Re: [OT] Magic numbers

To: debian-user@lists.debian.org
Subject: Re: [OT] Magic numbers
From: Lisi <lisi.reisz@gmail.com>
Date: Mon, 7 Feb 2011 06:55:30 +0000
Message-id: <[🔎] 201102070655.30413.lisi.reisz@gmail.com>
In-reply-to: <[🔎] 20110206235850.GB9836@hysteria.proulx.com>
References: <[🔎] 201102062027.16602.lisi.reisz@gmail.com> <[🔎] 201102062216.55841.lisi.reisz@gmail.com> <[🔎] 20110206235850.GB9836@hysteria.proulx.com>

On Sunday 06 February 2011 23:58:50 Bob Proulx wrote:
> Lisi wrote:
> > Thanks, Andy - yes, it told me what the files were, and its best guess
> > was good.  (I should know - I created the files!)
> >
> > But no actual magic numbers. :-(
>
> Help us out.  Can you phrase an example of what you want?  Otherwise
> the only magic number anyone can give you is 42.
>
> "Magic" is relative here.  The file program simply looks at parts here
> and parts there of the file and then makes a best-guess about it.  The
> magic file database in libmagic1 is a documentation of that best guess
> effort.  See the man page for information about the format of the
> information there.
>
>   man magic
>
> So for example most files don't have a single magic number.  Most types
> of files have many possible combinations.  And when files are layered
> it is more difficult such as a tar of script, or a gzip'd file that is
> a tar of a script.  The file program will quickly try to undo those
> layers and make a guess.  It isn't perfect.
>
> Since the file program tries to work across any possibility in the
> universe it has a very hard task.  If you have a more restricted set
> of input files you might be able to do better.
>
> For example '#!/' and #! /' denote scripts.  Any file that starts with
> the binary data 23 21 20 2f or 23 21 2f is almost certainly a shell
> script.  What type?  For that you need to look further and see what
> characters follow.
>
> Note that in Squeeze /usr/share/misc/magic is now an empty directory
> instead of a file.  The source isn't installed anymore.  That is a
> shame.  For squeeze you will need to install the source package to get
> to raw data that you can look at.
>
>   apt-get source libmagic1
>   cd file-5.04
>   ls -log magic/Magdir/

Your questions and detailed analysis, and everyone else's answers, have 
answered my questions and teh penny has dropped.  I was asking teh wrong 
question, which illustrates teh depth of my ignorance!

So thank you very much indeed for taking so much trouble.  You and teh others 
have turned a light on in my almost dark brain.

Lisi

Reply to:

References:
- [OT] Magic numbers
  - From: Lisi <lisi.reisz@gmail.com>
- Re: [OT] Magic numbers
  - From: Lisi <lisi.reisz@gmail.com>
- Re: [OT] Magic numbers
  - From: Bob Proulx <bob@proulx.com>

Prev by Date: Re: weired problem around grub2
Next by Date: Re: Pump, dhchp, dns and dnsmasq
Previous by thread: Re: [OT] Magic numbers
Next by thread: Re: [OT] Magic numbers
Index(es):
- Date
- Thread