _w32_append_path(&hmagicpath, "%s%s", home, hmagic); + + /* Second, try to get a magic file from the user profile data */ +- if ((home = getenv("USERPROFILE")) != NULL) ++ if ((home = secure_getenv("USERPROFILE")) != NULL) + _w32_append_path(&hmagicpath, + "%s/Local Settings/Application Data%s", home, hmagic); + + /* Third, try to get a magic file from Common Files */ +- if ((home = getenv("COMMONPROGRAMFILES")) != NULL) ++ if ((home = secure_getenv("COMMONPROGRAMFILES")) != NULL) + _w32_append_path(&hmagicpath, "%s%s", home, hmagic); + + /* Fourth, try to get magic file relative to exe location */ +@@ -252,7 +252,7 @@ magic_getpath(const char *magicfile, int + if (magicfile != NULL) + return magicfile; + +- magicfile = getenv("MAGIC"); ++ magicfile = secure_getenv("MAGIC"); + if (magicfile != NULL) + return magicfile; + diff --git a/file.changes b/file.changes new file mode 100644 index 0000000..60c3055 --- /dev/null +++ b/file.changes @@ -0,0 +1,862 @@ +* Tue Sep 7 2021 werner@suse.de +- Add patch bsc1189996-9fbe768a.patch to fix bsc#1189996 +* Fri Sep 18 2020 werner@suse.de +- Add patchfix_of_backport_PR-62.patch as previous backport caused + a shorten output of the elf interprter (bsc#1176123) +* Tue Apr 14 2020 schwab@suse.de +- file-5.24-nitpick.dif: remove obsolete patch (bsc#1169512) +- file-secure_getenv.patch: refresh +* Tue Oct 22 2019 werner@suse.de +- Add temporary patch CVE-2019-18218-46a8443f.patch from upstream + to fix bsc#1154661 -- heap-based buffer overflow in cdf_read_property_info in cdf.c +* Thu Feb 21 2019 werner@suse.de +- Add patch 0002-PR-62-spinpx-limit-size-of-file_printable.patch to + fix bsc#1126117, bsc#1126118, and bsc#1126119 for CVE-2019-8905, + CVE-2019-8906, and CVE-2019-8907 +* Tue Jun 12 2018 werner@suse.de +- Add patch file-a642587a9c.patch for bsc#1096974, bsc#1096984, and + CVE-2018-10360 -- Avoid reading past the end of buffer +* Thu Feb 22 2018 fvogt@suse.com +- Use %%license (boo#1082318) +* Mon Jan 22 2018 werner@suse.de +- Add patch file-5.32-ncurses-6.1.patch to support extend magic + format for new ncurses 6.1 +* Sun Oct 8 2017 jengelh@inai.de +- Update package summaries. Replace old RPM constructs. +- Remove --with-pic which is useless with --disable-static. +- Edit pre_checkin.sh to remove dead python3 file. +* Tue Sep 26 2017 jmatejek@suse.com +- remove python build instructions from master spec file, move completely + into python-magic.spec +* Wed Sep 13 2017 werner@suse.de +- Update to file version 5.32 + * Always reset state in {file,buffer}_apprentice (Krzysztof Wilczynski) + * Fix always true condition (Thomas Jarosch) + * pickier parsing of numeric values in magic files. + * PR/615 add magic_getflags() +- This release fix the bug bsc#1056838 for CVE-2017-1000249 +- Remove patch file-5.31-fix-tga.dif as now upstream +- Rename patch file-5.31.dif which now becomes file-5.32.dif +- Modify the patches + * file-5.16-ocloexec.patch + * file-5.19-biorad.dif + * file-5.19-printf.dif + * file-5.23-endian.patch + * file-5.28-btrfs-image.dif +* Mon Jun 5 2017 coolo@suse.com +- add file-5.31-fix-tga.dif upstream commited after I reported + a failure in File::Unpack's test suite +* Wed May 24 2017 werner@suse.de +- Update to file version 5.31 + * remove trailing spaces from magic files + * refactor is_tar + * better bounds checks for cdf +- Remove patches now upstream + * file-5.30-150735.patch + * file-5.30-3c60e5.patch +- Rename patch file-5.30.dif which becomes file-5.31.dif +- Modify the patches + * file-4.24-autoconf.dif + * file-5.14-tex.dif + * file-5.16-ocloexec.patch + * file-5.19-printf.dif + * file-5.23-endian.patch +* Thu Mar 2 2017 werner@suse.de +- Update to file version 5.30 + * If we exceeded the offset in a search return no match + (Christoph Biedl) + * Be more lenient on corrupt CDF files (Christoph Biedl) + * pacify ubsan sign extension (oss-fuzz/524) + * off by one in cdf parsing (PR/593) + * report debugging sections in elf (PR/591) + * Allow @@@ in extensions + * Add missing overflow check in der magic (Jonas Wagner) +- Mofify the patches + file-5.16-ocloexec.patch + file-5.19-biorad.dif + file-5.28-btrfs-image.dif +- Rename patch file-5.29.dif to file-5.30.dif +- Add upstream patches + file-5.30-150735.patch + file-5.30-3c60e5.patch +* Wed Nov 30 2016 werner@suse.de +- Modify patch file-5.29.dif that is + replace colon with dot in offset (boo#1012779) +* Thu Nov 24 2016 werner@suse.de +- Update to file version 5.29 + * der getlength overflow (Jonas Wagner) + * multiple magic file load failure (Christoph Biedl) + * CDF parsing improvements (Guy Helmer) + * Add support for signed indirect offsets + * cat /dev/null | file - should print empty (Christoph Biedl) + * Bump string size from 64 to 96. + * PR/556: Fix separators on annotations. +- Remove patch file-5.28-compress.patch now upstream +- Rename patch file-5.28.dif which becomes now file-5.29.dif +* Thu Oct 20 2016 jeffm@suse.com +- Add patch file-5.28-btrfs-image.dif + to add support for files output by btrfs-image. +* Wed Aug 24 2016 dimstar@opensuse.org +- Fix boo#995089: + * Do not attempt to produce a file-magic-32bit package: there is + nothing arch-dependant in this package (for completeness, this + was already fixed just before by Marcus) + * Fix baselibs.conf for libmagic1-32bit to require file-magic + instead of file-magic-32bit. + * Build file-magic as noarch on openSUSE >= 1200 (where rpm is + new enough to support this). +* Wed Aug 24 2016 meissner@suse.com +- file-magic is architecture independend, no need for a baselibs + package. +* Thu Aug 18 2016 werner@suse.de +- Add patch file-5.28-compress.patch + to fix crash as found in build system +* Tue Aug 16 2016 werner@suse.de +- Update to file version 5.28 + * fix leak on allocation failure + * PR/555: Avoid overflow for offset > nbytes + * PR/550: Segv on DER parsing: + - use the correct variable for length + - set offset to 0 on failure. +- Port patches to 5.28 + file-4.24-autoconf.dif + file-5.15-clear-invalid.patch + file-5.16-ocloexec.patch + file-5.19-biorad.dif + file-5.23-endian.patch + file-5.24-nitpick.dif + file-secure_getenv.patch +- Remove patches now upstream + file-5.26-revert-close.patch +- Rename patches + file-5.26.dif becomes file-5.28.dif +* Wed Jun 1 2016 werner@suse.de +- Update to file version 5.27 + * Errors comparing DER entries or computing offsets + are just indications of malformed non-DER files. + Don't print them. + * Offset comparison was off-by-one. + * Fix compression code (Werner Fink) + * Put new bytes constant in the right file (not the generated one) +- Remove patches + file-5.26-version.patch + file-5.26-downgrade_DER.patch + file-5.26-console.diff + file-5.26-zmagic.patch + as now upstream +- Disable patch file-5.26-revert-close.patch for test +- Modify patches + file-5.17-option.dif + file-5.26.dif +* Wed Apr 20 2016 werner@suse.de +- Add and revert upstream patch file-5.26-revert-close.patch + (commit 0177f6dd30e1f8c5639c058dcdf1d9edd9f8528c) to help + rpmbuild not to loose stdin +* Tue Apr 19 2016 werner@suse.de +- Add patch file-5.26-zmagic.patch + to fix detection chain if for compresses files are expanded +* Tue Apr 19 2016 werner@suse.de +- Add upstream patch file-5.26-console.diff + to fix wrong detection of UNIF edb files +* Tue Apr 19 2016 werner@suse.de +- Add upstream patch file-5.26-downgrade_DER.patch + to fix DER error messages as well oas offset handling +* Mon Apr 18 2016 werner@suse.de +- Update to file version 5.26 + * make the number of bytes read from files configurable. + * Add bounds checks for DER code (discovered by Thomas Jarosch) + * Change indirect recursion limit to indirect use count and + bump from 15 to 50 to prevent abuse. + * Add -00 which prints filename\0description\0 + * Fix ID3 indirect parsing + * add DER parsing capability + * provide dprintf(3) for the OS's that don't have it. + * redo the compression code report decompression errors + * REG_STARTEND code is not working as expected, delete it. + * Add zlib support if we have it. + * PR/492: compression forking was broken with magic_buffer. +- Removed patches as upstream now + file-4.24-mips.dif + file-5.25-avoid-double-evaluation-in-python-bindings.dif +- Modified patches + file-5.12-zip.dif + file-5.16-ocloexec.patch + file-5.19-printf.dif + file-5.19-zip2.0.dif + file-5.22-elf.dif + file-5.23-endian.patch + file-5.24-nitpick.dif + file-secure_getenv.patch +- Renamed patches + file-5.23.dif becomes file-5.26.dif +- Added patch from upstream to fix version handling of PHP files + file-5.26-version.patch +* Tue Feb 16 2016 rolf@rotkraut.de +- Make the python command a macro. +* Thu Jan 21 2016 dmueller@suse.com +- add file-5.25-avoid-double-evaluation-in-python-bindings.dif (bsc#949905) +* Sun Oct 4 2015 astieger@suse.com +- file 5.25: + * add a limit to the length of regex searches + * fix problems with --parameter +* Tue Jul 14 2015 werner@suse.de +- Update to file version 5.24 + * redo long option encoding to fix off-by-one in 5.23 +- Adapt and rename patch + file-5.12-nitpick.dif becomes file-5.24-nitpick.dif +* Thu Jun 11 2015 werner@suse.de +- Update to file version 5.23 + * Fix issue with regex range for magic with offset + * Always return true from mget with USE (success to mget not match + indication). Fixes mime evaluation after USE magic + * PR/459: Don't insert magic entries to the list if there are parsing + errors for them. + * PR/455: Add utf-7 encoding + * PR/455: Implement -Z, look inside, but don't report on compression + * PR/454: Fix allocation error on bad magic. + * handle MAGIC_CONTINUE everywhere, not just in softmagic + * don't print descriptions for NAME types when mime. + * Add --extension to list the known extensions for this file type + Idea by Andrew J Roazen + * Bump file search buffer size to 1M. + * Fix multiple issues with date formats reported by Christoph Biedl: + - T_LOCAL meaning was reversed + - Arithmetic did not work + Also stop adjusting daylight savings for gmt printing. + * PR/411: Fix memory corruption from corrupt cdf file. +- Refresh and rename patches + file-5.20-endian.patch becomes file-5.23-endian.patch + file-5.22.dif becomes file-5.23.dif + Refresh patch file-secure_getenv.patch +* Mon Jan 19 2015 werner@suse.de +- Update to file version 5.22 (also related to bsc#913650 and bsc#913651) + * add indirect relative for TIFF/Exif + * restructure elf note printing to avoid repeated messages + * add note limit, suggested by Alexander Cherepanov + * Bail out on partial pread()'s (Alexander Cherepanov) + * Fix incorrect bounds check in file_printable (Alexander Cherepanov) + * PR/405: ignore SIGPIPE from uncompress programs + * change printable -> file_printable and use it in + more places for safety + * in ELF, instead of "(uses dynamic libraries)" when PT_INTERP + is present print the interpreter name. +- Patch file-5.18-elf.dif is modified and renamed to file-5.22-elf.dif +- Patch file-5.20.dif s modified and renamed to file-5.22.dif +* Sat Dec 20 2014 meissner@suse.com +- build with PIE +* Wed Dec 17 2014 werner@suse.de +- Drop patch file-5.20-CVE-2014-3710.patch as now part of upstream +- Update to file version 5.21 + * Fix CVE-2014-8116 and CVE-2014-8117 (bsc#910252 and bsc#910253) + * there was an incorrect free in magic_load_buffers() + * there was an out of bounds read for some pascal strings + * there was a memory leak in magic lists + * don't interpret strings printed from files using the current + locale, convert them to ascii format first. + * there was an out of bounds read in elf note reads + * fix MacOS/X locale.h vs. xlocale.h issues +* Thu Oct 23 2014 werner@suse.de +- Add patch file-5.20-CVE-2014-3710.patch to fic bsc#902367 + CVE-2014-3710: file: out-of-bounds read in elf note headers +* Mon Oct 13 2014 werner@suse.de +- Update to file version 5.20 + * recognize encrypted CDF documents + * add magic_load_buffers from Brooks Davis + * add thumbs.db support +- Remove file-5.07-iso9660.dif as now upstream +- Remove file-5.19-gdbm.patch as now upstream +- Adapt and rename file-5.18-endian.patch to file-5.20-endian.patch +- Adapt and rename file-5.19.dif file-5.20.dif +* Tue Aug 19 2014 pgajdos@suse.com +- correctly identify GDBM files created by libgdbm4 [bnc#888308] + * add file-5.19-gdbm.patch +* Mon Aug 18 2014 werner@suse.de +- Add file-rpmlintrc to file list +* Mon Aug 18 2014 fcrozat@suse.com +- Add obsoletes/provides to baselibs.conf. +* Tue Jun 24 2014 werner@suse.de +- Update to file version 5.19 + * Misc buffer overruns and missing buffer size tests in cdf parsing + (Francisco Alonso, Jan Kaluza) + * Enforce limit of 8K on regex searches that have no limits + * Allow the l modifier for regex to mean line count. Default + to byte count. If line count is specified, assume a max + of 80 characters per line to limit the byte count. + * Don't allow conversions to be used for dates, allowing + the mask field to be used as an offset. + * Make the range operator limit the length of the + regex search. + * PR/347: Windows fixes + * PR/352: Hangul word processor recognition + * PR/354: Encoding irregularities in text files + * Fix uninitialized title in CDF files (Jan Kaluza) + * PR/351: Fix compilation of empty files + * Fix integer formats: We don't specify 'l' or + 'h' and 'hh' specifiers anymore, only 'll' for + quads and nothing for the rest. This is so that + magic writing is simpler. + * PR/341: Jan Kaluza, fix memory leak + * PR/342: Jan Kaluza, fix out of bounds read + * Fix issue with long formats not matching fmtcheck +- Rename and change patch file-5.14-misc.dif to file-5.19-misc.dif +- Rename and change patch file-5.14-printf.dif to file-5.19-printf.dif +- Rename and change patch file-5.07-biorad.dif to file-5.19-biorad.dif +- Rename and change patch file-5.19.dif to file-5.17.dif +- Rename and change patch file-4.24-cromfs.dif to file-5.19-cromfs.dif +- Rename and change patch file-4.24-solv.dif to file-5.19-solv.dif +- Rename and change patch file-5.12-zip2.0.dif to file-5.19-zip2.0.dif +- Rename and change patch file-5.07-clicfs.dif to file-5.19-clicfs.dif +* Thu May 8 2014 crrodriguez@opensuse.org +- file-secure_getenv.patch use secure_getenv only as we + can't know in which context the shared library is used. +* Fri Mar 28 2014 werner@suse.de +- Update to file version 5.18 + * add fmtcheck(3) for those who don't have it + * prevent mime entries from being attached to magic + entries with no descriptions + * adjust magic strength for regex type + * remove superfluous ascmagic with encoding test + * fix regression fix echo -ne "\012\013\014" | file -i - + which printed "binary" instead of "application/octet-stream" + * add size_t overflow check for magic file size + * experimental support for matching with CFD CLSID + * Cache old LC_CTYPE locale before setting it to "C", so + we can use it to restore LC_CTYPE instead of asking + setlocale() to scan the environment variables. +- Refresh patches + file-5.07-elf.dif becomes file-5.18-elf.dif + file-5.12-javacheck.dif becomes file-5.18-javacheck.dif + file-5.12-endian.patch becomes file-5.18-endian.patch + file-5.15-clear-invalid.patch +- Drop patch + 0001-off-by-one-in-out-of-bounds-calculations-Jan-Kaluza.patch + now part of upstream +* Mon Mar 17 2014 werner@suse.de +- Add patch + 0001-off-by-one-in-out-of-bounds-calculations-Jan-Kaluza.patch + to finally fix bnc#866750 +* Tue Feb 18 2014 werner@suse.de +- Update to file version 5.17 (bug fix release) + * Count recursion levels through indirect magic + * Prevent infinite recursion on files with indirect offsets of 0 + * Add -E flag that makes file print filesystem errors to stderr + and exit. + * mime printing could print results from multiple magic entries + if there were multiple matches. + * in some cases overflow was not detected when computing offsets + in softmagic. + * use strcasestr() to for cdf strings + * reset to the "C" locale while doing regex operations, or case + insensitive comparisons; this is provisional +* Mon Dec 2 2013 werner@suse.de +- Update to file version 5.16 (bug fix release) + * always leave magic file loaded, don't unload for magic_check, etc. + * fix default encoding to binary instead of unknown which broke recently + * handle empty and one byte files, less specially so that + - -mime-encoding does not break completely. + * fix erroneous non-zero exit code from non-existant file and message + * add CDF MSI file detection (Guy Helmer) +* Mon Nov 4 2013 jengelh@inai.de +- Set RPM groups +* Tue Oct 1 2013 werner@suse.de +- Add changes of Andreas Stieger +* Mon Sep 30 2013 werner@suse.de +- Update to file version 5.15 (bug fix release, no new featuress) + * Don't mix errors and regular output if there was an error + * in magic_descriptor() don't close the file and try to restore + its position + * Don't treat magic as an error if offset was past EOF (Christoph Biedl) + * Fix spacing issues in softmagic and elf (Jan Kaluza) + * Fix segmentation fault with multiple magic_load commands. + * The way "default" was implemented was not very useful because + the "if something was printed at that level" was not easily + controlled by the user, and the format was bound to a string + which is too restrictive. Add a "clear" for that level keyword + and make "default" void. + * disallow strength setting in "name" entries +- Adjust for upstream changes: + * file-5.14-tex.dif + * file-5.07-elf.dif + * file-5.12-ocloexec.patch + * file-5.12-nitpick.dif + * file-5.13.dif +- Drop patches, applied upstream: + * file-5.13-whitespace.patch + * elf-invalid-byte-order.patch +* Sun Sep 29 2013 andreas.stieger@gmx.de +- add file-5.15-clear-invalid.patch to fix an invalid format +* Sun May 26 2013 schwab@suse.de +- elf-invalid-byte-order.patch: remove bogus "invalid byte order" from elf + magic +* Sun May 26 2013 schwab@suse.de +- file-5.13-whitespace.patch: remove extra whitespace in ELF magic, breaks + libtool +* Fri Mar 29 2013 crrodriguez@opensuse.org +- Refresh patches and remove the visibility patch that I + upstreamed few releases ago in a different form. +* Fri Mar 22 2013 werner@suse.de +- Update to file version 5.14 (also mainly bug fixes) + * fix recursive magic separator printing + * limit recursion level for mget + * fix pread() related breakage in cdf + * handle offsets properly in recursive "use" +- Remove patch file-5.13-return.patch +* Tue Feb 26 2013 werner@suse.de +- Add patch file-5.13-return.patch: avoid doubled return +* Fri Feb 22 2013 werner@suse.de +- Update to file version 5.13 (mainly bug fixes) + * add elf reading of debug info to determine if file is stripped + * use pread() + * change mime description size from 64 to 80 to accommodate OOXML. + * Warn about inconsistent continuation levels. + * Change fsmagic to add a space after it prints. + * Make getline public so that file can link against it. + Perhaps it is better to rename it, or hide it differently. + Fixes builds on platforms that do not provide it. + * Add SuS d{,1,2,4,8}, u{,1,2,4,8} and document + what long, int, short, etc is (Guy Harris) + * add magic_version function and constant + * Redo memory allocation and de-allocation. + (prevents double frees on non mmap platforms) + * Fix bug with name/use having to do with passing + found state from the parent to the child and back. +* Tue Feb 19 2013 werner@suse.de +- Use %%libname macro and make that file-magic obsoletes libmagic-data + compare with bnc# 804323 to avoid trouble with interim package name +* Wed Jan 23 2013 werner@suse.de +- Make if build on ppc64, that is re-add the configure check for + sizeof long long otherwise readelf fail on ppc64 +* Tue Jan 22 2013 werner@suse.de +- Update to file version 5.12 + * Warn about inconsistent continuation levels. + * Change fsmagic to add a space after it prints. + * Make getline public so that file can link against it. + Perhaps it is better to rename it, or hide it differently. + Fixes builds on platforms that do not provide it. + * Add SuS d{,1,2,4,8}, u{,1,2,4,8} and document + what long, int, short, etc is (Guy Harris) + * add magic_version function and constant + * Redo memory allocation and de-allocation. + (prevents double frees on non mmap platforms) + * Fix bug with name/use having to do with passing + found state from the parent to the child and back. + * Only print elf capabilities for archs we know (Jan Kaluza) + * Add "name" and "use" file types in order to look + inside mach-o files. + * add string/T (Jan Kaluza) + * search for $HOME/.magic.mgc if it is there first + * fix reads from a pipe, and preserve errno + * use ctime_r, asctime_r + * Fixes for indirect offsets to handle apple disk formats +- Also includes our extfs-minix patch +* Mon Nov 26 2012 werner@suse.de +- Add file-5.11-extfs-minix.dif: Change detection order of ext2/3/4 + fs and minix to avoid the for the free inode numbers 4991,5007, + 9320,9336 and multiple of 65536 the ext2/3/4 fs will be detected + as minix fs (bnc#788435) +* Sat Oct 27 2012 coolo@suse.com +- implement shared library policy for libmagic1 +* Tue Sep 18 2012 werner@suse.de +- Add small patch to make clear if file follows symbloc links or not + as tihs depend on the environment variable POSIXLY_CORRECT +- Remove the README file as this is for packagers and not for users +* Sun Aug 19 2012 giecrilj@stegny.2a.pl +- add documentation (bnc#776532) +* Tue Aug 14 2012 crrodriguez@opensuse.org +- Use the OS's byteswapping routines. +* Tue Jun 26 2012 cfarrell@suse.com +- license update: BSD-2-Clause + SPDX format +* Wed Mar 21 2012 werner@suse.de +- Update to file version 5.11 (bnc#753303, CVE-2012-1571) + * Fix CDF parsing issues found by CERT's fuzzing tool (Will Dormann) +* Mon Jan 16 2012 werner@suse.de +- Update to file version 5.10 + * Add magic for /usr/bin/env Perl scripts + * Weaken generic script magic to avoid clashing with + language-specific magic. + * Remove hardwired token finding (names.h), turning it into soft + magic. Patterns are either anchored regexs or search/8192. English + language detection and PL/1 detection have been removed as they + were too fragile. -e tokens is still accepted for backwards + compatibility. + * Move 3ds patterns (which are commented out anyway) into autodesk + (they were, oddly, in c-lang). + * Tweak strength of generic hash-bang detectors to be less than + specific ones. + * Make an inconsistent description of Python scripts consistent. + * Python3 binding fixes from Kelly Anderson + * If a string type magic entry is marked as text or binary + only match text files against text entries and binary + files against binary entries. + * If the application name is not set in a cdf file, try to see + if it has a directory with the application name on it. + * Fix ELF lseek(2) madness. Inspired by PR/134 by Jan Kaluza + * Don't use variable string formats. +* Sat Nov 5 2011 crrodriguez@opensuse.org +- libmagic: use O_CLOEXEC where needed, as there is no warranty + that calling applications will not fork() and we end up leaking + file descriptors to their child processes. +* Sat Oct 1 2011 coolo@suse.com +- add libtool as buildrequire to make the spec file more reliable +* Sun Sep 18 2011 jengelh@medozas.de +- Apply packaging guidelines (remove redundant/obsolete + tags/sections from specfile, etc.) +* Tue Aug 23 2011 werner@suse.de +- Update to file version 5.08 + * Fix detection of Zip files (Mantis #128). + * Make some minor improvements to file(1). + * Rename MIME types for filesystem objects for consistency with + xdg-utils. Typically this means that application/x-foo becomes + inode/foo, but some names also change slightly, e.g. + application/x-character-device becomes inode/chardevice. +* Mon Jul 18 2011 werner@suse.de +- Fixed regression on zip archive detection (bnc#706310) +* Tue Jun 14 2011 werner@suse.de +- Update to file version 5.07 + * Several regressions in magic were fixed. A buffer overflow was + corrected. The program version is now recorded in only one place. + Several documentation improvements were made. + * The Python bindings were updated and fixed. Magic support for + OCF (EPUB) files and for lrzip files was added. Zip file magic + was adapted for files with unsupported special types. Many + more magic updates and fixes were made. + * Several minor bugs were fixed. +- Add magic for clicfs evne if upstream does not support it (bnc#681329) +* Wed Nov 24 2010 werner@suse.de +- Add patch for Bio-Rad image format to avoid conflicts with other + magic records like RPM and even some ACII files (bnc#654696) +* Fri Nov 5 2010 cristian.rodriguez@opensuse.org +- libmagic: export only public interface symbols listed + in magic.h, this also avoids exporting interesting stuff + like strlcat, strlcpy... +* Mon Jun 28 2010 jengelh@medozas.de +- use %%_smp_mflags +* Mon Apr 19 2010 werner@suse.de +- Add llvm bicode magic (bnc#597752) +* Fri Feb 5 2010 werner@suse.de +- Update to file version 5.04 + * print proper mime for crystal reports file + * print the last summary information of a cdf document, not the + first so that nested documents print the right info + * ctime/asctime can return NULL on some OS's although + they should not (Toshit Antani) + * Centralize magic path handling routines and remove the + special-casing from file.c so that the python module for + example comes up with the same magic path (Fixes ~/.magic + handling) (from Gab) + * When magic argument is a directory, read the files in + strcmp-sorted order (fixes Debian bug #488562 and our own FIXME). + * Combine overlapping epoc and psion magic files into one (epoc). + * Add some more EPOC MIME types. + * Fix 3 bugs (From Ian Darwin): + - file_showstr could move one past the end of the array + - parse_apple did not nul terminate the string in the overflow case + - parse_mime truncated the wrong string in the overflow case + * Add the necessary field handling for crystal reports files to work + * Stop "(if" identifying Lisp files, that's plain dumb! + * Add a couple of missing MP3 MIME types. + * Add full range of hash-bang tests for Python and Ruby. + * Add MIME types for Python and Ruby scripts. + * off by one in parsing hw capabilities in elf (Cheng Renquan) +* Sat Dec 12 2009 jengelh@medozas.de +- add baselibs.conf as a source +* Tue Nov 3 2009 coolo@novell.com +- updated patches to apply with fuzz=0 +* Tue Oct 27 2009 werner@suse.de +- Make ISO9660 magic entry working with file 5.xx (bnc#547683) +* Wed Sep 30 2009 crrodriguez@opensuse.org +- file-devel only requires glibc-devel +* Tue Jun 9 2009 werner@suse.de +- Do _not_ touch change log of python-magic +- Update to file version 5.03 + * Avoid null dereference in cdf code (Drew Yao) + * More cdf bounds checks and overflow checks +* Tue Jun 2 2009 coolo@novell.com +- sync Version using pre_checkin.sh +* Thu May 7 2009 werner@suse.de +- Add support for special zip archives (bnc#500511) +* Wed May 6 2009 werner@suse.de +- Update to file version 5.02 + * Read ~/.magic in addition to the default magic file not instead + of, as documented in the man page. + * filesystem and msdos patches (Joerg Jenderek) + * Added CDF parsing + * Add text/x-lua MIME type for Lua scripts. + * >= <= is not supported, so fix the magic and warn about it. + reported by: Thien-Thi Nguyen + * use memchr instead of strchr because the string + might not be NUL terminated (Scott MacVicar) + * Fix --mime, --mime-type and --mime-encoding under new scheme. + * add loop limits to avoid DoS attacks by constructing + looping sector references. + * Allow escaping of relation characters, so that we can say \^[A-Z] + and the ^ is not eaten as a relation char. +* Mon Jan 26 2009 crrodriguez@suse.de +- remove "la" files and static libraries +* Wed Dec 10 2008 olh@suse.de +- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade + (bnc#437293) +* Thu Nov 27 2008 werner@suse.de +- Add libsatsolver file magic +- Re-enable detection of old LZW (.Z) format (bnc#448984) +* Thu Oct 30 2008 olh@suse.de +- obsolete old -XXbit packages (bnc#437293) +* Tue Aug 19 2008 ro@suse.de +- fix detection for java bytecode +* Tue May 6 2008 aj@suse.de +- Do not return random data. +* Thu Apr 24 2008 werner@suse.de +- Don't slip into Mp3 channel for ext file systems (bnc#383431) +* Mon Apr 14 2008 werner@suse.de +- Add CROM File System to Localstuff (bnc#379027) +- Update to file bugfix version 4.24 + * ELF core file command name/line bug fixes and enhancements + * Change strength of ! from MULT to 0, as it matches almost anything (Reuben Thomas) + * Clarify UTF-8 BOM message (Reuben Thomas) + * Add HTML comment to token list in names.h + * !:mime annotations in magic files (Reuben Thomas) + * zero out utime/utimes structs (Gavin Atkinson) + * reduce writable data from Diego "Flameeyes" Petten + * strtof detection + * remove bogus regex magic that could cause a DoS + * better mismatch version message + * bring back some fixes from OpenBSD + * treat ELF dynamic objects as executables + * fix gcc warnings + * make sure we have zlib.h and libz to compile the builtin + decompress code + * float and double magic support (Behan Webster) + * Convert fortran to a soft test (Reuben Thomas) + * Add --with-filename, and --no-filename (Reuben Thomas) + * Rest of the mime split (Reuben Thomas) + * Make usage message generated from the flags so that + they stay consistent (Reuben Thomas) + * typo in comment, missing ifdef QUICK, remove unneeded code + * Fix problem printing -\012 in some entries + * Separate magic type and encoding flags (Reuben Thomas) + * configure fix for int64 and strndup (Reuben Thomas) + * Add magic_descriptor() function. + * Fix regression in elf reading code where the core name was + not being printed. + * Don't convert NUL's to spaces in {l,b}estring16 (Daniel Dawson) + * Make mime format consistent so that it can + Remove 7/8bit classifications, since they were arbitrary + and not based on the file data. +* Thu Apr 10 2008 ro@suse.de +- added baselibs.conf file to build xxbit packages + for multilib support +* Thu Mar 13 2008 werner@suse.de +- Remember ReiserFS V3.6.19 (bnc#370535) +* Mon Jan 28 2008 rguenther@suse.de +- Split python-magic off to separate spec file to avoid pulling + python into the base build cycle +* Tue Jan 15 2008 werner@suse.de +- Move python-base to python +* Wed Dec 5 2007 werner@suse.de +- Add X11 cursor magic to Localstuff (bug #346132) +- New package python-magic, the python API for the libmagic +* Fri Aug 31 2007 werner@suse.de +- Make regex for awk more robust to avoid conflict with PostScript, + thanks goes to Werner Lemberg for the report +* Wed Aug 29 2007 werner@suse.de +- Add Scribus to local magic (bug #298009) +* Wed Jun 6 2007 werner@suse.de +- Update to file version 4.21 including the last three bug fixes +* Thu May 24 2007 werner@suse.de +- Fix of the fix for bug #256290 with CVE-2007-2799 +* Mon May 21 2007 werner@suse.de +- Expand search area used before regex (also bug #263754) +* Mon May 14 2007 werner@suse.de +- More on DoS attack with regex (bug #263754) +- Avoid crash on unknown option and enable option `-e' +* Mon Apr 16 2007 werner@suse.de +- Avoid DoS attack with regex (bug #263754) +* Thu Apr 5 2007 werner@suse.de +- Avoid trouble with variable/macro on ppc64 +* Mon Mar 26 2007 rguenther@suse.de +- Add zlib-devel BuildRequires +* Wed Mar 21 2007 werner@suse.de +- Update to file 4.20 due security reason CVE-2007-1536 (#256290) +* Tue Mar 6 2007 rguenther@suse.de +- Fix order of changelog entries +* Thu Nov 23 2006 werner@suse.de +- Initialize variable in elf patch +* Wed Nov 22 2006 werner@suse.de +- Update to new file 4.18 + * Includes most of our extensions (elf, fifo, softmagic) +* Mon Jun 12 2006 werner@suse.de +- Reenable file to display process name from a core dump (#183685) +* Mon Mar 27 2006 werner@suse.de +- Add Mono/.Net identfiers to msdos magics (bug #159708) +* Fri Mar 24 2006 werner@suse.de +- Update to file version 4.17 + * This version supports new key like `search' and `regex' + * Port our patches to this version +* Wed Jan 25 2006 mls@suse.de +- converted neededforbuild to BuildRequires +* Mon Jan 16 2006 werner@suse.de +- Add Xen magics +* Tue Dec 6 2005 werner@suse.de +- Add Structured Storage Entry for PageMaker to local (bug #134895) +* Thu Oct 20 2005 werner@suse.de +- Update to file version 4.16 +* Tue Aug 23 2005 werner@suse.de +- Fix broken cracklib magic (bug #106007) +* Mon Jul 25 2005 werner@suse.de +- Update to new file 4.14 +- Split of the development version as own package +* Fri Jul 1 2005 werner@suse.de +- Even for netware the columns in the magic entry are seperated + by tabs +- Add cracklib magics (bug #93673) +* Mon Jun 13 2005 mmj@suse.de +- Add primitive magic for detecting netware loadable modules (NLMs) +- Don't remove buildroot before install +- Don't strip binaries explicitly +- %%doc is implied by %%man +* Thu Mar 17 2005 werner@suse.de +- Be sure that the pipe/fifo patch works (bug #73644) +* Thu Mar 10 2005 werner@suse.de +- Be able to use the -s option even on pipes (bug #71074) +- Do not hang on sockets or pipes not opened on the write side +* Fri Feb 18 2005 werner@suse.de +- Update to file 4.13 for fixes in handling of bzip2 and DOS files +- Do not be fooled by minix filesystems magics on jpeg files +* Fri Nov 26 2004 werner@suse.de +- Update to file 4.12, this may fix a security issue (bug #48576) +* Tue Sep 28 2004 werner@suse.de +- Correct PCP entries (bug #46111) +* Thu Sep 16 2004 werner@suse.de +- Read HOWMANY bytes even from a pipe (reported by max) +* Thu Aug 26 2004 werner@suse.de +- Update to bugfix release 4.09 +* Tue Aug 24 2004 lmuelle@suse.de +- Add -fPIC to the CFLAGS. +* Wed May 26 2004 werner@suse.de +- Don't trap into string formats if integers are provided (#41209) +* Mon May 24 2004 werner@suse.de +- Check for random data within ELF header (bug #40909) +* Thu Feb 12 2004 werner@suse.de +- Add name offsets for CORE dumps even for 64bit ELF (bug #34461) +* Tue Jan 20 2004 werner@suse.de +- Update to 4.07 +* Mon Dec 15 2003 werner@suse.de +- Add workaround for new automake `feature' of ignoring man pages +- Ensure that the correct break condition is returned if readelf + past the end of the buffer (bug #33644). +* Mon Dec 8 2003 werner@suse.de +- Update to 4.06 +- Use /etc/magic:/usr/share/misc/magic as magic and move /etc/magic + to a real configuration file for _local_ settings (bug #32725). +* Sat Oct 18 2003 kukuk@suse.de +- Add patch to detect policy file for SE Linux +- Build as normal user +- Clean up build root +* Mon Sep 29 2003 werner@suse.de +- Avoid endless loop due wrong alignment in old ELF binaries +* Tue Sep 16 2003 werner@suse.de +- Extend buffer from 64kb upto 68kB to find ReiserFS (bug #30736) +* Wed Jul 2 2003 werner@suse.de +- Use _libdir +* Tue Jul 1 2003 werner@suse.de +- Update to file 4.03 +* Thu Apr 17 2003 coolo@suse.de +- use BuildRoot +* Tue Mar 4 2003 werner@suse.de +- Fix buffer overflow in elf detection +* Tue Dec 17 2002 olh@suse.de +- use RPM_BUILD_ROOT, not BUILD_ROOT in testsuite +* Sun Nov 10 2002 ro@suse.de +- fix deprecated multiline string literal (from longopt patch) +* Tue Sep 17 2002 ro@suse.de +- removed bogus self-provides +* Tue Jul 23 2002 werner@suse.de +- Add mySQL bytes to magic (bug #16138) +* Fri Jun 7 2002 olh@suse.de +- don't change the union u in readelf.c:tryelf() on ppc64 +* Mon Feb 4 2002 werner@suse.de +- Fix looking of manual page +* Mon Feb 4 2002 werner@suse.de +- Add some magics for METAFONT format files +- Add inofficial long options for LSB +* Thu Dec 27 2001 adrian@suse.de +- fix file output for mips binaries. The old output broke several + ltconfig scripts in other packages and was wrong anyway. +- recompress tar ball with bz2 +* Wed Dec 19 2001 werner@suse.de +- update to version 3.37 +* Sat Jun 30 2001 bk@suse.de +- update to version 3.33 +- don't change the union u in readelf.c:tryelf() on s390x. +- option i: fix one-byte memory underallocation - strcat adds '\0' +* Thu Jun 7 2001 werner@suse.de +- Autoconf and Elf header: make it work again +* Fri May 4 2001 werner@suse.de +- Make symlink /etc/magic a relative one +* Tue Jan 16 2001 werner@suse.de +- Change order to find WAVE and TTF data before G3, apple and + macintosh data. +- Change string detection of PFM data to bit comparision masking + out the third bit to make raw G3 work. +* Sun Dec 3 2000 schwab@suse.de +- Don't match against artificial null byte. +- Fix resource leaks. +* Tue Nov 28 2000 aj@suse.de +- Add LFS support. +* Tue Nov 14 2000 werner@suse.de +- Correct version handling of Linux/i386 Kernel setup header +* Mon Nov 13 2000 werner@suse.de +- Fix handling of Microsoft Access Database in comparision + with Digifax-G3-File. +* Tue Oct 3 2000 kukuk@suse.de +- fix inclusion of config.h +- Add group tag +* Thu Sep 28 2000 werner@suse.de +- Move Magdir changes into misc dif +- Remove exectuable from text scripts +* Fri Sep 15 2000 werner@suse.de +- Update to version 3.32 +* Tue Jun 20 2000 werner@suse.de +- /usr/lib/magic -> /usr/share/misc/magic +* Thu Feb 3 2000 schwab@suse.de +- Ignore SHT_DYNSYM sections when deciding whether object is stripped. +* Fri Jan 28 2000 schwab@suse.de +- Fix int32 vs long problem. +* Thu Jan 27 2000 schwab@suse.de +- Fix non-ascii literal characters in string +- Specfile cleanup, get rid of Makefile.Linux +- /usr/man -> /usr/share/man +* Thu Nov 25 1999 schwab@suse.de +- Fix location of magic file. +* Tue Nov 23 1999 kukuk@suse.de +- Update to version 3.27 +- Add patches for SPARC +* Mon Sep 13 1999 bs@suse.de +- ran old prepare_spec on spec file to switch to new prepare_spec. +* Tue Aug 24 1999 uli@suse.de +- added -fsigned-char to CFLAGS (PPC) +* Wed Nov 4 1998 ro@suse.de +- disabled dcore (won't build with glibc-2.0) +* Thu Oct 1 1998 ro@suse.de +- update to 3.26 +- hacked dcore.c to build with glibc-2.1 +* Fri Oct 10 1997 florian@suse.de +- add some more entries to magic +* Wed Jun 25 1997 florian@suse.de +- add additional entries to recognize LaTeX files +* Tue May 27 1997 florian@suse.de +- add some additional entries from mgetty/vgetty +- add additional entries for CLISP and GNU gettext from Bruno Haible +* Wed Jan 22 1997 florian@suse.de +- update to version 3.22 +* Thu Jan 2 1997 florian@suse.de +- recognise german umlauts as text: dirty hack, but also call "setlocale" + for correctly installed systems... +- add "dcore"-program to show some information about core-files +* Thu Jan 2 1997 florian@suse.de +- update to version 3.21 +- mv /etc/magic /usr/lib/magic (/etc/magic is still a symlink to new + location) +* Thu Jan 2 1997 florian@suse.de +- added missing entries for G3-fax (from mgetty source) diff --git a/file.spec b/file.spec new file mode 100644 index 0000000..ec4a269 --- /dev/null +++ b/file.spec @@ -0,0 +1,203 @@ +# +# spec file for package file +# +# Copyright (c) 2022-2023 ZhuningOS +# + + +%define somajor 1 +%define libname libmagic%{somajor} + +Name: file +BuildRequires: findutils +BuildRequires: libtool +BuildRequires: zlib-devel +Url: http://www.darwinsys.com/file/ +# bug437293 +%ifarch ppc64 +Obsoletes: file-64bit +%endif +# +# Set Version also in python-magic.spec +Version: 5.32 +Release: 7.14.1 +Summary: A Tool to Determine File Types +License: BSD-2-Clause +Group: Productivity/File utilities +Source: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz +Source2: baselibs.conf +Source3: file-rpmlintrc +Patch: file-5.32.dif +Patch1: file-5.19-misc.dif +Patch4: file-4.24-autoconf.dif +Patch5: file-5.14-tex.dif +Patch7: file-4.20-ssd.dif +Patch8: file-4.20-xen.dif +Patch9: file-5.22-elf.dif +Patch10: file-5.19-printf.dif +Patch11: file-5.12-zip.dif +Patch12: file-5.17-option.dif +Patch13: file-4.21-scribus.dif +Patch15: file-4.21-xcursor.dif +Patch22: file-5.19-cromfs.dif +Patch25: file-5.18-javacheck.dif +Patch26: file-5.19-solv.dif +Patch27: file-5.19-zip2.0.dif +Patch31: file-5.19-biorad.dif +Patch32: file-5.19-clicfs.dif +Patch33: file-5.16-ocloexec.patch +Patch34: file-5.23-endian.patch +Patch36: file-5.15-clear-invalid.patch +Patch37: file-secure_getenv.patch +Patch39: file-5.28-btrfs-image.dif +Patch40: file-5.32-ncurses-6.1.patch +Patch43: CVE-2019-18218-46a8443f.patch +# PATCH-FIX-USTREAM for bsc#1096974, bsc#1096984, and CVE-2018-10360 -- Avoid reading past the end of buffer +Patch54: file-a642587a9c.patch +# PATCH-FIX-USTREAM for bsc#1126117, bsc#1126118, bsc#1126119, CVE-2019-8905, CVE-2019-8906, and CVE-2019-8907 +Patch55: 0002-PR-62-spinpx-limit-size-of-file_printable.patch +# PATCH-FIX-SUSE previous backport caused a shorten output of the elf interprter +Patch56: fix_of_backport_PR-62.patch +# PATCH-FIX-USTREAM for bsc#1189996 +Patch57: bsc1189996-9fbe768a.patch +BuildRoot: %{_tmppath}/%{name}-%{version}-build +%global _sysconfdir /etc +%global _miscdir %{_datadir}/misc + +%description +With the file command, you can obtain information on the file type of a +specified file. File type recognition is controlled by the file +/etc/magic, which contains the classification criteria. This command is +used by apsfilter to permit automatic printing of different file types. + +%package magic +Summary: Database for libmagic to help identify files +Group: Productivity/File utilities +Obsoletes: libmagic-data < %{version} +Provides: libmagic-data = %{version} +%if 0%{?suse_version} >= 1200 +BuildArch: noarch +%endif + +%description magic +This package contains the basic magic files that libmagic reads and uses +to estimate a file's type. + +%package -n %libname +Summary: Library for heuristic file type identification +Group: System/Libraries +Provides: file:%{_libdir}/libmagic.so.%{somajor} +Requires: file-magic = %{version} + +%description -n %libname +This library reads magic files and detects file types. Used by file command + +%package devel +Summary: Development files for libmagic, a library to determine file types +Group: Development/Libraries/C and C++ +Provides: file:/usr/include/magic.h +Requires: %libname = %{version} +Requires: glibc-devel + +%description devel +This package contains all necessary include files and libraries needed +to develop applications that require the magic "file" interface. + +%prep +%setup -q -n file-%{version} +%patch1 -p0 -b .misc +%patch4 -p0 -b .conf +%patch5 -p0 -b .tex +%patch7 -p0 -b .ssd +%patch8 -p0 -b .xen +%patch9 -p0 -b .elf +%patch10 -p0 -b .prtf +%patch11 -p0 -b .zip +%patch12 -p0 -b .opt +%patch13 -p0 -b .scri +%patch15 -p0 -b .xcur +%patch22 -p0 -b .cromfs +%patch25 -p0 -b .javacheck +%patch26 -p0 -b .solv +%patch27 -p0 -b .zip2.0 +%patch31 -p0 -b .biorad +%patch32 -p0 -b .clicfs +%patch33 -p0 -b .clexe +%patch34 -p0 -b .endian +%patch36 -p1 -b .clear +%patch37 -p1 -b .getenv +%patch39 -p1 -b .btrfs +%patch40 -p0 -b .nc61 +%patch43 -p0 -b .CVE-2019-18218 +%patch54 -p0 +%patch55 -p0 +%patch56 -p0 +%patch57 -p0 +%patch -b .0 +test -s src/magic.h.in || cp -p src/magic.h src/magic.h.in +rm -fv src/magic.h + +%build +export LANG=POSIX +export LC_ALL=POSIX +rm -f Magdir/*,v Magdir/*~ +rm -f ltcf-c.sh ltconfig ltmain.sh +autoreconf -fiv +export CFLAGS="%{optflags} -DHOWMANY=69632 -fPIE" +%configure --disable-silent-rules --datadir=%{_miscdir} --disable-static --enable-fsect-man5 +make %{?_smp_mflags} pkgdatadir='$(datadir)' LDFLAGS="-pie" + +%install +export LANG=POSIX +export LC_ALL=POSIX +mkdir %{buildroot}/etc +make DESTDIR=%{buildroot} install pkgdatadir='$(datadir)' +rm -vf %{buildroot}%{_sysconfdir}/magic +echo '# Localstuff: file(1) magic(5) for locally observed files' > %{buildroot}%{_sysconfdir}/magic +echo '# global magic file is %{_miscdir}/magic(.mgc)' >> %{buildroot}%{_sysconfdir}/magic +# Does not build +%if %{with decore} +install -s dcore %{buildroot}%{_bindir} +%endif +# Check out that the binary does not bail out: +LD_LIBRARY_PATH=%{buildroot}%{_libdir} +export LD_LIBRARY_PATH +find %{buildroot}%{_bindir}/file %{_bindir}/ /%{_lib}/ %{_libdir}/ | \ + xargs %{buildroot}%{_bindir}/file -m %{buildroot}%{_miscdir}/magic +unset LD_LIBRARY_PATH +rm -f %{buildroot}%{_libdir}/*.la + +%post -n %libname -p /sbin/ldconfig + +%postun -n %libname -p /sbin/ldconfig + +%files -n %libname +%defattr (-,root,root) +%{_libdir}/lib*.so.* + +%files magic +%defattr (-,root,root) +%config(noreplace) %{_sysconfdir}/magic +%{_miscdir}/magic +%{_miscdir}/magic.mgc +%doc %{_mandir}/man5/magic.5.gz + +%files +%defattr (-,root,root) +%if %{with decore} +%attr(755,root,root) %{_bindir}/dcore +%endif +%attr(755,root,root) %{_bindir}/file +%doc %{_mandir}/man1/file.1.gz +%license COPYING +%doc AUTHORS NEWS ChangeLog + +%files devel +%defattr (-,root,root) +%{_libdir}/lib*.so +%{_includedir}/magic.h +%doc %{_mandir}/man3/libmagic.3.gz +%license COPYING +%doc README AUTHORS NEWS ChangeLog + +%changelog diff --git a/fix_of_backport_PR-62.patch b/fix_of_backport_PR-62.patch new file mode 100644 index 0000000..c61fee8 --- /dev/null +++ b/fix_of_backport_PR-62.patch @@ -0,0 +1,44 @@ +Subject: Fix broken backport of the fix of PR-62 +From: Werner Fink + +The backport of the fix for PR-62 with patch +0002-PR-62-spinpx-limit-size-of-file_printable.patch +broke the oputput of the interpreter string + +--- + src/readelf.c | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +--- src/readelf.c ++++ src/readelf.c 2020-09-18 14:06:18.335832113 +0200 +@@ -1243,9 +1243,9 @@ dophn_exec(struct magic_set *ms, int cla + Elf32_Phdr ph32; + Elf64_Phdr ph64; + const char *linking_style = "statically"; +- const char *interp = ""; + unsigned char nbuf[BUFSIZ]; + char ibuf[BUFSIZ]; ++ char interp[BUFSIZ]; + ssize_t bufsize; + size_t offset, align, len; + +@@ -1255,6 +1255,7 @@ dophn_exec(struct magic_set *ms, int cla + return 0; + } + ++ interp[0] = '\0'; + for ( ; num; num--) { + if (pread(fd, xph_addr, xph_sizeof, off) < (ssize_t)xph_sizeof) { + file_badread(ms); +@@ -1304,9 +1305,9 @@ dophn_exec(struct magic_set *ms, int cla + case PT_INTERP: + if (bufsize && nbuf[0]) { + nbuf[bufsize - 1] = '\0'; +- interp = (const char *)nbuf; ++ memcpy(interp, nbuf, CAST(size_t, bufsize)); + } else +- interp = "*empty*"; ++ strlcpy(interp, "*empty*", sizeof(interp)); + break; + case PT_NOTE: + /*