... | ... |
@@ -213,7 +213,7 @@ cli_file_t cli_filetype(const unsigned char *buf, size_t buflen, const struct cl |
213 | 213 |
|
214 | 214 |
int is_tar(const unsigned char *buf, unsigned int nbytes); |
215 | 215 |
|
216 |
-/* organize by length */ |
|
216 |
+/* organize by length, cannot exceed SIZEOF_LH */ |
|
217 | 217 |
const struct ooxml_ftcodes { |
218 | 218 |
const char *entry; |
219 | 219 |
size_t len; |
... | ... |
@@ -236,6 +236,8 @@ const struct ooxml_ftcodes { |
236 | 236 |
{ "META-INF/container.xml", 22, CL_TYPE_ZIP }, /* HWP */ |
237 | 237 |
{ NULL, 0, CL_TYPE_ANY } |
238 | 238 |
}; |
239 |
+/* set to biggest ooxml_detect len */ |
|
240 |
+#define OOXML_DETECT_MAXLEN 22 |
|
239 | 241 |
|
240 | 242 |
#define OOXML_FTIDENTIFIED(type) \ |
241 | 243 |
do { \ |
... | ... |
@@ -329,49 +331,40 @@ cli_file_t cli_filetype2(fmap_t *map, const struct cl_engine *engine, cli_file_t |
329 | 329 |
if (NULL != znamep) { |
330 | 330 |
znamep += SIZEOF_LH; |
331 | 331 |
zlen = zread - (znamep - zbuff); |
332 |
- do { |
|
333 |
- if (zlen <= 0) { |
|
334 |
- znamep = NULL; |
|
335 |
- break; |
|
336 |
- } |
|
337 |
- |
|
332 |
+ if (zlen > OOXML_DETECT_MAXLEN) { |
|
338 | 333 |
for (i = 0; ooxml_detect[i].entry; i++) { |
339 |
- if (zlen >= ooxml_detect[i].len) { |
|
340 |
- if (0 == memcmp(znamep, ooxml_detect[i].entry, ooxml_detect[i].len)) { |
|
341 |
- if (ooxml_detect[i].type != CL_TYPE_ZIP) { |
|
342 |
- OOXML_FTIDENTIFIED(ooxml_detect[i].type); |
|
343 |
- /* returns any unexpected type detection */ |
|
344 |
- return ooxml_detect[i].type; |
|
345 |
- } |
|
346 |
- |
|
347 |
- likely_ooxml = 1; |
|
348 |
- break; |
|
334 |
+ if (0 == memcmp(znamep, ooxml_detect[i].entry, ooxml_detect[i].len)) { |
|
335 |
+ if (ooxml_detect[i].type != CL_TYPE_ZIP) { |
|
336 |
+ OOXML_FTIDENTIFIED(ooxml_detect[i].type); |
|
337 |
+ /* returns any unexpected type detection */ |
|
338 |
+ return ooxml_detect[i].type; |
|
349 | 339 |
} |
350 |
- } else { |
|
351 |
- znamep = NULL; |
|
352 |
- break; |
|
340 |
+ |
|
341 |
+ likely_ooxml = 1; |
|
353 | 342 |
} |
354 | 343 |
} |
355 |
- |
|
344 |
+ /* only check first three readable zip headers */ |
|
356 | 345 |
if (++lhc > 2) { |
357 |
- /* only check first three zip headers unless likely ooxml */ |
|
346 |
+ /* if likely, check full archive */ |
|
358 | 347 |
if (likely_ooxml) { |
359 | 348 |
cli_dbgmsg("Likely OOXML, checking additional zip headers\n"); |
360 | 349 |
if ((ret2 = cli_ooxml_filetype(NULL, map)) != CL_SUCCESS) { |
361 | 350 |
/* either an error or retyping has occurred, return error or just CL_TYPE_ZIP? */ |
362 | 351 |
OOXML_FTIDENTIFIED(ret2); |
363 |
- /* returns any unexpected type detection */ |
|
364 |
- return ooxml_detect[i].type; |
|
352 |
+ /* falls-through to additional filetyping */ |
|
365 | 353 |
} |
366 | 354 |
} |
367 | 355 |
break; |
368 | 356 |
} |
369 |
- } while (0); |
|
357 |
+ } |
|
358 |
+ else { |
|
359 |
+ znamep = NULL; /* force to map more */ |
|
360 |
+ } |
|
370 | 361 |
} |
371 | 362 |
|
372 | 363 |
if (znamep == NULL) { |
373 | 364 |
if (map->len-zoff > SIZEOF_LH) { |
374 |
- zoff -= SIZEOF_LH+5; /* remap for SIZEOF_LH+filelen for header overlap map boundary */ |
|
365 |
+ zoff -= SIZEOF_LH+OOXML_DETECT_MAXLEN+1; /* remap for SIZEOF_LH+filelen for header overlap map boundary */ |
|
375 | 366 |
zread = MIN(MAGIC_BUFFER_SIZE, map->len-zoff); |
376 | 367 |
zbuff = fmap_need_off_once(map, zoff, zread); |
377 | 368 |
if (zbuff == NULL) { |