segfault in magic_buffer

Christoph Biedl gw.file.bgzt at manchmal.in-ulm.de
Tue Feb 11 14:31:07 EET 2014


Christoph Biedl wrote...

> Bisecting lead to
> 
>     918400eb76b9c3f4a840c689fe21f6990dd8ede8 is the first bad commit
>     commit 918400eb76b9c3f4a840c689fe21f6990dd8ede8
>     Author: Christos Zoulas <christos at zoulas.com>
>     Date:   Fri Apr 6 21:18:09 2012 +0000
> 
>         Apple on-disk formats.
> 
> ... and that's bad news since that commit only introduced new magic
> patterns. If my calculations are correct, this implies there's a flaw
> in the magic handling code.

The culprit is the handling of "indirect". Not even minimal magic I
found for a reproducer:

    0           byte            x
    >(2.S*1)    indirect        0

The bad news, this has been around since the introduction of
FILE_INDIRECT in

    f511621ed212f77d3dfd9c594d2cc0d79acf3e3e is the first bad commit
    commit f511621ed212f77d3dfd9c594d2cc0d79acf3e3e
    Author: Christos Zoulas <christos at zoulas.com>
    Date:   Thu Nov 6 23:22:53 2008 +0000

        Handle ID3 files.

More to come ...

    Christoph


More information about the File mailing list