FileAnalysis: load custom mime magic database just once.

This works around a bug in libmagic since version 5.12 (current at time of writing is 5.14) -- second call to magic_load() w/ non-default database segfaults.
2025-10-04 23:58:20 +00:00 · 2013-04-29 11:34:27 -05:00 · 2013-04-29 11:34:27 -05:00 · 0141f51801
commit 0141f51801
parent d22f30e9a1
7 changed files with 15 additions and 32 deletions
--- a/src/FileAnalyzer.cc
+++ b/src/FileAnalyzer.cc
@ -5,16 +5,10 @@
 #include "Reporter.h"
 #include "util.h"

-magic_t File_Analyzer::magic = 0;
-magic_t File_Analyzer::magic_mime = 0;
-
 File_Analyzer::File_Analyzer(AnalyzerTag::Tag tag, Connection* conn)
 : TCP_ApplicationAnalyzer(tag, conn)
 	{
 	buffer_len = 0;
-
-	bro_init_magic(&magic, MAGIC_NONE);
-	bro_init_magic(&magic_mime, MAGIC_MIME);
 	}

 void File_Analyzer::DeliverStream(int len, const u_char* data, bool orig)
@ -49,19 +43,13 @@ void File_Analyzer::Done()

 void File_Analyzer::Identify()
 	{
-	const char* descr = 0;
-	const char* mime = 0;
-
-	if ( magic )
-		descr = bro_magic_buffer(magic, buffer, buffer_len);
-
-	if ( magic_mime )
-		mime = bro_magic_buffer(magic_mime, buffer, buffer_len);
+	const char* desc = bro_magic_buffer(magic_desc_cookie, buffer, buffer_len);
+	const char* mime = bro_magic_buffer(magic_mime_cookie, buffer, buffer_len);

 	val_list* vl = new val_list;
 	vl->append(BuildConnVal());
 	vl->append(new StringVal(buffer_len, buffer));
-	vl->append(new StringVal(descr ? descr : "<unknown>"));
+	vl->append(new StringVal(desc ? desc : "<unknown>"));
 	vl->append(new StringVal(mime ? mime : "<unknown>"));
 	ConnectionEvent(file_transferred, vl);
 	}
--- a/src/FileAnalyzer.h
+++ b/src/FileAnalyzer.h
@ -6,7 +6,6 @@
 #include "TCP.h"

 #include <string>
-#include <magic.h>

 class File_Analyzer : public TCP_ApplicationAnalyzer {
 public:
@ -31,9 +30,6 @@ protected:
 	static const int BUFFER_SIZE = 1024;
 	char buffer[BUFFER_SIZE];
 	int buffer_len;
-
-	static magic_t magic;
-	static magic_t magic_mime;
 };

 class IRC_Data : public File_Analyzer {
--- a/src/bro.bif
+++ b/src/bro.bif
@ -849,11 +849,7 @@ extern "C" {
 ## Returns: The MIME type of *data*, or "<unknown>" if there was an error.
 function identify_data%(data: string, return_mime: bool%): string
 	%{
-	static magic_t magic_mime = 0;
-	static magic_t magic_descr = 0;
-
-	magic_t* magic = return_mime ? &magic_mime : &magic_descr;
-	bro_init_magic(magic, return_mime ? MAGIC_MIME : MAGIC_NONE);
+	magic_t* magic = return_mime ? &magic_mime_cookie : &magic_desc_cookie;

 	if( ! *magic )
 		return new StringVal("<unknown>");
--- a/src/file_analysis/File.cc
+++ b/src/file_analysis/File.cc
@ -49,8 +49,6 @@ int File::bof_buffer_size_idx = -1;
 int File::bof_buffer_idx = -1;
 int File::mime_type_idx = -1;

-magic_t File::magic_mime = 0;
-
 string File::salt;

 void File::StaticInit()
@ -72,8 +70,6 @@ void File::StaticInit()
 	bof_buffer_idx = Idx("bof_buffer");
 	mime_type_idx = Idx("mime_type");

-	bro_init_magic(&magic_mime, MAGIC_MIME);
-
 	salt = BifConst::FileAnalysis::salt->CheckString();
 	}

@ -250,7 +246,7 @@ bool File::BufferBOF(const u_char* data, uint64 len)

 bool File::DetectMIME(const u_char* data, uint64 len)
 	{
-	const char* mime = bro_magic_buffer(magic_mime, data, len);
+	const char* mime = bro_magic_buffer(magic_mime_cookie, data, len);

 	if ( mime )
 		{
--- a/src/file_analysis/File.h
+++ b/src/file_analysis/File.h
@ -3,7 +3,6 @@

 #include <string>
 #include <vector>
-#include <magic.h>

 #include "AnalyzerTags.h"
 #include "Conn.h"
@ -207,8 +206,6 @@ protected:
 	 */
 	static void StaticInit();

-	static magic_t magic_mime;
-
 	static string salt;

 	static int id_idx;
--- a/src/main.cc
+++ b/src/main.cc
@ -23,6 +23,7 @@ extern "C" {
 #endif

 #include <openssl/md5.h>
+#include <magic.h>

 extern "C" void OPENSSL_add_all_algorithms_conf(void);

@ -64,6 +65,9 @@ extern "C" void OPENSSL_add_all_algorithms_conf(void);

 Brofiler brofiler;

+magic_t magic_desc_cookie = 0;
+magic_t magic_mime_cookie = 0;
+
 #ifndef HAVE_STRSEP
 extern "C" {
 char* strsep(char**, const char*);
@ -730,6 +734,9 @@ int main(int argc, char** argv)
 	curl_global_init(CURL_GLOBAL_ALL);
 #endif

+	bro_init_magic(&magic_desc_cookie, MAGIC_NONE);
+	bro_init_magic(&magic_mime_cookie, MAGIC_MIME);
+
 	// FIXME: On systems that don't provide /dev/urandom, OpenSSL doesn't
 	// seed the PRNG. We should do this here (but at least Linux, FreeBSD
 	// and Solaris provide /dev/urandom).
--- a/src/util.h
+++ b/src/util.h
@ -370,6 +370,9 @@ struct CompareString
 		}
 	};

+extern magic_t magic_desc_cookie;
+extern magic_t magic_mime_cookie;
+
 void bro_init_magic(magic_t* cookie_ptr, int flags);
 const char* bro_magic_buffer(magic_t cookie, const void* buffer, size_t length);