https://github.com/file/file/commit/35c94dc6acc418f1ad7f6241a6680e5327495793.patch http://openwall.com/lists/oss-security/2017/09/05/3 The patch is minorly modified to apply to file-5.30 From 35c94dc6acc418f1ad7f6241a6680e5327495793 Mon Sep 17 00:00:00 2001 From: Christos Zoulas Date: Sun, 27 Aug 2017 07:55:02 +0000 Subject: [PATCH] Fix always true condition (Thomas Jarosch) --- src/readelf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/readelf.c b/src/readelf.c index 81451827..5f425c97 100644 --- a/src/readelf.c +++ b/src/readelf.c @@ -511,7 +511,7 @@ do_bid_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type, size_t noff, size_t doff, int *flags) { if (namesz == 4 && strcmp((char *)&nbuf[noff], "GNU") == 0 && - type == NT_GNU_BUILD_ID && (descsz >= 4 || descsz <= 20)) { + type == NT_GNU_BUILD_ID && (descsz >= 4 && descsz <= 20)) { uint8_t desc[20]; const char *btype; uint32_t i;