From bfda9706489172f3d349b84ef186c37392db7b9a Mon Sep 17 00:00:00 2001
From: Andrei Latchescu <andrei-osre@netrom.ro>
Date: Wed, 23 Jun 2021 11:34:45 +0300
Subject: [PATCH] Fix #78987 - Memory problems running finfo::buffer

---
 ext/fileinfo/libmagic/apprentice.c | 1 +
 ext/fileinfo/libmagic/encoding.c   | 3 +++
 ext/fileinfo/libmagic/file.h       | 2 ++
 ext/fileinfo/libmagic/magic.c      | 9 ++++++++-
 ext/fileinfo/libmagic/magic.h      | 1 +
 5 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/ext/fileinfo/libmagic/apprentice.c b/ext/fileinfo/libmagic/apprentice.c
index 94e4302d619e0..1c770a5454be6 100644
--- a/ext/fileinfo/libmagic/apprentice.c
+++ b/ext/fileinfo/libmagic/apprentice.c
@@ -511,6 +511,7 @@ file_ms_alloc(int flags)
 	ms->elf_notes_max = FILE_ELF_NOTES_MAX;
 	ms->regex_max = FILE_REGEX_MAX;
 	ms->bytes_max = FILE_BYTES_MAX;
+	ms->encoding_max = FILE_ENCODING_MAX;
 	return ms;
 free:
 	efree(ms);
diff --git a/ext/fileinfo/libmagic/encoding.c b/ext/fileinfo/libmagic/encoding.c
index 42aa200f3652f..6af97277fcd12 100644
--- a/ext/fileinfo/libmagic/encoding.c
+++ b/ext/fileinfo/libmagic/encoding.c
@@ -87,6 +87,9 @@ file_encoding(struct magic_set *ms, const struct buffer *b, unichar **ubuf,
 	*code = "unknown";
 	*code_mime = "binary";
 
+	if (nbytes > ms->encoding_max)
+		nbytes = ms->encoding_max;
+
 	mlen = (nbytes + 1) * sizeof((*ubuf)[0]);
 	if ((*ubuf = CAST(unichar *, ecalloc((size_t)1, mlen))) == NULL) {
 		file_oomem(ms, mlen);
diff --git a/ext/fileinfo/libmagic/file.h b/ext/fileinfo/libmagic/file.h
index 9cb6dc540faf8..84e58ce9b5dc5 100644
--- a/ext/fileinfo/libmagic/file.h
+++ b/ext/fileinfo/libmagic/file.h
@@ -432,12 +432,14 @@ struct magic_set {
 	uint16_t elf_notes_max;
 	uint16_t regex_max;
 	size_t bytes_max;		/* number of bytes to read from file */
+    size_t encoding_max;		/* bytes to look for encoding */
 #define	FILE_INDIR_MAX			50
 #define	FILE_NAME_MAX			30
 #define	FILE_ELF_SHNUM_MAX		32768
 #define	FILE_ELF_PHNUM_MAX		2048
 #define	FILE_ELF_NOTES_MAX		256
 #define	FILE_REGEX_MAX			8192
+#define	FILE_ENCODING_MAX		(64 * 1024)
 };
 
 /* Type for Unicode characters */
diff --git a/ext/fileinfo/libmagic/magic.c b/ext/fileinfo/libmagic/magic.c
index 51570c2a3751f..bc9ae251aa4ef 100644
--- a/ext/fileinfo/libmagic/magic.c
+++ b/ext/fileinfo/libmagic/magic.c
@@ -8,7 +8,8 @@
  * 1. Redistributions of source code must retain the above copyright
  *    notice immediately at the beginning of the file, without modification,
  *    this list of conditions, and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
+ * 2. Redistributions in binary form must re
+ * produce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  *
@@ -382,6 +383,9 @@ magic_setparam(struct magic_set *ms, int param, const void *val)
 	case MAGIC_PARAM_BYTES_MAX:
 		ms->bytes_max = *(const size_t *)val;
 		return 0;
+    case MAGIC_PARAM_ENCODING_MAX:
+        ms->encoding_max = *CAST(const size_t *, val);
+        return 0;
 	default:
 		errno = EINVAL;
 		return -1;
@@ -413,6 +417,9 @@ magic_getparam(struct magic_set *ms, int param, void *val)
 	case MAGIC_PARAM_BYTES_MAX:
 		*(size_t *)val = ms->bytes_max;
 		return 0;
+    case MAGIC_PARAM_ENCODING_MAX:
+        *(size_t *)val = ms->encoding_max;
+        return 0;
 	default:
 		errno = EINVAL;
 		return -1;
diff --git a/ext/fileinfo/libmagic/magic.h b/ext/fileinfo/libmagic/magic.h
index a5ba79f0597e1..4c1b608ab6292 100644
--- a/ext/fileinfo/libmagic/magic.h
+++ b/ext/fileinfo/libmagic/magic.h
@@ -146,6 +146,7 @@ int magic_errno(magic_t);
 #define MAGIC_PARAM_ELF_NOTES_MAX	4
 #define MAGIC_PARAM_REGEX_MAX		5
 #define	MAGIC_PARAM_BYTES_MAX		6
+#define	MAGIC_PARAM_ENCODING_MAX	7
 
 int magic_setparam(magic_t, int, const void *);
 int magic_getparam(magic_t, int, void *);