mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-23 21:21:05 +01:00
70b95ceeab
Security: CVE-2009-1515
135 lines
5.5 KiB
Plaintext
135 lines
5.5 KiB
Plaintext
** README for file(1) Command **
|
|
@(#) $File: README,v 1.42 2009/02/14 15:16:24 christos Exp $
|
|
|
|
E-mail: christos@astron.com
|
|
Mailing List: file@mx.gw.com
|
|
|
|
Phone: Do not even think of telephoning me about this program. Send cash first!
|
|
|
|
This is Release 5.x of Ian Darwin's (copyright but distributable)
|
|
file(1) command. This version is the standard "file" command for Linux,
|
|
*BSD, and other systems. (See "patchlevel.h" for the exact release number).
|
|
|
|
The major changes for 5.x are CDF file parsing, indirect magic, and
|
|
overhaul in mime and ascii encoding handling.
|
|
|
|
The major feature of 4.x is the refactoring of the code into a library,
|
|
and the re-write of the file command in terms of that library. The library
|
|
itself, libmagic can be used by 3rd party programs that wish to identify
|
|
file types without having to fork() and exec() file. The prime contributor
|
|
for 4.0 was M\xe5ns Rullg\xe5rd.
|
|
|
|
UNIX is a trademark of UNIX System Laboratories.
|
|
|
|
The prime contributor to Release 3.8 was Guy Harris, who put in megachanges
|
|
including byte-order independence.
|
|
|
|
The prime contributor to Release 3.0 was Christos Zoulas, who put
|
|
in hundreds of lines of source code changes, including his own
|
|
ANSIfication of the code (I liked my own ANSIfication better, but
|
|
his (__P()) is the "Berkeley standard" way of doing it, and I wanted UCB
|
|
to include the code...), his HP-like "indirection" (a feature of
|
|
the HP file command, I think), and his mods that finally got the
|
|
uncompress (-z) mode finished and working.
|
|
|
|
This release has compiled in numerous environments; see PORTING
|
|
for a list and problems.
|
|
|
|
This fine freeware file(1) follows the USG (System V) model of the file
|
|
command, rather than the Research (V7) version or the V7-derived 4.[23]
|
|
Berkeley one. That is, the file /etc/magic contains much of the ritual
|
|
information that is the source of this program's power. My version
|
|
knows a little more magic (including tar archives) than System V; the
|
|
/etc/magic parsing seems to be compatible with the (poorly documented)
|
|
System V /etc/magic format (with one exception; see the man page).
|
|
|
|
In addition, the /etc/magic file is built from a subdirectory
|
|
for easier(?) maintenance. I will act as a clearinghouse for
|
|
magic numbers assigned to all sorts of data files that
|
|
are in reasonable circulation. Send your magic numbers,
|
|
in magic(5) format please, to the maintainer, Christos Zoulas.
|
|
|
|
COPYING - read this first.
|
|
README - read this second (you are currently reading this file).
|
|
INSTALL - read on how to install
|
|
|
|
src/apprentice.c - parses /etc/magic to learn magic
|
|
src/apptype.c - used for OS/2 specific application type magic
|
|
src/asprintf.c - replacement for OS's that don't have it.
|
|
src/ascmagic.c - third & last set of tests, based on hardwired assumptions.
|
|
src/cdf.c - parser for Microsoft Compound Document Files
|
|
src/cdf_time.c - time converter for CDF.
|
|
src/compress.c - handles decompressing files to look inside.
|
|
src/encoding.c - handles unicode encodings
|
|
src/file.c - the main program
|
|
src/file.h - header file
|
|
src/fsmagic.c - first set of tests the program runs, based on filesystem info
|
|
src/funcs.c - utilility functions
|
|
src/getopt_long.c - used for OS/2 specific application type magic
|
|
src/is_tar.c, tar.h - knows about tarchives (courtesy John Gilmore).
|
|
src/names.h - header file for ascmagic.c
|
|
src/magic.c - the libmagic api
|
|
src/print.c - print results, errors, warnings.
|
|
src/readcdf.c - CDF wrapper.
|
|
src/readelf.[ch] - Stand-alone elf parsing code.
|
|
src/softmagic.c - 2nd set of tests, based on /etc/magic
|
|
src/strlcat.c - used for OS/2 specific application type magic
|
|
src/strlcpy.c - used for OS/2 specific application type magic
|
|
src/vasprintf.c - used for OS/2 specific application type magic
|
|
doc/file.1 - man page for the command
|
|
doc/magic.4 - man page for the magic file, courtesy Guy Harris.
|
|
Install as magic.4 on USG and magic.5 on V7 or Berkeley; cf Makefile.
|
|
Magdir - directory of /etc/magic pieces
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
If you submit a new magic entry please make sure you read the following
|
|
guidelines:
|
|
|
|
- Initial match is preferably at least 32 bits long, and is a _unique_ match
|
|
- If this is not feasible, use additional check
|
|
- Match of <= 16 bits are not accepted
|
|
- Delay printing string as much as possible, don't print output too early
|
|
- Avoid printf arbitrary byte as string, which can be a source of
|
|
crash and buffer overflow
|
|
|
|
- Provide complete information with entry:
|
|
* One line short summary
|
|
* Optional long description
|
|
* File extension, if applicable
|
|
* Full name and contact method (for discussion when entry has problem)
|
|
* Further reference, such as documentation of format
|
|
|
|
------------------------------------------------------------------------------
|
|
|
|
You can download the latest version of file from:
|
|
|
|
ftp://ftp.astron.com/pub/file/
|
|
|
|
If your gzip sometimes fails to decompress things complaining about a short
|
|
file, apply this patch [which is going to be in the next version of gzip]:
|
|
*** - Tue Oct 29 02:06:35 1996
|
|
--- util.c Sun Jul 21 21:51:38 1996
|
|
*** 106,111 ****
|
|
--- 108,114 ----
|
|
|
|
if (insize == 0) {
|
|
if (eof_ok) return EOF;
|
|
+ flush_window();
|
|
read_error();
|
|
}
|
|
bytes_in += (ulg)insize;
|
|
|
|
Parts of this software were developed at SoftQuad Inc., developers
|
|
of SGML/HTML/XML publishing software, in Toronto, Canada.
|
|
SoftQuad was swallowed up by Corel in 2002
|
|
and does not exist any longer.
|
|
|
|
From: Kees Zeelenberg
|
|
|
|
An MS-Windows (Win32) port of File-4.17 is available from
|
|
http://gnuwin32.sourceforge.net/
|
|
|
|
File is an implementation of the Unix File(1) command.
|
|
It knows the 'magic number' of several thousands of file types.
|