Fixed bug #69320 libmagic crash when running laravel tests

Basically reverted the part of the new patch to what we have in 5.6
as the current change seems to have bad side effects. Hovere the
in buffer used for PCRE is still doubled (1 << 14), this might or
might not be optimal, so lets observe.

1 files changed, 11 insertions, 16 deletions

diff --git a/ext/fileinfo/libmagic/softmagic.c b/ext/fileinfo/libmagic/softmagic.c
index 9ac177c0e9..ddf7370b50 100644
--- a/ext/fileinfo/libmagic/softmagic.c
+++ b/ext/fileinfo/libmagic/softmagic.c
@@ -1081,7 +1081,7 @@ mcopy(struct magic_set *ms, union VALUETYPE *p, int type, int indir,
 			const char *last;	/* end of search region */
 			const char *buf;	/* start of search region */
 			const char *end;
-			size_t lines, linecnt, bytecnt, bytecnt_max;
+			size_t lines, linecnt, bytecnt;
 
 			if (s == NULL) {
 				ms->search.s_len = 0;
@@ -1089,23 +1089,18 @@ mcopy(struct magic_set *ms, union VALUETYPE *p, int type, int indir,
 				return 0;
 			}
 
-			if (m->str_flags & REGEX_LINE_COUNT) {
-				linecnt = m->str_range;
-				bytecnt = linecnt * 80;
-			} else {
-				linecnt = 0;
-				bytecnt = m->str_range;
+			/* bytecnt checks are to be kept for PHP, see cve-2014-3538.
+			 PCRE might get stuck if the input buffer is too big. */
+			linecnt = m->str_range;
+			bytecnt = linecnt * 80;
+
+			if (bytecnt == 0) {
+				bytecnt = 1 << 14;
 			}
 
-			/* XXX bytecnt_max is to be kept for PHP, see cve-2014-3538.
-				PCRE might stuck if the input buffer is too big. To ensure
-				the correctness, the check for bytecnt > nbytes is also
-				kept (might be abundant). */
-			bytecnt_max = nbytes - offset;
-			bytecnt_max = bytecnt_max > (1 << 14) ? (1 << 14) : bytecnt_max;
-			bytecnt_max = bytecnt > nbytes ? nbytes : bytecnt_max;
-			if (bytecnt == 0 || bytecnt > bytecnt_max)
-				bytecnt = bytecnt_max;
+			if (bytecnt > nbytes) {
+				bytecnt = nbytes;
+			}
 
 			buf = RCAST(const char *, s) + offset;
 			end = last = RCAST(const char *, s) + bytecnt;