/** \test magic api calls -- make sure memory is shared */
int MagicDetectTest09(void)
{
const char *result1 = NULL;
const char *result2 = NULL;
uint8_t buffer[] = { 0x25, 'P', 'D', 'F', '-', '1', '.', '3', 0x0d, 0x0a};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result1 = MagicGlobalLookup(buffer, buffer_len);
if (result1 == NULL || strncmp(result1, "PDF document", 12) != 0) {
printf("result %p:%s, not \"PDF document\": ", result1,result1?result1:"(null)");
goto end;
}
result2 = MagicGlobalLookup(buffer, buffer_len);
if (result2 == NULL || strncmp(result2, "PDF document", 12) != 0) {
printf("result %p:%s, not \"PDF document\": ", result2,result2?result2:"(null)");
goto end;
}
if (result1 != result2) {
printf("pointers not equal, weird... %p != %p: ", result1, result2);
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
/** \test results in valgrind warning about invalid read, tested with
* file 5.09 and 5.11 */
static int MagicDetectTest10ValgrindError(void)
{
const char *result = NULL;
uint8_t buffer[] = {
0xFF,0xD8,0xFF,0xE0,0x00,0x10,0x4A,0x46,0x49,0x46,0x00,0x01,0x01,0x01,0x01,0x2C,
0x01,0x2C,0x00,0x00,0xFF,0xFE,0x00,0x4C,0x53,0x69,0x67,0x6E,0x61,0x74,0x75,0x72,
0x65,0x3A,0x34,0x31,0x31,0x65,0x33,0x38,0x61,0x61,0x61,0x31,0x37,0x65,0x33,0x30,
0x66,0x30,0x32,0x38,0x62,0x61,0x30,0x31,0x36,0x32,0x36,0x37,0x66,0x66,0x30,0x31,
0x36,0x36,0x61,0x65,0x35,0x39,0x65,0x38,0x31,0x39,0x62,0x61,0x32,0x34,0x63,0x39,
0x62,0x31,0x33,0x37,0x33,0x62,0x31,0x61,0x35,0x61,0x38,0x65,0x64,0x63,0x36,0x30,
0x65,0x37,0xFF,0xE2,0x02,0x2C,0x49,0x43,0x43,0x5F,0x50,0x52,0x4F,0x46,0x49,0x4C,
0x45,0x00,0x01,0x01,0x00,0x00,0x02,0x1C,0x41,0x44,0x42,0x45,0x02,0x10,0x00,0x00,
0x6D,0x6E,0x74,0x72,0x52,0x47,0x42,0x20,0x58,0x59,0x5A,0x20,0x07,0xCF,0x00,0x05,
0x00,0x09,0x00,0x15,0x00,0x0B,0x00,0x21,0x61,0x63,0x73,0x70,0x41,0x50,0x50,0x4C,
0x00,0x00,0x00,0x00,0x6E,0x6F,0x6E,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result = MagicGlobalLookup(buffer, buffer_len);
if (result == NULL || strncmp(result, "JPEG", 4) != 0) {
printf("result %p:%s, not \"JPEG\": ", result,result?result:"(null)");
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
/** \test magic init through api */
int MagicInitTest02(void)
{
if (g_magic_ctx != NULL) {
printf("g_magic_ctx != NULL at start of the test: ");
return 0;
}
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
if (g_magic_ctx == NULL) {
printf("g_magic_ctx == NULL: ");
return 0;
}
MagicDeinit();
if (g_magic_ctx != NULL) {
printf("g_magic_ctx != NULL at end of the test: ");
return 0;
}
return 1;
}
/** \test magic api calls -- lookup */
int MagicDetectTest08(void)
{
const char *result = NULL;
uint8_t buffer[] = {
0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x00, 0x08,
0x00, 0x00, 0x52, 0x7b, 0x86, 0x3c, 0x8b, 0x70,
0x96, 0x08, 0x1c, 0x00, 0x00, 0x00, 0x1c, 0x00,
0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x6d, 0x69,
0x6d, 0x65, 0x74, 0x79, 0x70, 0x65, 0x61, 0x70,
0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x2f, 0x76, 0x6e, 0x64, 0x2e, 0x73, 0x75,
0x6e, 0x2e, 0x78, 0x6d, 0x6c, 0x2e, 0x62, 0x61,
0x73, 0x65, 0x50, 0x4b, 0x03, 0x04, 0x14, 0x00,
0x00, 0x08, 0x00, 0x00, 0x52, 0x7b, 0x86, 0x3c,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x09, 0x00, 0x00, 0x00,
0x4d, 0x45, 0x54, 0x41, 0x2d, 0x49, 0x4e, 0x46,
0x2f, 0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x00,
0x08, 0x08, 0x00, 0xa8, 0x42, 0x1d, 0x37, 0x5d,
0xa7, 0xb2, 0xc1, 0xde, 0x01, 0x00, 0x00, 0x7e,
0x04, 0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, 0x63,
0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x2e, 0x78,
0x6d, 0x6c, 0x95, 0x54, 0x4d, 0x6f, 0xdb, 0x30,
0x0c, 0xbd, 0xe7, 0x57, 0x18, 0x02, 0x06, 0x6c,
0x07, 0xc5, 0xe9, 0xb6, 0xc3, 0x22, 0xc4, 0x29,
0x86, 0x7d, 0x00, 0x05, 0x8a, 0x9d, 0xb2, 0x43,
0x8f, 0xb2, 0x24, 0xa7, 0xc2, 0x64, 0xc9, 0x15,
};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result = MagicGlobalLookup(buffer, buffer_len);
if (result == NULL || strcmp(result, "OpenOffice.org 1.x Database file") != 0) {
printf("result %p:%s, not \"OpenOffice.org 1.x Database file\": ", result,result?result:"(null)");
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
/** \test magic api calls -- lookup */
int MagicDetectTest07(void)
{
const char *result = NULL;
uint8_t buffer[] = {
0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x00, 0x00,
0x00, 0x00, 0x0b, 0x55, 0x2a, 0x36, 0x5e, 0xc6,
0x32, 0x0c, 0x27, 0x00, 0x00, 0x00, 0x27, 0x00,
0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x6d, 0x69,
0x6d, 0x65, 0x74, 0x79, 0x70, 0x65, 0x61, 0x70,
0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x2f, 0x76, 0x6e, 0x64, 0x2e, 0x6f, 0x61,
0x73, 0x69, 0x73, 0x2e, 0x6f, 0x70, 0x65, 0x6e,
0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, 0x6e, 0x74,
0x2e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x4b, 0x03,
0x04, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b,
0x55, 0x2a, 0x36, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1a,
0x00, 0x00, 0x00, 0x43, 0x6f, 0x6e, 0x66, 0x69,
0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
0x73, 0x32, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75,
0x73, 0x62, 0x61, 0x72, 0x2f, 0x50, 0x4b, 0x03,
0x04, 0x14, 0x00, 0x08, 0x00, 0x08, 0x00, 0x0b,
};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result = MagicGlobalLookup(buffer, buffer_len);
if (result == NULL || strcmp(result, "OpenDocument Text") != 0) {
printf("result %p:%s, not \"OpenDocument Text\": ", result,result?result:"(null)");
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
/** \test magic api calls -- lookup */
int MagicDetectTest07(void)
{
const char *result = NULL;
uint8_t buffer[] = {
0x50, 0x4b, 0x03, 0x04, 0x14, 0x00, 0x00, 0x00,
0x00, 0x00, 0x0b, 0x55, 0x2a, 0x36, 0x5e, 0xc6,
0x32, 0x0c, 0x27, 0x00, 0x00, 0x00, 0x27, 0x00,
0x00, 0x00, 0x08, 0x00, 0x00, 0x00, 0x6d, 0x69,
0x6d, 0x65, 0x74, 0x79, 0x70, 0x65, 0x61, 0x70,
0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f,
0x6e, 0x2f, 0x76, 0x6e, 0x64, 0x2e, 0x6f, 0x61,
0x73, 0x69, 0x73, 0x2e, 0x6f, 0x70, 0x65, 0x6e,
0x64, 0x6f, 0x63, 0x75, 0x6d, 0x65, 0x6e, 0x74,
0x2e, 0x74, 0x65, 0x78, 0x74, 0x50, 0x4b, 0x03,
0x04, 0x14, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b,
0x55, 0x2a, 0x36, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1a,
0x00, 0x00, 0x00, 0x43, 0x6f, 0x6e, 0x66, 0x69,
0x67, 0x75, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e,
0x73, 0x32, 0x2f, 0x73, 0x74, 0x61, 0x74, 0x75,
0x73, 0x62, 0x61, 0x72, 0x2f, 0x50, 0x4b, 0x03,
0x04, 0x14, 0x00, 0x08, 0x00, 0x08, 0x00, 0x0b,
};
size_t buffer_len = sizeof(buffer);
FAIL_IF(MagicInit() < 0);
result = MagicGlobalLookup(buffer, buffer_len);
FAIL_IF_NULL(result);
char *str = strstr(result, "OpenDocument Text");
if (str == NULL) {
printf("result %s, not \"OpenDocument Text\": ", str);
FAIL;
}
MagicDeinit();
PASS;
}
/** \test magic api calls -- lookup */
int MagicDetectTest06(void)
{
const char *result = NULL;
uint8_t buffer[] = {
0xd0, 0xcf, 0x11, 0xe0, 0xa1, 0xb1, 0x1a, 0xe1,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x3e, 0x00, 0x03, 0x00, 0xfe, 0xff, 0x09, 0x00,
0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
0x96, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x10, 0x00, 0x00, 0x98, 0x00, 0x00, 0x00,
0x01, 0x00, 0x00, 0x00, 0xfe, 0xff, 0xff, 0xff,
0x00, 0x00, 0x00, 0x00, 0x90, 0x00, 0x00, 0x00,
0x97, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result = MagicGlobalLookup(buffer, buffer_len);
if (result == NULL || strcmp(result, MICROSOFT_OFFICE_DOC) != 0) {
printf("result %p:%s, not \"Microsoft Office Document\": ", result,result?result:"(null)");
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
/** \test magic api calls -- lookup */
int MagicDetectTest05(void)
{
const char *result = NULL;
uint8_t buffer[] = { 0x25, 'P', 'D', 'F', '-', '1', '.', '3', 0x0d, 0x0a};
size_t buffer_len = sizeof(buffer);
int retval = 0;
if (MagicInit() < 0) {
printf("MagicInit() failure\n");
return 0;
}
result = MagicGlobalLookup(buffer, buffer_len);
if (result == NULL || strncmp(result, "PDF document", 12) != 0) {
printf("result %p:%s, not \"PDF document\": ", result,result?result:"(null)");
goto end;
}
retval = 1;
end:
MagicDeinit();
return retval;
}
UINT GetStackBacktrace
(
UINT ifrStart, // How many stack elements to skip before starting.
UINT cfrTotal, // How many elements to trace after starting.
DWORD_PTR* pdwEip, // Array to be filled with stack addresses.
SYM_INFO* psiSymbols, // This array is filled with symbol information.
// It should be big enough to hold cfrTotal elts.
// If NULL, no symbol information is stored.
CONTEXT * pContext // Context to use (or NULL to use current)
)
{
STATIC_CONTRACT_NOTHROW;
STATIC_CONTRACT_GC_NOTRIGGER;
STATIC_CONTRACT_CANNOT_TAKE_LOCK;
UINT nElements = 0;
DWORD_PTR* pdw = pdwEip;
SYM_INFO* psi = psiSymbols;
MagicInit();
memset(pdwEip, 0, cfrTotal*sizeof(DWORD_PTR));
if (psiSymbols)
{
memset(psiSymbols, 0, cfrTotal * sizeof(SYM_INFO));
}
if (!g_fLoadedImageHlp)
{
return 0;
}
CONTEXT context;
if (pContext == NULL)
{
ClrCaptureContext(&context);
}
else
{
memcpy(&context, pContext, sizeof(CONTEXT));
}
#ifdef _WIN64
STACKFRAME64 stkfrm;
memset(&stkfrm, 0, sizeof(STACKFRAME64));
#else
STACKFRAME stkfrm;
memset(&stkfrm, 0, sizeof(STACKFRAME));
#endif
stkfrm.AddrPC.Mode = AddrModeFlat;
stkfrm.AddrStack.Mode = AddrModeFlat;
stkfrm.AddrFrame.Mode = AddrModeFlat;
#if defined(_M_IX86)
stkfrm.AddrPC.Offset = context.Eip;
stkfrm.AddrStack.Offset = context.Esp;
stkfrm.AddrFrame.Offset = context.Ebp; // Frame Pointer
#endif
#ifndef _TARGET_X86_
// If we don't have a user-supplied context, then don't skip any frames.
// So ignore this function (GetStackBackTrace)
// ClrCaptureContext on x86 gives us the ESP/EBP/EIP of its caller's caller
// so we don't need to do this.
if (pContext == NULL)
{
ifrStart += 1;
}
#endif // !_TARGET_X86_
for (UINT i = 0; i < ifrStart + cfrTotal; i++)
{
if (!_StackWalk(IMAGE_FILE_MACHINE_NATIVE,
g_hProcess,
GetCurrentThread(),
&stkfrm,
&context,
NULL,
(PFUNCTION_TABLE_ACCESS_ROUTINE)FunctionTableAccess,
(PGET_MODULE_BASE_ROUTINE)GetModuleBase,
NULL))
{
break;
}
if (i >= ifrStart)
{
*pdw++ = stkfrm.AddrPC.Offset;
nElements++;
if (psi)
{
FillSymbolInfo(psi++, stkfrm.AddrPC.Offset);
}
}
}
LOCAL_ASSERT(nElements == (UINT)(pdw - pdwEip));
return nElements;
}