segfault when using libmagic and an empty buffer in file-4.16
Christos Zoulas
christos at zoulas.com
Tue Oct 18 01:49:25 EEST 2005
On Oct 17, 6:01pm, vapier at gentoo.org (Mike Frysinger) wrote:
-- Subject: segfault when using libmagic and an empty buffer in file-4.16
| thought i already sent this but i must of forgotten
Nope, I have not seen this before :-)
| if you call magic_buffer(m, NULL, 0) it'll segfault on you because
| file_ascmagic() assumes that the count is always at least 2 bytes. once this
| has been fixed, magic_buffer(m, NULL, 0) will return NULL instead of
| "empty" ...
|
| so, the first fix is:
| --- src/ascmagic.c
| +++ src/ascmagic.c
| @@ -179,6 +179,9 @@ file_ascmagic(struct magic_set *ms, cons
| }
| }
|
| + if (nbytes <= 1)
| + goto done;
| +
| if ((*buf == 'c' || *buf == 'C') && ISSPC(buf[1])) {
| subtype_mime = "text/fortran";
| subtype = "fortran program";
|
| while the second fix should be something like this i think:
| file_buffer(struct magic_set *ms, int fd, const void *buf, size_t nb)
| ...
| /* abandon hope, all ye who remain here */
| if (file_printf(ms, ms->flags & MAGIC_MIME ?
| (nb ? "application/octet-stream" : "application/empty") :
| (nb ? "data" : "empty")) == -1)
| return -1;
| ...
Ok, I will take a look!
thanks
christos
More information about the File
mailing list