MantisBT

$ wget -c ftp://ftp.astron.com/pub/file/file-5.35.tar.gz
$ tar -zxvf file-5.35.tar.gz
$ cd file-5.35/
$ ./configure --host=i686-w64-mingw32 --enable-static=yes --enable-shared=no
[snip]
...
checking for ctime_r... no
checking for asctime_r... no
checking for localtime_r... no
checking for gmtime_r... no
checking for pread... no
checking for strcasestr... no
checking for fmtcheck... no
checking for dprintf... no
checking for gzopen in -lz... no
checking for seccomp_init in -lseccomp... no
checking for regexec in -lgnurx... no
configure: error: libgnurx is required to build file(1) with MinGW

View Issue Details

ID:	Category:	Severity:	Reproducibility:	Date Submitted:	Last Update:
519	[file] General	minor	always	2024-04-25 13:46	2024-04-25 13:46

Reporter:	jmaynard	Platform:
Assigned To:		OS:
Priority:	normal	OS Version:
Status:	new	Product Version:	5.45
Product Build:		Resolution:	open
Projection:	none
ETA:	none	Fixed in Version:
		Target Version:

Summary:	Improve Hercules DASD image reporting
Description:	The detection and reporting of Hercules emulated DASD images can be improved to report more types and what type of compression is used. In addition, the reporting of DASD types 3380 and 3390 is incorrect: they're reported as 33FFFFFF80 and 33FFFFFF90. The attached patch makes these improvements.
Tags:	magic
Steps To Reproduce:
Additional Information:
Attached Files:	hercdasd.diff (2,764 bytes) 2024-04-25 13:46 https://bugs.astron.com/file_download.php?file_id=408&type=bug

View Issue Details

ID:	Category:	Severity:	Reproducibility:	Date Submitted:	Last Update:
518	[file] General	minor	always	2024-04-23 19:56	2024-04-23 19:56

Reporter:	rillig	Platform:
Assigned To:		OS:
Priority:	normal	OS Version:
Status:	new	Product Version:	5.45
Product Build:		Resolution:	open
Projection:	none
ETA:	none	Fixed in Version:
		Target Version:

Summary:	Typo in snprintb format
Description:	In b\17no_check_sapptype, the 's' is too much.
Tags:
Steps To Reproduce:	snprintb(buf, sizeof(buf), MAGIC_SNPRINTB, 0x8000);
Additional Information:
Attached Files:

View Issue Details

ID:	Category:	Severity:	Reproducibility:	Date Submitted:	Last Update:
517	[file] General	minor	always	2024-04-22 20:04	2024-04-22 20:04

Reporter:	a1rind	Platform:
Assigned To:		OS:
Priority:	high	OS Version:
Status:	new	Product Version:	5.44
Product Build:		Resolution:	open
Projection:	none
ETA:	none	Fixed in Version:
		Target Version:

Summary:	xlsx file content type is detected as application/octet-stream
Description:	Hi! An OOXML format xlsx file (attached) is being determined as an application/octet-stream. The `zipinfo` lists the following directories/files: ``` Zip file size: 9794 bytes, number of entries: 14 -rw---- 4.5 fat 1533 b- defS 24-Apr-17 13:31 [Content_Types].xml -rw---- 4.5 fat 735 b- defS 80-Jan-01 00:00 _rels/.rels -rw---- 4.5 fat 785 b- defS 80-Jan-01 00:00 docProps/app.xml -rw---- 4.5 fat 506 b- defS 24-Apr-17 13:31 docProps/core.xml -rw---- 4.5 fat 245 b- defF 23-Nov-06 15:29 docProps/custom.xml -rw---- 4.5 fat 703 b- defS 24-Apr-17 13:31 xl/_rels/workbook.xml.rels -rw---- 4.5 fat 7856 b- defS 80-Jan-01 00:00 xl/printerSettings/printerSettings1.bin -rw---- 4.5 fat 3680 b- defS 24-Apr-17 13:31 xl/styles.xml -rw---- 4.5 fat 8392 b- defS 80-Jan-01 00:00 xl/theme/theme1.xml -rw---- 4.5 fat 1826 b- defS 24-Apr-17 13:31 xl/workbook.xml -rw---- 4.5 fat 458 b- defS 24-Apr-17 13:31 xl/worksheets/_rels/sheet1.xml.rels -rw---- 4.5 fat 3765 b- defF 24-Apr-17 13:31 xl/worksheets/sheet1.xml -rw---- 4.5 fat 1408 b- defN 24-Apr-17 13:31 xl/tables/table1.xml -rw---- 4.5 fat 1415 b- defN 24-Apr-17 13:31 xl/sharedStrings.xml 14 files, 33307 bytes uncompressed, 8066 bytes compressed: 75.8% ``` If I regroup the files, the issue is fixed: ``` Zip file size: 9487 bytes, number of entries: 14 ?rw------- 2.0 unx 1533 b- defN 24-Apr-23 00:58 [Content_Types].xml ?rw------- 2.0 unx 735 b- defN 24-Apr-23 00:58 _rels/.rels ?rw------- 2.0 unx 703 b- defN 24-Apr-23 00:58 xl/_rels/workbook.xml.rels ?rw------- 2.0 unx 7856 b- defN 24-Apr-23 00:58 xl/printerSettings/printerSettings1.bin ?rw------- 2.0 unx 3680 b- defN 24-Apr-23 00:58 xl/styles.xml ?rw------- 2.0 unx 8392 b- defN 24-Apr-23 00:58 xl/theme/theme1.xml ?rw------- 2.0 unx 1826 b- defN 24-Apr-23 00:58 xl/workbook.xml ?rw------- 2.0 unx 458 b- defN 24-Apr-23 00:58 xl/worksheets/_rels/sheet1.xml.rels ?rw------- 2.0 unx 3765 b- defN 24-Apr-23 00:58 xl/worksheets/sheet1.xml ?rw------- 2.0 unx 1408 b- defN 24-Apr-23 00:58 xl/tables/table1.xml ?rw------- 2.0 unx 1415 b- defN 24-Apr-23 00:58 xl/sharedStrings.xml ?rw------- 2.0 unx 785 b- defN 24-Apr-23 00:58 docProps/app.xml ?rw------- 2.0 unx 506 b- defN 24-Apr-23 00:58 docProps/core.xml ?rw------- 2.0 unx 245 b- defN 24-Apr-23 00:58 docProps/custom.xml 14 files, 33307 bytes uncompressed, 7815 bytes compressed: 76.5% ``` This is the third issue I am creating of a similar problem. As long as the implementation depends on the order of files in an archive, we'll keep running into similar problems. What are your thoughts on this? Kind Regards! Aamir
Tags:	bug, magic
Steps To Reproduce:	file --mime-type unsupported.xlsx
Additional Information:
Attached Files:	unsupported.xlsx (9,794 bytes) 2024-04-22 20:04 https://bugs.astron.com/file_download.php?file_id=407&type=bug

View Issue Details

ID:	Category:	Severity:	Reproducibility:	Date Submitted:	Last Update:
516	[file] General	feature	always	2024-04-20 16:31	2024-04-20 16:31

Reporter:	osm0sis	Platform:
Assigned To:		OS:
Priority:	normal	OS Version:
Status:	new	Product Version:
Product Build:		Resolution:	open
Projection:	none
ETA:	none	Fixed in Version:
		Target Version:

Summary:	Show the found magic's offset within the file
Description:	It would be a great feature to be able to be shown the byte offset for the found magic within the checked file (hexadecimal, decimal or maybe even octal). Especially useful where the search bytes= parameter can be adjusted to the full length of a file. Thanks for your consideration!
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:

View Issue Details

ID:	Category:	Severity:	Reproducibility:	Date Submitted:	Last Update:
507	[file] General	feature	N/A	2024-03-07 23:20	2024-04-14 00:51

Reporter:	polluks	Platform:	MacBookAir14,2
Assigned To:	christos	OS:	macOS
Priority:	normal	OS Version:	14.3.1
Status:	new	Product Version:	5.45
Product Build:		Resolution:	open
Projection:	none
ETA:	none	Fixed in Version:
		Target Version:

Summary:	Identify CSI as ESC
Description:	A patch to look an 8 bit escape like a 7 bit escape.
Tags:
Steps To Reproduce:
Additional Information:	--- file-5.45/src/ascmagic.c 2023-05-30 22:17:50.000000000 +0200 +++ ./ascmagic.c 2024-03-01 20:55:42.000000000 +0100 @@ -199,7 +199,7 @@ has_long_lines = ll; } - if (ubuf[i] == '\033') + if ((ubuf[i] & 127) == '\033') has_escapes = 1; if (ubuf[i] == '\b') has_backspace = 1;
System Description
Attached Files:

Notes
(0004028) christos 2024-04-07 21:25	That matches '['? why should that print it has escapes?

(0004035) polluks 2024-04-14 00:51	It doesn't match a bracket but a Control Sequence Introducer (a short form of escape+'['). Some kind of hidden escape.

Notes
(0004017) jsummers 2024-03-01 13:54	As far as I know, it's essentially impossible to identify ZIP fragments that are neither first nor last. I couldn't reproduce your results for the last fragment. (And it might be possible to identify it as the last fragment, instead of just as generic Zip data.) $ zip -s 3 foo.zip bigfile.dat $ file foo.z* foo.z01: Zip multi-volume archive data, at least PKZIP v2.50 to extract foo.z02: data foo.z03: data foo.zip: Zip archive data, made by v3.0 UNIX, extract using at least v2.0, last modified, last modified Sun, Mar 01 2024 08:43:12, uncompressed size 10518450, method=deflate $ file --version file-5.45

(0004022) monperrus 2024-03-04 18:39	I confirm I can also identify the last fragment. > As far as I know, it's essentially impossible to identify ZIP fragments that are neither first nor last. argh, too bad. thanks a lot, we can close then.

(0004032) christos 2024-04-08 16:06	I am not sure if it is possible, since the file parts have no identifying magic...

Notes
(0004023) vinc17 2024-03-20 14:20	Additional information: The file seemed to have been "readable" by some PostScript viewers in the past, as one can see at https://bugs.ghostscript.com/show_bug.cgi?id=697529 but as said by the Ghostscript developer, the .dsc file "uses Ghostscript-specific PostScript extensions" and a user should not generate such a file if the goal is to get a PostScript file readable by a PostScript viewer. So, what's important is that such a file should be regarded as some form of plain text file.

(0004031) christos 2024-04-08 16:05	DSC is https://en.wikipedia.org/wiki/Document_Structuring_Conventions. I am not sure how to identify the specific ghostscript extensions. Can the ghostscript developer give some hints on how to identify them?

Notes
(0004024) a1rind 2024-03-21 16:27	Do the rules defined in msooxml depend on the order of the files in an OOXML document?

(0004030) christos 2024-04-08 15:58	Fixed, thanks

Notes
(0003630) christos 2021-07-30 08:44	With the HEAD of the file code this reports: $ ./file -m ../magic/magic.mgc ~/nix_esh /Users/christos/nix_esh: a /nix/store/pcjan45rssdn01cxx3sjg70avjg6c3ni-bash-4.4-p23/bin/sh script, ASCII text executable

(0003633) abathur 2021-07-31 22:28	Thanks--I'll keep an eye out for the next release. (I do see the same after figuring out how to rebuild the Nix package from the latest commit on the GH mirror).

(0003654) christos 2021-10-28 15:33	Release has been out.

(0004025) abathur 2024-04-04 14:22	This morning I noticed that this regressed at some point between 5.43 and 5.44: $ file --version file-5.44 ... $ file /nix/store/y2jm9585rj81y9ks04b7ky2631ahgv3s-esh-0.1.1/bin/esh /nix/store/y2jm9585rj81y9ks04b7ky2631ahgv3s-esh-0.1.1/bin/esh: awk or perl script, ASCII text $ file --version file-5.43 ... $ file /nix/store/y2jm9585rj81y9ks04b7ky2631ahgv3s-esh-0.1.1/bin/esh /nix/store/y2jm9585rj81y9ks04b7ky2631ahgv3s-esh-0.1.1/bin/esh: a /nix/store/7xmqfgfgipjypqprhz0xw6bd3jb58z3y-bash-5.2p26/bin/sh script, ASCII text executable

(0004026) christos 2024-04-06 13:55	Fixed again, thanks!

Notes
(0003517) christos 2021-01-03 20:45	Issue: What ist "E<.Bk -words>"? - See the "Keep" macro https://www.freebsd.org/cgi/man.cgi?query=mdoc&sektion=7 Issue: Two quote signs around magic / magic numbers does not make sense - Removed, don't make a difference Issue: the file command â the command <.Nm> - Use .Nm Issue: option â (This) option - Added "This" Issue: file â E<.Nm> - fixed .Nm Issue: option â flag? - changed all to option Issue: Missing full stop. - fixed. Issue: This bug was closed in 2008? - No it is still broken (string limits in magic descriptions) Issue 1: security considerations) â security) considerations Issue 2: so move around the file â to move around in the file - Rewrote and clarified. Issue: is E<.Ek> â file? This long string is difficult to review for translation - This is the list of flags. .Ek is the closing of .Bk macro. Issue: Two quote signs around magic / magic numbers does not make sense - duplicate, fixed.

(0003524) Helge Kreutzmann 2021-01-05 15:39	Thanks for the swift handling, no more comments from my side.

(0003707) Helge Kreutzmann 2022-03-09 17:14	Has this already landed in some kind of release? I wonder because I still see some issues in file(1) in all our upstream distributions.

(0003910) Helge Kreutzmann 2023-03-11 13:36	As of mid February 2023 I still see them in the major distros. What is the ETA for including them?

(0004018) Helge Kreutzmann 2024-03-03 11:14	Hello Christos, this is my yearly ping. Do you have an ETA for landing them in a release? Thanks!

(0004019) Helge Kreutzmann 2024-03-03 11:17	I apologize for my last note, all but one change (occuring twice) are actually fixed. So the only one left is: file → E<.Nm> "The magic file entries have been collected from various sources, mainly " "USENET, and contributed by various authors. Christos Zoulas (address below) " "will collect additional or corrected magic file entries. A consolidation of " "magic file entries will be distributed periodically." "John Gilmore revised the code extensively, making it better than the first " "version. Geoff Collyer found several inadequacies and provided some magic " "file entries. Contributions of the E<.Sq \\*[Am]> operator by Rob McMahon, " "E<.Aq cudcv@warwick.ac.uk>, 1989."

(0004020) christos 2024-03-04 00:10	These refer to the "magic file" not to the file command (the file containing magic entries). I am not sure when the next release will be. Need to find some spare time :-)

(0004021) Helge Kreutzmann 2024-03-04 17:19	Thanks, I marked this appropriately in our sources, so then all issues reported by me are fix and this bug can be closed.

Notes
(0004014) christos 2024-03-01 02:56	1. The [[ has been changed to [ 2. The Ll types have been added 3. The operators are described later: If this indirect offset cannot be used directly, simple calculations are possible: appending .Em [+-/%\[Am]\|^]number inside parentheses allows one to modify the value read from the file before it is used as an offset: Thank you!

Notes
(0003978) r4gn4r0x 2023-11-04 14:13	Other examples : $ file --version file-5.44 magic file from /etc/magic:/usr/share/misc/magic $ file ~/.wine32/drive_c/windows/rundll.exe ~/.wine32/drive_c/windows/system32/gdi.exe ~/.wine32/drive_c/windows/system32/user.exe ~/.wine32/drive_c/windows/system32/mouse.drv ~/.wine32/drive_c/windows/system32/winaspi.dll /home/user/.wine32/drive_c/windows/rundll.exe: Windows Icons Library 16-bit /home/user/.wine32/drive_c/windows/system32/gdi.exe: Windows Icons Library 16-bit /home/user/.wine32/drive_c/windows/system32/user.exe: Windows Icons Library 16-bit /home/user/.wine32/drive_c/windows/system32/mouse.drv: Windows Icons Library 16-bit /home/user/.wine32/drive_c/windows/system32/winaspi.dll: Windows Icons Library 16-bit $ file --version file-5.38 magic file from /etc/magic:/usr/share/misc/magic $ file ~/.wine32/drive_c/windows/rundll.exe ~/.wine32/drive_c/windows/system32/gdi.exe ~/.wine32/drive_c/windows/system32/user.exe ~/.wine32/drive_c/windows/system32/mouse.drv ~/.wine32/drive_c/windows/system32/winaspi.dll /home/morfal/.wine32/drive_c/windows/rundll.exe: MS-DOS executable, NE for MS Windows 3.x (EXE) /home/morfal/.wine32/drive_c/windows/system32/gdi.exe: MS-DOS executable, NE for MS Windows 3.x (DLL or font) /home/morfal/.wine32/drive_c/windows/system32/user.exe: MS-DOS executable, NE for MS Windows 3.x (DLL or font) /home/morfal/.wine32/drive_c/windows/system32/mouse.drv: MS-DOS executable, NE for MS Windows 3.x (DLL or font) /home/morfal/.wine32/drive_c/windows/system32/winaspi.dll: MS-DOS executable, NE for MS Windows 3.x (DLL or font)

(0004013) christos 2024-02-29 03:51	Should be fixed in HEAD.

Notes
(0000007) christos 2018-06-23 16:43	patches applied! many thanks!

(0000025) christos 2018-08-01 09:03	feedback timeout

Notes
(0003879) christos 2022-12-26 19:23	Fixed, thanks!

(0004012) SpraxDev 2024-02-17 19:30	I though my distro just didn't update the file package all the time but at some point it did. I'm still seeing the exact same issue on file v5.45 with strace showing `+++ killed by SIGSYS +++` ``` file-5.45 magic file from /usr/share/file/misc/magic seccomp support included ```

View Issue Details

ID:	Category:	Severity:	Reproducibility:	Date Submitted:	Last Update:
515	[file] General	minor	always	2024-04-08 19:13	2024-04-08 19:29

Reporter:	marcoribeiro	Platform:
Assigned To:		OS:
Priority:	normal	OS Version:
Status:	new	Product Version:	5.45
Product Build:		Resolution:	open
Projection:	none
ETA:	none	Fixed in Version:
		Target Version:

Summary:	Magic inserts linebreaks inside TIFF descriptions, making it not possible to correcly split lines
Description:	When I use the flag 'MAGIC_CONTINUE', I expect each detection to be on a separate line, but on some cases it also adds a linebreak followed by "- " inside a detection from a TIFF buffer Here is an example, using the flags MAGIC_CONTINUE \| MAGIC_RAW (also happens with MAGIC_RAW is not set, but with "\n" replaced with "\012"): 'TIFF image data, little-endian, direntries=18, height=434, bps=14534, compression=none, PhotometricInterpretation=RGB, name=/home/marta/Desktop/www/file ex/files/grafa/tiff/file_example_TIFF_1MB.tiff, orientation=upper-left\n- , width=650\n- data' Note that the "width=650" should be on the previous line (or at least, it should not have the "- " before it) This (attached) TIFF image was downloaded from https://file-examples.com/index.php/sample-images-download/sample-tiff-download/ (the 1MB version)
Tags:
Steps To Reproduce:	Using the file-magic package for Python: ------------------------------------------------- import magic from pathlib import Path magic_desc = magic.open(magic.MAGIC_CONTINUE \| magic.MAGIC_RAW) assert magic_desc.load() == 0 data = Path("file_example_TIFF_1MB").read_bytes() print(magic_desc.buffer(data)) ------------------------------------------------- Using the python-magic package: ------------------------------------------------- import magic from pathlib import Path magic_desc = magic.Magic(keep_going=True, raw=True) data = Path("file_example_TIFF_1MB").read_bytes() print(magic_desc.from_buffer(data)) ------------------------------------------------- Both cases should output: TIFF image data, little-endian, direntries=18, height=434, bps=14534, compression=none, PhotometricInterpretation=RGB, name=/home/marta/Desktop/www/file ex/files/grafa/tiff/file_example_TIFF_1MB.tiff, orientation=upper-left - , width=650 - data
Additional Information:
Attached Files:	file_example_TIFF_1MB.tiff (1,131,930 bytes) 2024-04-08 19:13 https://bugs.astron.com/file_download.php?file_id=406&type=bug

View Issue Details

ID:	Category:	Severity:	Reproducibility:	Date Submitted:	Last Update:
508	[file] General	major	always	2024-03-08 14:39	2024-04-07 21:27

Reporter:	jor	Platform:
Assigned To:	christos	OS:
Priority:	normal	OS Version:
Status:	resolved	Product Version:	5.44
Product Build:		Resolution:	fixed
Projection:	none
ETA:	none	Fixed in Version:	HEAD
		Target Version:

Summary:	JPEG header detection: name use count (50) exceeded
Description:	This is related to issue 0000152: JPEG header detection: name use count (30) exceeded It seems the new limit (50) is not enough. I just got the same error on a regular panoramic photo taken on an iPhone 6S. The file has not been modified in any way, it comes straight from the phone. It seems it has 60 different "EXIF fields": Manufacturer Model Orientation X-Resolution Y-Resolution Resolution Unit Software Date and Time YCbCr Positioning Compression X-Resolution Y-Resolution Resolution Unit Exposure Time F-Number ISO Speed Ratings Exif Version Date and Time (Original) Date and Time (Digitized) Offset Time For DateTime Offset Time For DateTimeOriginal Offset Time For DateTimeDigitized Components Configuration Shutter Speed Aperture Brightness Exposure Bias Metering Mode Flash Focal Length Sub-second Time (Original) Sub-second Time (Digitized) FlashPixVersion Color Space Pixel X Dimension Pixel Y Dimension Sensing Method Scene Type Custom Rendered White Balance Focal Length in 35mm Film Scene Capture Type Lens Specification Lens Make Lens Model North or South Latitude Latitude East or West Longitude Longitude Altitude Reference Altitude Speed Unit Speed of GPS Receiver GPS Image Direction Reference GPS Image Direction Reference for Bearing of Destination Bearing of Destination GPS Date GPS Horizontal Positioning Error ThumbnailSize I am happy to send the image in question to anyone that needs it. Can the limit be bumped further?
Tags:
Steps To Reproduce:	file IMG_0267.JPG
Additional Information:
Attached Files:

Notes
(0004029) christos 2024-04-07 21:27	bumped to 100

View Issue Details

ID:	Category:	Severity:	Reproducibility:	Date Submitted:	Last Update:
217	[file] General	tweak	always	2020-12-21 12:02	2024-03-04 17:19

Reporter:	Helge Kreutzmann	Platform:
Assigned To:	christos	OS:
Priority:	low	OS Version:
Status:	assigned	Product Version:	5.39
Product Build:		Resolution:	open
Projection:	none
ETA:	none	Fixed in Version:
		Target Version:

Summary:	Issues in file man pages
Description:	Dear file maintainer, the manpage-l10n project maintains a large number of translations of man pages both from a large variety of sources (including file) as well for a large variety of target languages. During their work translators notice different possible issues in the original (english) man pages. Sometimes this is a straightforward typo, sometimes a hard to read sentence, sometimes this is a convention not held up and sometimes we simply do not understand the original. We use several distributions as sources and update regularly (at least every 2 month). This means we are fairly recent (some distributions like archlinux also update frequently) but might miss the latest upstream version once in a while, so the error might be already fixed. We apologize and ask you to close the issue immediately if this should be the case, but given the huge volume of projects and the very limited number of volunteers we are not able to double check each and every issue. Secondly we translators see the manpages in the neutral po format, i.e. converted and harmonized, but not the original source (be it man, groff, xml or other). So we cannot provide a true patch (where possible), but only an approximation which you need to convert into your source format. Finally the issues I'm reporting have accumulated over time and are not always discovered by me, so sometimes my description of the problem my be a bit limited - do not hesitate to ask so we can clarify them. I'm now reporting the errors for your project. If future reports should use another channel, please let me know. Man page: file.1 Issue: What ist "E<.Bk -words>"? "E<.Nm> E<.Bk -words> E<.Op Fl bcdEhiklLNnprsSvzZ0> E<.Op Fl Fl apple> E<.Op " "Fl Fl exclude-quiet> E<.Op Fl Fl extension> E<.Op Fl Fl mime-encoding> E<.Op " "Fl Fl mime-type> E<.Op Fl e Ar testname> E<.Op Fl F Ar separator> E<.Op Fl f " "Ar namefile> E<.Op Fl m Ar magicfiles> E<.Op Fl P Ar name=value> E<.Ar> E<." "Ek> E<.Nm> E<.Fl C> E<.Op Fl m Ar magicfiles> E<.Nm> E<.Op Fl Fl help>" -- Man page: file.1 Issue: Two quote signs around magic / magic numbers does not make sense "in the standard include directory. These files have a E<.Dq \"magic number" "\"> stored in a particular place near the beginning of the file that tells " "the E<.Tn UNIX> operating system that the file is a binary executable, and " "which of several types thereof. The concept of a E<.Dq \"magic\"> has been " "applied by extension to data files. Any file with some invariant identifier " "at a small fixed offset into the file can usually be described in this way. " "The information identifying these files is read from the compiled magic file " "E<.Pa /usr/share/file/misc/magic.mgc>, or the files in the directory E<.Pa /" "usr/share/file/misc/magic> if the compiled file does not exist. In " "addition, if E<.Pa $HOME/.magic.mgc> or E<.Pa $HOME/.magic> exists, it will " "be used in preference to the system magic files." -- Man page: file.1 Issue: the file command â the command <.Nm> "Causes the file command to output the file type and creator code as used by " "older MacOS versions. The code consists of eight letters, the first " "describing the file type, the latter the creator. This option works " "properly only for file formats that have the apple-style output defined." -- Man page: file.1 Issue: option â (This) option "option causes symlinks not to be followed (on systems that support symbolic " "links). This is the default if the environment variable E<.Dv " "POSIXLY_CORRECT> is not defined." "option causes symlinks to be followed, as the like-named option in E<.Xr ls " "1> (on systems that support symbolic links). This is the default if the " "environment variable E<.Ev POSIXLY_CORRECT> is defined." -- Man page: file.1 Issue: file â E<.Nm> "Causes the file command to output mime type strings rather than the more " "traditional human readable ones. Thus it may say E<.Sq text/plain; " "charset=us-ascii> rather than E<.Dq ASCII text>." "On systems where libseccomp E<.Pa ( https://github.com/seccomp/libseccomp>) " "is available, the E<.Fl S> flag disables sandboxing which is enabled by " "default. This option is needed for file to execute external decompressing " "programs, i.e. when the E<.Fl z> flag is specified and the built-in " "decompressors are not available. On systems where sandboxing is not " "available, this option has no effect." "The magic file entries have been collected from various sources, mainly " "USENET, and contributed by various authors. Christos Zoulas (address below) " "will collect additional or corrected magic file entries. A consolidation of " "magic file entries will be distributed periodically." "John Gilmore revised the code extensively, making it better than the first " "version. Geoff Collyer found several inadequacies and provided some magic " "file entries. Contributions of the E<.Sq \\*[Am]> operator by Rob McMahon, " "E<.Aq cudcv@warwick.ac.uk>, 1989." "E<.Em Note:> This Debian version of file was built without seccomp support, " "so this option has no effect." -- Man page: file.1 Issue: option â flag? "On systems where libseccomp E<.Pa ( https://github.com/seccomp/libseccomp>) " "is available, E<.Nm> is enforces limiting system calls to only the ones " "necessary for the operation of the program. This enforcement does not " "provide any security benefit when E<.Nm> is asked to decompress input files " "running external programs with the E<.Fl z> option. To enable execution of " "external decompressors, one needs to disable sandboxing using the E<.Fl S> " "flag." -- Man page: file.1 Issue: Missing full stop. "Some of the encoding logic is hard-coded in encoding.c and can be moved to " "the magic files if we had a !:charset annotation" -- Man page: file.1 Issue: This bug was closed in 2008? "Store arbitrarily long strings, for example for %s patterns, so that they " "can be printed out. Fixes Debian bug #271672. This can be done by " "allocating strings in a string pool, storing the string pool at the end of " "the magic file and converting all the string pointers to relative offsets " "from the string pool." -- Man page: file.1 Issue 1: security considerations) â security) considerations Issue 2: so move around the file â to move around in the file "If the offsets specified internally in the file exceed the buffer size ( E<." "Dv HOWMANY> variable in file.h), then we don't seek to that offset, but we " "give up. It would be better if buffer managements was done when the file " "descriptor is available so move around the file. One must be careful though " "because this has performance (and thus security considerations)." -- Man page: file.1 Issue: is E<.Ek> â file? This long string is difficult to review for translation "E<.Nm> E<.Bk -words> E<.Op Fl bcdEhiklLNnprsSvzZ0> E<.Op Fl Fl apple> E<.Op " "Fl Fl extension> E<.Op Fl Fl mime-encoding> E<.Op Fl Fl mime-type> E<.Op Fl " "e Ar testname> E<.Op Fl F Ar separator> E<.Op Fl f Ar namefile> E<.Op Fl m " "Ar magicfiles> E<.Op Fl P Ar name=value> E<.Ar> E<.Ek> E<.Nm> E<.Fl C> E<.Op " "Fl m Ar magicfiles> E<.Nm> E<.Op Fl Fl help>" -- Man page: file.1 Issue: Two quote signs around magic / magic numbers does not make sense "in the standard include directory. These files have a E<.Dq \"magic number" "\"> stored in a particular place near the beginning of the file that tells " "the E<.Tn UNIX> operating system that the file is a binary executable, and " "which of several types thereof. The concept of a E<.Dq \"magic\"> has been " "applied by extension to data files. Any file with some invariant identifier " "at a small fixed offset into the file can usually be described in this way. " "The information identifying these files is read from /etc/magic and the " "compiled magic file E<.Pa /usr/share/misc/magic.mgc>, or the files in the " "directory E<.Pa /usr/share/misc/magic> if the compiled file does not exist. " "In addition, if E<.Pa $HOME/.magic.mgc> or E<.Pa $HOME/.magic> exists, it " "will be used in preference to the system magic files."
Tags:
Steps To Reproduce:
Additional Information:
Attached Files:

Notes
(0003981) MProG10 2023-12-02 00:49

(0003982) MProG10 2023-12-02 03:03

(0003985) MProG10 2023-12-03 19:44	Prefer srcfile() over dosource()

(0004011) MProG10 2024-02-14 14:57	Functions should work for sourced scripts. Next, make a table of functions so they can be called globally. Currently, it isn't possible to call functions from sourced files other than the current.

Notes
(0004010) christos 2024-02-11 15:40	It is a bit unfair calling the Quicktime weak when the Manifest magic is weaker. Anyway fixed by improving the Manifest magic entry.

Notes
(0003687) christos 2022-01-10 16:19	This is a data container format with no particular magic identifier. https://en.wikipedia.org/wiki/MPEG_transport_stream

(0003690) es20490446e 2022-01-10 20:12	Do you mean it is okay as it is now?

(0004004) Basic.Master 2024-02-11 09:48	The current detection of an MPEG-TS is quite restrictive and makes assumptions that don't apply to all transport streams, as has already been stated here: https://github.com/file/file/commit/e657a2e200fb59979478aa6797c28ef4b2952495#diff-b5e20963b12b6811f0ca24ddd36790e9f3016bd5bb7af6083ca585c50ed34d4fL691 As the format has only a single magic byte, we can exploit the fixed packet size here. Please find attached a corresponding patch and a short test file (playable e.g. in VLC) for which the patch fixes the recognition. See also https://bugs.freedesktop.org/show_bug.cgi?id=51118

(0004005) es20490446e 2024-02-11 14:41	Remember me which package this was about (name of the source code repo).

(0004006) es20490446e 2024-02-11 14:43	Was it "file"?

(0004007) Basic.Master 2024-02-11 15:03	Correct, as shown in the e-mail subject and in the project field here ;-)

(0004008) es20490446e 2024-02-11 15:07	without patch: hr_test.ts: data whith patch: hr_test.ts: MPEG transport stream data so fixed, many thanks ;)

(0004009) christos 2024-02-11 15:34	Patch applied, thanks!

Notes
(0003974) ronsor 2023-08-19 02:43	Apologies, there was a minor error in the original magic file. This is the correct one.

(0004002) christos 2024-02-04 20:00	Added.

Notes
(0004000) christos 2024-02-04 19:30	If you want so try to supply some magic for it, I will probably add it... Yes, it is quite complicated...

Notes
(0003997) christos 2024-02-04 19:26	Made #![ mean rust...

Notes
(0003994) christos 2024-01-30 21:47	Added to HEAD, thanks!

Notes
(0003993) christos 2024-01-30 21:46	Yes, that would be the tricky part (integrating it in the com/exe magic which is far too complicated). Joerg Jenderek who is in the mailing list has made a lot of changes recently to this entry, so perhaps discuss it there.

Notes
(0003992) christos 2024-01-30 21:44	Fixed, thanks. Funny on NetBSD DT_NEEDED is set, so I did not notice before.

Notes
(0000104) christos 2018-12-10 21:02	Can't reproduce with HEAD.

Notes
(0003990) christos 2023-12-24 20:32	Added some simple magic.

Notes
(0003988) christos 2023-12-20 21:28	I moved the size checks first.

Notes
(0003977) polluks 2023-09-19 14:23	FYI https://bugs.gentoo.org/789336

(0003987) christos 2023-12-20 21:18	Isn't musl supposed to be compatible with glibc? Maybe file a bug with them?

Notes
(0003986) christos 2023-12-20 21:15	In the man page it clearly says that the value types are size_t. Why would you expect it to work with other types?

Notes
(0003979) promptfuzz 2023-11-06 12:00	../../src/softmagic.c:1675:11: runtime error: member access within misaligned address 0x619000000827 for type 'const union VALUETYPE', which requires 8 byte alignment 0x619000000827: note: pointer points here 00 50 00 00 00 02 00 00 00 16 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c ^ #0 0x55bcfb4924c8 in mget /libmagic/src/libmagic/build/src/../../src/softmagic.c:1675:11 0000001 0x55bcfb481af7 in match /libmagic/src/libmagic/build/src/../../src/softmagic.c:370:12 0000002 0x55bcfb47f9f7 in file_softmagic /libmagic/src/libmagic/build/src/../../src/softmagic.c:136:13 0000003 0x55bcfb46f58d in file_buffer /libmagic/src/libmagic/build/src/../../src/funcs.c:460:7 0000004 0x55bcfb42b6e6 in magic_buffer /libmagic/src/libmagic/build/src/../../src/magic.c:559:6 0000005 0x55bcfb429fca in LLVMFuzzerTestOneInput /poc.cc:24:32

Notes
(0003976) gmile 2023-09-18 16:31	Running this appears to correctly guess the file format: ``` $ file /tmp/document-debugging.doc /tmp/document-debugging.doc: Microsoft OOXML $ ``` Running this fails to correctly guess the file mime type: ``` $ file --mime --brief /tmp/document-debugging.docx application/octet-stream; charset=binary ``` File contents: ``` $ unzip -l /tmp/document-debugging.docx Archive: /tmp/document-debugging.docx Length Date Time Name --------- ---------- ----- ---- 2107 09-18-2023 14:01 [Content_Types].xml 592 09-18-2023 14:01 _rels/.rels 193 09-18-2023 14:01 customXml/item1.xml 451 09-18-2023 14:01 docProps/app.xml 522 09-18-2023 14:01 docProps/core.xml 1363 09-18-2023 14:01 word/_rels/document.xml.rels 13168 09-18-2023 14:01 word/document.xml 1631 09-18-2023 14:01 word/endnotes.xml 828 09-18-2023 14:01 word/fontTable.xml 1637 09-18-2023 14:01 word/footnotes.xml 3447 09-18-2023 14:01 word/numbering.xml 1794 09-18-2023 14:01 word/settings.xml 341612 09-18-2023 14:01 word/styles.xml 5307 09-18-2023 14:01 word/theme/theme1.xml 183 09-18-2023 14:01 word/webSettings.xml --------- ------- 374835 15 files $ ```

Notes
(0003956) cmeier 2023-06-20 15:42

(0003975) lukem 2023-09-11 10:37	Are you running the build and testsuite as root (uid 0)? If so, I don't think that's supported (nor good practice to build as root, in my opinion). I quickly reviewed your testsuite.log, searching for "FAILED", and scrolling back for details. Various test groups (such as test group 14) fail with a diff that expected lines starting with ">" and your lines start with "#". I think other tests rely upon not being able to read a file with mode 000, and those are working on your system too.

Notes
(0003970) gadelat 2023-08-04 15:01	5.44 also affected

(0003971) christos 2023-08-05 14:35	The SVG magic was not matching text only checks and needed bumping its strength.

Notes
(0003947) christos 2023-06-16 19:36	Applied patch from Joerg Jenderek. Does it help?

(0003953) ulm 2023-06-16 20:15	The patch doesn't fix the problem. The test file that I had attached is recognised as text/plain now: $ file -i 95eselect-wine 95eselect-wine: text/plain; charset=us-ascii $ file 95eselect-wine 95eselect-wine: ASCII text However, it still fails with another example in the /etc/env.d/ directory of a Gentoo Linux system: $ cat 50npm NPM_CONFIG_GLOBALCONFIG=/etc/npm/npmrc $ file -i 50npm 50npm: application/vnd.hp-HPGL; charset=us-ascii $ file 50npm 50npm: Hewlett-Packard Graphics Language, starting with "NPM_CONFIG_GLOBALCONFIG=/etc/npm/npmrc"

(0003968) thesamesam 2023-07-28 11:04	I can still reproduce that issue with the new file contents: ``` NPM_CONFIG_GLOBALCONFIG=/etc/npm/npmrc ``` with file-5.45.

(0003969) christos 2023-07-30 16:32	Fixed, thanks!

Notes
(0003965) gamma 2023-07-23 06:49	Although mimetype has 'application/hwp+zip', it does not follow the protocols. I think the other solution might be to change to 'application/x-hwpx+zip'.

(0003966) christos 2023-07-27 17:56	added x-. The other (starts with #) is a comment.

(0003967) gamma 2023-07-27 18:34	I think adding only the 'x-' prefix might be a problem. Because when you use `isMimeType("application/x-hwp")' to check it, HWP5.0 formats and HWPX formats will be considered because they have the same type. So I think 'application/x-hwpx' or the 'application/x-hwpx+zip' would be better. I much prefer the 'application/x-hwpx' as the ODT format doesn't add the '+zip' suffix.