View Issue Details

IDProjectCategoryView StatusLast Update
0000125fileGeneralpublic2019-12-13 16:57
Reporterahupp Assigned Tochristos  
Status feedbackResolutionopen 
Summary0000125: Crash with MAGIC_COMPRESS and magic_buffer
Description(I already reported this, but it does not appear in my list of submitted bugs here so re-submitting).

With libmagic 5.25, running magic_buffer on the contents of a Microsoft Word .docx file and MAGIC_COMPRESS enabled produced a crash. For some reason I'm not able to capture a stack in gdb. This does not reproduce in 5.30, nor with magic_file.

I'm reporting despite the fact that it's apparently fixed in case this is a security issue; 5.25 is in Ubuntu Xenial and that's supported for 5 more years.

Original report here:

Steps To Reproduceadam@gaba:~/file-5.25/src/.libs$ LD_LIBRARY_PATH=. PYTHONPATH=../../python python
Python 2.7.13 (default, Sep 26 2018, 18:42:22)
[GCC 6.3.0 20170516] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import magic
>>> m.load('/home/adam/file-5.25/magic/magic.mgc')
>>> m.buffer(open('/home/adam/test.docx').read())

Additional InformationI've attached a sample empty word doc to aid reproducing the issue.
TagsNo tags attached.



2019-12-11 01:15


test.docx (6,087 bytes)


2019-12-13 16:57

manager   ~0003339

The responsibility for fixing this should be with the xenial folks. They chose the version of file to support and the period of time to support it. They can always upgrade to a newer one or track or fix the bug themselves.

Issue History

Date Modified Username Field Change
2019-12-11 01:15 ahupp New Issue
2019-12-11 01:15 ahupp File Added: test.docx
2019-12-13 16:53 christos Assigned To => christos
2019-12-13 16:53 christos Status new => assigned
2019-12-13 16:57 christos Status assigned => feedback
2019-12-13 16:57 christos Note Added: 0003339