fileinfo: Fixed bug #78987 High memory usage during encoding detection

The default buffer size for the encoding detection is set to 64K.

Signed-off-by: Anatol Belski <ab@php.net>

Author: weltling

ext/fileinfo/libmagic.patch

@@ -1,6 +1,6 @@
 diff -u libmagic.orig/apprentice.c libmagic/apprentice.c
 --- libmagic.orig/apprentice.c	2019-02-20 03:35:27.000000000 +0100
-+++ libmagic/apprentice.c	2020-11-19 11:50:32.412674100 +0100
++++ libmagic/apprentice.c	2021-09-17 21:27:42.796508107 +0200
 @@ -29,6 +29,8 @@
   * apprentice - make one pass through /etc/magic, learning its secrets.
   */
@@ -974,7 +974,7 @@ diff -u libmagic.orig/apprentice.c libmagic/apprentice.c
  	}
 diff -u libmagic.orig/ascmagic.c libmagic/ascmagic.c
 --- libmagic.orig/ascmagic.c	2019-05-07 04:27:11.000000000 +0200
-+++ libmagic/ascmagic.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/ascmagic.c	2021-09-17 21:27:42.796508107 +0200
 @@ -96,7 +96,7 @@
  		rv = file_ascmagic_with_encoding(ms, &bb,
  		    ubuf, ulen, code, type, text);
@@ -1005,7 +1005,7 @@ diff -u libmagic.orig/ascmagic.c libmagic/ascmagic.c
  }
 diff -u libmagic.orig/buffer.c libmagic/buffer.c
 --- libmagic.orig/buffer.c	2019-05-07 04:27:11.000000000 +0200
-+++ libmagic/buffer.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/buffer.c	2021-09-17 21:27:42.796508107 +0200
 @@ -31,19 +31,23 @@
  #endif	/* lint */
 
@@ -1062,7 +1062,7 @@ diff -u libmagic.orig/buffer.c libmagic/buffer.c
 
 diff -u libmagic.orig/cdf.c libmagic/cdf.c
 --- libmagic.orig/cdf.c	2019-02-20 03:35:27.000000000 +0100
-+++ libmagic/cdf.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/cdf.c	2021-09-17 21:27:42.796508107 +0200
 @@ -43,7 +43,17 @@
  #include <err.h>
  #endif
@@ -1341,7 +1341,7 @@ diff -u libmagic.orig/cdf.c libmagic/cdf.c
  #endif
 diff -u libmagic.orig/cdf.h libmagic/cdf.h
 --- libmagic.orig/cdf.h	2019-02-20 02:24:19.000000000 +0100
-+++ libmagic/cdf.h	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/cdf.h	2021-09-17 21:22:51.278410517 +0200
 @@ -35,10 +35,10 @@
  #ifndef _H_CDF_
  #define _H_CDF_
@@ -1366,7 +1366,7 @@ diff -u libmagic.orig/cdf.h libmagic/cdf.h
  #define CDF_SECID_FREE					-1
 diff -u libmagic.orig/cdf_time.c libmagic/cdf_time.c
 --- libmagic.orig/cdf_time.c	2019-03-12 21:43:05.000000000 +0100
-+++ libmagic/cdf_time.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/cdf_time.c	2021-09-17 21:22:51.278410517 +0200
 @@ -23,6 +23,7 @@
   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
   * POSSIBILITY OF SUCH DAMAGE.
@@ -1395,7 +1395,7 @@ diff -u libmagic.orig/cdf_time.c libmagic/cdf_time.c
  	(void)snprintf(buf, 26, "*Bad* %#16.16" INT64_T_FORMAT "x\n",
 diff -u libmagic.orig/compress.c libmagic/compress.c
 --- libmagic.orig/compress.c	2019-05-07 04:27:11.000000000 +0200
-+++ libmagic/compress.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/compress.c	2021-09-17 21:27:42.796508107 +0200
 @@ -45,13 +45,11 @@
  #endif
  #include <string.h>
@@ -1545,7 +1545,7 @@ diff -u libmagic.orig/compress.c libmagic/compress.c
 +#endif
 diff -u libmagic.orig/der.c libmagic/der.c
 --- libmagic.orig/der.c	2019-02-20 03:35:27.000000000 +0100
-+++ libmagic/der.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/der.c	2021-09-17 21:27:42.796508107 +0200
 @@ -51,7 +51,9 @@
  #include "magic.h"
  #include "der.h"
@@ -1575,7 +1575,7 @@ diff -u libmagic.orig/der.c libmagic/der.c
  			snprintf(buf + z, blen - z, "%.2x", d[i]);
 diff -u libmagic.orig/elfclass.h libmagic/elfclass.h
 --- libmagic.orig/elfclass.h	2019-02-20 02:30:19.000000000 +0100
-+++ libmagic/elfclass.h	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/elfclass.h	2021-09-17 21:22:51.278410517 +0200
 @@ -41,7 +41,7 @@
  			return toomany(ms, "program headers", phnum);
  		flags |= FLAGS_IS_CORE;
@@ -1605,7 +1605,16 @@ diff -u libmagic.orig/elfclass.h libmagic/elfclass.h
  		    CAST(int, elf_getu16(swap, elfhdr.e_shstrndx)),
 diff -u libmagic.orig/encoding.c libmagic/encoding.c
 --- libmagic.orig/encoding.c	2019-04-15 18:48:41.000000000 +0200
-+++ libmagic/encoding.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/encoding.c	2021-09-17 22:21:17.103362836 +0200
+@@ -71,7 +71,7 @@
+     size_t *ulen, const char **code, const char **code_mime, const char **type)
+ {
+ 	const unsigned char *buf = CAST(const unsigned char *, b->fbuf);
+-	size_t nbytes = b->flen;
++	size_t nbytes = b->flen > 64*1024 ? 64*1024 : b->flen;
+ 	size_t mlen;
+ 	int rv = 1, ucs_type;
+ 	unsigned char *nbuf = NULL;
 @@ -89,13 +89,13 @@
  	*code_mime = "binary";
 
@@ -1636,7 +1645,7 @@ diff -u libmagic.orig/encoding.c libmagic/encoding.c
  }
 diff -u libmagic.orig/file.h libmagic/file.h
 --- libmagic.orig/file.h	2019-05-07 04:27:11.000000000 +0200
-+++ libmagic/file.h	2020-11-23 17:11:36.234964700 +0100
++++ libmagic/file.h	2021-09-17 21:27:42.796508107 +0200
 @@ -33,18 +33,9 @@
  #ifndef __file_h__
  #define __file_h__
@@ -1930,7 +1939,7 @@ diff -u libmagic.orig/file.h libmagic/file.h
  #endif
 diff -u libmagic.orig/fsmagic.c libmagic/fsmagic.c
 --- libmagic.orig/fsmagic.c	2019-05-07 04:26:48.000000000 +0200
-+++ libmagic/fsmagic.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/fsmagic.c	2021-09-17 21:27:42.796508107 +0200
 @@ -66,26 +66,10 @@
  # define minor(dev)  ((dev) & 0xff)
  #endif
@@ -2223,7 +2232,7 @@ diff -u libmagic.orig/fsmagic.c libmagic/fsmagic.c
  	case S_IFSOCK:
 diff -u libmagic.orig/funcs.c libmagic/funcs.c
 --- libmagic.orig/funcs.c	2019-05-07 04:27:11.000000000 +0200
-+++ libmagic/funcs.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/funcs.c	2021-09-17 21:27:42.796508107 +0200
 @@ -31,7 +31,6 @@
  #endif	/* lint */
 
@@ -2579,7 +2588,7 @@ diff -u libmagic.orig/funcs.c libmagic/funcs.c
 
 diff -u libmagic.orig/magic.c libmagic/magic.c
 --- libmagic.orig/magic.c	2019-05-07 04:27:11.000000000 +0200
-+++ libmagic/magic.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/magic.c	2021-09-17 21:27:42.796508107 +0200
 @@ -25,11 +25,6 @@
   * SUCH DAMAGE.
   */
@@ -3043,8 +3052,8 @@ diff -u libmagic.orig/magic.c libmagic/magic.c
  public const char *
  magic_error(struct magic_set *ms)
 diff -u libmagic.orig/magic.h libmagic/magic.h
---- libmagic.orig/magic.h	2020-11-23 17:12:12.776465800 +0100
-+++ libmagic/magic.h	2020-09-07 00:42:14.447562400 +0200
+--- libmagic.orig/magic.h	2021-09-18 20:39:34.813932433 +0200
++++ libmagic/magic.h	2021-09-17 21:27:42.796508107 +0200
 @@ -124,6 +124,7 @@
 
  const char *magic_getpath(const char *, int);
@@ -3055,7 +3064,7 @@ diff -u libmagic.orig/magic.h libmagic/magic.h
 
 diff -u libmagic.orig/print.c libmagic/print.c
 --- libmagic.orig/print.c	2019-03-12 21:43:05.000000000 +0100
-+++ libmagic/print.c	2020-09-07 00:42:14.447562400 +0200
++++ libmagic/print.c	2021-09-17 21:27:42.796508107 +0200
 @@ -28,6 +28,7 @@
  /*
   * print.c - debugging printout routines
@@ -3129,7 +3138,7 @@ diff -u libmagic.orig/print.c libmagic/print.c
  		goto out;
 diff -u libmagic.orig/readcdf.c libmagic/readcdf.c
 --- libmagic.orig/readcdf.c	2019-03-12 21:43:05.000000000 +0100
-+++ libmagic/readcdf.c	2020-09-07 00:42:14.463191200 +0200
++++ libmagic/readcdf.c	2021-09-17 21:27:42.796508107 +0200
 @@ -31,7 +31,11 @@
 
  #include <assert.h>
@@ -3248,7 +3257,7 @@ diff -u libmagic.orig/readcdf.c libmagic/readcdf.c
  	if (i != -1)
 diff -u libmagic.orig/softmagic.c libmagic/softmagic.c
 --- libmagic.orig/softmagic.c	2019-05-17 04:24:59.000000000 +0200
-+++ libmagic/softmagic.c	2020-09-07 00:42:14.463191200 +0200
++++ libmagic/softmagic.c	2021-09-17 21:27:42.796508107 +0200
 @@ -43,6 +43,10 @@
  #include <time.h>
  #include "der.h"
@@ -3615,7 +3624,7 @@ diff -u libmagic.orig/softmagic.c libmagic/softmagic.c
  	case FILE_INDIRECT:
 diff -u libmagic.orig/strcasestr.c libmagic/strcasestr.c
 --- libmagic.orig/strcasestr.c	2014-09-11 17:05:33.000000000 +0200
-+++ libmagic/strcasestr.c	2020-08-05 15:01:55.644887300 +0200
++++ libmagic/strcasestr.c	2021-09-17 21:22:51.282410490 +0200
 @@ -39,6 +39,8 @@
 
  #include "file.h"

ext/fileinfo/libmagic/encoding.c

@@ -71,7 +71,7 @@ file_encoding(struct magic_set *ms, const struct buffer *b, unichar **ubuf,
     size_t *ulen, const char **code, const char **code_mime, const char **type)
 {
 	const unsigned char *buf = CAST(const unsigned char *, b->fbuf);
-	size_t nbytes = b->flen;
+	size_t nbytes = b->flen > 64*1024 ? 64*1024 : b->flen;
 	size_t mlen;
 	int rv = 1, ucs_type;
 	unsigned char *nbuf = NULL;

ext/fileinfo/tests/bug78987.phpt

@@ -0,0 +1,40 @@
+--TEST--
+Bug #78987 High memory usage during encoding detection
+--SKIPIF--
+<?php require_once(__DIR__ . '/skipif.inc'); ?>
+--INI--
+memory_limit=512M
+--FILE--
+<?php
+$finfo = new finfo(FILEINFO_MIME_TYPE);
+$minSize = 128 * 1024;
+$maxSize = 16 * 1024 * 1024;
+
+$map = array(
+	131072 => 2097152,
+	262144 => 2097152,
+	524288 => 2097152,
+	1048576 => 4194304,
+	2097152 => 6295552,
+	4194304 => 10493952,
+	8388608 => 16785408,
+	16777216 => 29368320,
+);
+for($size = $minSize; $size <= $maxSize; $size *= 2) {
+	$content = str_repeat('0', $size);
+
+	$finfo->buffer($content);
+
+	$m = memory_get_peak_usage(true);
+	printf("%-8d => %s\n", $size, $m <= $map[$size] ? "ok" : "$m");
+}
+?>
+--EXPECT--
+131072   => ok
+262144   => ok
+524288   => ok
+1048576  => ok
+2097152  => ok
+4194304  => ok
+8388608  => ok
+16777216 => ok

ext/fileinfo/tests/finfo_file_basic.phpt

@@ -27,7 +27,7 @@ var_dump( finfo_file( $finfo, $magicFile.chr(0).$magicFile) );
 *** Testing finfo_file() : basic functionality ***
 string(28) "text/x-php; charset=us-ascii"
 string(%d) "PHP script, ASCII text%A"
-string(32) "text/plain; charset=unknown-8bit"
+string(28) "text/plain; charset=us-ascii"
 
 Warning: finfo_file(): Invalid path in %s%efinfo_file_basic.php on line %d
 bool(false)