svn commit: r270966 - user/cperciva/freebsd-update-build/patches/8.4-RELEASE
Xin LI
delphij at FreeBSD.org
Tue Sep 2 14:09:53 UTC 2014
Author: delphij
Date: Tue Sep 2 14:09:52 2014
New Revision: 270966
URL: http://svnweb.freebsd.org/changeset/base/270966
Log:
Add two missed patches for 8.4-RELEASE.
Added:
user/cperciva/freebsd-update-build/patches/8.4-RELEASE/13-EN-14:08.heimdal
user/cperciva/freebsd-update-build/patches/8.4-RELEASE/13-SA-14:16.file
Added: user/cperciva/freebsd-update-build/patches/8.4-RELEASE/13-EN-14:08.heimdal
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ user/cperciva/freebsd-update-build/patches/8.4-RELEASE/13-EN-14:08.heimdal Tue Sep 2 14:09:52 2014 (r270966)
@@ -0,0 +1,13 @@
+Index: crypto/heimdal/lib/gssapi/krb5/prf.c
+===================================================================
+--- crypto/heimdal/lib/gssapi/krb5/prf.c (revision 267806)
++++ crypto/heimdal/lib/gssapi/krb5/prf.c (working copy)
+@@ -117,7 +117,7 @@ _gsskrb5_pseudo_random(OM_uint32 *minor_status,
+ num = 0;
+ p = prf_out->value;
+ while(desired_output_len > 0) {
+- _gsskrb5_encode_om_uint32(num, input.data);
++ _gsskrb5_encode_be_om_uint32(num, input.data);
+ ret = krb5_crypto_prf(context, crypto, &input, &output);
+ if (ret) {
+ OM_uint32 junk;
Added: user/cperciva/freebsd-update-build/patches/8.4-RELEASE/13-SA-14:16.file
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ user/cperciva/freebsd-update-build/patches/8.4-RELEASE/13-SA-14:16.file Tue Sep 2 14:09:52 2014 (r270966)
@@ -0,0 +1,1891 @@
+Index: contrib/file/ascmagic.c
+===================================================================
+--- contrib/file/ascmagic.c (revision 267806)
++++ contrib/file/ascmagic.c (working copy)
+@@ -151,7 +151,7 @@ file_ascmagic_with_encoding(struct magic_set *ms,
+ if ((utf8_end = encode_utf8(utf8_buf, mlen, ubuf, ulen)) == NULL)
+ goto done;
+ if ((rv = file_softmagic(ms, utf8_buf, (size_t)(utf8_end - utf8_buf),
+- TEXTTEST)) != 0)
++ 0, TEXTTEST)) != 0)
+ goto done;
+ else
+ rv = -1;
+Index: contrib/file/cdf.c
+===================================================================
+--- contrib/file/cdf.c (revision 267806)
++++ contrib/file/cdf.c (working copy)
+@@ -24,15 +24,18 @@
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+ /*
+- * Parse composite document files, the format used in Microsoft Office
+- * document files before they switched to zipped xml.
++ * Parse Composite Document Files, the format used in Microsoft Office
++ * document files before they switched to zipped XML.
+ * Info from: http://sc.openoffice.org/compdocfileformat.pdf
++ *
++ * N.B. This is the "Composite Document File" format, and not the
++ * "Compound Document Format", nor the "Channel Definition Format".
+ */
+
+ #include "file.h"
+
+ #ifndef lint
+-FILE_RCSID("@(#)$File: cdf.c,v 1.30 2009/05/06 14:29:47 christos Exp $")
++FILE_RCSID("@(#)$File: cdf.c,v 1.49 2012/02/20 20:04:37 christos Exp $")
+ #endif
+
+ #include <assert.h>
+@@ -44,6 +47,9 @@
+ #include <string.h>
+ #include <time.h>
+ #include <ctype.h>
++#ifdef HAVE_LIMITS_H
++#include <limits.h>
++#endif
+
+ #ifndef EFTYPE
+ #define EFTYPE EINVAL
+@@ -51,10 +57,6 @@
+
+ #include "cdf.h"
+
+-#ifndef __arraycount
+-#define __arraycount(a) (sizeof(a) / sizeof(a[0]))
+-#endif
+-
+ #ifdef CDF_DEBUG
+ #define DPRINTF(a) printf a, fflush(stdout)
+ #else
+@@ -68,19 +70,21 @@ static union {
+
+ #define NEED_SWAP (cdf_bo.u == (uint32_t)0x01020304)
+
+-#define CDF_TOLE8(x) (NEED_SWAP ? cdf_tole8(x) : (uint64_t)(x))
+-#define CDF_TOLE4(x) (NEED_SWAP ? cdf_tole4(x) : (uint32_t)(x))
+-#define CDF_TOLE2(x) (NEED_SWAP ? cdf_tole2(x) : (uint16_t)(x))
++#define CDF_TOLE8(x) ((uint64_t)(NEED_SWAP ? _cdf_tole8(x) : (uint64_t)(x)))
++#define CDF_TOLE4(x) ((uint32_t)(NEED_SWAP ? _cdf_tole4(x) : (uint32_t)(x)))
++#define CDF_TOLE2(x) ((uint16_t)(NEED_SWAP ? _cdf_tole2(x) : (uint16_t)(x)))
++#define CDF_GETUINT32(x, y) cdf_getuint32(x, y)
+
++
+ /*
+ * swap a short
+ */
+-uint16_t
+-cdf_tole2(uint16_t sv)
++static uint16_t
++_cdf_tole2(uint16_t sv)
+ {
+ uint16_t rv;
+- uint8_t *s = (uint8_t *)(void *)&sv;
+- uint8_t *d = (uint8_t *)(void *)&rv;
++ uint8_t *s = (uint8_t *)(void *)&sv;
++ uint8_t *d = (uint8_t *)(void *)&rv;
+ d[0] = s[1];
+ d[1] = s[0];
+ return rv;
+@@ -89,12 +93,12 @@ static union {
+ /*
+ * swap an int
+ */
+-uint32_t
+-cdf_tole4(uint32_t sv)
++static uint32_t
++_cdf_tole4(uint32_t sv)
+ {
+ uint32_t rv;
+- uint8_t *s = (uint8_t *)(void *)&sv;
+- uint8_t *d = (uint8_t *)(void *)&rv;
++ uint8_t *s = (uint8_t *)(void *)&sv;
++ uint8_t *d = (uint8_t *)(void *)&rv;
+ d[0] = s[3];
+ d[1] = s[2];
+ d[2] = s[1];
+@@ -105,12 +109,12 @@ static union {
+ /*
+ * swap a quad
+ */
+-uint64_t
+-cdf_tole8(uint64_t sv)
++static uint64_t
++_cdf_tole8(uint64_t sv)
+ {
+ uint64_t rv;
+- uint8_t *s = (uint8_t *)(void *)&sv;
+- uint8_t *d = (uint8_t *)(void *)&rv;
++ uint8_t *s = (uint8_t *)(void *)&sv;
++ uint8_t *d = (uint8_t *)(void *)&rv;
+ d[0] = s[7];
+ d[1] = s[6];
+ d[2] = s[5];
+@@ -122,11 +126,41 @@ static union {
+ return rv;
+ }
+
++/*
++ * grab a uint32_t from a possibly unaligned address, and return it in
++ * the native host order.
++ */
++static uint32_t
++cdf_getuint32(const uint8_t *p, size_t offs)
++{
++ uint32_t rv;
++ (void)memcpy(&rv, p + offs * sizeof(uint32_t), sizeof(rv));
++ return CDF_TOLE4(rv);
++}
++
+ #define CDF_UNPACK(a) \
+ (void)memcpy(&(a), &buf[len], sizeof(a)), len += sizeof(a)
+ #define CDF_UNPACKA(a) \
+ (void)memcpy((a), &buf[len], sizeof(a)), len += sizeof(a)
+
++uint16_t
++cdf_tole2(uint16_t sv)
++{
++ return CDF_TOLE2(sv);
++}
++
++uint32_t
++cdf_tole4(uint32_t sv)
++{
++ return CDF_TOLE4(sv);
++}
++
++uint64_t
++cdf_tole8(uint64_t sv)
++{
++ return CDF_TOLE8(sv);
++}
++
+ void
+ cdf_swap_header(cdf_header_t *h)
+ {
+@@ -145,15 +179,15 @@ cdf_swap_header(cdf_header_t *h)
+ h->h_min_size_standard_stream =
+ CDF_TOLE4(h->h_min_size_standard_stream);
+ h->h_secid_first_sector_in_short_sat =
+- CDF_TOLE4(h->h_secid_first_sector_in_short_sat);
++ CDF_TOLE4((uint32_t)h->h_secid_first_sector_in_short_sat);
+ h->h_num_sectors_in_short_sat =
+ CDF_TOLE4(h->h_num_sectors_in_short_sat);
+ h->h_secid_first_sector_in_master_sat =
+- CDF_TOLE4(h->h_secid_first_sector_in_master_sat);
++ CDF_TOLE4((uint32_t)h->h_secid_first_sector_in_master_sat);
+ h->h_num_sectors_in_master_sat =
+ CDF_TOLE4(h->h_num_sectors_in_master_sat);
+ for (i = 0; i < __arraycount(h->h_master_sat); i++)
+- h->h_master_sat[i] = CDF_TOLE4(h->h_master_sat[i]);
++ h->h_master_sat[i] = CDF_TOLE4((uint32_t)h->h_master_sat[i]);
+ }
+
+ void
+@@ -186,15 +220,15 @@ void
+ cdf_swap_dir(cdf_directory_t *d)
+ {
+ d->d_namelen = CDF_TOLE2(d->d_namelen);
+- d->d_left_child = CDF_TOLE4(d->d_left_child);
+- d->d_right_child = CDF_TOLE4(d->d_right_child);
+- d->d_storage = CDF_TOLE4(d->d_storage);
++ d->d_left_child = CDF_TOLE4((uint32_t)d->d_left_child);
++ d->d_right_child = CDF_TOLE4((uint32_t)d->d_right_child);
++ d->d_storage = CDF_TOLE4((uint32_t)d->d_storage);
+ d->d_storage_uuid[0] = CDF_TOLE8(d->d_storage_uuid[0]);
+ d->d_storage_uuid[1] = CDF_TOLE8(d->d_storage_uuid[1]);
+ d->d_flags = CDF_TOLE4(d->d_flags);
+- d->d_created = CDF_TOLE8(d->d_created);
+- d->d_modified = CDF_TOLE8(d->d_modified);
+- d->d_stream_first_sector = CDF_TOLE4(d->d_stream_first_sector);
++ d->d_created = CDF_TOLE8((uint64_t)d->d_created);
++ d->d_modified = CDF_TOLE8((uint64_t)d->d_modified);
++ d->d_stream_first_sector = CDF_TOLE4((uint32_t)d->d_stream_first_sector);
+ d->d_size = CDF_TOLE4(d->d_size);
+ }
+
+@@ -228,14 +262,18 @@ cdf_unpack_dir(cdf_directory_t *d, char *buf)
+ }
+
+ static int
+-cdf_check_stream_offset(const cdf_stream_t *sst, const void *p, size_t tail)
++cdf_check_stream_offset(const cdf_stream_t *sst, const cdf_header_t *h,
++ const void *p, size_t tail, int line)
+ {
+ const char *b = (const char *)sst->sst_tab;
+ const char *e = ((const char *)p) + tail;
+- if (e >= b && (size_t)(e - b) < sst->sst_dirlen * sst->sst_len)
++ (void)&line;
++ if (e >= b && (size_t)(e - b) < CDF_SEC_SIZE(h) * sst->sst_len)
+ return 0;
+- DPRINTF((stderr, "offset begin %p end %p %zu >= %zu\n", b, e,
+- (size_t)(e - b), sst->sst_dirlen * sst->sst_len));
++ DPRINTF(("%d: offset begin %p end %p %" SIZE_T_FORMAT "u"
++ " >= %" SIZE_T_FORMAT "u [%" SIZE_T_FORMAT "u %"
++ SIZE_T_FORMAT "u]\n", line, b, e, (size_t)(e - b),
++ CDF_SEC_SIZE(h) * sst->sst_len, CDF_SEC_SIZE(h), sst->sst_len));
+ errno = EFTYPE;
+ return -1;
+ }
+@@ -278,7 +316,8 @@ cdf_read_header(const cdf_info_t *info, cdf_header
+ cdf_unpack_header(h, buf);
+ cdf_swap_header(h);
+ if (h->h_magic != CDF_MAGIC) {
+- DPRINTF(("Bad magic 0x%llx != 0x%llx\n",
++ DPRINTF(("Bad magic 0x%" INT64_T_FORMAT "x != 0x%"
++ INT64_T_FORMAT "x\n",
+ (unsigned long long)h->h_magic,
+ (unsigned long long)CDF_MAGIC));
+ goto out;
+@@ -303,9 +342,10 @@ ssize_t
+ cdf_read_sector(const cdf_info_t *info, void *buf, size_t offs, size_t len,
+ const cdf_header_t *h, cdf_secid_t id)
+ {
+- assert((size_t)CDF_SEC_SIZE(h) == len);
+- return cdf_read(info, (off_t)CDF_SEC_POS(h, id),
+- ((char *)buf) + offs, len);
++ size_t ss = CDF_SEC_SIZE(h);
++ size_t pos = CDF_SEC_POS(h, id);
++ assert(ss == len);
++ return cdf_read(info, (off_t)pos, ((char *)buf) + offs, len);
+ }
+
+ ssize_t
+@@ -312,9 +352,17 @@ ssize_t
+ cdf_read_short_sector(const cdf_stream_t *sst, void *buf, size_t offs,
+ size_t len, const cdf_header_t *h, cdf_secid_t id)
+ {
+- assert((size_t)CDF_SHORT_SEC_SIZE(h) == len);
++ size_t ss = CDF_SHORT_SEC_SIZE(h);
++ size_t pos = CDF_SHORT_SEC_POS(h, id);
++ assert(ss == len);
++ if (pos > CDF_SEC_SIZE(h) * sst->sst_len) {
++ DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %"
++ SIZE_T_FORMAT "u\n",
++ pos, CDF_SEC_SIZE(h) * sst->sst_len));
++ return -1;
++ }
+ (void)memcpy(((char *)buf) + offs,
+- ((const char *)sst->sst_tab) + CDF_SHORT_SEC_POS(h, id), len);
++ ((const char *)sst->sst_tab) + pos, len);
+ return len;
+ }
+
+@@ -334,17 +382,20 @@ cdf_read_sat(const cdf_info_t *info, cdf_header_t
+ break;
+
+ #define CDF_SEC_LIMIT (UINT32_MAX / (4 * ss))
+- if (h->h_num_sectors_in_master_sat > CDF_SEC_LIMIT / nsatpersec ||
++ if ((nsatpersec > 0 &&
++ h->h_num_sectors_in_master_sat > CDF_SEC_LIMIT / nsatpersec) ||
+ i > CDF_SEC_LIMIT) {
+- DPRINTF(("Number of sectors in master SAT too big %u %zu\n",
+- h->h_num_sectors_in_master_sat, i));
++ DPRINTF(("Number of sectors in master SAT too big %u %"
++ SIZE_T_FORMAT "u\n", h->h_num_sectors_in_master_sat, i));
+ errno = EFTYPE;
+ return -1;
+ }
+
+ sat->sat_len = h->h_num_sectors_in_master_sat * nsatpersec + i;
+- DPRINTF(("sat_len = %zu ss = %zu\n", sat->sat_len, ss));
+- if ((sat->sat_tab = calloc(sat->sat_len, ss)) == NULL)
++ DPRINTF(("sat_len = %" SIZE_T_FORMAT "u ss = %" SIZE_T_FORMAT "u\n",
++ sat->sat_len, ss));
++ if ((sat->sat_tab = CAST(cdf_secid_t *, calloc(sat->sat_len, ss)))
++ == NULL)
+ return -1;
+
+ for (i = 0; i < __arraycount(h->h_master_sat); i++) {
+@@ -357,7 +408,7 @@ cdf_read_sat(const cdf_info_t *info, cdf_header_t
+ }
+ }
+
+- if ((msa = calloc(1, ss)) == NULL)
++ if ((msa = CAST(cdf_secid_t *, calloc(1, ss))) == NULL)
+ goto out1;
+
+ mid = h->h_secid_first_sector_in_master_sat;
+@@ -374,12 +425,12 @@ cdf_read_sat(const cdf_info_t *info, cdf_header_t
+ goto out2;
+ }
+ for (k = 0; k < nsatpersec; k++, i++) {
+- sec = CDF_TOLE4(msa[k]);
++ sec = CDF_TOLE4((uint32_t)msa[k]);
+ if (sec < 0)
+ goto out;
+ if (i >= sat->sat_len) {
+- DPRINTF(("Out of bounds reading MSA %u >= %u",
+- i, sat->sat_len));
++ DPRINTF(("Out of bounds reading MSA %" SIZE_T_FORMAT
++ "u >= %" SIZE_T_FORMAT "u", i, sat->sat_len));
+ errno = EFTYPE;
+ goto out2;
+ }
+@@ -390,7 +441,7 @@ cdf_read_sat(const cdf_info_t *info, cdf_header_t
+ goto out2;
+ }
+ }
+- mid = CDF_TOLE4(msa[nsatpersec]);
++ mid = CDF_TOLE4((uint32_t)msa[nsatpersec]);
+ }
+ out:
+ sat->sat_len = i;
+@@ -422,7 +473,7 @@ cdf_count_chain(const cdf_sat_t *sat, cdf_secid_t
+ errno = EFTYPE;
+ return (size_t)-1;
+ }
+- sid = CDF_TOLE4(sat->sat_tab[sid]);
++ sid = CDF_TOLE4((uint32_t)sat->sat_tab[sid]);
+ }
+ DPRINTF(("\n"));
+ return i;
+@@ -452,7 +503,8 @@ cdf_read_long_sector_chain(const cdf_info_t *info,
+ }
+ if (i >= scn->sst_len) {
+ DPRINTF(("Out of bounds reading long sector chain "
+- "%u > %u\n", i, scn->sst_len));
++ "%" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n", i,
++ scn->sst_len));
+ errno = EFTYPE;
+ goto out;
+ }
+@@ -465,7 +517,7 @@ cdf_read_long_sector_chain(const cdf_info_t *info,
+ DPRINTF(("Reading long sector chain %d", sid));
+ goto out;
+ }
+- sid = CDF_TOLE4(sat->sat_tab[sid]);
++ sid = CDF_TOLE4((uint32_t)sat->sat_tab[sid]);
+ }
+ return 0;
+ out:
+@@ -497,7 +549,8 @@ cdf_read_short_sector_chain(const cdf_header_t *h,
+ }
+ if (i >= scn->sst_len) {
+ DPRINTF(("Out of bounds reading short sector chain "
+- "%u > %u\n", i, scn->sst_len));
++ "%" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n",
++ i, scn->sst_len));
+ errno = EFTYPE;
+ goto out;
+ }
+@@ -506,7 +559,7 @@ cdf_read_short_sector_chain(const cdf_header_t *h,
+ DPRINTF(("Reading short sector chain %d", sid));
+ goto out;
+ }
+- sid = CDF_TOLE4(ssat->sat_tab[sid]);
++ sid = CDF_TOLE4((uint32_t)ssat->sat_tab[sid]);
+ }
+ return 0;
+ out:
+@@ -520,7 +573,7 @@ cdf_read_sector_chain(const cdf_info_t *info, cons
+ cdf_secid_t sid, size_t len, cdf_stream_t *scn)
+ {
+
+- if (len < h->h_min_size_standard_stream)
++ if (len < h->h_min_size_standard_stream && sst->sst_tab != NULL)
+ return cdf_read_short_sector_chain(h, ssat, sst, sid, len,
+ scn);
+ else
+@@ -543,11 +596,12 @@ cdf_read_dir(const cdf_info_t *info, const cdf_hea
+ nd = ss / CDF_DIRECTORY_SIZE;
+
+ dir->dir_len = ns * nd;
+- dir->dir_tab = calloc(dir->dir_len, sizeof(dir->dir_tab[0]));
++ dir->dir_tab = CAST(cdf_directory_t *,
++ calloc(dir->dir_len, sizeof(dir->dir_tab[0])));
+ if (dir->dir_tab == NULL)
+ return -1;
+
+- if ((buf = malloc(ss)) == NULL) {
++ if ((buf = CAST(char *, malloc(ss))) == NULL) {
+ free(dir->dir_tab);
+ return -1;
+ }
+@@ -566,7 +620,7 @@ cdf_read_dir(const cdf_info_t *info, const cdf_hea
+ cdf_unpack_dir(&dir->dir_tab[i * nd + j],
+ &buf[j * CDF_DIRECTORY_SIZE]);
+ }
+- sid = CDF_TOLE4(sat->sat_tab[sid]);
++ sid = CDF_TOLE4((uint32_t)sat->sat_tab[sid]);
+ }
+ if (NEED_SWAP)
+ for (i = 0; i < dir->dir_len; i++)
+@@ -592,7 +646,7 @@ cdf_read_ssat(const cdf_info_t *info, const cdf_he
+ if (ssat->sat_len == (size_t)-1)
+ return -1;
+
+- ssat->sat_tab = calloc(ssat->sat_len, ss);
++ ssat->sat_tab = CAST(cdf_secid_t *, calloc(ssat->sat_len, ss));
+ if (ssat->sat_tab == NULL)
+ return -1;
+
+@@ -604,7 +658,8 @@ cdf_read_ssat(const cdf_info_t *info, const cdf_he
+ }
+ if (i >= ssat->sat_len) {
+ DPRINTF(("Out of bounds reading short sector chain "
+- "%u > %u\n", i, ssat->sat_len));
++ "%" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n", i,
++ ssat->sat_len));
+ errno = EFTYPE;
+ goto out;
+ }
+@@ -613,7 +668,7 @@ cdf_read_ssat(const cdf_info_t *info, const cdf_he
+ DPRINTF(("Reading short sat sector %d", sid));
+ goto out;
+ }
+- sid = CDF_TOLE4(sat->sat_tab[sid]);
++ sid = CDF_TOLE4((uint32_t)sat->sat_tab[sid]);
+ }
+ return 0;
+ out:
+@@ -641,7 +696,7 @@ cdf_read_short_stream(const cdf_info_t *info, cons
+ if (d->d_stream_first_sector < 0)
+ goto out;
+
+- return cdf_read_long_sector_chain(info, h, sat,
++ return cdf_read_long_sector_chain(info, h, sat,
+ d->d_stream_first_sector, d->d_size, scn);
+ out:
+ scn->sst_tab = NULL;
+@@ -668,29 +723,29 @@ cdf_read_summary_info(const cdf_info_t *info, cons
+ const cdf_directory_t *d;
+ static const char name[] = "\05SummaryInformation";
+
+- for (i = 0; i < dir->dir_len; i++)
+- if (dir->dir_tab[i].d_type == CDF_DIR_TYPE_USER_STREAM &&
+- cdf_namecmp(name, dir->dir_tab[i].d_name, sizeof(name))
++ for (i = dir->dir_len; i > 0; i--)
++ if (dir->dir_tab[i - 1].d_type == CDF_DIR_TYPE_USER_STREAM &&
++ cdf_namecmp(name, dir->dir_tab[i - 1].d_name, sizeof(name))
+ == 0)
+ break;
+
+- if (i == dir->dir_len) {
++ if (i == 0) {
+ DPRINTF(("Cannot find summary information section\n"));
+- errno = EFTYPE;
++ errno = ESRCH;
+ return -1;
+ }
+- d = &dir->dir_tab[i];
++ d = &dir->dir_tab[i - 1];
+ return cdf_read_sector_chain(info, h, sat, ssat, sst,
+ d->d_stream_first_sector, d->d_size, scn);
+ }
+
+ int
+-cdf_read_property_info(const cdf_stream_t *sst, uint32_t offs,
+- cdf_property_info_t **info, size_t *count, size_t *maxcount)
++cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
++ uint32_t offs, cdf_property_info_t **info, size_t *count, size_t *maxcount)
+ {
+ const cdf_section_header_t *shp;
+ cdf_section_header_t sh;
+- const uint32_t *p, *q, *e;
++ const uint8_t *p, *q, *e;
+ int16_t s16;
+ int32_t s32;
+ uint32_t u32;
+@@ -697,7 +752,7 @@ int
+ int64_t s64;
+ uint64_t u64;
+ cdf_timestamp_t tp;
+- size_t i, o, nelements, j;
++ size_t i, o, o4, nelements, j;
+ cdf_property_info_t *inp;
+
+ if (offs > UINT32_MAX / 4) {
+@@ -704,8 +759,9 @@ int
+ errno = EFTYPE;
+ goto out;
+ }
+- shp = (const void *)((const char *)sst->sst_tab + offs);
+- if (cdf_check_stream_offset(sst, shp, sizeof(*shp)) == -1)
++ shp = CAST(const cdf_section_header_t *, (const void *)
++ ((const char *)sst->sst_tab + offs));
++ if (cdf_check_stream_offset(sst, h, shp, sizeof(*shp), __LINE__) == -1)
+ goto out;
+ sh.sh_len = CDF_TOLE4(shp->sh_len);
+ #define CDF_SHLEN_LIMIT (UINT32_MAX / 8)
+@@ -723,10 +779,12 @@ int
+ if (*maxcount > CDF_PROP_LIMIT)
+ goto out;
+ *maxcount += sh.sh_properties;
+- inp = realloc(*info, *maxcount * sizeof(*inp));
++ inp = CAST(cdf_property_info_t *,
++ realloc(*info, *maxcount * sizeof(*inp)));
+ } else {
+ *maxcount = sh.sh_properties;
+- inp = malloc(*maxcount * sizeof(*inp));
++ inp = CAST(cdf_property_info_t *,
++ malloc(*maxcount * sizeof(*inp)));
+ }
+ if (inp == NULL)
+ goto out;
+@@ -733,65 +791,87 @@ int
+ *info = inp;
+ inp += *count;
+ *count += sh.sh_properties;
+- p = (const void *)((const char *)sst->sst_tab + offs + sizeof(sh));
+- e = (const void *)(((const char *)shp) + sh.sh_len);
+- if (cdf_check_stream_offset(sst, e, 0) == -1)
++ p = CAST(const uint8_t *, (const void *)
++ ((const char *)(const void *)sst->sst_tab +
++ offs + sizeof(sh)));
++ e = CAST(const uint8_t *, (const void *)
++ (((const char *)(const void *)shp) + sh.sh_len));
++ if (cdf_check_stream_offset(sst, h, e, 0, __LINE__) == -1)
+ goto out;
+ for (i = 0; i < sh.sh_properties; i++) {
+- q = (const uint32_t *)((const char *)p +
+- CDF_TOLE4(p[(i << 1) + 1])) - 2;
++ size_t ofs = CDF_GETUINT32(p, (i << 1) + 1);
++ q = (const uint8_t *)(const void *)
++ ((const char *)(const void *)p + ofs
++ - 2 * sizeof(uint32_t));
+ if (q > e) {
+ DPRINTF(("Ran of the end %p > %p\n", q, e));
+ goto out;
+ }
+- inp[i].pi_id = CDF_TOLE4(p[i << 1]);
+- inp[i].pi_type = CDF_TOLE4(q[0]);
+- DPRINTF(("%d) id=%x type=%x offs=%x\n", i, inp[i].pi_id,
+- inp[i].pi_type, (const char *)q - (const char *)p));
++ inp[i].pi_id = CDF_GETUINT32(p, i << 1);
++ inp[i].pi_type = CDF_GETUINT32(q, 0);
++ DPRINTF(("%" SIZE_T_FORMAT "u) id=%x type=%x offs=0x%tx,0x%x\n",
++ i, inp[i].pi_id, inp[i].pi_type, q - p, offs));
+ if (inp[i].pi_type & CDF_VECTOR) {
+- nelements = CDF_TOLE4(q[1]);
++ nelements = CDF_GETUINT32(q, 1);
+ o = 2;
+ } else {
+ nelements = 1;
+ o = 1;
+ }
++ o4 = o * sizeof(uint32_t);
+ if (inp[i].pi_type & (CDF_ARRAY|CDF_BYREF|CDF_RESERVED))
+ goto unknown;
+ switch (inp[i].pi_type & CDF_TYPEMASK) {
++ case CDF_NULL:
+ case CDF_EMPTY:
+ break;
+ case CDF_SIGNED16:
+ if (inp[i].pi_type & CDF_VECTOR)
+ goto unknown;
+- (void)memcpy(&s16, &q[o], sizeof(s16));
++ (void)memcpy(&s16, &q[o4], sizeof(s16));
+ inp[i].pi_s16 = CDF_TOLE2(s16);
+ break;
+ case CDF_SIGNED32:
+ if (inp[i].pi_type & CDF_VECTOR)
+ goto unknown;
+- (void)memcpy(&s32, &q[o], sizeof(s32));
+- inp[i].pi_s32 = CDF_TOLE4(s32);
++ (void)memcpy(&s32, &q[o4], sizeof(s32));
++ inp[i].pi_s32 = CDF_TOLE4((uint32_t)s32);
+ break;
+ case CDF_BOOL:
+ case CDF_UNSIGNED32:
+ if (inp[i].pi_type & CDF_VECTOR)
+ goto unknown;
+- (void)memcpy(&u32, &q[o], sizeof(u32));
++ (void)memcpy(&u32, &q[o4], sizeof(u32));
+ inp[i].pi_u32 = CDF_TOLE4(u32);
+ break;
+ case CDF_SIGNED64:
+ if (inp[i].pi_type & CDF_VECTOR)
+ goto unknown;
+- (void)memcpy(&s64, &q[o], sizeof(s64));
+- inp[i].pi_s64 = CDF_TOLE4(s64);
++ (void)memcpy(&s64, &q[o4], sizeof(s64));
++ inp[i].pi_s64 = CDF_TOLE8((uint64_t)s64);
+ break;
+ case CDF_UNSIGNED64:
+ if (inp[i].pi_type & CDF_VECTOR)
+ goto unknown;
+- (void)memcpy(&u64, &q[o], sizeof(u64));
+- inp[i].pi_u64 = CDF_TOLE4(u64);
++ (void)memcpy(&u64, &q[o4], sizeof(u64));
++ inp[i].pi_u64 = CDF_TOLE8((uint64_t)u64);
+ break;
++ case CDF_FLOAT:
++ if (inp[i].pi_type & CDF_VECTOR)
++ goto unknown;
++ (void)memcpy(&u32, &q[o4], sizeof(u32));
++ u32 = CDF_TOLE4(u32);
++ memcpy(&inp[i].pi_f, &u32, sizeof(inp[i].pi_f));
++ break;
++ case CDF_DOUBLE:
++ if (inp[i].pi_type & CDF_VECTOR)
++ goto unknown;
++ (void)memcpy(&u64, &q[o4], sizeof(u64));
++ u64 = CDF_TOLE8((uint64_t)u64);
++ memcpy(&inp[i].pi_d, &u64, sizeof(inp[i].pi_d));
++ break;
+ case CDF_LENGTH32_STRING:
++ case CDF_LENGTH32_WSTRING:
+ if (nelements > 1) {
+ size_t nelem = inp - *info;
+ if (*maxcount > CDF_PROP_LIMIT
+@@ -798,22 +878,30 @@ int
+ || nelements > CDF_PROP_LIMIT)
+ goto out;
+ *maxcount += nelements;
+- inp = realloc(*info, *maxcount * sizeof(*inp));
++ inp = CAST(cdf_property_info_t *,
++ realloc(*info, *maxcount * sizeof(*inp)));
+ if (inp == NULL)
+ goto out;
+ *info = inp;
+ inp = *info + nelem;
+ }
+- DPRINTF(("nelements = %d\n", nelements));
++ DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
++ nelements));
+ for (j = 0; j < nelements; j++, i++) {
+- uint32_t l = CDF_TOLE4(q[o]);
++ uint32_t l = CDF_GETUINT32(q, o);
+ inp[i].pi_str.s_len = l;
+- inp[i].pi_str.s_buf = (const char *)(&q[o+1]);
+- DPRINTF(("l = %d, r = %d, s = %s\n", l,
++ inp[i].pi_str.s_buf = (const char *)
++ (const void *)(&q[o4 + sizeof(l)]);
++ DPRINTF(("l = %d, r = %" SIZE_T_FORMAT
++ "u, s = %s\n", l,
+ CDF_ROUND(l, sizeof(l)),
+ inp[i].pi_str.s_buf));
+- l = 4 + CDF_ROUND(l, sizeof(l));
+- o += l >> 2;
++ if (l & 1)
++ l++;
++ o += l >> 1;
++ if (q + o >= e)
++ goto out;
++ o4 = o * sizeof(uint32_t);
+ }
+ i--;
+ break;
+@@ -820,8 +908,8 @@ int
+ case CDF_FILETIME:
+ if (inp[i].pi_type & CDF_VECTOR)
+ goto unknown;
+- (void)memcpy(&tp, &q[o], sizeof(tp));
+- inp[i].pi_tp = CDF_TOLE8(tp);
++ (void)memcpy(&tp, &q[o4], sizeof(tp));
++ inp[i].pi_tp = CDF_TOLE8((uint64_t)tp);
+ break;
+ case CDF_CLIPBOARD:
+ if (inp[i].pi_type & CDF_VECTOR)
+@@ -831,7 +919,7 @@ int
+ unknown:
+ DPRINTF(("Don't know how to deal with %x\n",
+ inp[i].pi_type));
+- goto out;
++ break;
+ }
+ }
+ return 0;
+@@ -841,16 +929,18 @@ out:
+ }
+
+ int
+-cdf_unpack_summary_info(const cdf_stream_t *sst, cdf_summary_info_header_t *ssi,
+- cdf_property_info_t **info, size_t *count)
++cdf_unpack_summary_info(const cdf_stream_t *sst, const cdf_header_t *h,
++ cdf_summary_info_header_t *ssi, cdf_property_info_t **info, size_t *count)
+ {
+ size_t i, maxcount;
+- const cdf_summary_info_header_t *si = sst->sst_tab;
+- const cdf_section_declaration_t *sd = (const void *)
+- ((const char *)sst->sst_tab + CDF_SECTION_DECLARATION_OFFSET);
++ const cdf_summary_info_header_t *si =
++ CAST(const cdf_summary_info_header_t *, sst->sst_tab);
++ const cdf_section_declaration_t *sd =
++ CAST(const cdf_section_declaration_t *, (const void *)
++ ((const char *)sst->sst_tab + CDF_SECTION_DECLARATION_OFFSET));
+
+- if (cdf_check_stream_offset(sst, si, sizeof(*si)) == -1 ||
+- cdf_check_stream_offset(sst, sd, sizeof(*sd)) == -1)
++ if (cdf_check_stream_offset(sst, h, si, sizeof(*si), __LINE__) == -1 ||
++ cdf_check_stream_offset(sst, h, sd, sizeof(*sd), __LINE__) == -1)
+ return -1;
+ ssi->si_byte_order = CDF_TOLE2(si->si_byte_order);
+ ssi->si_os_version = CDF_TOLE2(si->si_os_version);
+@@ -867,9 +957,10 @@ int
+ errno = EFTYPE;
+ return -1;
+ }
+- if (cdf_read_property_info(sst, CDF_TOLE4(sd->sd_offset),
+- info, count, &maxcount) == -1)
++ if (cdf_read_property_info(sst, h, CDF_TOLE4(sd->sd_offset),
++ info, count, &maxcount) == -1) {
+ return -1;
++ }
+ }
+ return 0;
+ }
+@@ -926,32 +1017,32 @@ cdf_print_property_name(char *buf, size_t bufsiz,
+ int
+ cdf_print_elapsed_time(char *buf, size_t bufsiz, cdf_timestamp_t ts)
+ {
+- size_t len = 0;
++ int len = 0;
+ int days, hours, mins, secs;
+
+ ts /= CDF_TIME_PREC;
+- secs = ts % 60;
++ secs = (int)(ts % 60);
+ ts /= 60;
+- mins = ts % 60;
++ mins = (int)(ts % 60);
+ ts /= 60;
+- hours = ts % 24;
++ hours = (int)(ts % 24);
+ ts /= 24;
+- days = ts;
++ days = (int)ts;
+
+ if (days) {
+ len += snprintf(buf + len, bufsiz - len, "%dd+", days);
+- if (len >= bufsiz)
++ if ((size_t)len >= bufsiz)
+ return len;
+ }
+
+ if (days || hours) {
+ len += snprintf(buf + len, bufsiz - len, "%.2d:", hours);
+- if (len >= bufsiz)
++ if ((size_t)len >= bufsiz)
+ return len;
+ }
+
+ len += snprintf(buf + len, bufsiz - len, "%.2d:", mins);
+- if (len >= bufsiz)
++ if ((size_t)len >= bufsiz)
+ return len;
+
+ len += snprintf(buf + len, bufsiz - len, "%.2d", secs);
+@@ -994,13 +1085,14 @@ cdf_dump_sat(const char *prefix, const cdf_sat_t *
+ size_t i, j, s = size / sizeof(cdf_secid_t);
+
+ for (i = 0; i < sat->sat_len; i++) {
+- (void)fprintf(stderr, "%s[%zu]:\n%.6d: ", prefix, i, i * s);
++ (void)fprintf(stderr, "%s[%" SIZE_T_FORMAT "u]:\n%.6"
++ SIZE_T_FORMAT "u: ", prefix, i, i * s);
+ for (j = 0; j < s; j++) {
+ (void)fprintf(stderr, "%5d, ",
+ CDF_TOLE4(sat->sat_tab[s * i + j]));
+ if ((j + 1) % 10 == 0)
+- (void)fprintf(stderr, "\n%.6d: ",
+- i * s + j + 1);
++ (void)fprintf(stderr, "\n%.6" SIZE_T_FORMAT
++ "u: ", i * s + j + 1);
+ }
+ (void)fprintf(stderr, "\n");
+ }
+@@ -1019,7 +1111,8 @@ cdf_dump(void *v, size_t len)
+ if (j == 16) {
+ j = 0;
+ abuf[15] = '\0';
+- (void)fprintf(stderr, "%s\n%.4x: ", abuf, i + 1);
++ (void)fprintf(stderr, "%s\n%.4" SIZE_T_FORMAT "x: ",
++ abuf, i + 1);
+ }
+ }
+ (void)fprintf(stderr, "\n");
+@@ -1051,7 +1144,8 @@ cdf_dump_dir(const cdf_info_t *info, const cdf_hea
+ d = &dir->dir_tab[i];
+ for (j = 0; j < sizeof(name); j++)
+ name[j] = (char)CDF_TOLE2(d->d_name[j]);
+- (void)fprintf(stderr, "Directory %zu: %s\n", i, name);
++ (void)fprintf(stderr, "Directory %" SIZE_T_FORMAT "u: %s\n",
++ i, name);
+ if (d->d_type < __arraycount(types))
+ (void)fprintf(stderr, "Type: %s\n", types[d->d_type]);
+ else
+@@ -1062,9 +1156,9 @@ cdf_dump_dir(const cdf_info_t *info, const cdf_hea
+ (void)fprintf(stderr, "Right child: %d\n", d->d_right_child);
+ (void)fprintf(stderr, "Flags: 0x%x\n", d->d_flags);
+ cdf_timestamp_to_timespec(&ts, d->d_created);
+- (void)fprintf(stderr, "Created %s", ctime(&ts.tv_sec));
++ (void)fprintf(stderr, "Created %s", cdf_ctime(&ts.tv_sec));
+ cdf_timestamp_to_timespec(&ts, d->d_modified);
+- (void)fprintf(stderr, "Modified %s", ctime(&ts.tv_sec));
++ (void)fprintf(stderr, "Modified %s", cdf_ctime(&ts.tv_sec));
+ (void)fprintf(stderr, "Stream %d\n", d->d_stream_first_sector);
+ (void)fprintf(stderr, "Size %d\n", d->d_size);
+ switch (d->d_type) {
+@@ -1086,7 +1180,7 @@ cdf_dump_dir(const cdf_info_t *info, const cdf_hea
+ default:
+ break;
+ }
+-
++
+ }
+ }
+
+@@ -1096,12 +1190,14 @@ cdf_dump_property_info(const cdf_property_info_t *
+ cdf_timestamp_t tp;
+ struct timespec ts;
+ char buf[64];
+- size_t i;
++ size_t i, j;
+
+ for (i = 0; i < count; i++) {
+ cdf_print_property_name(buf, sizeof(buf), info[i].pi_id);
+- (void)fprintf(stderr, "%zu) %s: ", i, buf);
++ (void)fprintf(stderr, "%" SIZE_T_FORMAT "u) %s: ", i, buf);
+ switch (info[i].pi_type) {
++ case CDF_NULL:
++ break;
+ case CDF_SIGNED16:
+ (void)fprintf(stderr, "signed 16 [%hd]\n",
+ info[i].pi_s16);
+@@ -1114,11 +1210,26 @@ cdf_dump_property_info(const cdf_property_info_t *
+ (void)fprintf(stderr, "unsigned 32 [%u]\n",
+ info[i].pi_u32);
+ break;
++ case CDF_FLOAT:
++ (void)fprintf(stderr, "float [%g]\n",
++ info[i].pi_f);
++ break;
++ case CDF_DOUBLE:
++ (void)fprintf(stderr, "double [%g]\n",
++ info[i].pi_d);
++ break;
+ case CDF_LENGTH32_STRING:
+ (void)fprintf(stderr, "string %u [%.*s]\n",
+ info[i].pi_str.s_len,
+ info[i].pi_str.s_len, info[i].pi_str.s_buf);
+ break;
++ case CDF_LENGTH32_WSTRING:
++ (void)fprintf(stderr, "string %u [",
++ info[i].pi_str.s_len);
++ for (j = 0; j < info[i].pi_str.s_len - 1; j++)
++ (void)fputc(info[i].pi_str.s_buf[j << 1], stderr);
++ (void)fprintf(stderr, "]\n");
++ break;
+ case CDF_FILETIME:
+ tp = info[i].pi_tp;
+ if (tp < 1000000000000000LL) {
+@@ -1127,7 +1238,7 @@ cdf_dump_property_info(const cdf_property_info_t *
+ } else {
+ cdf_timestamp_to_timespec(&ts, tp);
+ (void)fprintf(stderr, "timestamp %s",
+- ctime(&ts.tv_sec));
++ cdf_ctime(&ts.tv_sec));
+ }
+ break;
+ case CDF_CLIPBOARD:
+@@ -1151,7 +1262,7 @@ cdf_dump_summary_info(const cdf_header_t *h, const
+ size_t count;
+
+ (void)&h;
+- if (cdf_unpack_summary_info(sst, &ssi, &info, &count) == -1)
++ if (cdf_unpack_summary_info(sst, h, &ssi, &info, &count) == -1)
+ return;
+ (void)fprintf(stderr, "Endian: %x\n", ssi.si_byte_order);
+ (void)fprintf(stderr, "Os Version %d.%d\n", ssi.si_os_version & 0xff,
+@@ -1203,7 +1314,7 @@ main(int argc, char *argv[])
+ if (cdf_read_ssat(&info, &h, &sat, &ssat) == -1)
+ err(1, "Cannot read ssat");
+ #ifdef CDF_DEBUG
+- cdf_dump_sat("SSAT", &h, &ssat, CDF_SHORT_SEC_SIZE(&h));
++ cdf_dump_sat("SSAT", &ssat, CDF_SHORT_SEC_SIZE(&h));
+ #endif
+
+ if (cdf_read_dir(&info, &h, &sat, &dir) == -1)
+Index: contrib/file/cdf.h
+===================================================================
+--- contrib/file/cdf.h (revision 267806)
++++ contrib/file/cdf.h (working copy)
+@@ -24,12 +24,27 @@
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+ /*
+- * Info from: http://sc.openoffice.org/compdocfileformat.pdf
++ * Parse Composite Document Files, the format used in Microsoft Office
++ * document files before they switched to zipped XML.
++ * Info from: http://sc.openoffice.org/compdocfileformat.pdf
++ *
++ * N.B. This is the "Composite Document File" format, and not the
++ * "Compound Document Format", nor the "Channel Definition Format".
+ */
+
+ #ifndef _H_CDF_
+ #define _H_CDF_
+
++#ifdef WIN32
++#include <winsock2.h>
++#define timespec timeval
++#define tv_nsec tv_usec
++#endif
++#ifdef __DJGPP__
++#define timespec timeval
++#define tv_nsec tv_usec
++#endif
++
+ typedef int32_t cdf_secid_t;
+
+ #define CDF_LOOP_LIMIT 10000
+@@ -36,8 +51,8 @@ typedef int32_t cdf_secid_t;
+
+ #define CDF_SECID_NULL 0
+ #define CDF_SECID_FREE -1
+-#define CDF_SECID_END_OF_CHAIN -2
+-#define CDF_SECID_SECTOR_ALLOCATION_TABLE -3
++#define CDF_SECID_END_OF_CHAIN -2
++#define CDF_SECID_SECTOR_ALLOCATION_TABLE -3
+ #define CDF_SECID_MASTER_SECTOR_ALLOCATION_TABLE -4
+
+ typedef struct {
+@@ -61,15 +76,15 @@ typedef struct {
+ cdf_secid_t h_master_sat[436/4];
+ } cdf_header_t;
+
+-#define CDF_SEC_SIZE(h) (1 << (h)->h_sec_size_p2)
++#define CDF_SEC_SIZE(h) ((size_t)(1 << (h)->h_sec_size_p2))
+ #define CDF_SEC_POS(h, secid) (CDF_SEC_SIZE(h) + (secid) * CDF_SEC_SIZE(h))
+-#define CDF_SHORT_SEC_SIZE(h) (1 << (h)->h_short_sec_size_p2)
++#define CDF_SHORT_SEC_SIZE(h) ((size_t)(1 << (h)->h_short_sec_size_p2))
+ #define CDF_SHORT_SEC_POS(h, secid) ((secid) * CDF_SHORT_SEC_SIZE(h))
+
+-typedef int32_t cdf_dirid_t;
++typedef int32_t cdf_dirid_t;
+ #define CDF_DIRID_NULL -1
+
+-typedef int64_t cdf_timestamp_t;
++typedef int64_t cdf_timestamp_t;
+ #define CDF_BASE_YEAR 1601
+ #define CDF_TIME_PREC 10000000
+
+@@ -78,11 +93,11 @@ typedef struct {
+ uint16_t d_namelen;
+ uint8_t d_type;
+ #define CDF_DIR_TYPE_EMPTY 0
+-#define CDF_DIR_TYPE_USER_STORAGE 1
+-#define CDF_DIR_TYPE_USER_STREAM 2
+-#define CDF_DIR_TYPE_LOCKBYTES 3
+-#define CDF_DIR_TYPE_PROPERTY 4
+-#define CDF_DIR_TYPE_ROOT_STORAGE 5
++#define CDF_DIR_TYPE_USER_STORAGE 1
++#define CDF_DIR_TYPE_USER_STREAM 2
++#define CDF_DIR_TYPE_LOCKBYTES 3
++#define CDF_DIR_TYPE_PROPERTY 4
++#define CDF_DIR_TYPE_ROOT_STORAGE 5
+ uint8_t d_color;
+ #define CDF_DIR_COLOR_READ 0
+ #define CDF_DIR_COLOR_BLACK 1
+@@ -91,8 +106,8 @@ typedef struct {
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-user
mailing list