xref: /PHP-7.2/ext/fileinfo/libmagic/funcs.c (revision 0e33c282) 
1 /*
2  * Copyright (c) Christos Zoulas 2003.
3  * All Rights Reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice immediately at the beginning of the file, without modification,
10  *    this list of conditions, and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR
19  * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25  * SUCH DAMAGE.
26  */
27 #include "file.h"
28 
29 #ifndef	lint
30 FILE_RCSID("@(#)$File: funcs.c,v 1.92 2017/04/07 20:10:24 christos Exp $")
31 #endif	/* lint */
32 
33 #include "magic.h"
34 #include <stdarg.h>
35 #include <stdlib.h>
36 #include <string.h>
37 #include <ctype.h>
38 #if defined(HAVE_WCHAR_H)
39 #include <wchar.h>
40 #endif
41 #if defined(HAVE_WCTYPE_H)
42 #include <wctype.h>
43 #endif
44 #if defined(HAVE_LOCALE_H)
45 #include <locale.h>
46 #endif
47 
48 #ifndef SIZE_MAX
49 #define SIZE_MAX	((size_t)~0)
50 #endif
51 
52 #include "php.h"
53 #include "main/php_network.h"
54 
55 #ifndef PREG_OFFSET_CAPTURE
56 # define PREG_OFFSET_CAPTURE                 (1<<8)
57 #endif
58 
59 protected int
file_printf(struct magic_set * ms,const char * fmt,...)60 file_printf(struct magic_set *ms, const char *fmt, ...)
61 {
62 	va_list ap;
63 	int len;
64 	char *buf = NULL, *newstr;
65 
66 	va_start(ap, fmt);
67 	len = vspprintf(&buf, 0, fmt, ap);
68 	va_end(ap);
69 
70 	if (ms->o.buf != NULL) {
71 		len = spprintf(&newstr, 0, "%s%s", ms->o.buf, (buf ? buf : ""));
72 		if (buf) {
73 			efree(buf);
74 		}
75 		efree(ms->o.buf);
76 		ms->o.buf = newstr;
77 	} else {
78 		ms->o.buf = buf;
79 	}
80 	return 0;
81 }
82 
83 /*
84  * error - print best error message possible
85  */
86 /*VARARGS*/
87 private void
file_error_core(struct magic_set * ms,int error,const char * f,va_list va,size_t lineno)88 file_error_core(struct magic_set *ms, int error, const char *f, va_list va,
89     size_t lineno)
90 {
91 	char *buf = NULL;
92 
93 	/* Only the first error is ok */
94 	if (ms->event_flags & EVENT_HAD_ERR)
95 		return;
96 	if (lineno != 0) {
97 		efree(ms->o.buf);
98 		ms->o.buf = NULL;
99 		file_printf(ms, "line %" SIZE_T_FORMAT "u:", lineno);
100 	}
101 
102 	vspprintf(&buf, 0, f, va);
103 	va_end(va);
104 
105 	if (error > 0) {
106 		file_printf(ms, "%s (%s)", (*buf ? buf : ""), strerror(error));
107 	} else if (*buf) {
108 		file_printf(ms, "%s", buf);
109 	}
110 
111 	if (buf) {
112 		efree(buf);
113 	}
114 
115 	ms->event_flags |= EVENT_HAD_ERR;
116 	ms->error = error;
117 }
118 
119 /*VARARGS*/
120 protected void
file_error(struct magic_set * ms,int error,const char * f,...)121 file_error(struct magic_set *ms, int error, const char *f, ...)
122 {
123 	va_list va;
124 	va_start(va, f);
125 	file_error_core(ms, error, f, va, 0);
126 	va_end(va);
127 }
128 
129 /*
130  * Print an error with magic line number.
131  */
132 /*VARARGS*/
133 protected void
file_magerror(struct magic_set * ms,const char * f,...)134 file_magerror(struct magic_set *ms, const char *f, ...)
135 {
136 	va_list va;
137 	va_start(va, f);
138 	file_error_core(ms, 0, f, va, ms->line);
139 	va_end(va);
140 }
141 
142 protected void
file_oomem(struct magic_set * ms,size_t len)143 file_oomem(struct magic_set *ms, size_t len)
144 {
145 	file_error(ms, errno, "cannot allocate %" SIZE_T_FORMAT "u bytes",
146 	    len);
147 }
148 
149 protected void
file_badseek(struct magic_set * ms)150 file_badseek(struct magic_set *ms)
151 {
152 	file_error(ms, errno, "error seeking");
153 }
154 
155 protected void
file_badread(struct magic_set * ms)156 file_badread(struct magic_set *ms)
157 {
158 	file_error(ms, errno, "error reading");
159 }
160 
161 
162 static int
checkdone(struct magic_set * ms,int * rv)163 checkdone(struct magic_set *ms, int *rv)
164 {
165 	if ((ms->flags & MAGIC_CONTINUE) == 0)
166 		return 1;
167 	if (file_printf(ms, "\n- ") == -1)
168 		*rv = -1;
169 	return 0;
170 }
171 
172 /*ARGSUSED*/
173 protected int
file_buffer(struct magic_set * ms,php_stream * stream,const char * inname,const void * buf,size_t nb)174 file_buffer(struct magic_set *ms, php_stream *stream, const char *inname, const void *buf,
175     size_t nb)
176 {
177 	int m = 0, rv = 0, looks_text = 0;
178 	const unsigned char *ubuf = CAST(const unsigned char *, buf);
179 	unichar *u8buf = NULL;
180 	size_t ulen;
181 	const char *code = NULL;
182 	const char *code_mime = "binary";
183 	const char *type = "application/octet-stream";
184 	const char *def = "data";
185 	const char *ftype = NULL;
186 
187 	if (nb == 0) {
188 		def = "empty";
189 		type = "application/x-empty";
190 		goto simple;
191 	} else if (nb == 1) {
192 		def = "very short file (no magic)";
193 		goto simple;
194 	}
195 
196 	if ((ms->flags & MAGIC_NO_CHECK_ENCODING) == 0) {
197 		looks_text = file_encoding(ms, ubuf, nb, &u8buf, &ulen,
198 		    &code, &code_mime, &ftype);
199 	}
200 
201 #ifdef __EMX__
202 	if ((ms->flags & MAGIC_NO_CHECK_APPTYPE) == 0 && inname) {
203 		m = file_os2_apptype(ms, inname, buf, nb);
204 		if ((ms->flags & MAGIC_DEBUG) != 0)
205 			(void)fprintf(stderr, "[try os2_apptype %d]\n", m);
206 		switch (m) {
207 		case -1:
208 			return -1;
209 		case 0:
210 			break;
211 		default:
212 			return 1;
213 		}
214 	}
215 #endif
216 
217 #if PHP_FILEINFO_UNCOMPRESS
218 	if ((ms->flags & MAGIC_NO_CHECK_COMPRESS) == 0) {
219 		m = file_zmagic(ms, stream, inname, ubuf, nb);
220 		if ((ms->flags & MAGIC_DEBUG) != 0)
221 			(void)fprintf(stderr, "[try zmagic %d]\n", m);
222 		if (m) {
223 			goto done_encoding;
224 		}
225 	}
226 #endif
227 	/* Check if we have a tar file */
228 	if ((ms->flags & MAGIC_NO_CHECK_TAR) == 0) {
229 		m = file_is_tar(ms, ubuf, nb);
230 		if ((ms->flags & MAGIC_DEBUG) != 0)
231 			(void)fprintf(stderr, "[try tar %d]\n", m);
232 		if (m) {
233 			if (checkdone(ms, &rv))
234 				goto done;
235 		}
236 	}
237 
238 	/* Check if we have a CDF file */
239 	if ((ms->flags & MAGIC_NO_CHECK_CDF) == 0) {
240 		php_socket_t fd;
241 		if (stream && SUCCESS == php_stream_cast(stream, PHP_STREAM_AS_FD, (void **)&fd, 0)) {
242 		m = file_trycdf(ms, fd, ubuf, nb);
243 		if ((ms->flags & MAGIC_DEBUG) != 0)
244 			(void)fprintf(stderr, "[try cdf %d]\n", m);
245 		if (m) {
246 			if (checkdone(ms, &rv))
247 				goto done;
248 			}
249 		}
250 	}
251 
252 	/* try soft magic tests */
253 	if ((ms->flags & MAGIC_NO_CHECK_SOFT) == 0) {
254 		m = file_softmagic(ms, ubuf, nb, NULL, NULL, BINTEST,
255 		    looks_text);
256 		if ((ms->flags & MAGIC_DEBUG) != 0)
257 			(void)fprintf(stderr, "[try softmagic %d]\n", m);
258 		if (m) {
259 #ifdef BUILTIN_ELF
260 			if ((ms->flags & MAGIC_NO_CHECK_ELF) == 0 && m == 1 &&
261 			    nb > 5 && fd != -1) {
262 				/*
263 				 * We matched something in the file, so this
264 				 * *might* be an ELF file, and the file is at
265 				 * least 5 bytes long, so if it's an ELF file
266 				 * it has at least one byte past the ELF magic
267 				 * number - try extracting information from the
268 				 * ELF headers that cannot easily * be
269 				 * extracted with rules in the magic file.
270 				 */
271 				m = file_tryelf(ms, fd, ubuf, nb);
272 				if ((ms->flags & MAGIC_DEBUG) != 0)
273 					(void)fprintf(stderr, "[try elf %d]\n",
274 					    m);
275 			}
276 #endif
277 			if (checkdone(ms, &rv))
278 				goto done;
279 		}
280 	}
281 
282 	/* try text properties */
283 	if ((ms->flags & MAGIC_NO_CHECK_TEXT) == 0) {
284 
285 		m = file_ascmagic(ms, ubuf, nb, looks_text);
286 		if ((ms->flags & MAGIC_DEBUG) != 0)
287 			(void)fprintf(stderr, "[try ascmagic %d]\n", m);
288 		if (m) {
289 			if (checkdone(ms, &rv))
290 				goto done;
291 		}
292 	}
293 
294 simple:
295 	/* give up */
296 	m = 1;
297 	if (ms->flags & MAGIC_MIME) {
298 		if ((ms->flags & MAGIC_MIME_TYPE) &&
299 		    file_printf(ms, "%s", type) == -1)
300 			rv = -1;
301 	} else if (ms->flags & MAGIC_APPLE) {
302 		if (file_printf(ms, "UNKNUNKN") == -1)
303 			rv = -1;
304 	} else if (ms->flags & MAGIC_EXTENSION) {
305 		if (file_printf(ms, "???") == -1)
306 			rv = -1;
307 	} else {
308 		if (file_printf(ms, "%s", def) == -1)
309 			rv = -1;
310 	}
311  done:
312 	if ((ms->flags & MAGIC_MIME_ENCODING) != 0) {
313 		if (ms->flags & MAGIC_MIME_TYPE)
314 			if (file_printf(ms, "; charset=") == -1)
315 				rv = -1;
316 		if (file_printf(ms, "%s", code_mime) == -1)
317 			rv = -1;
318 	}
319 #if PHP_FILEINFO_UNCOMPRESS
320  done_encoding:
321 #endif
322 	free(u8buf);
323 	if (rv)
324 		return rv;
325 
326 	return m;
327 }
328 
329 protected int
file_reset(struct magic_set * ms)330 file_reset(struct magic_set *ms)
331 {
332 	if (ms->mlist[0] == NULL) {
333 		file_error(ms, 0, "no magic files loaded");
334 		return -1;
335 	}
336 	if (ms->o.buf) {
337 		efree(ms->o.buf);
338 		ms->o.buf = NULL;
339 	}
340 	if (ms->o.pbuf) {
341 		efree(ms->o.pbuf);
342 		ms->o.pbuf = NULL;
343 	}
344 	ms->event_flags &= ~EVENT_HAD_ERR;
345 	ms->error = -1;
346 	return 0;
347 }
348 
349 #define OCTALIFY(n, o)	\
350 	/*LINTED*/ \
351 	(void)(*(n)++ = '\\', \
352 	*(n)++ = (((uint32_t)*(o) >> 6) & 3) + '0', \
353 	*(n)++ = (((uint32_t)*(o) >> 3) & 7) + '0', \
354 	*(n)++ = (((uint32_t)*(o) >> 0) & 7) + '0', \
355 	(o)++)
356 
357 protected const char *
file_getbuffer(struct magic_set * ms)358 file_getbuffer(struct magic_set *ms)
359 {
360 	char *pbuf, *op, *np;
361 	size_t psize, len;
362 
363 	if (ms->event_flags & EVENT_HAD_ERR)
364 		return NULL;
365 
366 	if (ms->flags & MAGIC_RAW)
367 		return ms->o.buf;
368 
369 	if (ms->o.buf == NULL)
370 		return NULL;
371 
372 	/* * 4 is for octal representation, + 1 is for NUL */
373 	len = strlen(ms->o.buf);
374 	if (len > (SIZE_MAX - 1) / 4) {
375 		file_oomem(ms, len);
376 		return NULL;
377 	}
378 	psize = len * 4 + 1;
379 	if ((pbuf = CAST(char *, erealloc(ms->o.pbuf, psize))) == NULL) {
380 		file_oomem(ms, psize);
381 		return NULL;
382 	}
383 	ms->o.pbuf = pbuf;
384 
385 #if defined(HAVE_WCHAR_H) && defined(HAVE_MBRTOWC) && defined(HAVE_WCWIDTH)
386 	{
387 		mbstate_t state;
388 		wchar_t nextchar;
389 		int mb_conv = 1;
390 		size_t bytesconsumed;
391 		char *eop;
392 		(void)memset(&state, 0, sizeof(mbstate_t));
393 
394 		np = ms->o.pbuf;
395 		op = ms->o.buf;
396 		eop = op + len;
397 
398 		while (op < eop) {
399 			bytesconsumed = mbrtowc(&nextchar, op,
400 			    (size_t)(eop - op), &state);
401 			if (bytesconsumed == (size_t)(-1) ||
402 			    bytesconsumed == (size_t)(-2)) {
403 				mb_conv = 0;
404 				break;
405 			}
406 
407 			if (iswprint(nextchar)) {
408 				(void)memcpy(np, op, bytesconsumed);
409 				op += bytesconsumed;
410 				np += bytesconsumed;
411 			} else {
412 				while (bytesconsumed-- > 0)
413 					OCTALIFY(np, op);
414 			}
415 		}
416 		*np = '\0';
417 
418 		/* Parsing succeeded as a multi-byte sequence */
419 		if (mb_conv != 0)
420 			return ms->o.pbuf;
421 	}
422 #endif
423 
424 	for (np = ms->o.pbuf, op = ms->o.buf; *op;) {
425 		if (isprint((unsigned char)*op)) {
426 			*np++ = *op++;
427 		} else {
428 			OCTALIFY(np, op);
429 		}
430 	}
431 	*np = '\0';
432 	return ms->o.pbuf;
433 }
434 
435 protected int
file_check_mem(struct magic_set * ms,unsigned int level)436 file_check_mem(struct magic_set *ms, unsigned int level)
437 {
438 	size_t len;
439 
440 	if (level >= ms->c.len) {
441 		len = (ms->c.len = 20 + level) * sizeof(*ms->c.li);
442 		ms->c.li = CAST(struct level_info *, (ms->c.li == NULL) ?
443 		    emalloc(len) :
444 		    erealloc(ms->c.li, len));
445 		if (ms->c.li == NULL) {
446 			file_oomem(ms, len);
447 			return -1;
448 		}
449 	}
450 	ms->c.li[level].got_match = 0;
451 #ifdef ENABLE_CONDITIONALS
452 	ms->c.li[level].last_match = 0;
453 	ms->c.li[level].last_cond = COND_NONE;
454 #endif /* ENABLE_CONDITIONALS */
455 	return 0;
456 }
457 
458 protected size_t
file_printedlen(const struct magic_set * ms)459 file_printedlen(const struct magic_set *ms)
460 {
461 	return ms->o.buf == NULL ? 0 : strlen(ms->o.buf);
462 }
463 
464 protected int
file_replace(struct magic_set * ms,const char * pat,const char * rep)465 file_replace(struct magic_set *ms, const char *pat, const char *rep)
466 {
467 	zval patt;
468 	int opts = 0;
469 	pcre_cache_entry *pce;
470 	zend_string *res;
471 	zend_string *repl;
472 	int  rep_cnt = 0;
473 
474 	(void)setlocale(LC_CTYPE, "C");
475 
476 	opts |= PCRE_MULTILINE;
477 	convert_libmagic_pattern(&patt, (char*)pat, strlen(pat), opts);
478 	if ((pce = pcre_get_compiled_regex_cache(Z_STR(patt))) == NULL) {
479 		zval_ptr_dtor(&patt);
480 		rep_cnt = -1;
481 		goto out;
482 	}
483 	zval_ptr_dtor(&patt);
484 
485 	repl = zend_string_init(rep, strlen(rep), 0);
486 	res = php_pcre_replace_impl(pce, NULL, ms->o.buf, strlen(ms->o.buf), repl, -1, &rep_cnt);
487 
488 	zend_string_release(repl);
489 	if (NULL == res) {
490 		rep_cnt = -1;
491 		goto out;
492 	}
493 
494 	strncpy(ms->o.buf, ZSTR_VAL(res), ZSTR_LEN(res));
495 	ms->o.buf[ZSTR_LEN(res)] = '\0';
496 
497 	zend_string_release(res);
498 
499 out:
500 	(void)setlocale(LC_CTYPE, "");
501 	return rep_cnt;
502 }
503 
504 protected file_pushbuf_t *
file_push_buffer(struct magic_set * ms)505 file_push_buffer(struct magic_set *ms)
506 {
507 	file_pushbuf_t *pb;
508 
509 	if (ms->event_flags & EVENT_HAD_ERR)
510 		return NULL;
511 
512 	if ((pb = (CAST(file_pushbuf_t *, emalloc(sizeof(*pb))))) == NULL)
513 		return NULL;
514 
515 	pb->buf = ms->o.buf;
516 	pb->offset = ms->offset;
517 
518 	ms->o.buf = NULL;
519 	ms->offset = 0;
520 
521 	return pb;
522 }
523 
524 protected char *
file_pop_buffer(struct magic_set * ms,file_pushbuf_t * pb)525 file_pop_buffer(struct magic_set *ms, file_pushbuf_t *pb)
526 {
527 	char *rbuf;
528 
529 	if (ms->event_flags & EVENT_HAD_ERR) {
530 		efree(pb->buf);
531 		efree(pb);
532 		return NULL;
533 	}
534 
535 	rbuf = ms->o.buf;
536 
537 	ms->o.buf = pb->buf;
538 	ms->offset = pb->offset;
539 
540 	efree(pb);
541 	return rbuf;
542 }
543 
544 /*
545  * convert string to ascii printable format.
546  */
547 protected char *
file_printable(char * buf,size_t bufsiz,const char * str)548 file_printable(char *buf, size_t bufsiz, const char *str)
549 {
550 	char *ptr, *eptr;
551 	const unsigned char *s = (const unsigned char *)str;
552 
553 	for (ptr = buf, eptr = ptr + bufsiz - 1; ptr < eptr && *s; s++) {
554 		if (isprint(*s)) {
555 			*ptr++ = *s;
556 			continue;
557 		}
558 		if (ptr >= eptr - 3)
559 			break;
560 		*ptr++ = '\\';
561 		*ptr++ = ((CAST(unsigned int, *s) >> 6) & 7) + '0';
562 		*ptr++ = ((CAST(unsigned int, *s) >> 3) & 7) + '0';
563 		*ptr++ = ((CAST(unsigned int, *s) >> 0) & 7) + '0';
564 	}
565 	*ptr = '\0';
566 	return buf;
567 }
568