From ea6fcb355b25be3eff4d543830228186d76daf58 Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Wed, 24 Oct 2012 17:51:35 +0200
Subject: [PATCH] magic: add test showing payload resulting in libmagic invalid
 read as reported by valgrind.

---
 src/util-magic.c | 37 ++++++++++++++++++++++++++++++++++++-
 1 file changed, 36 insertions(+), 1 deletion(-)

diff --git a/src/util-magic.c b/src/util-magic.c
index 3fb893ff49..1bb2f335da 100644
--- a/src/util-magic.c
+++ b/src/util-magic.c
@@ -31,7 +31,6 @@
 #include "conf.h"
 
 #include "util-unittest.h"
-
 #include <magic.h>
 
 static magic_t g_magic_ctx = NULL;
@@ -518,6 +517,40 @@ end:
     return retval;
 }
 
+/** \test results in valgrind warning about invalid read, tested with
+ *        file 5.09 and 5.11 */
+int MagicDetectTest10(void) {
+    const char *result = NULL;
+    uint8_t buffer[] = {
+        0xFF,0xD8,0xFF,0xE0,0x00,0x10,0x4A,0x46,0x49,0x46,0x00,0x01,0x01,0x01,0x01,0x2C,
+        0x01,0x2C,0x00,0x00,0xFF,0xFE,0x00,0x4C,0x53,0x69,0x67,0x6E,0x61,0x74,0x75,0x72,
+        0x65,0x3A,0x34,0x31,0x31,0x65,0x33,0x38,0x61,0x61,0x61,0x31,0x37,0x65,0x33,0x30,
+        0x66,0x30,0x32,0x38,0x62,0x61,0x30,0x31,0x36,0x32,0x36,0x37,0x66,0x66,0x30,0x31,
+        0x36,0x36,0x61,0x65,0x35,0x39,0x65,0x38,0x31,0x39,0x62,0x61,0x32,0x34,0x63,0x39,
+        0x62,0x31,0x33,0x37,0x33,0x62,0x31,0x61,0x35,0x61,0x38,0x65,0x64,0x63,0x36,0x30,
+        0x65,0x37,0xFF,0xE2,0x02,0x2C,0x49,0x43,0x43,0x5F,0x50,0x52,0x4F,0x46,0x49,0x4C,
+        0x45,0x00,0x01,0x01,0x00,0x00,0x02,0x1C,0x41,0x44,0x42,0x45,0x02,0x10,0x00,0x00,
+        0x6D,0x6E,0x74,0x72,0x52,0x47,0x42,0x20,0x58,0x59,0x5A,0x20,0x07,0xCF,0x00,0x05,
+        0x00,0x09,0x00,0x15,0x00,0x0B,0x00,0x21,0x61,0x63,0x73,0x70,0x41,0x50,0x50,0x4C,
+        0x00,0x00,0x00,0x00,0x6E,0x6F,0x6E,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+    };
+    size_t buffer_len = sizeof(buffer);
+    int retval = 0;
+
+    MagicInit();
+
+    result = MagicLookup(buffer, buffer_len);
+    if (result == NULL || strncmp(result, "JPEG", 4) != 0) {
+        printf("result %p:%s, not \"JPEG\": ", result,result?result:"(null)");
+        goto end;
+    }
+
+    retval = 1;
+end:
+    MagicDeinit();
+    return retval;
+}
+
 #endif /* UNITTESTS */
 
 
@@ -535,5 +568,7 @@ void MagicRegisterTests(void) {
     UtRegisterTest("MagicDetectTest08", MagicDetectTest08, 1);
     /* fails in valgrind, somehow it returns different pointers then.
     UtRegisterTest("MagicDetectTest09", MagicDetectTest09, 1); */
+
+    UtRegisterTest("MagicDetectTest10", MagicDetectTest10, 1);
 #endif /* UNITTESTS */
 }