Subject: Stop reporting bad capabilities after the first few
ID: CVE-2014-8116
Upstream-Author: Christos Zoulas <christos@zoulas.com>
Date: Sat Nov 22 23:57:44 2014 +0000
Origin: FILE5_20-28-gd7cdad0
Last-Update: 2015-01-05

diff --git a/src/readelf.c b/src/readelf.c
index 5a6dd41..e0b252d 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -923,6 +923,7 @@ doshn(struct magic_set *ms, int clazz, int swap, int fd, off_t off, int num,
 	Elf32_Shdr sh32;
 	Elf64_Shdr sh64;
 	int stripped = 1;
+	size_t nbadcap = 0;
 	void *nbuf;
 	off_t noff, coff, name_off;
 	uint64_t cap_hw1 = 0;	/* SunOS 5.x hardware capabilites */
@@ -995,6 +996,8 @@ doshn(struct magic_set *ms, int clazz, int swap, int fd, off_t off, int num,
 			free(nbuf);
 			break;
 		case SHT_SUNW_cap:
+			if (nbadcap > 5)
+				break;
 			if (lseek(fd, (off_t)xsh_offset, SEEK_SET) ==
 			    (off_t)-1) {
 				file_badseek(ms);
@@ -1031,6 +1034,8 @@ doshn(struct magic_set *ms, int clazz, int swap, int fd, off_t off, int num,
 					    (unsigned long long)xcap_tag,
 					    (unsigned long long)xcap_val) == -1)
 						return -1;
+					if (nbadcap++ > 2)
+						coff = xsh_size;
 					break;
 				}
 			}