Subject: Combined patch of all commits since the 5.29 release Origin: FILE5_29..FILE5_29-38-gafec4e7c Upstream-Author: Christos Zoulas Date: Sun Jan 22 22:02:15 2017 +0000 Excluded: a317154a ("compute the search match length correctly (found by oss-fuzzer)" as it introduces a regression. --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,11 @@ +2016-11-06 10:52 Christos Zoulas + + * Allow @@@ in extensions + * Add missing overflow check in der magic (Jonas Wagner) + 2016-10-25 10:40 Christos Zoulas - * release 5.28 + * release 5.29 2016-10-24 11:20 Christos Zoulas --- a/doc/file.man +++ b/doc/file.man @@ -238,8 +238,8 @@ to test the standard input, use .Sq - as a filename argument. -Please note that -.Ar namefile +Please note that +.Ar namefile is unwrapped and the enclosed filenames are processed when this option is encountered and before any further options processing is done. This allows one to process multiple lists of files with different command line @@ -411,10 +411,10 @@ .Fl h options. .Sh SEE ALSO -.Xr magic __FSECTION__ , .Xr hexdump 1 , .Xr od 1 , .Xr strings 1 , +.Xr magic __FSECTION__ .Sh STANDARDS CONFORMANCE This program is believed to exceed the System V Interface Definition of FILE(CMD), as near as one can determine from the vague language @@ -530,16 +530,15 @@ the first version. Geoff Collyer found several inadequacies and provided some magic file entries. -Contributions by the +Contributions of the .Sq \*[Am] operator by Rob McMahon, .Aq cudcv@warwick.ac.uk , 1989. .Pp -Guy Harris, +Guy Harris, .Aq guy@netapp.com , made many changes from 1993 to the present. -1989. .Pp Primary development and maintenance from 1990 to the present by Christos Zoulas @@ -587,7 +586,6 @@ .Nm returns 0 on success, and non-zero on error. .Sh BUGS -.Pp Please report bugs and send patches to the bug tracker at .Pa http://bugs.gw.com/ or the mailing list at @@ -596,7 +594,6 @@ .Pa http://mx.gw.com/mailman/listinfo/file first to subscribe). .Sh TODO -.Pp Fix output so that tests for MIME and APPLE flags are not needed all over the place, and actual output is only done in one place. This needs a design. @@ -645,16 +642,16 @@ .Dq name and .Dq use -to check for consistency at compile time (duplicate +to check for consistency at compile time (duplicate .Dq name , .Dq use pointing to undefined .Dq name ). -Make +Make .Dq name / -.Dq use +.Dq use more efficient by keeping a sorted list of names. Special-case ^ to flip endianness in the parser so that it does not have to be escaped, and document it. --- a/doc/magic.man +++ b/doc/magic.man @@ -7,7 +7,7 @@ .Nm magic .Nd file command's magic pattern file .Sh DESCRIPTION -This manual page documents the format of the magic file as +This manual page documents the format of magic files as used by the .Xr file __CSECTION__ command, version __VERSION__. @@ -17,13 +17,19 @@ among other tests, a test for whether the file contains certain .Dq "magic patterns" . -The file -.Pa __MAGIC__ -specifies what patterns are to be tested for, what message or +The database of these +.Dq "magic patterns" +is usually located in a binary file in +.Pa __MAGIC__.mgc +or a directory of source text magic pattern fragment files in +.Pa __MAGIC__ . +The database specifies what patterns are to be tested for, what message or MIME type to print if a particular pattern is found, and additional information to extract from the file. .Pp -Each line of the file specifies a test to be performed. +The format of the source fragment files that are used to build this database +is as follows: +Each line of a fragment file specifies a test to be performed. A test compares the data starting at a particular offset in the file with a byte value, a string or a numeric value. If the test succeeds, a message is printed. --- a/magic/Magdir/animation +++ b/magic/Magdir/animation @@ -855,10 +855,12 @@ # X3D (Extensible 3D) [http://www.web3d.org/specifications/x3d-3.0.dtd] # From Michel Briand -0 string/t \20 search/1000/cw \20 search/1000/w \>20 byte&0xe 0xc \b, 7 channels >>20 byte&0xe 0xe \b, 8 channels # some common sample rates +>>17 belong&0xfffff0 0x2ee000 \b, 192 kHz +>>17 belong&0xfffff0 0x158880 \b, 88.2 kHz >>17 belong&0xfffff0 0x0ac440 \b, 44.1 kHz >>17 belong&0xfffff0 0x0bb800 \b, 48 kHz >>17 belong&0xfffff0 0x07d000 \b, 32 kHz --- a/magic/Magdir/console +++ b/magic/Magdir/console @@ -9,17 +9,19 @@ # References: # - http://wiki.nesdev.com/w/index.php/INES # - http://wiki.nesdev.com/w/index.php/NES_2.0 -0 string NES\x1A iNES ROM image + +# Common header for iNES, NES 2.0, and Wii U iNES. +0 name nes-rom-image-ines >7 byte&0x0C =0x8 (NES 2.0) >4 byte x \b: %ux16k PRG ->5 byte x \b, %ux16k CHR +>5 byte x \b, %ux8k CHR >6 byte&0x08 =0x8 [4-Scr] >6 byte&0x09 =0x0 [H-mirror] >6 byte&0x09 =0x1 [V-mirror] >6 byte&0x02 =0x2 [SRAM] >6 byte&0x04 =0x4 [Trainer] >7 byte&0x03 =0x2 [PC10] ->7 byte&0x03 =0x1 [VS +>7 byte&0x03 =0x1 [VS] >>7 byte&0x0C =0x8 # NES 2.0: VS PPU >>>13 byte&0x0F =0x0 \b, RP2C03B @@ -43,17 +45,24 @@ >>12 byte&0x03 =0x1 [PAL] >>12 byte&0x02 =0x2 [NTSC+PAL] +# Standard iNES ROM header. +0 string NES\x1A NES ROM image (iNES) +>0 use nes-rom-image-ines + +# Wii U Virtual Console iNES ROM header. +0 belong 0x4E455300 NES ROM image (Wii U Virtual Console) +>0 use nes-rom-image-ines + #------------------------------------------------------------------------------ # unif: file(1) magic for UNIF-format Nintendo Entertainment System ROM images # Reference: http://wiki.nesdev.com/w/index.php/UNIF # From: David Korth -# TODO commit on 2016/03/21 # # NOTE: The UNIF format uses chunks instead of a fixed header, # so most of the data isn't easily parseable. # 0 string UNIF ->4 lelong <16 UNIF v%d format NES ROM image +>4 lelong <16 NES ROM image (UNIF v%d format) #------------------------------------------------------------------------------ # fds: file(1) magic for Famciom Disk System disk images @@ -63,25 +72,40 @@ # Disk info block. (block 1) 0 name nintendo-fds-disk-info-block ->1 string *NINTENDO-HVC* Famicom Disk System disk image: >23 byte !1 FMC- >23 byte 1 FSC- >16 string x \b%.3s ->15 byte x \b, mfr 0x%02X +>15 byte x \b, mfr %02X >20 byte x (Rev.%02u) # Headered version. 0 string FDS\x1A ->0x11 string *NINTENDO-HVC* +>0x11 string *NINTENDO-HVC* Famicom Disk System disk image: >>0x10 use nintendo-fds-disk-info-block >4 byte 1 (%u side) >4 byte !1 (%u sides) # Unheadered version. -1 string *NINTENDO-HVC* +1 string *NINTENDO-HVC* Famicom Disk System disk image: >0 use nintendo-fds-disk-info-block #------------------------------------------------------------------------------ +# tnes: file(1) magic for TNES-format Nintendo Entertainment System ROM images +# Used by Nintendo 3DS NES Virtual Console games. +# From: David Korth +# +0 string TNES NES ROM image (Nintendo 3DS Virtual Console) +>4 byte 100 \b: FDS, +>>0x2010 use nintendo-fds-disk-info-block +>4 byte !100 \b: TNES mapper %u +>>5 byte x \b, %ux8k PRG +>>6 byte x \b, %ux8k CHR +>>7 byte&0x08 =1 [WRAM] +>>8 byte&0x09 =1 [H-mirror] +>>8 byte&0x09 =2 [V-mirror] +>>8 byte&0x02 =3 [VRAM] + +#------------------------------------------------------------------------------ # gameboy: file(1) magic for the Nintendo (Color) Gameboy raw ROM format # Reference: http://gbdev.gg8.se/wiki/articles/The_Cartridge_Header # @@ -617,6 +641,52 @@ >0x218 belong 0x5D1C9EA3 Nintendo Wii disc image (WBFS format): >>0x200 use nintendo-gcn-disc-common +# Type: Nintendo GameCube/Wii disc image (CISO format) +# NOTE: This is NOT the same as Compact ISO or PSP CISO, +# though it has the same magic number. +0 string CISO +# Other fields are used to determine what type of CISO this is: +# - 0x04 == 0x00200000: GameCube/Wii CISO (block_size) +# - 0x10 == 0x00000800: PSP CISO (ISO-9660 sector size) +# - None of the above: Compact ISO. +>4 lelong 0x200000 +>>8 byte 1 +>>>0x801C belong 0xC2339F3D Nintendo GameCube disc image (CISO format): +>>>>0x8000 use nintendo-gcn-disc-common +>>>0x8018 belong 0x5D1C9EA3 Nintendo Wii disc image (CISO format): +>>>>0x8000 use nintendo-gcn-disc-common + +# Type: Nintendo GameCube/Wii disc image (GCZ format) +# Due to zlib compression, we can't get the actual disc information. +0 lelong 0xB10BC001 +>4 lelong 0 Nintendo GameCube disc image (GCZ format) +>4 lelong 1 Nintendo Wii disc image (GCZ format) +>4 lelong >1 Nintendo GameCube/Wii disc image (GCZ format) + +# Type: Nintendo GameCube/Wii disc image (WDF format) +0 string WII\001DISC +>8 belong 1 +# WDFv1 +>>0x54 belong 0xC2339F3D Nintendo GameCube disc image (WDFv1 format): +>>>0x38 use nintendo-gcn-disc-common +>>0x58 belong 0x5D1C9EA3 Nintendo Wii disc image (WDFv1 format): +>>>0x38 use nintendo-gcn-disc-common +>8 belong 2 +# WDFv2 +>>(12.L+0x1C) belong 0xC2339F3D Nintendo GameCube disc image (WDFv2 format): +>>>(12.L) use nintendo-gcn-disc-common +>>(12.L+0x18) belong 0x5D1C9EA3 Nintendo Wii disc image (WDFv2 format): +>>>(12.L) use nintendo-gcn-disc-common + +# Type: Nintendo GameCube/Wii disc image (WIA format) +0 string WIA\001 Nintendo +>0x48 belong 0 GameCube/Wii +>0x48 belong 1 GameCube +>0x48 belong 2 Wii +>0x48 belong >2 GameCube/Wii +>0x48 belong x disc image (WIA format): +>>0x58 use nintendo-gcn-disc-common + #------------------------------------------------------------------------------ # Nintendo 3DS file formats. # @@ -750,3 +820,17 @@ # 0 string g\ GCE Vectrex ROM image >0x11 string >\0 \b: "%.16s" + +#------------------------------------------------------------------------------ +# amiibo: file(1) magic for Nintendo amiibo NFC dumps. +# From: David Korth +# Reference: https://www.3dbrew.org/wiki/Amiibo +0x00 byte 0x04 +>0x0A beshort 0x0FE0 +>>0x0C belong 0xF110FFEE +>>>0x208 beshort 0x0100 +>>>>0x020A byte 0x0F +>>>>>0x020C bequad 0x000000045F000000 +>>>>>>0x5B byte 0x02 +>>>>>>>0x54 belong x Nintendo amiibo NFC dump - amiibo ID: %08X- +>>>>>>>0x58 belong x \b%08X --- a/magic/Magdir/filesystems +++ b/magic/Magdir/filesystems @@ -1949,7 +1949,19 @@ >0 use cdrom # .cso files -0 string CISO Compressed ISO CD image +# Reference: http://pismotec.com/ciso/ciso.h +# NOTE: There are two other formats with the same magic but +# completely incompatible specifications: +# - GameCube/Wii CISO: https://github.com/dolphin-emu/dolphin/blob/master/Source/Core/DiscIO/CISOBlob.h +# - PSP CISO: https://github.com/jamie/ciso/blob/master/ciso.h +0 string CISO +# Other fields are used to determine what type of CISO this is: +# - 0x04 == 0x00200000: GameCube/Wii CISO (block_size) +# - 0x10 == 0x00000800: PSP CISO (ISO-9660 sector size) +# - None of the above: Compact ISO. +>4 lelong !0 +>>4 lelong !0x200000 +>>>0x10 lelong !0x800 Compressed ISO CD image # cramfs filesystem - russell@coker.com.au 0 lelong 0x28cd3d45 Linux Compressed ROM File System data, little endian @@ -2041,6 +2053,13 @@ >29 byte 16 \bBlackfin, >29 byte 17 \bAVR32, >29 byte 18 \bSTMicroelectronics ST200, +>29 byte 19 \bSandbox architecture, +>29 byte 20 \bANDES Technology NDS32, +>29 byte 21 \bOpenRISC 1000, +>29 byte 22 \bARM 64-bit, +>29 byte 23 \bDesignWare ARC, +>29 byte 24 \bx86_64, +>29 byte 25 \bXtensa, >30 byte 0 Invalid Image >30 byte 1 Standalone Program >30 byte 2 OS Kernel Image --- a/magic/Magdir/fonts +++ b/magic/Magdir/fonts @@ -100,9 +100,11 @@ # X11 fonts, from Daniel Quinlan (quinlan@yggdrasil.com) # PCF must come before SGI additions ("MIPSEL MIPS-II COFF" collides) -0 string \001fcp X11 Portable Compiled Font data ->12 byte 0x02 \b, LSB first ->12 byte 0x0a \b, MSB first +0 string \001fcp X11 Portable Compiled Font data, +>12 lelong ^0x08 bit: LSB, +>12 lelong &0x08 bit: MSB, +>12 lelong ^0x04 byte: LSB first +>12 lelong &0x04 byte: MSB first 0 string D1.0\015 X11 Speedo font data #------------------------------------------------------------------------------ --- /dev/null +++ b/magic/Magdir/gpu @@ -0,0 +1,16 @@ + +#------------------------------------------------------------------------------ +# $File: images,v 1.118 2016/11/08 02:58:21 christos Exp $ +# gpu: file(1) magic for GPU input files + +# Standard Portable Intermediate Representation (SPIR) +# Documentation: https://www.khronos.org/spir +# Typical file extension: .spv + +0 belong 0x07230203 Khronos SPIR-V binary, big-endian +>4 belong x \b, version 0x%08x +>8 belong x \b, generator 0x%08x + +0 lelong 0x07230203 Khronos SPIR-V binary, little-endian +>4 lelong x \b, version 0x%08x +>8 lelong x \b, generator 0x%08x --- a/magic/Magdir/icc +++ b/magic/Magdir/icc @@ -11,41 +11,204 @@ # http://www.color.org/specification/ICC1v43_2010-12.pdf # # for Specification ICC.1:2010 (Profile version 4.3.0.0). +# URL: http://fileformats.archiveteam.org/wiki/ICC_profile +# Reference: http://www.color.org/iccmax/ICC.2-2016-7.pdf +# Update: Joerg Jenderek # # Bytes 36 to 39 contain a generic profile file signature of "acsp"; # bytes 40 to 43 "may be used to identify the primary platform/operating # system framework for which the profile was created". # -# There are other fields that might be worth dumping as well. -# +# check and display ICC/ICM color profile +0 name color-profile +>36 string acsp +# skip ASCII like Cognacspirit.txt by month <= 12 +>>26 ubeshort <13 +# platform/operating system. Only 5 mentioned +# # This appears to be what's used for Apple ColorSync profiles. # Instead of adding that, Apple just changed the generic "acsp" entry # to be for "ColorSync ICC Color Profile" rather than "Kodak Color # Management System, ICC Profile". # Yes, it's "APPL", not "AAPL"; see the spec. -36 string acspAPPL ColorSync ICC Profile -!:mime application/vnd.iccprofile +>>>40 string APPL ColorSync # Microsoft ICM color profile -36 string acspMSFT Microsoft ICM Color Profile -!:mime application/vnd.iccprofile +>>>40 string MSFT Microsoft # Yes, that's a blank after "SGI". -36 string acspSGI\ SGI ICC Profile -!:mime application/vnd.iccprofile +>>>40 string SGI\ SGI # XXX - is this what's used for the Sun KCMS or not? The standard file # uses just "acsp" for that, but Apple's file uses it for "ColorSync", # and there *is* an identified "primary platform" value of SUNW. -36 string acspSUNW Sun KCMS ICC Profile +>>>40 string SUNW Sun KCMS + +# 5th platform +>>>40 string TGNT Taligent + +# remaing "l" "e" of "color profile" printed later to avoid error +>>>40 string x color profi +#>>>40 string x (%.4s) !:mime application/vnd.iccprofile +# for "ICM" extension only versions 2.x and for Kodak "CC" 2.0 is found +>>>8 ubyte =2 +# do not use empty message text to a avoid error like +# icc, 82: Warning: Current entry does not yet have a description for adding a EXTENSION type +# file.exe: could not find any valid magic files! +>>>>9 ubyte !0 \ble +!:ext icc/icm +# minor version +>>>>9 ubyte =0 \bl +# Kodak colour management system +>>>>>4 string =KCMS \be +!:ext icc/icm/cc +>>>>>4 string !KCMS \be +!:ext icc/icm +>>>8 ubyte !2 \ble +!:ext icc +# Profile version major.4bit-minor.sub1.sub2 like 4.3.0.0 (04300000h) +>>>8 ubyte x %u +>>>9 ubyte/16 x \b.%u +# reserved and shall be null but 205.205 in umx1220u.icm +>>>10 ubyte >0 \b.%u +>>>>11 ubyte >0 \b.%u +# preferred colour management module like appl CCMS KCMS Lino UCCM "Win " "FF " +# skip space like in brmsl08f.icm and null like in brmsl09f.icm, brmsl07f.icm +>>>4 string >\ \b, type %.2s +>>>>6 string >\ \b%.1s +>>>>>7 string >\ \b%.1s +# colour space "XYZ " "Lab " "RGB " CMYK GRAY ... +>>>16 string x \b, %.3s +>>>19 string >\ \b%.1s +# Profile Connection Space (PCS) field usually "XYZ " or "Lab " but sometimes +# null or CMYK like in ISOcoated_v2_to_PSOcoated_v3_DeviceLink.icc +>>>20 string >\0 \b/%.3s +>>>>23 string >\ \b%.1s +# eleven device classes +>>>12 string x \b-%.4s device +# skip 00001964h in hpf69000.icc or 0h in XRDC50Q.ICM or " ROT" in brmsl05f.icm +>>>52 string >\ +# skip "none" model like in "Trinitron Compatible 9300K G2.2.icm" +>>>>52 ubelong !0x6e6f6e65 +# device manufacturer field like "HP " "IBM " EPSO +>>>>>48 string x \b, %.2s +>>>>>50 string >\ \b%.1s +>>>>>51 string >\ \b%.1s +# model like "ADI " "A265" and skip 20000404h in IS330.icm for RICOH RUSSIAN-SC +>>>>>52 string >\ \ \b/%.3s +>>>>>>55 string >\ \b%.1s +>>>>>52 string x model +# creator (often same as manufacture) like HP SONY XROX or null like in A925A.icm +>>>80 string >\0 by %.2s +>>>>82 string >\ \b%.1s +>>>>>83 string >\ \b%.1s +# profile size +>>>0 ubelong x \b, %u bytes +# skip invalid date 0 like in linearSRGB.icc +>>>24 ubequad !0 +# datetime dd-mm-yyyy hh:mm:ss +>>>>28 ubeshort x \b, %u +# month <= 12 +>>>>26 ubeshort x \b-%u +# year +>>>>24 ubeshort x \b-%u +# do not display midnight time like in CNHP8308.ICC +>>>>30 ubequad&0xFFffFFffFFff0000 !0 +# hour <= 24 +>>>>>30 ubeshort x %u +# minutes <= 59 +>>>>>32 ubeshort x \b:%.2u +# seconds <= 59 +>>>>>34 ubeshort x \b:%.2u +# vendor specific flags like 2 in HPCLJ5.ICM +>>>44 ubeshort >0 \b, 0x%x vendor flags +# profile flags bits 0-2 of least 16 used by ICC +#>>>44 ubelong >0 \b, 0x%x flags +# icEmbeddedProfileTrue +>>>44 ubelong &1 \b, embedded +# icEmbeddedProfileFalse +#>>>44 ubelong ^1 \b, not embedded +# icUseWithEmbeddedDataOnly +>>>44 ubelong &2 \b, dependently +# icUseAnywhere +#>>>44 ubelong ^2 \b, independently +>>>44 ubelong &4 \b, MCS +#>>>44 ubelong ^4 \b, no MCS +# vendor specific device attributes 1~srgb.icc +# E000D00h~CNB7QEDA.ICM C000A00h~CNB5FCAA.ICM 01040401h~CNB25PE3.ICM +>>>56 ubelong >0 \b, 0x%x vendor attribute +# ICC device attributes bits 0-7 used +#>>>60 ubelong x \b, 0x%x attribute +# http://www.color.org/icc34.h +>>>60 ubelong &0x01 \b, transparent +#>>>60 ubelong ^0x01 \b, reflective +>>>60 ubelong &0x02 \b, matte +#>>>60 ubelong ^0x02 \b, glossy +>>>60 ubelong &0x04 \b, negative +#>>>60 ubelong ^0x04 \b, positive +>>>60 ubelong &0x08 \b, black&white +#>>>60 ubelong ^0x08 \b, colour +>>>60 ubelong &0x10 \b, non-paper +#>>>60 ubelong ^0x10 \b, paper +>>>60 ubelong &0x20 \b, non-textured +#>>>60 ubelong ^0x20 \b, textured +>>>60 ubelong &0x40 \b, non-isotropic +#>>>60 ubelong ^0x40 \b, isotropic +>>>60 ubelong &0x80 \b, self-luminous +#>>>60 ubelong ^0x80 \b, non-self-luminous +# rendering intent 0-3 but 7AEA5027h in EE051__1.ICM 6CB1BCh in EE061__1.ICM +>>>64 ubelong >3 \b, 0x%x rendering intent +#>>>64 ubelong =0 \b, perceptual +>>>64 ubelong =1 \b, relative colorimetric +>>>64 ubelong =2 \b, saturation +>>>64 ubelong =3 \b, absolute colorimetric +# PCS illuminant (3*s15Fixed16Numbers) often 0000f6d6 00010000 0000d32d +>>>71 ubequad !0xd6000100000000d3 \b, PCS +# usually X~0.9642*65536=63189.8112~63190=F6D5h ; but also found +# often F6D6 in gt5000r.icm, F6B8 in kodakce.icm, F6CA in RSWOP.icm +>>>>68 ubelong !0x0000f6d5 X=0x%x +# usually Y=1.0~00010000h but Y=0 in brmsl07f.icm +>>>>72 ubelong !0x00010000 Y=0x%x +# usually Z~0.8249*65536=54060.6464~54061=D32Dh ; but also found +# D2F7 in hp1200c.icm, often D32C in A925A.icm, D309 in RSWOP.icm , D2F8 in kodak_dc.icm +>>>>76 ubelong !0x0000d32d Z=0x%x +# Profile ID. MD5 fingerprinting method as defined in Internet RFC 1321. +>>>84 ubequad >0 \b, 0x%llx MD5 +# reserved in older versions should be zero but also found CDCDCDCDCDCDCDCD +#>>100 ubequad x \b 0x%llx reserved +# tag table +# 6 <= tags count <= 43 +#>>>128 ubelong >43 \b, %u tags +>>>128 ubelong x +# shall contain the profileDescriptionTag "desc" , copyrightTag "cprt" +# search range = tags count * 12 -8=< maximal tag count * 12 -8= 43 * 12 -8= 508 +>>>>132 search/508 cprt +# but no copyright tag in linearSRGB.icc +# beneath /System/Library/Frameworks/WebKit.framework/ +# Versions/A/Frameworks/WebCore.framework/Versions/A/Resources +>>>>132 default x \b, no copyright tag +# 1st tag +#>>>132 string x \b, 1st tag %.4s +#>>>136 ubelong x 0x%x offset +#>>>140 ubelong x 0x%x len +# 2nd tag,... +# look also for profileDescriptionTag "desc" +>>>132 search/508 desc +# look further for TextDescriptionType "desc" signature +>>>>(&0.L) string =desc +>>>>>&4 pstring/l x "%s" +# look alternative for multiLocalizedUnicodeType "mluc" signature like in VideoPAL.icc +>>>>(&0.L) string =mluc +>>>>>&(&8.L) ubequad x +>>>>>>&4 bestring16 x '%s' # Any other profile. # XXX - should we use "acsp\0\0\0\0" for "no primary platform" profiles, # and use "acsp" for everything else and dump the "primary platform" # string in those cases? -36 string acsp ICC Profile -!:mime application/vnd.iccprofile +36 string acsp +>0 use color-profile --- a/magic/Magdir/images +++ b/magic/Magdir/images @@ -41,7 +41,11 @@ >>>>>>3 uleshort 0 >>>>>>>0 use tga-image # Color Map ->>>>>1 ubyte >0 +>>>>>1 belong&0xfff7ffff 0x01010000 +>>>>>>0 use tga-image +>>>>>1 belong&0xfff7ffff 0x00020000 +>>>>>>0 use tga-image +>>>>>1 belong&0xfff7ffff 0x00030000 >>>>>>0 use tga-image # display tga bitmap image information 0 name tga-image @@ -418,6 +422,7 @@ # 0 string \x89PNG\x0d\x0a\x1a\x0a PNG image data !:mime image/png +!:strength +10 >16 belong x \b, %d x >20 belong x %d, >24 byte x %d-bit @@ -1451,3 +1456,12 @@ >0x10 string GVRT Sega GVR image: >>0x10 use sega-gvr-image-header >>0x08 belong x \b, global index = %u + +# Light Field Picture +# Documentation: http://optics.miloush.net/lytro/TheFileFormat.aspx +# Typical file extensions: .lfp .lfr .lfx + +0 belong 0x894C4650 +>4 belong 0x0D0A1A0A +>12 belong 0x00000000 Lytro Light Field Picture +>8 belong x \b, version %d --- a/magic/Magdir/make +++ b/magic/Magdir/make @@ -2,6 +2,7 @@ # $File: make,v 1.2 2015/08/25 07:34:06 christos Exp $ # make: file(1) magic for makefiles # +# URL: https://en.wikipedia.org/wiki/Make_(software) 0 regex/100l \^CFLAGS makefile script text !:mime text/x-makefile 0 regex/100l \^VPATH makefile script text @@ -10,12 +11,19 @@ !:mime text/x-makefile 0 regex/100l \^all: makefile script text !:mime text/x-makefile -0 regex/100l \^\.PRECIOUS makefile script text +0 regex/100l \^\\.PRECIOUS makefile script text !:mime text/x-makefile -0 regex/100l \^\.BEGIN BSD makefile script text +# Update: Joerg Jenderek +# Reference: https://www.freebsd.org/cgi/man.cgi?make(1) +# exclude grub-core\lib\libgcrypt\mpi\Makefile.am with "#BEGIN_ASM_LIST" +# by additional escaping point character +0 regex/100l \^\\.BEGIN BSD makefile script text with "%s" +!:mime text/x-makefile +!:ext /mk +# exclude MS Windows help file CoNtenT with ":include FOOBAR.CNT" +# and NSIS script with "!include" by additional escaping point character +0 regex/100l \^\\.include BSD makefile script text with "%s" !:mime text/x-makefile -0 regex/100l \^\.include BSD makefile script text -!:mime text/x-makefile - +!:ext /mk 0 regex/100l \^SUBDIRS automake makefile script text !:mime text/x-makefile --- a/magic/Magdir/msdos +++ b/magic/Magdir/msdos @@ -565,10 +565,23 @@ 0 string/b PO^Q` Microsoft Word 6.0 Document !:mime application/msword # -0 string/b \376\067\0\043 Microsoft Office Document +4 long 0 +>0 belong 0xfe320000 Microsoft Word for Macintosh 1.0 !:mime application/msword -0 string/b \333\245-\0\0\0 Microsoft Office Document +!:ext mcw +>0 belong 0xfe340000 Microsoft Word for Macintosh 3.0 !:mime application/msword +!:ext mcw +>0 belong 0xfe37001c Microsoft Word for Macintosh 4.0 +!:mime application/msword +!:ext mcw +>0 belong 0xfe370023 Microsoft Word for Macintosh 5.0 +!:mime application/msword +!:ext mcw + +0 string/b \333\245-\0\0\0 Microsoft Word 2.0 Document +!:mime application/msword +!:ext doc 512 string/b \354\245\301 Microsoft Word Document !:mime application/msword @@ -960,6 +973,7 @@ # DOS EPS Binary File Header # From: Ed Sznyter 0 belong 0xC5D0D3C6 DOS EPS Binary File +!:mime image/x-eps >4 long >0 Postscript starts at byte %d >>8 long >0 length %d >>>12 long >0 Metafile starts at byte %d @@ -1106,3 +1120,40 @@ 0 string MIOPEN Mallard BASIC Jetsam data 0 string Jetsam0 Mallard BASIC Jetsam index data +# DOS backup 2.0 to 3.2 + +# backupid.@@@ + +# plausibility check for date +0x3 ushort >1979 +>0x5 ubyte-1 <31 +>>0x6 ubyte-1 <12 +# actually 121 nul bytes +>>>0x7 string \0\0\0\0\0\0\0\0 +>>>>0x1 ubyte x DOS 2.0 backup id file, sequence %d +!:ext @@@ +>>>>0x0 ubyte 0xff \b, last disk + +# backed up file + +# plausibility check for file name length +0x53 ubyte-1 <80 +# actually 54 nul bytes +>0x54 string \0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0 +>>0x5 string x DOS 2.0 backed up file %s, +>>0 ubyte 0xff complete file +>>0 ubyte !0xff +>>>1 ushort x split file, sequence %d + + +# DOS backup 3.3 to 5.x + +# CONTROL.nnn files +0 string \x8bBACKUP\x20 +# actually 128 nul bytes +>0xa string \0\0\0\0\0\0\0\0 +>>0x9 ubyte x DOS 3.3 backup control file, sequence %d +>>0x8a ubyte 0xff \b, last disk + +# NB: The BACKUP.nnn files consist of the files backed up, +# concatenated. --- a/magic/Magdir/msx +++ b/magic/Magdir/msx @@ -245,18 +245,18 @@ 0x4000 string/b AB >0x4002 uleshort >0x400F >>0x400A string \0\0\0\0\0\0 MSX ROM with nonstandard page order ->>0x4002 uleshort x \b, init=0x%04x ->>0x4004 uleshort >0 \b, stahdl=0x%04x ->>0x4006 uleshort >0 \b, devhdl=0x%04x ->>0x4008 uleshort >0 \b, bas=0x%04x +>>>0x4002 uleshort x \b, init=0x%04x +>>>0x4004 uleshort >0 \b, stahdl=0x%04x +>>>0x4006 uleshort >0 \b, devhdl=0x%04x +>>>0x4008 uleshort >0 \b, bas=0x%04x 0x8000 string/b AB >0x8002 uleshort >0x400F >>0x800A string \0\0\0\0\0\0 MSX ROM with nonstandard page order ->>0x8002 uleshort x \b, init=0x%04x ->>0x8004 uleshort >0 \b, stahdl=0x%04x ->>0x8006 uleshort >0 \b, devhdl=0x%04x ->>0x8008 uleshort >0 \b, bas=0x%04x +>>>0x8002 uleshort x \b, init=0x%04x +>>>0x8004 uleshort >0 \b, stahdl=0x%04x +>>>0x8006 uleshort >0 \b, devhdl=0x%04x +>>>0x8008 uleshort >0 \b, bas=0x%04x 0x3C000 string/b AB --- a/magic/Magdir/pbf +++ b/magic/Magdir/pbf @@ -6,6 +6,6 @@ # OpenStreetMap Protocolbuffer Binary Format (.osm.pbf) # http://wiki.openstreetmap.org/wiki/PBF_Format # From: Markus Heidelberg -0 belong 0x0000000D ->4 beshort 0x0A09 ->>6 string OSMHeader OpenStreetMap Protocolbuffer Binary Format +0 belong&0xfffffff0 0 +>4 beshort 0x0A09 +>>6 string OSMHeader OpenStreetMap Protocolbuffer Binary Format --- a/magic/Magdir/pgp +++ b/magic/Magdir/pgp @@ -19,15 +19,15 @@ #>15 string SIGNED\040MESSAGE- signed message #>15 string PGP\040SIGNATURE- signature -2 string ---BEGIN\ PGP\ PUBLIC\ KEY\ BLOCK- PGP public key block +2 string ---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK- PGP public key block !:mime application/pgp-keys >10 search/100 \n\n >>&0 use pgp -0 string -----BEGIN\040PGP\40MESSAGE- PGP message +0 string -----BEGIN\040PGP\040MESSAGE- PGP message !:mime application/pgp >10 search/100 \n\n >>&0 use pgp -0 string -----BEGIN\040PGP\40SIGNATURE- PGP signature +0 string -----BEGIN\040PGP\040SIGNATURE- PGP signature !:mime application/pgp-signature >10 search/100 \n\n >>&0 use pgp --- a/magic/Magdir/sgml +++ b/magic/Magdir/sgml @@ -46,6 +46,12 @@ !:mime text/html !:strength + 5 +# SVG document +# https://www.w3.org/TR/SVG/single-page.html +0 search/4096/cWbt \ HTML document text !:mime text/html !:strength + 5 --- a/magic/Magdir/ssl +++ b/magic/Magdir/ssl @@ -1,8 +1,20 @@ + +#------------------------------------------------------------------------------ +# $File: ssl,v 1.3 2017/01/18 14:59:19 christos Exp $ +# ssl: file(1) magic for SSL file formats + # Type: OpenSSL certificates/key files # From: Nicolas Collignon -0 string -----BEGIN\ CERTIFICATE----- PEM certificate -0 string -----BEGIN\ CERTIFICATE\ REQ PEM certificate request -0 string -----BEGIN\ RSA\ PRIVATE PEM RSA private key -0 string -----BEGIN\ DSA\ PRIVATE PEM DSA private key -0 string -----BEGIN\ EC\ PRIVATE PEM EC private key +0 string -----BEGIN\040CERTIFICATE----- PEM certificate +0 string -----BEGIN\040CERTIFICATE\040REQ PEM certificate request +0 string -----BEGIN\040RSA\040PRIVATE PEM RSA private key +0 string -----BEGIN\040DSA\040PRIVATE PEM DSA private key +0 string -----BEGIN\040EC\040PRIVATE PEM EC private key +0 string -----BEGIN\040ECDSA\040PRIVATE PEM ECDSA private key + +# From Luc Gommans +# OpenSSL enc file (recognized by a magic string preceding the password's salt) +0 string Salted__ openssl enc'd data with salted password +# Using the -a or -base64 option, OpenSSL will base64-encode the data. +0 string U2FsdGVkX19 openssl enc'd data with salted password, base64 encoded --- /dev/null +++ b/magic/Magdir/yara @@ -0,0 +1,17 @@ + + +#------------------------------------------------------------------------------ +# $File: map,v 1.4 2015/08/10 05:18:27 christos Exp $ +# yara: file(1) magic for http://virustotal.github.io/yara/ +# + +0 string YARA +>4 lelong >2047 +>8 byte <20 YARA 3.x compiled rule set +# version +>>8 clear +>>8 byte 6 created with version 3.3.0 +>>8 byte 8 created with version 3.4.0 +>>8 byte 11 created with version 3.5.0 +>>8 default x +>>>8 byte x development version 0x%02x --- a/magic/Makefile.am +++ b/magic/Makefile.am @@ -104,6 +104,7 @@ $(MAGIC_FRAGMENT_DIR)/gnu \ $(MAGIC_FRAGMENT_DIR)/gnumeric \ $(MAGIC_FRAGMENT_DIR)/gpt \ +$(MAGIC_FRAGMENT_DIR)/gpu \ $(MAGIC_FRAGMENT_DIR)/grace \ $(MAGIC_FRAGMENT_DIR)/graphviz \ $(MAGIC_FRAGMENT_DIR)/gringotts \ @@ -285,6 +286,7 @@ $(MAGIC_FRAGMENT_DIR)/xilinx \ $(MAGIC_FRAGMENT_DIR)/xo65 \ $(MAGIC_FRAGMENT_DIR)/xwindows \ +$(MAGIC_FRAGMENT_DIR)/yara \ $(MAGIC_FRAGMENT_DIR)/zfs \ $(MAGIC_FRAGMENT_DIR)/zilog \ $(MAGIC_FRAGMENT_DIR)/zyxel --- a/src/apprentice.c +++ b/src/apprentice.c @@ -2291,7 +2291,7 @@ return parse_extra(ms, me, line, CAST(off_t, offsetof(struct magic, ext)), - sizeof(m->ext), "EXTENSION", ",!+-/", 0); + sizeof(m->ext), "EXTENSION", ",!+-/@", 0); } /* --- a/src/cdf.c +++ b/src/cdf.c @@ -530,6 +530,9 @@ scn->sst_dirlen = len; scn->sst_ss = ss; + if (sid == CDF_SECID_END_OF_CHAIN || len == 0) + return cdf_zero_stream(scn); + if (scn->sst_len == (size_t)-1) goto out; --- a/src/compress.c +++ b/src/compress.c @@ -62,7 +62,7 @@ #if defined(HAVE_SYS_TIME_H) #include #endif -#if defined(HAVE_ZLIB_H) +#if defined(HAVE_ZLIB_H) && defined(ZLIBSUPPORT) #define BUILTIN_DECOMPRESS #include #endif @@ -83,6 +83,7 @@ /* * The following python code is not really used because ZLIBSUPPORT is only * defined if we have a built-in zlib, and the built-in zlib handles that. + * That is not true for android where we have zlib.h and not -lz. */ static const char zlibcode[] = "import sys, zlib; sys.stdout.write(zlib.decompress(sys.stdin.read()))"; --- a/src/der.c +++ b/src/der.c @@ -159,31 +159,49 @@ return tag; } +/* + * Read the length of a DER tag from the input. + * + * `c` is the input, `p` is an output parameter that specifies how much of the + * input we consumed, and `l` is the maximum input length. + * + * Returns the length, or DER_BAD if the end of the input is reached or the + * length exceeds the remaining input. + */ static uint32_t getlength(const uint8_t *c, size_t *p, size_t l) { uint8_t digits, i; size_t len; + int is_onebyte_result; if (*p >= l) return DER_BAD; - digits = c[(*p)++]; + /* + * Digits can either be 0b0 followed by the result, or 0b1 + * followed by the number of digits of the result. In either case, + * we verify that we can read so many bytes from the input. + */ + is_onebyte_result = (c[*p] & 0x80) == 0; + digits = c[(*p)++] & 0x7f; + if (*p + digits >= l) + return DER_BAD; - if ((digits & 0x80) == 0) + if (is_onebyte_result) return digits; - digits &= 0x7f; + /* + * Decode len. We've already verified that we're allowed to read + * `digits` bytes. + */ len = 0; - - if (*p + digits >= l) - return DER_BAD; - for (i = 0; i < digits; i++) len = (len << 8) | c[(*p)++]; + if (*p + len >= l) return DER_BAD; - return len; + return len; } static const char * --- a/src/funcs.c +++ b/src/funcs.c @@ -76,7 +76,7 @@ ms->o.buf = buf; return 0; out: - file_error(ms, errno, "vasprintf failed"); + fprintf(stderr, "vasprintf failed (%s)", strerror(errno)); return -1; } --- a/src/readelf.c +++ b/src/readelf.c @@ -1203,8 +1203,9 @@ /* Read offset of name section to be able to read section names later */ if (pread(fd, xsh_addr, xsh_sizeof, CAST(off_t, (off + size * strtab))) < (ssize_t)xsh_sizeof) { - file_badread(ms); - return -1; + if (file_printf(ms, ", missing section headers") == -1) + return -1; + return 0; } name_off = xsh_offset; --- a/src/softmagic.c +++ b/src/softmagic.c @@ -1260,7 +1260,8 @@ if (*dst == '\0') { if (type == FILE_BESTRING16 ? *(src - 1) != '\0' : - *(src + 1) != '\0') + ((src + 1 < esrc) && + *(src + 1) != '\0')) *dst = ' '; } } @@ -1887,7 +1888,7 @@ copy[--slen] = '\0'; search = copy; } else { - search = ms->search.s; + search = CCAST(char *, ""); copy = NULL; } rc = file_regexec(&rx, (const char *)search,