diff --git a/0000-file-localmagic.patch b/0000-file-localmagic.patch index d0d5350..d4f4e24 100644 --- a/0000-file-localmagic.patch +++ b/0000-file-localmagic.patch @@ -51,7 +51,7 @@ index e395854..ecc1214 100644 --- a/src/apprentice.c +++ b/src/apprentice.c @@ -454,7 +454,7 @@ apprentice_1(struct magic_set *ms, const char *fn, int action) - if (map == (struct magic_map *)-1) + if (map == RCAST(struct magic_map *, -1)) return -1; if (map == NULL) { - if (ms->flags & MAGIC_CHECK) diff --git a/0001-file-4.17-rpm-name.patch b/0001-file-4.17-rpm-name.patch deleted file mode 100644 index d542b0c..0000000 --- a/0001-file-4.17-rpm-name.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/magic/Magdir/rpm b/magic/Magdir/rpm -index 9a795f8..31db083 100644 ---- a/magic/Magdir/rpm -+++ b/magic/Magdir/rpm -@@ -29,6 +29,7 @@ - >>8 beshort 17 SuperH - >>8 beshort 18 Xtensa - >>8 beshort 255 noarch -+>>10 string x %s - - #delta RPM Daniel Novotny (dnovotny@redhat.com) - 0 string drpm Delta RPM diff --git a/0002-file-5.04-volume_key.patch b/0002-file-5.04-volume_key.patch deleted file mode 100644 index b3c0860..0000000 --- a/0002-file-5.04-volume_key.patch +++ /dev/null @@ -1,10 +0,0 @@ -diff --git a/magic/Magdir/securitycerts b/magic/Magdir/securitycerts -index 8785dd8..1c340be 100644 ---- a/magic/Magdir/securitycerts -+++ b/magic/Magdir/securitycerts -@@ -4,3 +4,5 @@ - 0 search/1 -----BEGIN\ CERTIFICATE------ RFC1421 Security Certificate text - 0 search/1 -----BEGIN\ NEW\ CERTIFICATE RFC1421 Security Certificate Signing Request text - 0 belong 0xedfeedfe Sun 'jks' Java Keystore File data -+ -+0 string \0volume_key volume_key escrow packet diff --git a/0003-file-5.34-readelf.patch b/0003-file-5.34-readelf.patch deleted file mode 100644 index 9135dc3..0000000 --- a/0003-file-5.34-readelf.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 9ec8a9d418059f6a2db0a8b5dd9c3242b4ab8b0a Mon Sep 17 00:00:00 2001 -From: Kamil Dudka -Date: Thu, 26 Jul 2018 17:39:05 +0200 -Subject: [PATCH] magic: fix printing of details about ELF binaries - -This commit fixes a regression introduced by the following commit: -https://github.com/file/file/commit/e2adab14 - -Without this patch: -/usr/bin/curl: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV) -/usr/bin/true: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=57291d41021b27733e8eb00ee1e561a98c11e2d2, stripped - -With this patch: -/usr/bin/curl: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=fd7ce380cd8dff1f52c1a4c1f3d8635cb20dda23, stripped, too many notes (256) -/usr/bin/true: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=57291d41021b27733e8eb00ee1e561a98c11e2d2, stripped ---- - src/funcs.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/funcs.c b/src/funcs.c -index 0bf92fe1..4ddf5afe 100644 ---- a/src/funcs.c -+++ b/src/funcs.c -@@ -268,7 +268,7 @@ file_buffer(struct magic_set *ms, int fd, const char *inname __attribute__ ((__u - - rv = file_tryelf(ms, &b); - rbuf = file_pop_buffer(ms, pb); -- if (rv != 1) { -+ if (rv == -1) { - free(rbuf); - rbuf = NULL; - } --- -2.14.4 - diff --git a/6000-fix-leak-on-error-found-by-coverity.patch b/6000-fix-leak-on-error-found-by-coverity.patch deleted file mode 100644 index ae30cde..0000000 --- a/6000-fix-leak-on-error-found-by-coverity.patch +++ /dev/null @@ -1,29 +0,0 @@ -From e0805be4909e47dac47bab9d0caf3725da43e645 Mon Sep 17 00:00:00 2001 -From: Christos Zoulas -Date: Wed, 1 Aug 2018 09:59:45 +0000 -Subject: [PATCH 015/185] fix leak on error, found by coverity. - ---- - src/compress.c | 5 +++++-- - 1 file changed, 4 insertions(+), 1 deletions(-) - -diff --git a/src/compress.c b/src/compress.c -index 5d565d5..ec26595 100644 ---- a/src/compress.c -+++ b/src/compress.c -@@ -264,8 +264,11 @@ file_zmagic(struct magic_set *ms, const struct buffer *b, const char *name) - * XXX: If file_buffer fails here, we overwrite - * the compressed text. FIXME. - */ -- if (file_buffer(ms, -1, NULL, buf, nbytes) == -1) -+ if (file_buffer(ms, -1, NULL, buf, nbytes) == -1) { -+ if (file_pop_buffer(ms, pb) != NULL) -+ abort(); - goto error; -+ } - if ((rbuf = file_pop_buffer(ms, pb)) != NULL) { - if (file_printf(ms, "%s", rbuf) == -1) { - free(rbuf); --- -1.8.3.1 - diff --git a/6001-PR-25-cbiedl-Avoid-strength-underflow.patch b/6001-PR-25-cbiedl-Avoid-strength-underflow.patch deleted file mode 100644 index 6d20714..0000000 --- a/6001-PR-25-cbiedl-Avoid-strength-underflow.patch +++ /dev/null @@ -1,46 +0,0 @@ -From b54c273435c873b1446730c1d2c609bece2c2f22 Mon Sep 17 00:00:00 2001 -From: Christos Zoulas -Date: Sat, 11 Aug 2018 12:17:37 +0000 -Subject: [PATCH 043/185] PR/25: cbiedl: Avoid strength underflow. - ---- - src/apprentice.c | 9 ++++++----- - 1 file changed, 5 insertions(+), 4 deletions(-) - -diff --git a/src/apprentice.c b/src/apprentice.c -index 45cf2a9..4d8a3de 100644 ---- a/src/apprentice.c -+++ b/src/apprentice.c -@@ -841,7 +841,8 @@ private size_t - apprentice_magic_strength(const struct magic *m) - { - #define MULT 10 -- size_t ts, v, val = 2 * MULT; /* baseline strength */ -+ size_t ts, v; -+ ssize_t val = 2 * MULT; /* baseline strength */ - - switch (m->type) { - case FILE_DEFAULT: /* make sure this sorts last */ -@@ -947,9 +948,6 @@ apprentice_magic_strength(const struct magic *m) - abort(); - } - -- if (val == 0) /* ensure we only return 0 for FILE_DEFAULT */ -- val = 1; -- - switch (m->factor_op) { - case FILE_FACTOR_OP_NONE: - break; -@@ -969,6 +967,9 @@ apprentice_magic_strength(const struct magic *m) - abort(); - } - -+ if (val <= 0) /* ensure we only return 0 for FILE_DEFAULT */ -+ val = 1; -+ - /* - * Magic entries with no description get a bonus because they depend - * on subsequent magic entries to print something. --- -1.8.3.1 - diff --git a/6002-Fix-indirect-offset-overflow-calculation-B.-Watson.patch b/6002-Fix-indirect-offset-overflow-calculation-B.-Watson.patch deleted file mode 100644 index 1c0d0da..0000000 --- a/6002-Fix-indirect-offset-overflow-calculation-B.-Watson.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 3a6f62e2b7a8929b2869a58864cb3e78b0583782 Mon Sep 17 00:00:00 2001 -From: Christos Zoulas -Date: Thu, 14 Feb 2019 00:25:59 +0000 -Subject: [PATCH 143/185] Fix indirect offset overflow calculation (B. Watson) - ---- - src/softmagic.c | 24 +++++++++++++++++++++--- - 1 file changed, 20 insertions(+), 2 deletions(-) - -diff --git a/src/softmagic.c b/src/softmagic.c -index 1612a56..7ecad2a 100644 ---- a/src/softmagic.c -+++ b/src/softmagic.c -@@ -1528,39 +1528,57 @@ mget(struct magic_set *ms, struct magic *m, const struct buffer *b, - if (m->in_op & FILE_OPINDIRECT) { - const union VALUETYPE *q = CAST(const union VALUETYPE *, - ((const void *)(s + offset + off))); -- if (OFFSET_OOB(nbytes, offset + off, sizeof(*q))) -- return 0; - switch (cvt_flip(m->in_type, flip)) { - case FILE_BYTE: -+ if (OFFSET_OOB(nbytes, offset + off, 1)) -+ return 0; - off = SEXT(sgn,8,q->b); - break; - case FILE_SHORT: -+ if (OFFSET_OOB(nbytes, offset + off, 2)) -+ return 0; - off = SEXT(sgn,16,q->h); - break; - case FILE_BESHORT: -+ if (OFFSET_OOB(nbytes, offset + off, 2)) -+ return 0; - off = SEXT(sgn,16,BE16(q)); - break; - case FILE_LESHORT: -+ if (OFFSET_OOB(nbytes, offset + off, 2)) -+ return 0; - off = SEXT(sgn,16,LE16(q)); - break; - case FILE_LONG: -+ if (OFFSET_OOB(nbytes, offset + off, 4)) -+ return 0; - off = SEXT(sgn,32,q->l); - break; - case FILE_BELONG: - case FILE_BEID3: -+ if (OFFSET_OOB(nbytes, offset + off, 4)) -+ return 0; - off = SEXT(sgn,32,BE32(q)); - break; - case FILE_LEID3: - case FILE_LELONG: -+ if (OFFSET_OOB(nbytes, offset + off, 4)) -+ return 0; - off = SEXT(sgn,32,LE32(q)); - break; - case FILE_MELONG: -+ if (OFFSET_OOB(nbytes, offset + off, 4)) -+ return 0; - off = SEXT(sgn,32,ME32(q)); - break; - case FILE_BEQUAD: -+ if (OFFSET_OOB(nbytes, offset + off, 8)) -+ return 0; - off = SEXT(sgn,64,BE64(q)); - break; - case FILE_LEQUAD: -+ if (OFFSET_OOB(nbytes, offset + off, 8)) -+ return 0; - off = SEXT(sgn,64,LE64(q)); - break; - default: --- -1.8.3.1 - diff --git a/6003-CVE-2019-18218.patch b/6003-CVE-2019-18218.patch deleted file mode 100644 index 21a31c3..0000000 --- a/6003-CVE-2019-18218.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 46a8443f76cec4b41ec736eca396984c74664f84 Mon Sep 17 00:00:00 2001 -From: Christos Zoulas -Date: Mon, 26 Aug 2019 14:31:39 +0000 -Subject: Limit the number of elements in a vector (found by oss-fuzz) - - -diff --git a/src/cdf.c b/src/cdf.c -index 9d639674..bb81d637 100644 ---- a/src/cdf.c -+++ b/src/cdf.c -@@ -1027,8 +1027,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, - goto out; - } - nelements = CDF_GETUINT32(q, 1); -- if (nelements == 0) { -- DPRINTF(("CDF_VECTOR with nelements == 0\n")); -+ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) { -+ DPRINTF(("CDF_VECTOR with nelements == %" -+ SIZE_T_FORMAT "u\n", nelements)); - goto out; - } - slen = 2; -@@ -1070,8 +1071,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, - goto out; - inp += nelem; - } -- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n", -- nelements)); - for (j = 0; j < nelements && i < sh.sh_properties; - j++, i++) - { -diff --git a/src/cdf.h b/src/cdf.h -index 2f7e554b..05056668 100644 ---- a/src/cdf.h -+++ b/src/cdf.h -@@ -48,6 +48,7 @@ - typedef int32_t cdf_secid_t; - - #define CDF_LOOP_LIMIT 10000 -+#define CDF_ELEMENT_LIMIT 100000 - - #define CDF_SECID_NULL 0 - #define CDF_SECID_FREE -1 - diff --git a/6004-Use-memmem-to-speed-up-searches-if-available-Michael.patch b/6004-Use-memmem-to-speed-up-searches-if-available-Michael.patch deleted file mode 100644 index c520777..0000000 --- a/6004-Use-memmem-to-speed-up-searches-if-available-Michael.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 5b86746e1afe155baff70828ac902041ef5c19eb Mon Sep 17 00:00:00 2001 -From: Christos Zoulas -Date: Wed, 27 Feb 2019 16:52:23 +0000 -Subject: [PATCH] Use memmem to speed up searches if available (Michael - Schroeder) - ---- - configure.ac | 2 +- - src/softmagic.c | 25 ++++++++++++++++++++++++- - 2 files changed, 25 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index ec296aa4..402f75dd 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -151,7 +151,7 @@ else - fi]) - - dnl Checks for functions --AC_CHECK_FUNCS(strerror strndup strtoul mkstemp mkostemp utimes utime wcwidth strtof newlocale uselocale freelocale setlocale) -+AC_CHECK_FUNCS(strerror strndup strtoul mkstemp mkostemp utimes utime wcwidth strtof newlocale uselocale freelocale setlocale memmem) - - dnl Provide implementation of some required functions if necessary - AC_REPLACE_FUNCS(getopt_long asprintf vasprintf strlcpy strlcat getline ctime_r asctime_r localtime_r gmtime_r pread strcasestr fmtcheck dprintf) -diff --git a/src/softmagic.c b/src/softmagic.c -index cfc17812..9999ef6f 100644 ---- a/src/softmagic.c -+++ b/src/softmagic.c -@@ -32,7 +32,7 @@ - #include "file.h" - - #ifndef lint --FILE_RCSID("@(#)$File: softmagic.c,v 1.262 2018/06/22 20:39:50 christos Exp $") -+FILE_RCSID("@(#)$File: softmagic.c,v 1.279 2019/02/27 16:52:23 christos Exp $") - #endif /* lint */ - - #include "magic.h" -@@ -2063,6 +2063,29 @@ magiccheck(struct magic_set *ms, struct magic *m) - slen = MIN(m->vallen, sizeof(m->value.s)); - l = 0; - v = 0; -+#ifdef HAVE_MEMMEM -+ if (slen > 0 && m->str_flags == 0) { -+ const char *found; -+ if (m->str_range != 0 -+ && ms->search.s_len >= m->str_range + slen) { -+ found = memmem(ms->search.s, -+ m->str_range + slen, m->value.s, slen); -+ } else { -+ found = memmem(ms->search.s, -+ ms->search.s_len, m->value.s, slen); -+ if (!found) -+ return 0; -+ } -+ if (!found) { -+ v = 1; -+ } else { -+ idx = found - ms->search.s; -+ ms->search.offset += idx; -+ ms->search.rm_len = ms->search.s_len - idx; -+ } -+ break; -+ } -+#endif - - for (idx = 0; m->str_range == 0 || idx < m->str_range; idx++) { - if (slen + idx > ms->search.s_len) --- -2.19.1 - diff --git a/6005-Simplify-and-always-return-if-not-found-found-by-OSS.patch b/6005-Simplify-and-always-return-if-not-found-found-by-OSS.patch deleted file mode 100644 index 2483479..0000000 --- a/6005-Simplify-and-always-return-if-not-found-found-by-OSS.patch +++ /dev/null @@ -1,58 +0,0 @@ -From dcda2612a5f38a3d9e15c0ac9a7d156d74b3a395 Mon Sep 17 00:00:00 2001 -From: Christos Zoulas -Date: Thu, 28 Feb 2019 12:52:56 +0000 -Subject: [PATCH] Simplify and always return if not found (found by OSS-fuzz) - ---- - src/softmagic.c | 28 ++++++++++------------------ - 1 file changed, 10 insertions(+), 18 deletions(-) - -diff --git a/src/softmagic.c b/src/softmagic.c -index 9999ef6f..2befe35f 100644 ---- a/src/softmagic.c -+++ b/src/softmagic.c -@@ -32,7 +32,7 @@ - #include "file.h" - - #ifndef lint --FILE_RCSID("@(#)$File: softmagic.c,v 1.279 2019/02/27 16:52:23 christos Exp $") -+FILE_RCSID("@(#)$File: softmagic.c,v 1.280 2019/02/28 12:52:56 christos Exp $") - #endif /* lint */ - - #include "magic.h" -@@ -2066,23 +2066,15 @@ magiccheck(struct magic_set *ms, struct magic *m) - #ifdef HAVE_MEMMEM - if (slen > 0 && m->str_flags == 0) { - const char *found; -- if (m->str_range != 0 -- && ms->search.s_len >= m->str_range + slen) { -- found = memmem(ms->search.s, -- m->str_range + slen, m->value.s, slen); -- } else { -- found = memmem(ms->search.s, -- ms->search.s_len, m->value.s, slen); -- if (!found) -- return 0; -- } -- if (!found) { -- v = 1; -- } else { -- idx = found - ms->search.s; -- ms->search.offset += idx; -- ms->search.rm_len = ms->search.s_len - idx; -- } -+ idx = m->str_range + slen; -+ if (m->str_range == 0 || ms->search.s_len < idx) -+ idx = ms->search.s_len; -+ found = memmem(ms->search.s, idx, m->value.s, slen); -+ if (!found) -+ return 0; -+ idx = found - ms->search.s; -+ ms->search.offset += idx; -+ ms->search.rm_len = ms->search.s_len - idx; - break; - } - #endif --- -2.19.1 - diff --git a/file-5.34.tar.gz b/file-5.34.tar.gz deleted file mode 100644 index fab0acd..0000000 Binary files a/file-5.34.tar.gz and /dev/null differ diff --git a/file-5.38.tar.gz b/file-5.38.tar.gz new file mode 100644 index 0000000..249abc1 Binary files /dev/null and b/file-5.38.tar.gz differ diff --git a/file.spec b/file.spec index 2257bf5..08d32f0 100644 --- a/file.spec +++ b/file.spec @@ -1,6 +1,6 @@ Name: file -Version: 5.34 -Release: 9 +Version: 5.38 +Release: 1 Summary: A tool to identify the type of a particular file type License: BSD URL: http://www.darwinsys.com/file/ @@ -8,19 +8,6 @@ Source0: ftp://ftp.astron.com/pub/file/file-%{version}.tar.gz Patch0: 0000-file-localmagic.patch -Patch1: 0001-file-4.17-rpm-name.patch -Patch2: 0002-file-5.04-volume_key.patch - -Patch6000: 6000-fix-leak-on-error-found-by-coverity.patch -Patch6001: 6001-PR-25-cbiedl-Avoid-strength-underflow.patch -Patch6002: 6002-Fix-indirect-offset-overflow-calculation-B.-Watson.patch - -Patch3: 0003-file-5.34-readelf.patch - -Patch6003: 6003-CVE-2019-18218.patch -Patch6004: 6004-Use-memmem-to-speed-up-searches-if-available-Michael.patch -Patch6005: 6005-Simplify-and-always-return-if-not-found-found-by-OSS.patch - Requires: %{name}-libs = %{version}-%{release} BuildRequires: autoconf automake libtool git zlib-devel @@ -161,6 +148,12 @@ cd %{py3dir} %{python3_sitelib}/__pycache__/* %changelog +* Fri Jan 10 2020 Huangzheng - 5.38-1 +- Type:enhancemnet +- ID:NA +- SUG:restart +- DESCi:upgrade package + * Thu Dec 26 2019 openEuler Buildteam - 5.34-9 - reupload patches