Lines 61-66
private void cvt_16(union VALUETYPE *, const struct magic *);
Link Here
|
61 |
private void cvt_32(union VALUETYPE *, const struct magic *); |
61 |
private void cvt_32(union VALUETYPE *, const struct magic *); |
62 |
private void cvt_64(union VALUETYPE *, const struct magic *); |
62 |
private void cvt_64(union VALUETYPE *, const struct magic *); |
63 |
|
63 |
|
|
|
64 |
#define OFFSET_OOB(n, o, i) ((n) < (o) || (i) > ((n) - (o))) |
64 |
/* |
65 |
/* |
65 |
* softmagic - lookup one file in parsed, in-memory copy of database |
66 |
* softmagic - lookup one file in parsed, in-memory copy of database |
66 |
* Passed the name and FILE * of one file to be typed. |
67 |
* Passed the name and FILE * of one file to be typed. |
Lines 1081-1087
mget(struct magic_set *ms, const unsigned char *s,
Link Here
|
1081 |
} |
1082 |
} |
1082 |
switch (m->in_type) { |
1083 |
switch (m->in_type) { |
1083 |
case FILE_BYTE: |
1084 |
case FILE_BYTE: |
1084 |
if (nbytes < (offset + 1)) |
1085 |
if (OFFSET_OOB(nbytes, offset, 1)) |
1085 |
return 0; |
1086 |
return 0; |
1086 |
if (off) { |
1087 |
if (off) { |
1087 |
switch (m->in_op & FILE_OPS_MASK) { |
1088 |
switch (m->in_op & FILE_OPS_MASK) { |
Lines 1116-1122
mget(struct magic_set *ms, const unsigned char *s,
Link Here
|
1116 |
offset = ~offset; |
1117 |
offset = ~offset; |
1117 |
break; |
1118 |
break; |
1118 |
case FILE_BESHORT: |
1119 |
case FILE_BESHORT: |
1119 |
if (nbytes < (offset + 2)) |
1120 |
|
|
|
1121 |
if (OFFSET_OOB(nbytes, offset, 2)) |
1120 |
return 0; |
1122 |
return 0; |
1121 |
if (off) { |
1123 |
if (off) { |
1122 |
switch (m->in_op & FILE_OPS_MASK) { |
1124 |
switch (m->in_op & FILE_OPS_MASK) { |
Lines 1168-1174
mget(struct magic_set *ms, const unsigned char *s,
Link Here
|
1168 |
offset = ~offset; |
1170 |
offset = ~offset; |
1169 |
break; |
1171 |
break; |
1170 |
case FILE_LESHORT: |
1172 |
case FILE_LESHORT: |
1171 |
if (nbytes < (offset + 2)) |
1173 |
if (OFFSET_OOB(nbytes, offset, 2)) |
1172 |
return 0; |
1174 |
return 0; |
1173 |
if (off) { |
1175 |
if (off) { |
1174 |
switch (m->in_op & FILE_OPS_MASK) { |
1176 |
switch (m->in_op & FILE_OPS_MASK) { |
Lines 1220-1226
mget(struct magic_set *ms, const unsigned char *s,
Link Here
|
1220 |
offset = ~offset; |
1222 |
offset = ~offset; |
1221 |
break; |
1223 |
break; |
1222 |
case FILE_SHORT: |
1224 |
case FILE_SHORT: |
1223 |
if (nbytes < (offset + 2)) |
1225 |
if (OFFSET_OOB(nbytes, offset, 2)) |
1224 |
return 0; |
1226 |
return 0; |
1225 |
if (off) { |
1227 |
if (off) { |
1226 |
switch (m->in_op & FILE_OPS_MASK) { |
1228 |
switch (m->in_op & FILE_OPS_MASK) { |
Lines 1257-1263
mget(struct magic_set *ms, const unsigned char *s,
Link Here
|
1257 |
break; |
1259 |
break; |
1258 |
case FILE_BELONG: |
1260 |
case FILE_BELONG: |
1259 |
case FILE_BEID3: |
1261 |
case FILE_BEID3: |
1260 |
if (nbytes < (offset + 4)) |
1262 |
if (OFFSET_OOB(nbytes, offset, 4)) |
1261 |
return 0; |
1263 |
return 0; |
1262 |
if (off) { |
1264 |
if (off) { |
1263 |
switch (m->in_op & FILE_OPS_MASK) { |
1265 |
switch (m->in_op & FILE_OPS_MASK) { |
Lines 1328-1334
mget(struct magic_set *ms, const unsigned char *s,
Link Here
|
1328 |
break; |
1330 |
break; |
1329 |
case FILE_LELONG: |
1331 |
case FILE_LELONG: |
1330 |
case FILE_LEID3: |
1332 |
case FILE_LEID3: |
1331 |
if (nbytes < (offset + 4)) |
1333 |
if (OFFSET_OOB(nbytes, offset, 4)) |
1332 |
return 0; |
1334 |
return 0; |
1333 |
if (off) { |
1335 |
if (off) { |
1334 |
switch (m->in_op & FILE_OPS_MASK) { |
1336 |
switch (m->in_op & FILE_OPS_MASK) { |
Lines 1398-1404
mget(struct magic_set *ms, const unsigned char *s,
Link Here
|
1398 |
offset = ~offset; |
1400 |
offset = ~offset; |
1399 |
break; |
1401 |
break; |
1400 |
case FILE_MELONG: |
1402 |
case FILE_MELONG: |
1401 |
if (nbytes < (offset + 4)) |
1403 |
if (OFFSET_OOB(nbytes, offset, 4)) |
1402 |
return 0; |
1404 |
return 0; |
1403 |
if (off) { |
1405 |
if (off) { |
1404 |
switch (m->in_op & FILE_OPS_MASK) { |
1406 |
switch (m->in_op & FILE_OPS_MASK) { |
Lines 1468-1474
mget(struct magic_set *ms, const unsigned char *s,
Link Here
|
1468 |
offset = ~offset; |
1470 |
offset = ~offset; |
1469 |
break; |
1471 |
break; |
1470 |
case FILE_LONG: |
1472 |
case FILE_LONG: |
1471 |
if (nbytes < (offset + 4)) |
1473 |
if (OFFSET_OOB(nbytes, offset, 4)) |
1472 |
return 0; |
1474 |
return 0; |
1473 |
if (off) { |
1475 |
if (off) { |
1474 |
switch (m->in_op & FILE_OPS_MASK) { |
1476 |
switch (m->in_op & FILE_OPS_MASK) { |
Lines 1535-1548
mget(struct magic_set *ms, const unsigned char *s,
Link Here
|
1535 |
/* Verify we have enough data to match magic type */ |
1537 |
/* Verify we have enough data to match magic type */ |
1536 |
switch (m->type) { |
1538 |
switch (m->type) { |
1537 |
case FILE_BYTE: |
1539 |
case FILE_BYTE: |
1538 |
if (nbytes < (offset + 1)) /* should alway be true */ |
1540 |
if (OFFSET_OOB(nbytes, offset, 1)) |
1539 |
return 0; |
1541 |
return 0; |
1540 |
break; |
1542 |
break; |
1541 |
|
1543 |
|
1542 |
case FILE_SHORT: |
1544 |
case FILE_SHORT: |
1543 |
case FILE_BESHORT: |
1545 |
case FILE_BESHORT: |
1544 |
case FILE_LESHORT: |
1546 |
case FILE_LESHORT: |
1545 |
if (nbytes < (offset + 2)) |
1547 |
if (OFFSET_OOB(nbytes, offset, 2)) |
1546 |
return 0; |
1548 |
return 0; |
1547 |
break; |
1549 |
break; |
1548 |
|
1550 |
|
Lines 1561-1586
mget(struct magic_set *ms, const unsigned char *s,
Link Here
|
1561 |
case FILE_FLOAT: |
1563 |
case FILE_FLOAT: |
1562 |
case FILE_BEFLOAT: |
1564 |
case FILE_BEFLOAT: |
1563 |
case FILE_LEFLOAT: |
1565 |
case FILE_LEFLOAT: |
1564 |
if (nbytes < (offset + 4)) |
1566 |
if (OFFSET_OOB(nbytes, offset, 4)) |
1565 |
return 0; |
1567 |
return 0; |
1566 |
break; |
1568 |
break; |
1567 |
|
1569 |
|
1568 |
case FILE_DOUBLE: |
1570 |
case FILE_DOUBLE: |
1569 |
case FILE_BEDOUBLE: |
1571 |
case FILE_BEDOUBLE: |
1570 |
case FILE_LEDOUBLE: |
1572 |
case FILE_LEDOUBLE: |
1571 |
if (nbytes < (offset + 8)) |
1573 |
if (OFFSET_OOB(nbytes, offset, 8)) |
1572 |
return 0; |
1574 |
return 0; |
1573 |
break; |
1575 |
break; |
1574 |
|
1576 |
|
1575 |
case FILE_STRING: |
1577 |
case FILE_STRING: |
1576 |
case FILE_PSTRING: |
1578 |
case FILE_PSTRING: |
1577 |
case FILE_SEARCH: |
1579 |
case FILE_SEARCH: |
1578 |
if (nbytes < (offset + m->vallen)) |
1580 |
if (OFFSET_OOB(nbytes, offset, m->vallen)) |
1579 |
return 0; |
1581 |
return 0; |
1580 |
break; |
1582 |
break; |
1581 |
|
1583 |
|
1582 |
case FILE_REGEX: |
1584 |
case FILE_REGEX: |
1583 |
if (nbytes < offset) |
1585 |
if (OFFSET_OOB(nbytes, offset, 0)) |
1584 |
return 0; |
1586 |
return 0; |
1585 |
break; |
1587 |
break; |
1586 |
|
1588 |
|