debian/changelog

@@ -1,3 +1,20 @@
+file (1:5.35-4) unstable; urgency=medium
+
+  * Cherry-pick fix for JSON detection. Closes: 922874
+
+ -- Christoph Biedl <debian.axhn@manchmal.in-ulm.de>  Sat, 02 Mar 2019 08:05:54 +0100
+
+file (1:5.35-3) unstable; urgency=medium
+
+  * Cherry-pick many commits since 5.35 release that seem wise to
+    include in buster.
+    * Closes: #922967 [CVE-2019-8904]
+    * Closes: #922968 [CVE-2019-8905 CVE-2019-8907]
+    * Closes: #922969 [CVE-2019-8906]
+  * Cherry-pick two documentation fix commits
+
+ -- Christoph Biedl <debian.axhn@manchmal.in-ulm.de>  Fri, 01 Mar 2019 09:27:11 +0100
+
 file (1:5.35-2) unstable; urgency=medium
 
   * Upload to unstable

debian/patches/cherry-pick.FILE5_35-1-g338cc788.-c-cast.patch

@@ -0,0 +1,47 @@
+Subject: - C++ cast (...)
+Origin: FILE5_35-1-g338cc788 <https://github.com/file/file/commit/FILE5_35-1-g338cc788>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Fri Oct 19 00:26:08 2018 +0000
+
+    - C++ cast
+    - return 0 instead of -1 for error in donote
+
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -786,8 +786,8 @@
+ 			pidoff = argoff + 81 + 2;
+ 			if (doff + pidoff + 4 <= size) {
+ 				if (file_printf(ms, ", pid=%u",
+-				    elf_getu32(swap, *(uint32_t *)(nbuf +
+-				    doff + pidoff))) == -1)
++				    elf_getu32(swap, *RCAST(uint32 *, (nbuf +
++				    doff + pidoff)))) == -1)
+ 					return 1;
+ 			}
+ 			*flags |= FLAGS_DID_CORE;
+@@ -1142,14 +1142,14 @@
+ 	if (namesz & 0x80000000) {
+ 		if (file_printf(ms, ", bad note name size %#lx",
+ 		    CAST(unsigned long, namesz)) == -1)
+-			return -1;
++			return 0;
+ 	    return 0;
+ 	}
+ 
+ 	if (descsz & 0x80000000) {
+ 		if (file_printf(ms, ", bad note description size %#lx",
+ 		    CAST(unsigned long, descsz)) == -1)
+-		    	return -1;
++		    	return 0;
+ 	    return 0;
+ 	}
+ 
+@@ -1668,7 +1668,7 @@
+ 		case PT_INTERP:
+ 			if (bufsize && nbuf[0]) {
+ 				nbuf[bufsize - 1] = '\0';
+-				memcpy(interp, nbuf, bufsize);
++				memcpy(interp, nbuf, (size_t)bufsize);
+ 			} else
+ 				strlcpy(interp, "*empty*", sizeof(interp));
+ 			break;

debian/patches/cherry-pick.FILE5_35-16-g6d90cbff.avoid-over-trimming-ucs16-text-and-ending-up-losing-the-last-character.patch

@@ -0,0 +1,20 @@
+Subject: Avoid over-trimming UCS16 text, and ending up losing the last character
+Origin: FILE5_35-16-g6d90cbff <https://github.com/file/file/commit/FILE5_35-16-g6d90cbff>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Tue Nov 27 17:34:32 2018 +0000
+
+--- a/src/ascmagic.c
++++ b/src/ascmagic.c
+@@ -81,6 +81,12 @@
+ 
+ 	bb = *b;
+ 	bb.flen = trim_nuls(CAST(const unsigned char *, b->fbuf), b->flen);
++	/*
++	 * Avoid trimming at an odd byte if the original buffer was evenly
++	 * sized; this avoids losing the last character on UTF-16 LE text
++	 */
++	if ((bb.flen & 1) && !(b->flen & 1))
++		bb.flen++;
+ 
+ 	/* If file doesn't look like any sort of text, give up. */
+ 	if (file_encoding(ms, &bb, &ubuf, &ulen, &code, &code_mime,

debian/patches/cherry-pick.FILE5_35-2-g8d68fb4f.lint-fixes.patch

@@ -0,0 +1,52 @@
+Subject: Lint fixes
+Origin: FILE5_35-2-g8d68fb4f <https://github.com/file/file/commit/FILE5_35-2-g8d68fb4f>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Fri Oct 19 00:26:26 2018 +0000
+
+--- a/src/apprentice.c
++++ b/src/apprentice.c
+@@ -293,9 +293,9 @@
+ 
+ private off_t
+ maxoff_t(void) {
+-	if (sizeof(off_t) == sizeof(int))
++	if (/*CONSTCOND*/sizeof(off_t) == sizeof(int))
+ 		return CAST(off_t, INT_MAX);
+-	if (sizeof(off_t) == sizeof(long))
++	if (/*CONSTCOND*/sizeof(off_t) == sizeof(long))
+ 		return CAST(off_t, LONG_MAX);
+ 	return 0x7fffffff;
+ }
+--- a/src/compress.c
++++ b/src/compress.c
+@@ -422,7 +422,7 @@
+ #else
+ 	{
+ 		int te;
+-		int ou = umask(0);
++		mode_t ou = umask(0);
+ 		tfd = mkstemp(buf);
+ 		(void)umask(ou);
+ 		te = errno;
+--- a/src/file.h
++++ b/src/file.h
+@@ -382,7 +382,7 @@
+ #define CCAST(T, b)	const_cast<T>(b)
+ #else
+ #define CAST(T, b)	((T)(b))
+-#define RCAST(T, b)	((T)(b))
++#define RCAST(T, b)	((T)(void *)(b))
+ #define CCAST(T, b)	((T)(uintptr_t)(b))
+ #endif
+ 
+--- a/src/is_json.c
++++ b/src/is_json.c
+@@ -44,7 +44,7 @@
+ #define DPRINTF(a, b, c)	\
+     printf("%s [%.2x/%c] %.20s\n", (a), *(b), *(b), (const char *)(c))
+ #else
+-#define DPRINTF(a, b, c)	(void)0
++#define DPRINTF(a, b, c)	do { } while (/*CONSTCOND*/0)
+ #endif
+ 
+ #define JSON_ARRAY	0

debian/patches/cherry-pick.FILE5_35-25-g48052fcf.fix-cut-n-pasto-for-regex-max-vsevolod-stakhov.patch

@@ -0,0 +1,16 @@
+Subject: Fix cut-n-pasto for regex_max (Vsevolod Stakhov)
+Origin: FILE5_35-25-g48052fcf <https://github.com/file/file/commit/FILE5_35-25-g48052fcf>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Tue Dec 11 14:41:11 2018 +0000
+
+--- a/src/magic.c
++++ b/src/magic.c
+@@ -604,7 +604,7 @@
+ 		ms->elf_notes_max = (uint16_t)*(const size_t *)val;
+ 		return 0;
+ 	case MAGIC_PARAM_REGEX_MAX:
+-		ms->elf_notes_max = (uint16_t)*(const size_t *)val;
++		ms->elf_regex_max = (uint16_t)*(const size_t *)val;
+ 		return 0;
+ 	case MAGIC_PARAM_BYTES_MAX:
+ 		ms->bytes_max = *(const size_t *)val;

debian/patches/cherry-pick.FILE5_35-26-g98f29456.fix-name.patch

@@ -0,0 +1,16 @@
+Subject: Fix name
+Origin: FILE5_35-26-g98f29456 <https://github.com/file/file/commit/FILE5_35-26-g98f29456>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Tue Dec 11 21:10:33 2018 +0000
+
+--- a/src/magic.c
++++ b/src/magic.c
+@@ -604,7 +604,7 @@
+ 		ms->elf_notes_max = (uint16_t)*(const size_t *)val;
+ 		return 0;
+ 	case MAGIC_PARAM_REGEX_MAX:
+-		ms->elf_regex_max = (uint16_t)*(const size_t *)val;
++		ms->regex_max = (uint16_t)*(const size_t *)val;
+ 		return 0;
+ 	case MAGIC_PARAM_BYTES_MAX:
+ 		ms->bytes_max = *(const size_t *)val;

debian/patches/cherry-pick.FILE5_35-3-gc7d910ee.more-lint-fixes.patch

@@ -0,0 +1,38 @@
+Subject: More lint fixes
+Origin: FILE5_35-3-gc7d910ee <https://github.com/file/file/commit/FILE5_35-3-gc7d910ee>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Fri Oct 19 00:33:04 2018 +0000
+
+--- a/src/file.h
++++ b/src/file.h
+@@ -382,7 +382,7 @@
+ #define CCAST(T, b)	const_cast<T>(b)
+ #else
+ #define CAST(T, b)	((T)(b))
+-#define RCAST(T, b)	((T)(void *)(b))
++#define RCAST(T, b)	((T)(uintptr_t)(b))
+ #define CCAST(T, b)	((T)(uintptr_t)(b))
+ #endif
+ 
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -786,7 +786,7 @@
+ 			pidoff = argoff + 81 + 2;
+ 			if (doff + pidoff + 4 <= size) {
+ 				if (file_printf(ms, ", pid=%u",
+-				    elf_getu32(swap, *RCAST(uint32 *, (nbuf +
++				    elf_getu32(swap, *RCAST(uint32_t *, (nbuf +
+ 				    doff + pidoff)))) == -1)
+ 					return 1;
+ 			}
+--- a/src/softmagic.c
++++ b/src/softmagic.c
+@@ -1435,7 +1435,7 @@
+ 		if ((size_t)-m->offset > b->elen)
+ 			return -1;
+ 		buffer_init(bb, -1, b->ebuf, b->elen);
+-		ms->eoffset = ms->offset = b->elen + m->offset;
++		ms->eoffset = ms->offset = (int32_t)(b->elen + m->offset);
+ 	} else {
+ 		if (cont_level == 0) {
+ normal:

debian/patches/cherry-pick.FILE5_35-31-g2858eaf9.avoid-oob-read-found-by-asan-reported-by-f.patch

@@ -0,0 +1,18 @@
+Subject: Avoid OOB read (found by ASAN reported by F. Alonso)
+ID: CVE-2019-8906
+Origin: FILE5_35-31-g2858eaf9 <https://github.com/file/file/commit/FILE5_35-31-g2858eaf9>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Wed Jan 2 19:44:14 2019 +0000
+Bug-Debian: https://bugs.debian.org/922969
+
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -752,7 +752,7 @@
+ 			char sbuf[512];
+ 			struct NetBSD_elfcore_procinfo pi;
+ 			memset(&pi, 0, sizeof(pi));
+-			memcpy(&pi, nbuf + doff, descsz);
++			memcpy(&pi, nbuf + doff, MIN(descsz, sizeof(pi)));
+ 
+ 			if (file_printf(ms, ", from '%.31s', pid=%u, uid=%u, "
+ 			    "gid=%u, nlwps=%u, lwp=%u (signal %u/code %u)",

debian/patches/cherry-pick.FILE5_35-42-ge6bf546d.fix-documentation-to-match-the-source.patch

@@ -0,0 +1,23 @@
+Subject: Fix documentation to match the source
+Origin: FILE5_35-42-ge6bf546d <https://github.com/file/file/commit/FILE5_35-42-ge6bf546d>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Mon Jan 21 14:56:53 2019 +0000
+
+--- a/doc/magic.man
++++ b/doc/magic.man
+@@ -116,13 +116,13 @@
+ .It B
+ A byte length (default).
+ .It H
+-A 4 byte big endian length.
++A 2 byte big endian length.
+ .It h
+ A 2 byte little endian length.
+ .It L
+ A 4 byte big endian length.
+ .It l
+-A 2 byte little endian length.
++A 4 byte little endian length.
+ .It J
+ The length includes itself in its count.
+ .El

debian/patches/cherry-pick.FILE5_35-49-g3a6f62e2.fix-indirect-offset-overflow-calculation-b.patch

@@ -0,0 +1,67 @@
+Subject: Fix indirect offset overflow calculation (B. Watson)
+Origin: FILE5_35-49-g3a6f62e2 <https://github.com/file/file/commit/FILE5_35-49-g3a6f62e2>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Thu Feb 14 00:25:59 2019 +0000
+
+--- a/src/softmagic.c
++++ b/src/softmagic.c
+@@ -1528,39 +1528,57 @@
+ 		if (m->in_op & FILE_OPINDIRECT) {
+ 			const union VALUETYPE *q = CAST(const union VALUETYPE *,
+ 			    ((const void *)(s + offset + off)));
+-			if (OFFSET_OOB(nbytes, offset + off, sizeof(*q)))
+-				return 0;
+ 			switch (cvt_flip(m->in_type, flip)) {
+ 			case FILE_BYTE:
++				if (OFFSET_OOB(nbytes, offset + off, 1))
++					return 0;
+ 				off = SEXT(sgn,8,q->b);
+ 				break;
+ 			case FILE_SHORT:
++				if (OFFSET_OOB(nbytes, offset + off, 2))
++					return 0;
+ 				off = SEXT(sgn,16,q->h);
+ 				break;
+ 			case FILE_BESHORT:
++				if (OFFSET_OOB(nbytes, offset + off, 2))
++					return 0;
+ 				off = SEXT(sgn,16,BE16(q));
+ 				break;
+ 			case FILE_LESHORT:
++				if (OFFSET_OOB(nbytes, offset + off, 2))
++					return 0;
+ 				off = SEXT(sgn,16,LE16(q));
+ 				break;
+ 			case FILE_LONG:
++				if (OFFSET_OOB(nbytes, offset + off, 4))
++					return 0;
+ 				off = SEXT(sgn,32,q->l);
+ 				break;
+ 			case FILE_BELONG:
+ 			case FILE_BEID3:
++				if (OFFSET_OOB(nbytes, offset + off, 4))
++					return 0;
+ 				off = SEXT(sgn,32,BE32(q));
+ 				break;
+ 			case FILE_LEID3:
+ 			case FILE_LELONG:
++				if (OFFSET_OOB(nbytes, offset + off, 4))
++					return 0;
+ 				off = SEXT(sgn,32,LE32(q));
+ 				break;
+ 			case FILE_MELONG:
++				if (OFFSET_OOB(nbytes, offset + off, 4))
++					return 0;
+ 				off = SEXT(sgn,32,ME32(q));
+ 				break;
+ 			case FILE_BEQUAD:
++				if (OFFSET_OOB(nbytes, offset + off, 8))
++					return 0;
+ 				off = SEXT(sgn,64,BE64(q));
+ 				break;
+ 			case FILE_LEQUAD:
++				if (OFFSET_OOB(nbytes, offset + off, 8))
++					return 0;
+ 				off = SEXT(sgn,64,LE64(q));
+ 				break;
+ 			default:

debian/patches/cherry-pick.FILE5_35-52-g94b7501f.pr-62-spinpx-avoid-non-nul-terminated-string-read.patch

@@ -0,0 +1,20 @@
+Subject: PR/62: spinpx: Avoid non-nul-terminated string read
+ID: CVE-2019-8904
+Origin: FILE5_35-52-g94b7501f <https://github.com/file/file/commit/FILE5_35-52-g94b7501f>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Mon Feb 18 17:30:41 2019 +0000
+Bug-Debian: https://bugs.debian.org/922967
+
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -563,8 +563,8 @@
+ 	}
+ 	if (namesz == 4 && strcmp((char *)&nbuf[noff], "Go") == 0 &&
+ 	    type == NT_GO_BUILD_ID && descsz < 128) {
+-		if (file_printf(ms, ", Go BuildID=%s",
+-		    (char *)&nbuf[doff]) == -1)
++		if (file_printf(ms, ", Go BuildID=%.*s",
++		    CAST(int, descsz), CAST(char *, &nbuf[doff])) == -1)
+ 			return -1;
+ 		return 1;
+ 	}

debian/patches/cherry-pick.FILE5_35-53-gd6578152.pr-62-spinpx-limit-size-of-file-printable.patch

@@ -0,0 +1,100 @@
+Subject: PR/62: spinpx: limit size of file_printable
+ID: CVE-2019-8905 CVE-2019-8907
+Origin: FILE5_35-53-gd6578152 <https://github.com/file/file/commit/FILE5_35-53-gd6578152>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Mon Feb 18 17:46:56 2019 +0000
+Bug-Debian: https://bugs.debian.org/922968
+
+--- a/src/file.h
++++ b/src/file.h
+@@ -506,7 +506,7 @@
+     size_t *);
+ protected size_t file_pstring_length_size(const struct magic *);
+ protected size_t file_pstring_get_length(const struct magic *, const char *);
+-protected char * file_printable(char *, size_t, const char *);
++protected char * file_printable(char *, size_t, const char *, size_t);
+ #ifdef __EMX__
+ protected int file_os2_apptype(struct magic_set *, const char *, const void *,
+     size_t);
+--- a/src/funcs.c
++++ b/src/funcs.c
+@@ -623,12 +623,13 @@
+  * convert string to ascii printable format.
+  */
+ protected char *
+-file_printable(char *buf, size_t bufsiz, const char *str)
++file_printable(char *buf, size_t bufsiz, const char *str, size_t slen)
+ {
+-	char *ptr, *eptr;
++	char *ptr, *eptr = buf + bufsiz - 1;
+ 	const unsigned char *s = (const unsigned char *)str;
++	const unsigned char *es = s + slen;
+ 
+-	for (ptr = buf, eptr = ptr + bufsiz - 1; ptr < eptr && *s; s++) {
++	for (ptr = buf;  ptr < eptr && s < es && *s; s++) {
+ 		if (isprint(*s)) {
+ 			*ptr++ = *s;
+ 			continue;
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -757,7 +757,7 @@
+ 			if (file_printf(ms, ", from '%.31s', pid=%u, uid=%u, "
+ 			    "gid=%u, nlwps=%u, lwp=%u (signal %u/code %u)",
+ 			    file_printable(sbuf, sizeof(sbuf),
+-			    RCAST(char *, pi.cpi_name)),
++			    RCAST(char *, pi.cpi_name), sizeof(pi.cpi_name)),
+ 			    elf_getu32(swap, (uint32_t)pi.cpi_pid),
+ 			    elf_getu32(swap, pi.cpi_euid),
+ 			    elf_getu32(swap, pi.cpi_egid),
+@@ -1697,7 +1697,8 @@
+ 		return -1;
+ 	if (interp[0])
+ 		if (file_printf(ms, ", interpreter %s",
+-		    file_printable(ibuf, sizeof(ibuf), interp)) == -1)
++		    file_printable(ibuf, sizeof(ibuf), interp, sizeof(interp)))
++			== -1)
+ 			return -1;
+ 	return 0;
+ }
+--- a/src/softmagic.c
++++ b/src/softmagic.c
+@@ -634,8 +634,8 @@
+   	case FILE_LESTRING16:
+ 		if (m->reln == '=' || m->reln == '!') {
+ 			if (file_printf(ms, F(ms, desc, "%s"),
+-			    file_printable(sbuf, sizeof(sbuf), m->value.s))
+-			    == -1)
++			    file_printable(sbuf, sizeof(sbuf), m->value.s,
++			    sizeof(m->value.s))) == -1)
+ 				return -1;
+ 			t = ms->offset + m->vallen;
+ 		}
+@@ -662,7 +662,8 @@
+ 			}
+ 
+ 			if (file_printf(ms, F(ms, desc, "%s"),
+-			    file_printable(sbuf, sizeof(sbuf), str)) == -1)
++			    file_printable(sbuf, sizeof(sbuf), str,
++				sizeof(p->s) - (str - p->s))) == -1)
+ 				return -1;
+ 
+ 			if (m->type == FILE_PSTRING)
+@@ -768,7 +769,7 @@
+ 			return -1;
+ 		}
+ 		rval = file_printf(ms, F(ms, desc, "%s"),
+-		    file_printable(sbuf, sizeof(sbuf), cp));
++		    file_printable(sbuf, sizeof(sbuf), cp, ms->search.rm_len));
+ 		free(cp);
+ 
+ 		if (rval == -1)
+@@ -795,7 +796,8 @@
+ 		break;
+ 	case FILE_DER:
+ 		if (file_printf(ms, F(ms, desc, "%s"),
+-		    file_printable(sbuf, sizeof(sbuf), ms->ms_value.s)) == -1)
++		    file_printable(sbuf, sizeof(sbuf), ms->ms_value.s,
++			sizeof(ms->ms_value.s))) == -1)
+ 			return -1;
+ 		t = ms->offset;
+ 		break;

debian/patches/cherry-pick.FILE5_35-55-g642f269e.mention-that-the-apple-filetype-creator-is-only-available-for-entries-that.patch

@@ -0,0 +1,20 @@
+Subject: Mention that the apple filetype/creator is only available for entries that (...)
+Origin: FILE5_35-55-g642f269e <https://github.com/file/file/commit/FILE5_35-55-g642f269e>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Mon Feb 18 18:59:25 2019 +0000
+
+    Mention that the apple filetype/creator is only available for entries that
+    have it (Kamil Dudka)
+
+--- a/doc/file.man
++++ b/doc/file.man
+@@ -171,6 +171,9 @@
+ used by older MacOS versions.
+ The code consists of eight letters,
+ the first describing the file type, the latter the creator.
++the first describing the file type, the latter the creator.
++This option works properly only for file formats that have the
++apple-style output defined.
+ .It Fl b , Fl Fl brief
+ Do not prepend filenames to output lines (brief mode).
+ .It Fl C , Fl Fl compile

debian/patches/cherry-pick.FILE5_35-56-gf0a26da7.pr-61-tmc-add-ucs-32-built-in-detection.patch

@@ -0,0 +1,117 @@
+Subject: PR/61: tmc: Add UCS-32 built-in detection
+Origin: FILE5_35-56-gf0a26da7 <https://github.com/file/file/commit/FILE5_35-56-gf0a26da7>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Tue Feb 19 20:30:35 2019 +0000
+Comment: Prerequisite for FILE5_36-1-gecca6e54
+
+--- a/src/encoding.c
++++ b/src/encoding.c
+@@ -49,6 +49,7 @@
+     size_t *);
+ private int looks_utf7(const unsigned char *, size_t, unichar *, size_t *);
+ private int looks_ucs16(const unsigned char *, size_t, unichar *, size_t *);
++private int looks_ucs32(const unsigned char *, size_t, unichar *, size_t *);
+ private int looks_latin1(const unsigned char *, size_t, unichar *, size_t *);
+ private int looks_extended(const unsigned char *, size_t, unichar *, size_t *);
+ private void from_ebcdic(const unsigned char *, size_t, unsigned char *);
+@@ -116,6 +117,15 @@
+ 		DPRINTF(("utf8 %" SIZE_T_FORMAT "u\n", *ulen));
+ 		*code = "UTF-8 Unicode";
+ 		*code_mime = "utf-8";
++	} else if ((ucs_type = looks_ucs32(buf, nbytes, *ubuf, ulen)) != 0) {
++		if (ucs_type == 1) {
++			*code = "Little-endian UTF-32 Unicode";
++			*code_mime = "utf-32le";
++		} else {
++			*code = "Big-endian UTF-32 Unicode";
++			*code_mime = "utf-32be";
++		}
++		DPRINTF(("ucs32 %" SIZE_T_FORMAT "u\n", *ulen));
+ 	} else if ((ucs_type = looks_ucs16(buf, nbytes, *ubuf, ulen)) != 0) {
+ 		if (ucs_type == 1) {
+ 			*code = "Little-endian UTF-16 Unicode";
+@@ -410,7 +420,7 @@
+ }
+ 
+ private int
+-looks_ucs16(const unsigned char *buf, size_t nbytes, unichar *ubuf,
++looks_ucs16(const unsigned char *bf, size_t nbytes, unichar *ubf,
+     size_t *ulen)
+ {
+ 	int bigend;
+@@ -419,9 +429,9 @@
+ 	if (nbytes < 2)
+ 		return 0;
+ 
+-	if (buf[0] == 0xff && buf[1] == 0xfe)
++	if (bf[0] == 0xff && bf[1] == 0xfe)
+ 		bigend = 0;
+-	else if (buf[0] == 0xfe && buf[1] == 0xff)
++	else if (bf[0] == 0xfe && bf[1] == 0xff)
+ 		bigend = 1;
+ 	else
+ 		return 0;
+@@ -432,20 +442,58 @@
+ 		/* XXX fix to properly handle chars > 65536 */
+ 
+ 		if (bigend)
+-			ubuf[(*ulen)++] = buf[i + 1] + 256 * buf[i];
++			ubf[(*ulen)++] = bf[i + 1] + 256 * bf[i];
+ 		else
+-			ubuf[(*ulen)++] = buf[i] + 256 * buf[i + 1];
++			ubf[(*ulen)++] = bf[i] + 256 * bf[i + 1];
+ 
+-		if (ubuf[*ulen - 1] == 0xfffe)
++		if (ubf[*ulen - 1] == 0xfffe)
+ 			return 0;
+-		if (ubuf[*ulen - 1] < 128 &&
+-		    text_chars[(size_t)ubuf[*ulen - 1]] != T)
++		if (ubf[*ulen - 1] < 128 &&
++		    text_chars[(size_t)ubf[*ulen - 1]] != T)
+ 			return 0;
+ 	}
+ 
+ 	return 1 + bigend;
+ }
+ 
++private int
++looks_ucs32(const unsigned char *bf, size_t nbytes, unichar *ubf,
++    size_t *ulen)
++{
++	int bigend;
++	size_t i;
++
++	if (nbytes < 4)
++		return 0;
++
++	if (bf[0] == 0xff && bf[1] == 0xfe && bf[2] == 0 && bf[3] == 0)
++		bigend = 0;
++	else if (bf[0] == 0 && bf[1] == 0 && bf[2] == 0xfe && bf[3] == 0xff)
++		bigend = 1;
++	else
++		return 0;
++
++	*ulen = 0;
++
++	for (i = 4; i + 1 < nbytes; i += 4) {
++		/* XXX fix to properly handle chars > 65536 */
++
++		if (bigend)
++			ubf[(*ulen)++] = bf[i + 3] | (bf[i + 2] << 8)
++			    | (bf[i + 1] << 16) | bf[i] << 24;
++		else
++			ubf[(*ulen)++] = bf[i] | (bf[i + 1] << 8) 
++			    | (bf[i + 2] << 16) | (bf[i + 3] << 24);
++
++		if (ubf[*ulen - 1] == 0xfffe)
++			return 0;
++		if (ubf[*ulen - 1] < 128 &&
++		    text_chars[(size_t)ubf[*ulen - 1]] != T)
++			return 0;
++	}
++
++	return 1 + bigend;
++}
+ #undef F
+ #undef T
+ #undef I

debian/patches/cherry-pick.FILE5_35-6-g2b6f3fbc.if-we-are-asked-to-print-annotations-and-there-are-no-annotations-in.patch

@@ -0,0 +1,98 @@
+Subject: If we are asked to print annotations and there are no annotations in (...)
+Origin: FILE5_35-6-g2b6f3fbc <https://github.com/file/file/commit/FILE5_35-6-g2b6f3fbc>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Wed Oct 24 13:15:35 2018 +0000
+
+    If we are asked to print annotations and there are no annotations in
+    the matching entry, return 0 but break the search. This is handled
+    by introducing 'found_match' and separating it's function from returnval.
+    XXX: Nested entries.
+
+--- a/src/softmagic.c
++++ b/src/softmagic.c
+@@ -171,11 +171,16 @@
+ {
+ 	uint32_t magindex = 0;
+ 	unsigned int cont_level = 0;
+-	int returnvalv = 0, e; /* if a match is found it is set to 1*/
++	int found_match = 0; /* if a match is found it is set to 1*/
++	int returnvalv = 0, e;
+ 	int firstline = 1; /* a flag to print X\n  X\n- X */
+ 	struct buffer bb;
+ 	int print = (ms->flags & MAGIC_NODESC) == 0;
+ 
++	/*
++	 * returnval can be 0 if a match is found, but there was no
++	 * annotation to be printed.
++	 */
+ 	if (returnval == NULL)
+ 		returnval = &returnvalv;
+ 
+@@ -216,8 +221,10 @@
+ 			flush = m->reln != '!';
+ 			break;
+ 		default:
+-			if (m->type == FILE_INDIRECT)
++			if (m->type == FILE_INDIRECT) {
++				found_match = 1;
+ 				*returnval = 1;
++			}
+ 
+ 			switch (magiccheck(ms, m)) {
+ 			case -1:
+@@ -239,6 +246,9 @@
+ 			goto flush;
+ 		}
+ 
++		if (*m->desc)
++			found_match = 1;
++
+ 		if ((e = handle_annotation(ms, m, firstline)) != 0)
+ 		{
+ 			*need_separator = 1;
+@@ -254,6 +264,7 @@
+ 		if (print && *m->desc) {
+ 			*need_separator = 1;
+ 			*printed_something = 1;
++			*returnval = 1;
+ 			if (print_sep(ms, firstline) == -1)
+ 				return -1;
+ 			if (mprint(ms, m) == -1)
+@@ -313,8 +324,10 @@
+ 				flush = 1;
+ 				break;
+ 			default:
+-				if (m->type == FILE_INDIRECT)
++				if (m->type == FILE_INDIRECT) {
++					found_match = 1;
+ 					*returnval = 1;
++				}
+ 				flush = 0;
+ 				break;
+ 			}
+@@ -339,6 +352,9 @@
+ 				} else
+ 					ms->c.li[cont_level].got_match = 1;
+ 
++				if (*m->desc)
++					found_match = 1;
++
+ 				if ((e = handle_annotation(ms, m, firstline))
+ 				    != 0) {
+ 					*need_separator = 1;
+@@ -370,6 +386,7 @@
+ 						if (file_printf(ms, " ") == -1)
+ 							return -1;
+ 					}
++					*returnval = 1;
+ 					*need_separator = 0;
+ 					if (mprint(ms, m) == -1)
+ 						return -1;
+@@ -399,7 +416,6 @@
+ 		}
+ 		if (*printed_something) {
+ 			firstline = 0;
+-			*returnval = 1;
+ 		}
+ 		if ((ms->flags & MAGIC_CONTINUE) == 0 && *printed_something) {
+ 			return *returnval; /* don't keep searching */

debian/patches/cherry-pick.FILE5_35-8-g42d9a8a3.need-to-pass-found-match-from-match-mget-match-so-that-the-use-case.patch

@@ -0,0 +1,131 @@
+Subject: Need to pass found_match from match -> mget -> match so that the USE case (...)
+Origin: FILE5_35-8-g42d9a8a3 <https://github.com/file/file/commit/FILE5_35-8-g42d9a8a3>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Mon Nov 5 18:03:25 2018 +0000
+
+    Need to pass found_match from match -> mget -> match so that the USE case
+    propagates the value.
+
+--- a/src/softmagic.c
++++ b/src/softmagic.c
+@@ -45,11 +45,11 @@
+ 
+ private int match(struct magic_set *, struct magic *, uint32_t,
+     const struct buffer *, size_t, int, int, int, uint16_t *,
+-    uint16_t *, int *, int *, int *);
++    uint16_t *, int *, int *, int *, int *);
+ private int mget(struct magic_set *, struct magic *, const struct buffer *,
+     const unsigned char *, size_t,
+     size_t, unsigned int, int, int, int, uint16_t *,
+-    uint16_t *, int *, int *, int *);
++    uint16_t *, int *, int *, int *, int *);
+ private int msetoffset(struct magic_set *, struct magic *, struct buffer *,
+     const struct buffer *, size_t, unsigned int);
+ private int magiccheck(struct magic_set *, struct magic *);
+@@ -111,7 +111,7 @@
+ 	for (ml = ms->mlist[0]->next; ml != ms->mlist[0]; ml = ml->next)
+ 		if ((rv = match(ms, ml->magic, ml->nmagic, b, 0, mode,
+ 		    text, 0, indir_count, name_count,
+-		    &printed_something, &need_separator, NULL)) != 0)
++		    &printed_something, &need_separator, NULL, NULL)) != 0)
+ 			return rv;
+ 
+ 	return 0;
+@@ -167,11 +167,12 @@
+ match(struct magic_set *ms, struct magic *magic, uint32_t nmagic,
+     const struct buffer *b, size_t offset, int mode, int text,
+     int flip, uint16_t *indir_count, uint16_t *name_count,
+-    int *printed_something, int *need_separator, int *returnval)
++    int *printed_something, int *need_separator, int *returnval,
++    int *found_match)
+ {
+ 	uint32_t magindex = 0;
+ 	unsigned int cont_level = 0;
+-	int found_match = 0; /* if a match is found it is set to 1*/
++	int found_matchv = 0; /* if a match is found it is set to 1*/
+ 	int returnvalv = 0, e;
+ 	int firstline = 1; /* a flag to print X\n  X\n- X */
+ 	struct buffer bb;
+@@ -183,6 +184,8 @@
+ 	 */
+ 	if (returnval == NULL)
+ 		returnval = &returnvalv;
++	if (found_match == NULL)
++		found_match = &found_matchv;
+ 
+ 	if (file_check_mem(ms, cont_level) == -1)
+ 		return -1;
+@@ -214,7 +217,8 @@
+ 		switch (mget(ms, m, b, CAST(const unsigned char *, bb.fbuf),
+ 		    bb.flen, offset, cont_level,
+ 		    mode, text, flip, indir_count, name_count,
+-		    printed_something, need_separator, returnval)) {
++		    printed_something, need_separator, returnval, found_match))
++		{
+ 		case -1:
+ 			return -1;
+ 		case 0:
+@@ -222,7 +226,7 @@
+ 			break;
+ 		default:
+ 			if (m->type == FILE_INDIRECT) {
+-				found_match = 1;
++				*found_match = 1;
+ 				*returnval = 1;
+ 			}
+ 
+@@ -247,7 +251,7 @@
+ 		}
+ 
+ 		if (*m->desc)
+-			found_match = 1;
++			*found_match = 1;
+ 
+ 		if ((e = handle_annotation(ms, m, firstline)) != 0)
+ 		{
+@@ -315,7 +319,7 @@
+ 			    bb.fbuf), bb.flen, offset,
+ 			    cont_level, mode, text, flip, indir_count,
+ 			    name_count, printed_something, need_separator,
+-			    returnval)) {
++			    returnval, found_match)) {
+ 			case -1:
+ 				return -1;
+ 			case 0:
+@@ -325,7 +329,7 @@
+ 				break;
+ 			default:
+ 				if (m->type == FILE_INDIRECT) {
+-					found_match = 1;
++					*found_match = 1;
+ 					*returnval = 1;
+ 				}
+ 				flush = 0;
+@@ -353,7 +357,7 @@
+ 					ms->c.li[cont_level].got_match = 1;
+ 
+ 				if (*m->desc)
+-					found_match = 1;
++					*found_match = 1;
+ 
+ 				if ((e = handle_annotation(ms, m, firstline))
+ 				    != 0) {
+@@ -1476,7 +1480,8 @@
+ mget(struct magic_set *ms, struct magic *m, const struct buffer *b,
+     const unsigned char *s, size_t nbytes, size_t o, unsigned int cont_level,
+     int mode, int text, int flip, uint16_t *indir_count, uint16_t *name_count,
+-    int *printed_something, int *need_separator, int *returnval)
++    int *printed_something, int *need_separator, int *returnval,
++    int *found_match)
+ {
+ 	uint32_t offset = ms->offset;
+ 	struct buffer bb;
+@@ -1762,7 +1767,7 @@
+ 			*need_separator = 0;
+ 		rv = match(ms, ml.magic, ml.nmagic, b, offset + o,
+ 		    mode, text, flip, indir_count, name_count,
+-		    printed_something, need_separator, returnval);
++		    printed_something, need_separator, returnval, found_match);
+ 		(*name_count)--;
+ 		if (rv != 1)
+ 		    *need_separator = oneed_separator;

debian/patches/cherry-pick.FILE5_36-1-gecca6e54.fix-casts-and-bounds-check-found-by-oss-fuzz.patch

@@ -0,0 +1,40 @@
+Subject: Fix casts and bounds check (found by oss-fuzz)
+Origin: FILE5_36-1-gecca6e54 <https://github.com/file/file/commit/FILE5_36-1-gecca6e54>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Wed Feb 20 16:15:47 2019 +0000
+
+--- a/src/encoding.c
++++ b/src/encoding.c
+@@ -442,9 +442,9 @@
+ 		/* XXX fix to properly handle chars > 65536 */
+ 
+ 		if (bigend)
+-			ubf[(*ulen)++] = bf[i + 1] + 256 * bf[i];
++			ubf[(*ulen)++] = bf[i + 1] + (bf[i] << 8);
+ 		else
+-			ubf[(*ulen)++] = bf[i] + 256 * bf[i + 1];
++			ubf[(*ulen)++] = bf[i] + (bf[i + 1] << 8);
+ 
+ 		if (ubf[*ulen - 1] == 0xfffe)
+ 			return 0;
+@@ -475,15 +475,17 @@
+ 
+ 	*ulen = 0;
+ 
+-	for (i = 4; i + 1 < nbytes; i += 4) {
++	for (i = 4; i + 3 < nbytes; i += 4) {
+ 		/* XXX fix to properly handle chars > 65536 */
+ 
+ 		if (bigend)
+ 			ubf[(*ulen)++] = bf[i + 3] | (bf[i + 2] << 8)
+-			    | (bf[i + 1] << 16) | bf[i] << 24;
++			    | (bf[i + 1] << 16)
++			    | CAST(unichar, bf[i] << 24);
+ 		else
+ 			ubf[(*ulen)++] = bf[i] | (bf[i + 1] << 8) 
+-			    | (bf[i + 2] << 16) | (bf[i + 3] << 24);
++			    | (bf[i + 2] << 16)
++			    | CAST(unichar, bf[i + 3] << 24);
+ 
+ 		if (ubf[*ulen - 1] == 0xfffe)
+ 			return 0;

debian/patches/cherry-pick.FILE5_36-24-g9b2f9d6a.cast-to-unsigned-first-to-appease-ubsan-oss-fuzz.patch

@@ -0,0 +1,21 @@
+Subject: Cast to unsigned first to appease ubsan (oss-fuzz)
+Origin: FILE5_36-24-g9b2f9d6a <https://github.com/file/file/commit/FILE5_36-24-g9b2f9d6a>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Sat Feb 23 21:54:05 2019 +0000
+
+--- a/src/encoding.c
++++ b/src/encoding.c
+@@ -481,11 +481,11 @@
+ 		if (bigend)
+ 			ubf[(*ulen)++] = bf[i + 3] | (bf[i + 2] << 8)
+ 			    | (bf[i + 1] << 16)
+-			    | CAST(unichar, bf[i] << 24);
++			    | (CAST(unichar, bf[i]) << 24);
+ 		else
+ 			ubf[(*ulen)++] = bf[i] | (bf[i + 1] << 8) 
+ 			    | (bf[i + 2] << 16)
+-			    | CAST(unichar, bf[i + 3] << 24);
++			    | (CAST(unichar, bf[i + 3]) << 24);
+ 
+ 		if (ubf[*ulen - 1] == 0xfffe)
+ 			return 0;

debian/patches/cherry-pick.FILE5_36-32-g479e0995.pr-69-only-consider-arrays-1-element-when-quickly-figuring-out-if-a.patch

@@ -0,0 +1,73 @@
+Subject: PR/69: Only consider arrays > 1 element when quickly figuring out if a (...)
+Origin: FILE5_36-32-g479e0995 <https://github.com/file/file/commit/FILE5_36-32-g479e0995>
+Upstream-Author: Christos Zoulas <christos@zoulas.com>
+Date: Sat Mar 2 01:08:10 2019 +0000
+Bug-Debian: https://bugs.debian.org/922874
+
+    PR/69: Only consider arrays > 1 element when quickly figuring out if a
+    file is JSON.
+
+--- a/src/is_json.c
++++ b/src/is_json.c
+@@ -52,7 +52,8 @@
+ #define JSON_NUMBER	2
+ #define JSON_OBJECT	3
+ #define JSON_STRING	4
+-#define JSON_MAX	5
++#define JSON_ARRAYN	5
++#define JSON_MAX	6
+ 
+ /*
+  * if JSON_COUNT != 0:
+@@ -171,6 +172,7 @@
+ 	size_t *st, size_t lvl)
+ {
+ 	const unsigned char *uc = *ucp;
++	int more = 0;	/* Array has more than 1 element */
+ 
+ 	DPRINTF("Parse array: ", uc, *ucp);
+ 	while (uc < ue) {
+@@ -180,9 +182,12 @@
+ 			goto out;
+ 		switch (*uc) {
+ 		case ',':
++			more++;
+ 			uc++;
+ 			continue;
+ 		case ']':
++			if (more)
++				st[JSON_ARRAYN]++;
+ 			*ucp = uc + 1;
+ 			return 1;
+ 		default:
+@@ -330,7 +335,7 @@
+ 		return 0;
+ #if JSON_COUNT
+ 	/* bail quickly if not counting */
+-	if (lvl > 1 && (st[JSON_OBJECT] || st[JSON_ARRAY]))
++	if (lvl > 1 && (st[JSON_OBJECT] || st[JSON_ARRAYN]))
+ 		return 1;
+ #endif
+ 
+@@ -373,7 +378,7 @@
+ 	*ucp = uc;
+ 	DPRINTF("End general: ", uc, *ucp);
+ 	if (lvl == 0)
+-		return rv && (st[JSON_ARRAY] || st[JSON_OBJECT]);
++		return rv && (st[JSON_ARRAYN] || st[JSON_OBJECT]);
+ 	return rv;
+ }
+ 
+@@ -408,8 +413,10 @@
+ #define P(n) st[n], st[n] > 1 ? "s" : ""
+ 	if (file_printf(ms, " (%" SIZE_T_FORMAT "u object%s, %" SIZE_T_FORMAT
+ 	    "u array%s, %" SIZE_T_FORMAT "u string%s, %" SIZE_T_FORMAT
+-	    "u constant%s, %" SIZE_T_FORMAT "u number%s)", P(JSON_OBJECT),
+-	    P(JSON_ARRAY), P(JSON_STRING), P(JSON_CONSTANT), P(JSON_NUMBER))
++	    "u constant%s, %" SIZE_T_FORMAT "u number%s, %" SIZE_T_FORMAT
++	    "u >1array%s)",
++	    P(JSON_OBJECT), P(JSON_ARRAY), P(JSON_STRING), P(JSON_CONSTANT),
++	    P(JSON_NUMBER), P(JSON_ARRAYN))
+ 	    == -1)
+ 		return -1;
+ #endif

debian/patches/local.manpage-seccomp-is-disabled.patch

@@ -5,7 +5,7 @@ Bug-Debian: https://bugs.debian.org/917930
 
 --- a/doc/file.man
 +++ b/doc/file.man
-@@ -366,6 +366,10 @@
+@@ -369,6 +369,10 @@
  i.e. when the
  .Fl z
  flag is specified and the built-in decompressors are not available.

debian/patches/local.support-local-definitions-in-etc-magic.patch

@@ -26,7 +26,7 @@ Last-Update: 2016-06-27
 --- a/src/apprentice.c
 +++ b/src/apprentice.c
 @@ -454,7 +454,7 @@
- 	if (map == (struct magic_map *)-1)
+ 	if (map == RCAST(struct magic_map *, -1))
  		return -1;
  	if (map == NULL) {
 -		if (ms->flags & MAGIC_CHECK)
@@ -77,7 +77,7 @@ Last-Update: 2016-06-27
  magic file
  .Pa __MAGIC__.mgc ,
  or the files in the directory
-@@ -551,12 +552,6 @@
+@@ -554,12 +555,6 @@
  The order of entries in the magic file is significant.
  Depending on what system you are using, the order that
  they are put together may be incorrect.

debian/patches/series

@@ -1,8 +1,27 @@
 # cherry-picked commits. Keep in upstream's chronological order
+cherry-pick.FILE5_35-1-g338cc788.-c-cast.patch
+cherry-pick.FILE5_35-2-g8d68fb4f.lint-fixes.patch
+cherry-pick.FILE5_35-3-gc7d910ee.more-lint-fixes.patch
+cherry-pick.FILE5_35-6-g2b6f3fbc.if-we-are-asked-to-print-annotations-and-there-are-no-annotations-in.patch
+cherry-pick.FILE5_35-8-g42d9a8a3.need-to-pass-found-match-from-match-mget-match-so-that-the-use-case.patch
+cherry-pick.FILE5_35-16-g6d90cbff.avoid-over-trimming-ucs16-text-and-ending-up-losing-the-last-character.patch
+cherry-pick.FILE5_35-25-g48052fcf.fix-cut-n-pasto-for-regex-max-vsevolod-stakhov.patch
+cherry-pick.FILE5_35-26-g98f29456.fix-name.patch
+cherry-pick.FILE5_35-31-g2858eaf9.avoid-oob-read-found-by-asan-reported-by-f.patch
+cherry-pick.FILE5_35-42-ge6bf546d.fix-documentation-to-match-the-source.patch
+cherry-pick.FILE5_35-49-g3a6f62e2.fix-indirect-offset-overflow-calculation-b.patch
+cherry-pick.FILE5_35-52-g94b7501f.pr-62-spinpx-avoid-non-nul-terminated-string-read.patch
+cherry-pick.FILE5_35-53-gd6578152.pr-62-spinpx-limit-size-of-file-printable.patch
+cherry-pick.FILE5_35-55-g642f269e.mention-that-the-apple-filetype-creator-is-only-available-for-entries-that.patch
+cherry-pick.FILE5_35-56-gf0a26da7.pr-61-tmc-add-ucs-32-built-in-detection.patch
+cherry-pick.FILE5_35-59-g8305d1cc.use-c-casts-everywhere.patch
+cherry-pick.FILE5_36-1-gecca6e54.fix-casts-and-bounds-check-found-by-oss-fuzz.patch
+cherry-pick.FILE5_36-24-g9b2f9d6a.cast-to-unsigned-first-to-appease-ubsan-oss-fuzz.patch
 
 # patches that should go upstream
 
 # local modifications
+cherry-pick.FILE5_36-32-g479e0995.pr-69-only-consider-arrays-1-element-when-quickly-figuring-out-if-a.patch
 local.support-local-definitions-in-etc-magic.patch
 local.don-t-include-libs-in-build.patch
 local.mention-posixly-correct-dependent-behaviour-in-usage-message.patch