2 * Copyright (c) Ian F. Darwin 1986-1995.
3 * Software written by Ian F. Darwin and others;
4 * maintained 1995-present by Christos Zoulas and others.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice immediately at the beginning of the file, without modification,
11 * this list of conditions, and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR
20 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * softmagic - interpret variable magic from MAGIC
41 FILE_RCSID("@(#)$File: softmagic.c,v 1.103 2007/12/27 16:35:59 christos Exp $")
44 private int match(struct magic_set
*, struct magic
*, uint32_t,
45 const unsigned char *, size_t);
46 private int mget(struct magic_set
*, const unsigned char *,
47 struct magic
*, size_t, unsigned int);
48 private int magiccheck(struct magic_set
*, struct magic
*);
49 private int32_t mprint(struct magic_set
*, struct magic
*);
50 private void mdebug(uint32_t, const char *, size_t);
51 private int mcopy(struct magic_set
*, union VALUETYPE
*, int, int,
52 const unsigned char *, uint32_t, size_t, size_t);
53 private int mconvert(struct magic_set
*, struct magic
*);
54 private int print_sep(struct magic_set
*, int);
55 private void cvt_8(union VALUETYPE
*, const struct magic
*);
56 private void cvt_16(union VALUETYPE
*, const struct magic
*);
57 private void cvt_32(union VALUETYPE
*, const struct magic
*);
58 private void cvt_64(union VALUETYPE
*, const struct magic
*);
61 * softmagic - lookup one file in parsed, in-memory copy of database
62 * Passed the name and FILE * of one file to be typed.
64 /*ARGSUSED1*/ /* nbytes passed for regularity, maybe need later */
66 file_softmagic(struct magic_set
*ms
, const unsigned char *buf
, size_t nbytes
)
70 for (ml
= ms
->mlist
->next
; ml
!= ms
->mlist
; ml
= ml
->next
)
71 if ((rv
= match(ms
, ml
->magic
, ml
->nmagic
, buf
, nbytes
)) != 0)
78 * Go through the whole list, stopping if you find a match. Process all
79 * the continuations of that match before returning.
81 * We support multi-level continuations:
83 * At any time when processing a successful top-level match, there is a
84 * current continuation level; it represents the level of the last
85 * successfully matched continuation.
87 * Continuations above that level are skipped as, if we see one, it
88 * means that the continuation that controls them - i.e, the
89 * lower-level continuation preceding them - failed to match.
91 * Continuations below that level are processed as, if we see one,
92 * it means we've finished processing or skipping higher-level
93 * continuations under the control of a successful or unsuccessful
94 * lower-level continuation, and are now seeing the next lower-level
95 * continuation and should process it. The current continuation
96 * level reverts to the level of the one we're seeing.
98 * Continuations at the current level are processed as, if we see
99 * one, there's no lower-level continuation that may have failed.
101 * If a continuation matches, we bump the current continuation level
102 * so that higher-level continuations are processed.
105 match(struct magic_set
*ms
, struct magic
*magic
, uint32_t nmagic
,
106 const unsigned char *s
, size_t nbytes
)
108 uint32_t magindex
= 0;
109 unsigned int cont_level
= 0;
110 int need_separator
= 0;
111 int returnval
= 0; /* if a match is found it is set to 1*/
112 int firstline
= 1; /* a flag to print X\n X\n- X */
113 int printed_something
= 0;
115 if (file_check_mem(ms
, cont_level
) == -1)
118 for (magindex
= 0; magindex
< nmagic
; magindex
++) {
121 ms
->offset
= magic
[magindex
].offset
;
122 ms
->line
= magic
[magindex
].lineno
;
124 /* if main entry matches, print it... */
125 flush
= !mget(ms
, s
, &magic
[magindex
], nbytes
, cont_level
);
127 if (magic
[magindex
].reln
== '!')
130 switch (magiccheck(ms
, &magic
[magindex
])) {
142 * main entry didn't match,
143 * flush its continuations
145 while (magindex
< nmagic
- 1 &&
146 magic
[magindex
+ 1].cont_level
!= 0)
152 * If we are going to print something, we'll need to print
153 * a blank before we print something else.
155 if (magic
[magindex
].desc
[0]) {
157 printed_something
= 1;
158 if (print_sep(ms
, firstline
) == -1)
162 if ((ms
->c
.li
[cont_level
].off
= mprint(ms
, &magic
[magindex
]))
166 /* and any continuations that match */
167 if (file_check_mem(ms
, ++cont_level
) == -1)
170 while (magic
[magindex
+1].cont_level
!= 0 &&
171 ++magindex
< nmagic
) {
172 ms
->line
= magic
[magindex
].lineno
; /* for messages */
174 if (cont_level
< magic
[magindex
].cont_level
)
176 if (cont_level
> magic
[magindex
].cont_level
) {
178 * We're at the end of the level
179 * "cont_level" continuations.
181 cont_level
= magic
[magindex
].cont_level
;
183 ms
->offset
= magic
[magindex
].offset
;
184 if (magic
[magindex
].flag
& OFFADD
) {
186 ms
->c
.li
[cont_level
- 1].off
;
189 #ifdef ENABLE_CONDITIONALS
190 if (magic
[magindex
].cond
== COND_ELSE
||
191 magic
[magindex
].cond
== COND_ELIF
) {
192 if (ms
->c
.li
[cont_level
].last_match
== 1)
196 flush
= !mget(ms
, s
, &magic
[magindex
], nbytes
,
198 if (flush
&& magic
[magindex
].reln
!= '!')
201 switch (flush
? 1 : magiccheck(ms
, &magic
[magindex
])) {
205 #ifdef ENABLE_CONDITIONALS
206 ms
->c
.li
[cont_level
].last_match
= 0;
210 #ifdef ENABLE_CONDITIONALS
211 ms
->c
.li
[cont_level
].last_match
= 1;
213 if (magic
[magindex
].type
!= FILE_DEFAULT
)
214 ms
->c
.li
[cont_level
].got_match
= 1;
215 else if (ms
->c
.li
[cont_level
].got_match
) {
216 ms
->c
.li
[cont_level
].got_match
= 0;
220 * If we are going to print something,
221 * make sure that we have a separator first.
223 if (magic
[magindex
].desc
[0]) {
224 printed_something
= 1;
225 if (print_sep(ms
, firstline
) == -1)
229 * This continuation matched. Print
230 * its message, with a blank before it
231 * if the previous item printed and
232 * this item isn't empty.
234 /* space if previous printed */
236 && (magic
[magindex
].nospflag
== 0)
237 && (magic
[magindex
].desc
[0] != '\0')) {
238 if (file_printf(ms
, " ") == -1)
242 if ((ms
->c
.li
[cont_level
].off
= mprint(ms
, &magic
[magindex
])) == -1)
244 if (magic
[magindex
].desc
[0])
248 * If we see any continuations
252 if (file_check_mem(ms
, ++cont_level
) == -1)
257 if (printed_something
) {
261 if ((ms
->flags
& MAGIC_CONTINUE
) == 0 && printed_something
) {
262 return 1; /* don't keep searching */
265 return returnval
; /* This is hit if -k is set or there is no match */
269 check_fmt(struct magic_set
*ms
, struct magic
*m
)
274 if (strchr(m
->desc
, '%') == NULL
)
277 rc
= regcomp(&rx
, "%[-0-9\\.]*s", REG_EXTENDED
|REG_NOSUB
);
280 (void)regerror(rc
, &rx
, errmsg
, sizeof(errmsg
));
281 file_magerror(ms
, "regex error %d, (%s)", rc
, errmsg
);
284 rc
= regexec(&rx
, m
->desc
, 0, 0, 0);
291 char * strndup(const char *, size_t);
294 strndup(const char *str
, size_t n
)
302 if (!(copy
= malloc(len
+ 1)))
304 (void) memcpy(copy
, str
, len
+ 1);
308 #endif /* HAVE_STRNDUP */
311 mprint(struct magic_set
*ms
, struct magic
*m
)
318 union VALUETYPE
*p
= &ms
->ms_value
;
322 v
= file_signextend(ms
, m
, (uint64_t)p
->b
);
323 switch (check_fmt(ms
, m
)) {
327 if (snprintf(buf
, sizeof(buf
), "%c",
328 (unsigned char)v
) < 0)
330 if (file_printf(ms
, m
->desc
, buf
) == -1)
334 if (file_printf(ms
, m
->desc
, (unsigned char) v
) == -1)
338 t
= ms
->offset
+ sizeof(char);
344 v
= file_signextend(ms
, m
, (uint64_t)p
->h
);
345 switch (check_fmt(ms
, m
)) {
349 if (snprintf(buf
, sizeof(buf
), "%hu",
350 (unsigned short)v
) < 0)
352 if (file_printf(ms
, m
->desc
, buf
) == -1)
356 if (file_printf(ms
, m
->desc
, (unsigned short) v
) == -1)
360 t
= ms
->offset
+ sizeof(short);
367 v
= file_signextend(ms
, m
, (uint64_t)p
->l
);
368 switch (check_fmt(ms
, m
)) {
372 if (snprintf(buf
, sizeof(buf
), "%u", (uint32_t)v
) < 0)
374 if (file_printf(ms
, m
->desc
, buf
) == -1)
378 if (file_printf(ms
, m
->desc
, (uint32_t) v
) == -1)
382 t
= ms
->offset
+ sizeof(int32_t);
388 v
= file_signextend(ms
, m
, p
->q
);
389 if (file_printf(ms
, m
->desc
, (uint64_t) v
) == -1)
391 t
= ms
->offset
+ sizeof(int64_t);
396 case FILE_BESTRING16
:
397 case FILE_LESTRING16
:
398 if (m
->reln
== '=' || m
->reln
== '!') {
399 if (file_printf(ms
, m
->desc
, m
->value
.s
) == -1)
401 t
= ms
->offset
+ m
->vallen
;
404 if (*m
->value
.s
== '\0')
405 p
->s
[strcspn(p
->s
, "\n")] = '\0';
406 if (file_printf(ms
, m
->desc
, p
->s
) == -1)
408 t
= ms
->offset
+ strlen(p
->s
);
416 if (file_printf(ms
, m
->desc
, file_fmttime(p
->l
, 1)) == -1)
418 t
= ms
->offset
+ sizeof(time_t);
425 if (file_printf(ms
, m
->desc
, file_fmttime(p
->l
, 0)) == -1)
427 t
= ms
->offset
+ sizeof(time_t);
433 if (file_printf(ms
, m
->desc
, file_fmttime((uint32_t)p
->q
, 1))
436 t
= ms
->offset
+ sizeof(uint64_t);
442 if (file_printf(ms
, m
->desc
, file_fmttime((uint32_t)p
->q
, 0))
445 t
= ms
->offset
+ sizeof(uint64_t);
452 switch (check_fmt(ms
, m
)) {
456 if (snprintf(buf
, sizeof(buf
), "%g", vf
) < 0)
458 if (file_printf(ms
, m
->desc
, buf
) == -1)
462 if (file_printf(ms
, m
->desc
, vf
) == -1)
466 t
= ms
->offset
+ sizeof(float);
473 switch (check_fmt(ms
, m
)) {
477 if (snprintf(buf
, sizeof(buf
), "%g", vd
) < 0)
479 if (file_printf(ms
, m
->desc
, buf
) == -1)
483 if (file_printf(ms
, m
->desc
, vd
) == -1)
487 t
= ms
->offset
+ sizeof(double);
494 cp
= strndup((const char *)ms
->search
.s
, ms
->search
.rm_len
);
496 file_oomem(ms
, ms
->search
.rm_len
);
499 rval
= file_printf(ms
, m
->desc
, cp
);
505 if ((m
->str_flags
& REGEX_OFFSET_START
))
506 t
= ms
->search
.offset
;
508 t
= ms
->search
.offset
+ ms
->search
.rm_len
;
513 if (file_printf(ms
, m
->desc
, m
->value
.s
) == -1)
515 if ((m
->str_flags
& REGEX_OFFSET_START
))
516 t
= ms
->search
.offset
;
518 t
= ms
->search
.offset
+ m
->vallen
;
522 if (file_printf(ms
, m
->desc
, m
->value
.s
) == -1)
528 file_magerror(ms
, "invalid m->type (%d) in mprint()", m
->type
);
535 #define DO_CVT(fld, cast) \
537 switch (m->mask_op & FILE_OPS_MASK) { \
539 p->fld &= cast m->num_mask; \
542 p->fld |= cast m->num_mask; \
545 p->fld ^= cast m->num_mask; \
548 p->fld += cast m->num_mask; \
551 p->fld -= cast m->num_mask; \
553 case FILE_OPMULTIPLY: \
554 p->fld *= cast m->num_mask; \
556 case FILE_OPDIVIDE: \
557 p->fld /= cast m->num_mask; \
559 case FILE_OPMODULO: \
560 p->fld %= cast m->num_mask; \
563 if (m->mask_op & FILE_OPINVERSE) \
567 cvt_8(union VALUETYPE
*p
, const struct magic
*m
)
569 DO_CVT(b
, (uint8_t));
573 cvt_16(union VALUETYPE
*p
, const struct magic
*m
)
575 DO_CVT(h
, (uint16_t));
579 cvt_32(union VALUETYPE
*p
, const struct magic
*m
)
581 DO_CVT(l
, (uint32_t));
585 cvt_64(union VALUETYPE
*p
, const struct magic
*m
)
587 DO_CVT(q
, (uint64_t));
590 #define DO_CVT2(fld, cast) \
592 switch (m->mask_op & FILE_OPS_MASK) { \
594 p->fld += cast m->num_mask; \
597 p->fld -= cast m->num_mask; \
599 case FILE_OPMULTIPLY: \
600 p->fld *= cast m->num_mask; \
602 case FILE_OPDIVIDE: \
603 p->fld /= cast m->num_mask; \
608 cvt_float(union VALUETYPE
*p
, const struct magic
*m
)
614 cvt_double(union VALUETYPE
*p
, const struct magic
*m
)
616 DO_CVT2(d
, (double));
620 * Convert the byte order of the data we are looking at
621 * While we're here, let's apply the mask operation
622 * (unless you have a better idea)
625 mconvert(struct magic_set
*ms
, struct magic
*m
)
627 union VALUETYPE
*p
= &ms
->ms_value
;
647 case FILE_BESTRING16
:
648 case FILE_LESTRING16
: {
651 /* Null terminate and eat *trailing* return */
652 p
->s
[sizeof(p
->s
) - 1] = '\0';
654 if (len
-- && p
->s
[len
] == '\n')
659 char *ptr1
= p
->s
, *ptr2
= ptr1
+ 1;
661 if (len
>= sizeof(p
->s
))
662 len
= sizeof(p
->s
) - 1;
667 if (len
-- && p
->s
[len
] == '\n')
672 p
->h
= (short)((p
->hs
[0]<<8)|(p
->hs
[1]));
679 ((p
->hl
[0]<<24)|(p
->hl
[1]<<16)|(p
->hl
[2]<<8)|(p
->hl
[3]));
686 (((int64_t)p
->hq
[0]<<56)|((int64_t)p
->hq
[1]<<48)|
687 ((int64_t)p
->hq
[2]<<40)|((int64_t)p
->hq
[3]<<32)|
688 (p
->hq
[4]<<24)|(p
->hq
[5]<<16)|(p
->hq
[6]<<8)|(p
->hq
[7]));
692 p
->h
= (short)((p
->hs
[1]<<8)|(p
->hs
[0]));
699 ((p
->hl
[3]<<24)|(p
->hl
[2]<<16)|(p
->hl
[1]<<8)|(p
->hl
[0]));
706 (((int64_t)p
->hq
[7]<<56)|((int64_t)p
->hq
[6]<<48)|
707 ((int64_t)p
->hq
[5]<<40)|((int64_t)p
->hq
[4]<<32)|
708 (p
->hq
[3]<<24)|(p
->hq
[2]<<16)|(p
->hq
[1]<<8)|(p
->hq
[0]));
715 ((p
->hl
[1]<<24)|(p
->hl
[0]<<16)|(p
->hl
[3]<<8)|(p
->hl
[2]));
722 p
->l
= ((uint32_t)p
->hl
[0]<<24)|((uint32_t)p
->hl
[1]<<16)|
723 ((uint32_t)p
->hl
[2]<<8) |((uint32_t)p
->hl
[3]);
727 p
->l
= ((uint32_t)p
->hl
[3]<<24)|((uint32_t)p
->hl
[2]<<16)|
728 ((uint32_t)p
->hl
[1]<<8) |((uint32_t)p
->hl
[0]);
735 p
->q
= ((uint64_t)p
->hq
[0]<<56)|((uint64_t)p
->hq
[1]<<48)|
736 ((uint64_t)p
->hq
[2]<<40)|((uint64_t)p
->hq
[3]<<32)|
737 ((uint64_t)p
->hq
[4]<<24)|((uint64_t)p
->hq
[5]<<16)|
738 ((uint64_t)p
->hq
[6]<<8) |((uint64_t)p
->hq
[7]);
742 p
->q
= ((uint64_t)p
->hq
[7]<<56)|((uint64_t)p
->hq
[6]<<48)|
743 ((uint64_t)p
->hq
[5]<<40)|((uint64_t)p
->hq
[4]<<32)|
744 ((uint64_t)p
->hq
[3]<<24)|((uint64_t)p
->hq
[2]<<16)|
745 ((uint64_t)p
->hq
[1]<<8) |((uint64_t)p
->hq
[0]);
753 file_magerror(ms
, "invalid type %d in mconvert()", m
->type
);
760 mdebug(uint32_t offset
, const char *str
, size_t len
)
762 (void) fprintf(stderr
, "mget @%d: ", offset
);
763 file_showstr(stderr
, str
, len
);
764 (void) fputc('\n', stderr
);
765 (void) fputc('\n', stderr
);
769 mcopy(struct magic_set
*ms
, union VALUETYPE
*p
, int type
, int indir
,
770 const unsigned char *s
, uint32_t offset
, size_t nbytes
, size_t linecnt
)
773 * Note: FILE_SEARCH and FILE_REGEX do not actually copy
774 * anything, but setup pointers into the source
779 ms
->search
.s
= (const char *)s
+ offset
;
780 ms
->search
.s_len
= nbytes
- offset
;
785 * offset is interpreted as last line to search,
786 * (starting at 1), not as bytes-from start-of-file
790 const char *last
; /* end of search region */
791 const char *buf
; /* start of search region */
795 ms
->search
.s_len
= 0;
799 buf
= (const char *)s
+ offset
;
800 last
= (const char *)s
+ nbytes
;
801 /* mget() guarantees buf <= last */
802 for (lines
= linecnt
, b
= buf
;
803 lines
&& ((b
= strchr(c
= b
, '\n')) || (b
= strchr(c
, '\r')));
806 if (b
[0] == '\r' && b
[1] == '\n')
810 last
= (const char *)s
+ nbytes
;
813 ms
->search
.s_len
= last
- buf
;
814 ms
->search
.offset
= offset
;
815 ms
->search
.rm_len
= 0;
818 case FILE_BESTRING16
:
819 case FILE_LESTRING16
: {
820 const unsigned char *src
= s
+ offset
;
821 const unsigned char *esrc
= s
+ nbytes
;
823 char *edst
= &p
->s
[sizeof(p
->s
) - 1];
825 if (type
== FILE_BESTRING16
)
828 /* check for pointer overflow */
830 file_magerror(ms
, "invalid offset %zu in mcopy()",
834 for (/*EMPTY*/; src
< esrc
; src
+= 2, dst
++) {
840 if (type
== FILE_BESTRING16
?
849 case FILE_STRING
: /* XXX - these two should not need */
850 case FILE_PSTRING
: /* to copy anything, but do anyway. */
856 if (offset
>= nbytes
) {
857 (void)memset(p
, '\0', sizeof(*p
));
860 if (nbytes
- offset
< sizeof(*p
))
861 nbytes
= nbytes
- offset
;
865 (void)memcpy(p
, s
+ offset
, nbytes
);
868 * the usefulness of padding with zeroes eludes me, it
869 * might even cause problems
871 if (nbytes
< sizeof(*p
))
872 (void)memset(((char *)(void *)p
) + nbytes
, '\0',
873 sizeof(*p
) - nbytes
);
878 mget(struct magic_set
*ms
, const unsigned char *s
,
879 struct magic
*m
, size_t nbytes
, unsigned int cont_level
)
881 uint32_t offset
= ms
->offset
;
882 uint32_t count
= m
->str_count
;
883 union VALUETYPE
*p
= &ms
->ms_value
;
885 if (mcopy(ms
, p
, m
->type
, m
->flag
& INDIR
, s
, offset
, nbytes
, count
) == -1)
888 if ((ms
->flags
& MAGIC_DEBUG
) != 0) {
889 mdebug(offset
, (char *)(void *)p
, sizeof(union VALUETYPE
));
893 if (m
->flag
& INDIR
) {
894 int off
= m
->in_offset
;
895 if (m
->in_op
& FILE_OPINDIRECT
) {
896 const union VALUETYPE
*q
=
897 ((const void *)(s
+ offset
+ off
));
898 switch (m
->in_type
) {
906 off
= (short)((q
->hs
[0]<<8)|(q
->hs
[1]));
909 off
= (short)((q
->hs
[1]<<8)|(q
->hs
[0]));
915 off
= (int32_t)((q
->hl
[0]<<24)|(q
->hl
[1]<<16)|
916 (q
->hl
[2]<<8)|(q
->hl
[3]));
919 off
= (int32_t)((q
->hl
[3]<<24)|(q
->hl
[2]<<16)|
920 (q
->hl
[1]<<8)|(q
->hl
[0]));
923 off
= (int32_t)((q
->hl
[1]<<24)|(q
->hl
[0]<<16)|
924 (q
->hl
[3]<<8)|(q
->hl
[2]));
928 switch (m
->in_type
) {
930 if (nbytes
< (offset
+ 1))
933 switch (m
->in_op
& FILE_OPS_MASK
) {
949 case FILE_OPMULTIPLY
:
961 if (m
->in_op
& FILE_OPINVERSE
)
965 if (nbytes
< (offset
+ 2))
968 switch (m
->in_op
& FILE_OPS_MASK
) {
970 offset
= (short)((p
->hs
[0]<<8)|
975 offset
= (short)((p
->hs
[0]<<8)|
980 offset
= (short)((p
->hs
[0]<<8)|
985 offset
= (short)((p
->hs
[0]<<8)|
990 offset
= (short)((p
->hs
[0]<<8)|
994 case FILE_OPMULTIPLY
:
995 offset
= (short)((p
->hs
[0]<<8)|
1000 offset
= (short)((p
->hs
[0]<<8)|
1005 offset
= (short)((p
->hs
[0]<<8)|
1011 offset
= (short)((p
->hs
[0]<<8)|
1013 if (m
->in_op
& FILE_OPINVERSE
)
1017 if (nbytes
< (offset
+ 2))
1020 switch (m
->in_op
& FILE_OPS_MASK
) {
1022 offset
= (short)((p
->hs
[1]<<8)|
1027 offset
= (short)((p
->hs
[1]<<8)|
1032 offset
= (short)((p
->hs
[1]<<8)|
1037 offset
= (short)((p
->hs
[1]<<8)|
1042 offset
= (short)((p
->hs
[1]<<8)|
1046 case FILE_OPMULTIPLY
:
1047 offset
= (short)((p
->hs
[1]<<8)|
1052 offset
= (short)((p
->hs
[1]<<8)|
1057 offset
= (short)((p
->hs
[1]<<8)|
1063 offset
= (short)((p
->hs
[1]<<8)|
1065 if (m
->in_op
& FILE_OPINVERSE
)
1069 if (nbytes
< (offset
+ 2))
1072 switch (m
->in_op
& FILE_OPS_MASK
) {
1074 offset
= p
->h
& off
;
1077 offset
= p
->h
| off
;
1080 offset
= p
->h
^ off
;
1083 offset
= p
->h
+ off
;
1086 offset
= p
->h
- off
;
1088 case FILE_OPMULTIPLY
:
1089 offset
= p
->h
* off
;
1092 offset
= p
->h
/ off
;
1095 offset
= p
->h
% off
;
1101 if (m
->in_op
& FILE_OPINVERSE
)
1105 if (nbytes
< (offset
+ 4))
1108 switch (m
->in_op
& FILE_OPS_MASK
) {
1110 offset
= (int32_t)((p
->hl
[0]<<24)|
1117 offset
= (int32_t)((p
->hl
[0]<<24)|
1124 offset
= (int32_t)((p
->hl
[0]<<24)|
1131 offset
= (int32_t)((p
->hl
[0]<<24)|
1138 offset
= (int32_t)((p
->hl
[0]<<24)|
1144 case FILE_OPMULTIPLY
:
1145 offset
= (int32_t)((p
->hl
[0]<<24)|
1152 offset
= (int32_t)((p
->hl
[0]<<24)|
1159 offset
= (int32_t)((p
->hl
[0]<<24)|
1167 offset
= (int32_t)((p
->hl
[0]<<24)|
1171 if (m
->in_op
& FILE_OPINVERSE
)
1175 if (nbytes
< (offset
+ 4))
1178 switch (m
->in_op
& FILE_OPS_MASK
) {
1180 offset
= (int32_t)((p
->hl
[3]<<24)|
1187 offset
= (int32_t)((p
->hl
[3]<<24)|
1194 offset
= (int32_t)((p
->hl
[3]<<24)|
1201 offset
= (int32_t)((p
->hl
[3]<<24)|
1208 offset
= (int32_t)((p
->hl
[3]<<24)|
1214 case FILE_OPMULTIPLY
:
1215 offset
= (int32_t)((p
->hl
[3]<<24)|
1222 offset
= (int32_t)((p
->hl
[3]<<24)|
1229 offset
= (int32_t)((p
->hl
[3]<<24)|
1237 offset
= (int32_t)((p
->hl
[3]<<24)|
1241 if (m
->in_op
& FILE_OPINVERSE
)
1245 if (nbytes
< (offset
+ 4))
1248 switch (m
->in_op
& FILE_OPS_MASK
) {
1250 offset
= (int32_t)((p
->hl
[1]<<24)|
1257 offset
= (int32_t)((p
->hl
[1]<<24)|
1264 offset
= (int32_t)((p
->hl
[1]<<24)|
1271 offset
= (int32_t)((p
->hl
[1]<<24)|
1278 offset
= (int32_t)((p
->hl
[1]<<24)|
1284 case FILE_OPMULTIPLY
:
1285 offset
= (int32_t)((p
->hl
[1]<<24)|
1292 offset
= (int32_t)((p
->hl
[1]<<24)|
1299 offset
= (int32_t)((p
->hl
[1]<<24)|
1307 offset
= (int32_t)((p
->hl
[1]<<24)|
1311 if (m
->in_op
& FILE_OPINVERSE
)
1315 if (nbytes
< (offset
+ 4))
1318 switch (m
->in_op
& FILE_OPS_MASK
) {
1320 offset
= p
->l
& off
;
1323 offset
= p
->l
| off
;
1326 offset
= p
->l
^ off
;
1329 offset
= p
->l
+ off
;
1332 offset
= p
->l
- off
;
1334 case FILE_OPMULTIPLY
:
1335 offset
= p
->l
* off
;
1338 offset
= p
->l
/ off
;
1341 offset
= p
->l
% off
;
1343 /* case TOOMANYSWITCHBLOCKS:
1344 * ugh = p->eye % m->strain;
1347 * off = p->tab & m->in_gest;
1353 if (m
->in_op
& FILE_OPINVERSE
)
1358 if (m
->flag
& INDIROFFADD
)
1359 offset
+= ms
->c
.li
[cont_level
-1].off
;
1360 if (mcopy(ms
, p
, m
->type
, 0, s
, offset
, nbytes
, count
) == -1)
1362 ms
->offset
= offset
;
1364 if ((ms
->flags
& MAGIC_DEBUG
) != 0) {
1365 mdebug(offset
, (char *)(void *)p
,
1366 sizeof(union VALUETYPE
));
1371 /* Verify we have enough data to match magic type */
1374 if (nbytes
< (offset
+ 1)) /* should alway be true */
1381 if (nbytes
< (offset
+ 2))
1400 if (nbytes
< (offset
+ 4))
1407 if (nbytes
< (offset
+ 8))
1414 if (nbytes
< (offset
+ m
->vallen
))
1419 if (nbytes
< offset
)
1423 case FILE_DEFAULT
: /* nothing to check */
1427 if (!mconvert(ms
, m
))
1433 file_strncmp(const char *s1
, const char *s2
, size_t len
, uint32_t flags
)
1436 * Convert the source args to unsigned here so that (1) the
1437 * compare will be unsigned as it is in strncmp() and (2) so
1438 * the ctype functions will work correctly without extra
1441 const unsigned char *a
= (const unsigned char *)s1
;
1442 const unsigned char *b
= (const unsigned char *)s2
;
1446 * What we want here is:
1447 * v = strncmp(m->value.s, p->s, m->vallen);
1448 * but ignoring any nulls. bcmp doesn't give -/+/0
1449 * and isn't universally available anyway.
1452 if (0L == flags
) { /* normal string: do it fast */
1454 if ((v
= *b
++ - *a
++) != '\0')
1457 else { /* combine the others */
1459 if ((flags
& STRING_IGNORE_LOWERCASE
) &&
1461 if ((v
= tolower(*b
++) - *a
++) != '\0')
1464 else if ((flags
& STRING_IGNORE_UPPERCASE
) &&
1466 if ((v
= toupper(*b
++) - *a
++) != '\0')
1469 else if ((flags
& STRING_COMPACT_BLANK
) &&
1472 if (isspace(*b
++)) {
1481 else if ((flags
& STRING_COMPACT_OPTIONAL_BLANK
) &&
1488 if ((v
= *b
++ - *a
++) != '\0')
1497 file_strncmp16(const char *a
, const char *b
, size_t len
, uint32_t flags
)
1500 * XXX - The 16-bit string compare probably needs to be done
1501 * differently, especially if the flags are to be supported.
1502 * At the moment, I am unsure.
1505 return file_strncmp(a
, b
, len
, flags
);
1509 magiccheck(struct magic_set
*ms
, struct magic
*m
)
1511 uint64_t l
= m
->value
.q
;
1516 union VALUETYPE
*p
= &ms
->ms_value
;
1584 file_magerror(ms
, "cannot happen with float: invalid relation `%c'", m
->reln
);
1617 file_magerror(ms
, "cannot happen with double: invalid relation `%c'", m
->reln
);
1630 v
= file_strncmp(m
->value
.s
, p
->s
, (size_t)m
->vallen
, m
->str_flags
);
1633 case FILE_BESTRING16
:
1634 case FILE_LESTRING16
:
1636 v
= file_strncmp16(m
->value
.s
, p
->s
, (size_t)m
->vallen
, m
->str_flags
);
1639 case FILE_SEARCH
: { /* search ms->search.s for the string m->value.s */
1643 if (ms
->search
.s
== NULL
)
1646 slen
= MIN(m
->vallen
, sizeof(m
->value
.s
));
1649 ms
->search
.offset
= m
->offset
;
1651 for (idx
= 0; m
->str_count
== 0 || idx
< m
->str_count
; idx
++) {
1652 if (slen
+ idx
> ms
->search
.s_len
)
1655 v
= file_strncmp(m
->value
.s
, ms
->search
.s
+ idx
, slen
, m
->str_flags
);
1656 if (v
== 0) { /* found match */
1657 ms
->search
.offset
= m
->offset
+ idx
;
1668 if (ms
->search
.s
== NULL
)
1672 rc
= regcomp(&rx
, m
->value
.s
,
1673 REG_EXTENDED
|REG_NEWLINE
|
1674 ((m
->str_flags
& STRING_IGNORE_CASE
) ? REG_ICASE
: 0));
1676 (void)regerror(rc
, &rx
, errmsg
, sizeof(errmsg
));
1677 file_magerror(ms
, "regex error %d, (%s)",
1682 regmatch_t pmatch
[1];
1683 #ifndef REG_STARTEND
1684 #define REG_STARTEND 0
1685 size_t l
= ms
->search
.s_len
- 1;
1686 char c
= ms
->search
.s
[l
];
1687 ((char *)(intptr_t)ms
->search
.s
)[l
] = '\0';
1689 pmatch
[0].rm_so
= 0;
1690 pmatch
[0].rm_eo
= ms
->search
.s_len
;
1692 rc
= regexec(&rx
, (const char *)ms
->search
.s
,
1693 1, pmatch
, REG_STARTEND
);
1694 #if REG_STARTEND == 0
1695 ((char *)(intptr_t)ms
->search
.s
)[l
] = c
;
1699 ms
->search
.s
+= (int)pmatch
[0].rm_so
;
1700 ms
->search
.offset
+= (size_t)pmatch
[0].rm_so
;
1702 (size_t)(pmatch
[0].rm_eo
- pmatch
[0].rm_so
);
1711 (void)regerror(rc
, &rx
, errmsg
, sizeof(errmsg
));
1712 file_magerror(ms
, "regexec error %d, (%s)",
1719 if (v
== (uint64_t)-1)
1724 file_magerror(ms
, "invalid type %d in magiccheck()", m
->type
);
1728 v
= file_signextend(ms
, m
, v
);
1732 if ((ms
->flags
& MAGIC_DEBUG
) != 0)
1733 (void) fprintf(stderr
, "%llu == *any* = 1\n",
1734 (unsigned long long)v
);
1740 if ((ms
->flags
& MAGIC_DEBUG
) != 0)
1741 (void) fprintf(stderr
, "%llu != %llu = %d\n",
1742 (unsigned long long)v
, (unsigned long long)l
,
1748 if ((ms
->flags
& MAGIC_DEBUG
) != 0)
1749 (void) fprintf(stderr
, "%llu == %llu = %d\n",
1750 (unsigned long long)v
, (unsigned long long)l
,
1755 if (m
->flag
& UNSIGNED
) {
1757 if ((ms
->flags
& MAGIC_DEBUG
) != 0)
1758 (void) fprintf(stderr
, "%llu > %llu = %d\n",
1759 (unsigned long long)v
,
1760 (unsigned long long)l
, matched
);
1763 matched
= (int64_t) v
> (int64_t) l
;
1764 if ((ms
->flags
& MAGIC_DEBUG
) != 0)
1765 (void) fprintf(stderr
, "%lld > %lld = %d\n",
1766 (long long)v
, (long long)l
, matched
);
1771 if (m
->flag
& UNSIGNED
) {
1773 if ((ms
->flags
& MAGIC_DEBUG
) != 0)
1774 (void) fprintf(stderr
, "%llu < %llu = %d\n",
1775 (unsigned long long)v
,
1776 (unsigned long long)l
, matched
);
1779 matched
= (int64_t) v
< (int64_t) l
;
1780 if ((ms
->flags
& MAGIC_DEBUG
) != 0)
1781 (void) fprintf(stderr
, "%lld < %lld = %d\n",
1782 (long long)v
, (long long)l
, matched
);
1787 matched
= (v
& l
) == l
;
1788 if ((ms
->flags
& MAGIC_DEBUG
) != 0)
1789 (void) fprintf(stderr
, "((%llx & %llx) == %llx) = %d\n",
1790 (unsigned long long)v
, (unsigned long long)l
,
1791 (unsigned long long)l
, matched
);
1795 matched
= (v
& l
) != l
;
1796 if ((ms
->flags
& MAGIC_DEBUG
) != 0)
1797 (void) fprintf(stderr
, "((%llx & %llx) != %llx) = %d\n",
1798 (unsigned long long)v
, (unsigned long long)l
,
1799 (unsigned long long)l
, matched
);
1804 file_magerror(ms
, "cannot happen: invalid relation `%c'",
1813 print_sep(struct magic_set
*ms
, int firstline
)
1818 * we found another match
1819 * put a newline and '-' to do some simple formatting
1821 return file_printf(ms
, "\n- ");