Date: Fri, 02 Jul 2010 11:25:20 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: freebsd-questions@freebsd.org Subject: Re: 'file' Command Giving False Positives Message-ID: <44630xq527.fsf@be-well.ilk.org> In-Reply-To: <4C2DF07F.1020509@tundraware.com> (Tim Daneliuk's message of "Fri, 02 Jul 2010 08:58:23 -0500") References: <4C2DF07F.1020509@tundraware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Tim Daneliuk <tundra@tundraware.com> writes: > I have a data file with the content: > > LZasdadqjwjqwjqwjeqwe > > > 'file' (incorrectly) reports this as an MS-DOS executable. Why is it incorrect? "LZ" as the first two bytes in a file is (unless my memory is badly mistaken) exactly what the old command.com looked for as the flag of an executable. > Does anyone happen to know the proper changes to 'magic' that would > fix this? That would be tricky, given that MS-DOS *would*, in fact, think this file was a valid executable. I don't think the syntax of "magic" is powerful enough to distinguish this from a "real" executable. You might be able to do it by adding file(1) support for looking for invalid opcodes, but that would get hairy very quickly...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44630xq527.fsf>