/** \test magic api calls -- make sure memory is shared */
int MagicDetectTest09(void)
{
const char *result1 = NULL;
const char *result2 = NULL;
uint8_t buffer[] = { 0x25, 'P', 'D', 'F', '-', '1', '.', '3', 0x0d, 0x0a};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result1 = MagicGlobalLookup(buffer, buffer_len);
if (result1 == NULL || strncmp(result1, "PDF document", 12) != 0) {
printf("result %p:%s, not \"PDF document\": ", result1,result1?result1:"(null)");
goto end;
}
result2 = MagicGlobalLookup(buffer, buffer_len);
if (result2 == NULL || strncmp(result2, "PDF document", 12) != 0) {
printf("result %p:%s, not \"PDF document\": ", result2,result2?result2:"(null)");
goto end;
}
if (result1 != result2) {
printf("pointers not equal, weird... %p != %p: ", result1, result2);
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
/** \test results in valgrind warning about invalid read, tested with
* file 5.09 and 5.11 */
static int MagicDetectTest10ValgrindError(void)
{
const char *result = NULL;
uint8_t buffer[] = {
0xFF,0xD8,0xFF,0xE0,0x00,0x10,0x4A,0x46,0x49,0x46,0x00,0x01,0x01,0x01,0x01,0x2C,
0x01,0x2C,0x00,0x00,0xFF,0xFE,0x00,0x4C,0x53,0x69,0x67,0x6E,0x61,0x74,0x75,0x72,
0x65,0x3A,0x34,0x31,0x31,0x65,0x33,0x38,0x61,0x61,0x61,0x31,0x37,0x65,0x33,0x30,
0x66,0x30,0x32,0x38,0x62,0x61,0x30,0x31,0x36,0x32,0x36,0x37,0x66,0x66,0x30,0x31,
0x36,0x36,0x61,0x65,0x35,0x39,0x65,0x38,0x31,0x39,0x62,0x61,0x32,0x34,0x63,0x39,
0x62,0x31,0x33,0x37,0x33,0x62,0x31,0x61,0x35,0x61,0x38,0x65,0x64,0x63,0x36,0x30,
0x65,0x37,0xFF,0xE2,0x02,0x2C,0x49,0x43,0x43,0x5F,0x50,0x52,0x4F,0x46,0x49,0x4C,
0x45,0x00,0x01,0x01,0x00,0x00,0x02,0x1C,0x41,0x44,0x42,0x45,0x02,0x10,0x00,0x00,
0x6D,0x6E,0x74,0x72,0x52,0x47,0x42,0x20,0x58,0x59,0x5A,0x20,0x07,0xCF,0x00,0x05,
0x00,0x09,0x00,0x15,0x00,0x0B,0x00,0x21,0x61,0x63,0x73,0x70,0x41,0x50,0x50,0x4C,
0x00,0x00,0x00,0x00,0x6E,0x6F,0x6E,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result = MagicGlobalLookup(buffer, buffer_len);
if (result == NULL || strncmp(result, "JPEG", 4) != 0) {
printf("result %p:%s, not \"JPEG\": ", result,result?result:"(null)");
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
/**
* \brief run the magic check
*
* \param file the file
*
* \retval -1 error
* \retval 0 ok
*/
int FilemagicGlobalLookup(File *file)
{
if (file == NULL || file->chunks_head == NULL) {
SCReturnInt(-1);
}
/* initial chunk already matching our requirement */
if (file->chunks_head->len >= FILEMAGIC_MIN_SIZE) {
file->magic = MagicGlobalLookup(file->chunks_head->data, FILEMAGIC_MIN_SIZE);
} else {
uint8_t *buf = SCMalloc(FILEMAGIC_MIN_SIZE);
uint32_t size = 0;
if (likely(buf != NULL)) {
FileData *ffd = file->chunks_head;
for ( ; ffd != NULL; ffd = ffd->next) {
uint32_t copy_len = ffd->len;
if (size + ffd->len > FILEMAGIC_MIN_SIZE)
copy_len = FILEMAGIC_MIN_SIZE - size;
memcpy(buf + size, ffd->data, copy_len);
size += copy_len;
if (size >= FILEMAGIC_MIN_SIZE) {
file->magic = MagicGlobalLookup(buf, size);
break;
}
/* file is done but smaller than FILEMAGIC_MIN_SIZE */
if (ffd->next == NULL && file->state >= FILE_STATE_CLOSED) {
file->magic = MagicGlobalLookup(buf, size);
break;
}
}
SCFree(buf);
}
}
SCReturnInt(0);
}
/** \test magic api calls -- lookup */
int MagicDetectTest08(void)
{
const char *result = NULL;
uint8_t buffer[] = {
0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x00, 0x08,
0x00, 0x00, 0x52, 0x7b, 0x86, 0x3c, 0x8b, 0x70,
0x96, 0x08, 0x1c, 0x00, 0x00, 0x00, 0x1c, 0x00,
0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x6d, 0x69,
0x6d, 0x65, 0x74, 0x79, 0x70, 0x65, 0x61, 0x70,
0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x2f, 0x76, 0x6e, 0x64, 0x2e, 0x73, 0x75,
0x6e, 0x2e, 0x78, 0x6d, 0x6c, 0x2e, 0x62, 0x61,
0x73, 0x65, 0x50, 0x4b, 0x03, 0x04, 0x14, 0x00,
0x00, 0x08, 0x00, 0x00, 0x52, 0x7b, 0x86, 0x3c,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00,
0x4d, 0x45, 0x54, 0x41, 0x2d, 0x49, 0x4e, 0x46,
0x2f, 0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x00,
0x08, 0x08, 0x00, 0xa8, 0x42, 0x1d, 0x37, 0x5d,
0xa7, 0xb2, 0xc1, 0xde, 0x01, 0x00, 0x00, 0x7e,
0x04, 0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, 0x63,
0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2e, 0x78,
0x6d, 0x6c, 0x95, 0x54, 0x4d, 0x6f, 0xdb, 0x30,
0x0c, 0xbd, 0xe7, 0x57, 0x18, 0x02, 0x06, 0x6c,
0x07, 0xc5, 0xe9, 0xb6, 0xc3, 0x22, 0xc4, 0x29,
0x86, 0x7d, 0x00, 0x05, 0x8a, 0x9d, 0xb2, 0x43,
0x8f, 0xb2, 0x24, 0xa7, 0xc2, 0x64, 0xc9, 0x15,
};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result = MagicGlobalLookup(buffer, buffer_len);
if (result == NULL || strcmp(result, "OpenOffice.org 1.x Database file") != 0) {
printf("result %p:%s, not \"OpenOffice.org 1.x Database file\": ", result,result?result:"(null)");
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
/**
* \brief run the magic check
*
* \param file the file
*
* \retval -1 error
* \retval 0 ok
*/
int FilemagicGlobalLookup(File *file)
{
if (file == NULL || FileSize(file) == 0) {
SCReturnInt(-1);
}
const uint8_t *data = NULL;
uint32_t data_len = 0;
uint64_t offset = 0;
StreamingBufferGetData(file->sb,
&data, &data_len, &offset);
if (offset == 0) {
if (FileSize(file) >= FILEMAGIC_MIN_SIZE) {
file->magic = MagicGlobalLookup(data, data_len);
} else if (file->state >= FILE_STATE_CLOSED) {
file->magic = MagicGlobalLookup(data, data_len);
}
}
SCReturnInt(0);
}
/** \test magic api calls -- lookup */
int MagicDetectTest07(void)
{
const char *result = NULL;
uint8_t buffer[] = {
0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x00, 0x00,
0x00, 0x00, 0x0b, 0x55, 0x2a, 0x36, 0x5e, 0xc6,
0x32, 0x0c, 0x27, 0x00, 0x00, 0x00, 0x27, 0x00,
0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x6d, 0x69,
0x6d, 0x65, 0x74, 0x79, 0x70, 0x65, 0x61, 0x70,
0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x2f, 0x76, 0x6e, 0x64, 0x2e, 0x6f, 0x61,
0x73, 0x69, 0x73, 0x2e, 0x6f, 0x70, 0x65, 0x6e,
0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, 0x6e, 0x74,
0x2e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x4b, 0x03,
0x04, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b,
0x55, 0x2a, 0x36, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1a,
0x00, 0x00, 0x00, 0x43, 0x6f, 0x6e, 0x66, 0x69,
0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
0x73, 0x32, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75,
0x73, 0x62, 0x61, 0x72, 0x2f, 0x50, 0x4b, 0x03,
0x04, 0x14, 0x00, 0x08, 0x00, 0x08, 0x00, 0x0b,
};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result = MagicGlobalLookup(buffer, buffer_len);
if (result == NULL || strcmp(result, "OpenDocument Text") != 0) {
printf("result %p:%s, not \"OpenDocument Text\": ", result,result?result:"(null)");
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
/** \test magic api calls -- lookup */
int MagicDetectTest07(void)
{
const char *result = NULL;
uint8_t buffer[] = {
0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x00, 0x00,
0x00, 0x00, 0x0b, 0x55, 0x2a, 0x36, 0x5e, 0xc6,
0x32, 0x0c, 0x27, 0x00, 0x00, 0x00, 0x27, 0x00,
0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x6d, 0x69,
0x6d, 0x65, 0x74, 0x79, 0x70, 0x65, 0x61, 0x70,
0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x2f, 0x76, 0x6e, 0x64, 0x2e, 0x6f, 0x61,
0x73, 0x69, 0x73, 0x2e, 0x6f, 0x70, 0x65, 0x6e,
0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, 0x6e, 0x74,
0x2e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x4b, 0x03,
0x04, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b,
0x55, 0x2a, 0x36, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1a,
0x00, 0x00, 0x00, 0x43, 0x6f, 0x6e, 0x66, 0x69,
0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
0x73, 0x32, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75,
0x73, 0x62, 0x61, 0x72, 0x2f, 0x50, 0x4b, 0x03,
0x04, 0x14, 0x00, 0x08, 0x00, 0x08, 0x00, 0x0b,
};
size_t buffer_len = sizeof(buffer);
FAIL_IF(MagicInit() < 0);
result = MagicGlobalLookup(buffer, buffer_len);
FAIL_IF_NULL(result);
char *str = strstr(result, "OpenDocument Text");
if (str == NULL) {
printf("result %s, not \"OpenDocument Text\": ", str);
FAIL;
}
MagicDeinit();
PASS;
}
/** \test magic api calls -- lookup */
int MagicDetectTest06(void)
{
const char *result = NULL;
uint8_t buffer[] = {
0xd0, 0xcf, 0x11, 0xe0, 0xa1, 0xb1, 0x1a, 0xe1,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x3e, 0x00, 0x03, 0x00, 0xfe, 0xff, 0x09, 0x00,
0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
0x96, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x10, 0x00, 0x00, 0x98, 0x00, 0x00, 0x00,
0x01, 0x00, 0x00, 0x00, 0xfe, 0xff, 0xff, 0xff,
0x00, 0x00, 0x00, 0x00, 0x90, 0x00, 0x00, 0x00,
0x97, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result = MagicGlobalLookup(buffer, buffer_len);
if (result == NULL || strcmp(result, MICROSOFT_OFFICE_DOC) != 0) {
printf("result %p:%s, not \"Microsoft Office Document\": ", result,result?result:"(null)");
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
/** \test magic api calls -- lookup */
int MagicDetectTest05(void)
{
const char *result = NULL;
uint8_t buffer[] = { 0x25, 'P', 'D', 'F', '-', '1', '.', '3', 0x0d, 0x0a};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result = MagicGlobalLookup(buffer, buffer_len);
if (result == NULL || strncmp(result, "PDF document", 12) != 0) {
printf("result %p:%s, not \"PDF document\": ", result,result?result:"(null)");
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
