/src/libarchive/libarchive/archive_read_support_format_rar.c
Line | Count | Source (jump to first uncovered line) |
1 | | /*- |
2 | | * Copyright (c) 2003-2007 Tim Kientzle |
3 | | * Copyright (c) 2011 Andres Mejia |
4 | | * All rights reserved. |
5 | | * |
6 | | * Redistribution and use in source and binary forms, with or without |
7 | | * modification, are permitted provided that the following conditions |
8 | | * are met: |
9 | | * 1. Redistributions of source code must retain the above copyright |
10 | | * notice, this list of conditions and the following disclaimer. |
11 | | * 2. Redistributions in binary form must reproduce the above copyright |
12 | | * notice, this list of conditions and the following disclaimer in the |
13 | | * documentation and/or other materials provided with the distribution. |
14 | | * |
15 | | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR |
16 | | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
17 | | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
18 | | * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, |
19 | | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
20 | | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
21 | | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
22 | | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
23 | | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
24 | | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
25 | | */ |
26 | | |
27 | | #include "archive_platform.h" |
28 | | |
29 | | #ifdef HAVE_ERRNO_H |
30 | | #include <errno.h> |
31 | | #endif |
32 | | #include <time.h> |
33 | | #include <limits.h> |
34 | | #ifdef HAVE_ZLIB_H |
35 | | #include <zlib.h> /* crc32 */ |
36 | | #endif |
37 | | |
38 | | #include "archive.h" |
39 | | #ifndef HAVE_ZLIB_H |
40 | | #include "archive_crc32.h" |
41 | | #endif |
42 | | #include "archive_endian.h" |
43 | | #include "archive_entry.h" |
44 | | #include "archive_entry_locale.h" |
45 | | #include "archive_ppmd7_private.h" |
46 | | #include "archive_private.h" |
47 | | #include "archive_read_private.h" |
48 | | |
49 | | /* RAR signature, also known as the mark header */ |
50 | 2.64M | #define RAR_SIGNATURE "\x52\x61\x72\x21\x1A\x07\x00" |
51 | | |
52 | | /* Header types */ |
53 | 0 | #define MARK_HEAD 0x72 |
54 | 0 | #define MAIN_HEAD 0x73 |
55 | 0 | #define FILE_HEAD 0x74 |
56 | 0 | #define COMM_HEAD 0x75 |
57 | 0 | #define AV_HEAD 0x76 |
58 | 0 | #define SUB_HEAD 0x77 |
59 | 0 | #define PROTECT_HEAD 0x78 |
60 | 0 | #define SIGN_HEAD 0x79 |
61 | 0 | #define NEWSUB_HEAD 0x7a |
62 | 0 | #define ENDARC_HEAD 0x7b |
63 | | |
64 | | /* Main Header Flags */ |
65 | 0 | #define MHD_VOLUME 0x0001 |
66 | | #define MHD_COMMENT 0x0002 |
67 | | #define MHD_LOCK 0x0004 |
68 | | #define MHD_SOLID 0x0008 |
69 | | #define MHD_NEWNUMBERING 0x0010 |
70 | | #define MHD_AV 0x0020 |
71 | | #define MHD_PROTECT 0x0040 |
72 | 0 | #define MHD_PASSWORD 0x0080 |
73 | | #define MHD_FIRSTVOLUME 0x0100 |
74 | 0 | #define MHD_ENCRYPTVER 0x0200 |
75 | | |
76 | | /* Flags common to all headers */ |
77 | | #define HD_MARKDELETION 0x4000 |
78 | 0 | #define HD_ADD_SIZE_PRESENT 0x8000 |
79 | | |
80 | | /* File Header Flags */ |
81 | 0 | #define FHD_SPLIT_BEFORE 0x0001 |
82 | 0 | #define FHD_SPLIT_AFTER 0x0002 |
83 | 0 | #define FHD_PASSWORD 0x0004 |
84 | | #define FHD_COMMENT 0x0008 |
85 | 0 | #define FHD_SOLID 0x0010 |
86 | 0 | #define FHD_LARGE 0x0100 |
87 | 0 | #define FHD_UNICODE 0x0200 |
88 | 0 | #define FHD_SALT 0x0400 |
89 | | #define FHD_VERSION 0x0800 |
90 | 0 | #define FHD_EXTTIME 0x1000 |
91 | | #define FHD_EXTFLAGS 0x2000 |
92 | | |
93 | | /* File dictionary sizes */ |
94 | | #define DICTIONARY_SIZE_64 0x00 |
95 | | #define DICTIONARY_SIZE_128 0x20 |
96 | | #define DICTIONARY_SIZE_256 0x40 |
97 | | #define DICTIONARY_SIZE_512 0x60 |
98 | | #define DICTIONARY_SIZE_1024 0x80 |
99 | | #define DICTIONARY_SIZE_2048 0xA0 |
100 | | #define DICTIONARY_SIZE_4096 0xC0 |
101 | | #define FILE_IS_DIRECTORY 0xE0 |
102 | | #define DICTIONARY_MASK FILE_IS_DIRECTORY |
103 | | |
104 | | /* OS Flags */ |
105 | 0 | #define OS_MSDOS 0 |
106 | 0 | #define OS_OS2 1 |
107 | 0 | #define OS_WIN32 2 |
108 | 0 | #define OS_UNIX 3 |
109 | 0 | #define OS_MAC_OS 4 |
110 | 0 | #define OS_BEOS 5 |
111 | | |
112 | | /* Compression Methods */ |
113 | 0 | #define COMPRESS_METHOD_STORE 0x30 |
114 | | /* LZSS */ |
115 | 0 | #define COMPRESS_METHOD_FASTEST 0x31 |
116 | 0 | #define COMPRESS_METHOD_FAST 0x32 |
117 | 0 | #define COMPRESS_METHOD_NORMAL 0x33 |
118 | | /* PPMd Variant H */ |
119 | 0 | #define COMPRESS_METHOD_GOOD 0x34 |
120 | 0 | #define COMPRESS_METHOD_BEST 0x35 |
121 | | |
122 | | #define CRC_POLYNOMIAL 0xEDB88320 |
123 | | |
124 | 0 | #define NS_UNIT 10000000 |
125 | | |
126 | 0 | #define DICTIONARY_MAX_SIZE 0x400000 |
127 | | |
128 | 0 | #define MAINCODE_SIZE 299 |
129 | 0 | #define OFFSETCODE_SIZE 60 |
130 | 0 | #define LOWOFFSETCODE_SIZE 17 |
131 | 0 | #define LENGTHCODE_SIZE 28 |
132 | | #define HUFFMAN_TABLE_SIZE \ |
133 | 0 | MAINCODE_SIZE + OFFSETCODE_SIZE + LOWOFFSETCODE_SIZE + LENGTHCODE_SIZE |
134 | | |
135 | 0 | #define MAX_SYMBOL_LENGTH 0xF |
136 | 0 | #define MAX_SYMBOLS 20 |
137 | | |
138 | | /* Virtual Machine Properties */ |
139 | 0 | #define VM_MEMORY_SIZE 0x40000 |
140 | | #define VM_MEMORY_MASK (VM_MEMORY_SIZE - 1) |
141 | 0 | #define PROGRAM_WORK_SIZE 0x3C000 |
142 | 0 | #define PROGRAM_GLOBAL_SIZE 0x2000 |
143 | 0 | #define PROGRAM_SYSTEM_GLOBAL_ADDRESS PROGRAM_WORK_SIZE |
144 | 0 | #define PROGRAM_SYSTEM_GLOBAL_SIZE 0x40 |
145 | | #define PROGRAM_USER_GLOBAL_ADDRESS (PROGRAM_SYSTEM_GLOBAL_ADDRESS + PROGRAM_SYSTEM_GLOBAL_SIZE) |
146 | 0 | #define PROGRAM_USER_GLOBAL_SIZE (PROGRAM_GLOBAL_SIZE - PROGRAM_SYSTEM_GLOBAL_SIZE) |
147 | | |
148 | | /* |
149 | | * Considering L1,L2 cache miss and a calling of write system-call, |
150 | | * the best size of the output buffer(uncompressed buffer) is 128K. |
151 | | * If the structure of extracting process is changed, this value |
152 | | * might be researched again. |
153 | | */ |
154 | 0 | #define UNP_BUFFER_SIZE (128 * 1024) |
155 | | |
156 | | /* Define this here for non-Windows platforms */ |
157 | | #if !((defined(__WIN32__) || defined(_WIN32) || defined(__WIN32)) && !defined(__CYGWIN__)) |
158 | 0 | #define FILE_ATTRIBUTE_DIRECTORY 0x10 |
159 | | #endif |
160 | | |
161 | | #undef minimum |
162 | 0 | #define minimum(a, b) ((a)<(b)?(a):(b)) |
163 | | |
164 | | /* Stack overflow check */ |
165 | 0 | #define MAX_COMPRESS_DEPTH 1024 |
166 | | |
167 | | /* Fields common to all headers */ |
168 | | struct rar_header |
169 | | { |
170 | | char crc[2]; |
171 | | char type; |
172 | | char flags[2]; |
173 | | char size[2]; |
174 | | }; |
175 | | |
176 | | /* Fields common to all file headers */ |
177 | | struct rar_file_header |
178 | | { |
179 | | char pack_size[4]; |
180 | | char unp_size[4]; |
181 | | char host_os; |
182 | | char file_crc[4]; |
183 | | char file_time[4]; |
184 | | char unp_ver; |
185 | | char method; |
186 | | char name_size[2]; |
187 | | char file_attr[4]; |
188 | | }; |
189 | | |
190 | | struct huffman_tree_node |
191 | | { |
192 | | int branches[2]; |
193 | | }; |
194 | | |
195 | | struct huffman_table_entry |
196 | | { |
197 | | unsigned int length; |
198 | | int value; |
199 | | }; |
200 | | |
201 | | struct huffman_code |
202 | | { |
203 | | struct huffman_tree_node *tree; |
204 | | int numentries; |
205 | | int numallocatedentries; |
206 | | int minlength; |
207 | | int maxlength; |
208 | | int tablesize; |
209 | | struct huffman_table_entry *table; |
210 | | }; |
211 | | |
212 | | struct lzss |
213 | | { |
214 | | unsigned char *window; |
215 | | int mask; |
216 | | int64_t position; |
217 | | }; |
218 | | |
219 | | struct data_block_offsets |
220 | | { |
221 | | int64_t header_size; |
222 | | int64_t start_offset; |
223 | | int64_t end_offset; |
224 | | }; |
225 | | |
226 | | struct rar_program_code |
227 | | { |
228 | | uint8_t *staticdata; |
229 | | uint32_t staticdatalen; |
230 | | uint8_t *globalbackup; |
231 | | uint32_t globalbackuplen; |
232 | | uint64_t fingerprint; |
233 | | uint32_t usagecount; |
234 | | uint32_t oldfilterlength; |
235 | | struct rar_program_code *next; |
236 | | }; |
237 | | |
238 | | struct rar_filter |
239 | | { |
240 | | struct rar_program_code *prog; |
241 | | uint32_t initialregisters[8]; |
242 | | uint8_t *globaldata; |
243 | | uint32_t globaldatalen; |
244 | | size_t blockstartpos; |
245 | | uint32_t blocklength; |
246 | | uint32_t filteredblockaddress; |
247 | | uint32_t filteredblocklength; |
248 | | struct rar_filter *next; |
249 | | }; |
250 | | |
251 | | struct memory_bit_reader |
252 | | { |
253 | | const uint8_t *bytes; |
254 | | size_t length; |
255 | | size_t offset; |
256 | | uint64_t bits; |
257 | | int available; |
258 | | int at_eof; |
259 | | }; |
260 | | |
261 | | struct rar_virtual_machine |
262 | | { |
263 | | uint32_t registers[8]; |
264 | | uint8_t memory[VM_MEMORY_SIZE + sizeof(uint32_t)]; |
265 | | }; |
266 | | |
267 | | struct rar_filters |
268 | | { |
269 | | struct rar_virtual_machine *vm; |
270 | | struct rar_program_code *progs; |
271 | | struct rar_filter *stack; |
272 | | int64_t filterstart; |
273 | | uint32_t lastfilternum; |
274 | | int64_t lastend; |
275 | | uint8_t *bytes; |
276 | | size_t bytes_ready; |
277 | | }; |
278 | | |
279 | | struct audio_state |
280 | | { |
281 | | int8_t weight[5]; |
282 | | int16_t delta[4]; |
283 | | int8_t lastdelta; |
284 | | int error[11]; |
285 | | int count; |
286 | | uint8_t lastbyte; |
287 | | }; |
288 | | |
289 | | struct rar |
290 | | { |
291 | | /* Entries from main RAR header */ |
292 | | unsigned main_flags; |
293 | | unsigned long file_crc; |
294 | | char reserved1[2]; |
295 | | char reserved2[4]; |
296 | | char encryptver; |
297 | | |
298 | | /* File header entries */ |
299 | | char compression_method; |
300 | | unsigned file_flags; |
301 | | int64_t packed_size; |
302 | | int64_t unp_size; |
303 | | time_t mtime; |
304 | | long mnsec; |
305 | | mode_t mode; |
306 | | char *filename; |
307 | | char *filename_save; |
308 | | size_t filename_save_size; |
309 | | size_t filename_allocated; |
310 | | |
311 | | /* File header optional entries */ |
312 | | char salt[8]; |
313 | | time_t atime; |
314 | | long ansec; |
315 | | time_t ctime; |
316 | | long cnsec; |
317 | | time_t arctime; |
318 | | long arcnsec; |
319 | | |
320 | | /* Fields to help with tracking decompression of files. */ |
321 | | int64_t bytes_unconsumed; |
322 | | int64_t bytes_remaining; |
323 | | int64_t bytes_uncopied; |
324 | | int64_t offset; |
325 | | int64_t offset_outgoing; |
326 | | int64_t offset_seek; |
327 | | char valid; |
328 | | unsigned int unp_offset; |
329 | | unsigned int unp_buffer_size; |
330 | | unsigned char *unp_buffer; |
331 | | unsigned int dictionary_size; |
332 | | char start_new_block; |
333 | | char entry_eof; |
334 | | unsigned long crc_calculated; |
335 | | int found_first_header; |
336 | | char has_endarc_header; |
337 | | struct data_block_offsets *dbo; |
338 | | unsigned int cursor; |
339 | | unsigned int nodes; |
340 | | char filename_must_match; |
341 | | |
342 | | /* LZSS members */ |
343 | | struct huffman_code maincode; |
344 | | struct huffman_code offsetcode; |
345 | | struct huffman_code lowoffsetcode; |
346 | | struct huffman_code lengthcode; |
347 | | unsigned char lengthtable[HUFFMAN_TABLE_SIZE]; |
348 | | struct lzss lzss; |
349 | | unsigned int lastlength; |
350 | | unsigned int lastoffset; |
351 | | unsigned int oldoffset[4]; |
352 | | unsigned int lastlowoffset; |
353 | | unsigned int numlowoffsetrepeats; |
354 | | char start_new_table; |
355 | | |
356 | | /* Filters */ |
357 | | struct rar_filters filters; |
358 | | |
359 | | /* PPMd Variant H members */ |
360 | | char ppmd_valid; |
361 | | char ppmd_eod; |
362 | | char is_ppmd_block; |
363 | | int ppmd_escape; |
364 | | CPpmd7 ppmd7_context; |
365 | | CPpmd7z_RangeDec range_dec; |
366 | | IByteIn bytein; |
367 | | |
368 | | /* |
369 | | * String conversion object. |
370 | | */ |
371 | | int init_default_conversion; |
372 | | struct archive_string_conv *sconv_default; |
373 | | struct archive_string_conv *opt_sconv; |
374 | | struct archive_string_conv *sconv_utf8; |
375 | | struct archive_string_conv *sconv_utf16be; |
376 | | |
377 | | /* |
378 | | * Bit stream reader. |
379 | | */ |
380 | | struct rar_br { |
381 | | #define CACHE_TYPE uint64_t |
382 | 0 | #define CACHE_BITS (8 * sizeof(CACHE_TYPE)) |
383 | | /* Cache buffer. */ |
384 | | CACHE_TYPE cache_buffer; |
385 | | /* Indicates how many bits avail in cache_buffer. */ |
386 | | int cache_avail; |
387 | | ssize_t avail_in; |
388 | | const unsigned char *next_in; |
389 | | } br; |
390 | | |
391 | | /* |
392 | | * Custom field to denote that this archive contains encrypted entries |
393 | | */ |
394 | | int has_encrypted_entries; |
395 | | }; |
396 | | |
397 | | static int archive_read_support_format_rar_capabilities(struct archive_read *); |
398 | | static int archive_read_format_rar_has_encrypted_entries(struct archive_read *); |
399 | | static int archive_read_format_rar_bid(struct archive_read *, int); |
400 | | static int archive_read_format_rar_options(struct archive_read *, |
401 | | const char *, const char *); |
402 | | static int archive_read_format_rar_read_header(struct archive_read *, |
403 | | struct archive_entry *); |
404 | | static int archive_read_format_rar_read_data(struct archive_read *, |
405 | | const void **, size_t *, int64_t *); |
406 | | static int archive_read_format_rar_read_data_skip(struct archive_read *a); |
407 | | static int64_t archive_read_format_rar_seek_data(struct archive_read *, int64_t, |
408 | | int); |
409 | | static int archive_read_format_rar_cleanup(struct archive_read *); |
410 | | |
411 | | /* Support functions */ |
412 | | static int read_header(struct archive_read *, struct archive_entry *, char); |
413 | | static time_t get_time(int); |
414 | | static int read_exttime(const char *, struct rar *, const char *); |
415 | | static int read_symlink_stored(struct archive_read *, struct archive_entry *, |
416 | | struct archive_string_conv *); |
417 | | static int read_data_stored(struct archive_read *, const void **, size_t *, |
418 | | int64_t *); |
419 | | static int read_data_compressed(struct archive_read *, const void **, size_t *, |
420 | | int64_t *, size_t); |
421 | | static int rar_br_preparation(struct archive_read *, struct rar_br *); |
422 | | static int parse_codes(struct archive_read *); |
423 | | static void free_codes(struct archive_read *); |
424 | | static int read_next_symbol(struct archive_read *, struct huffman_code *); |
425 | | static int create_code(struct archive_read *, struct huffman_code *, |
426 | | unsigned char *, int, char); |
427 | | static int add_value(struct archive_read *, struct huffman_code *, int, int, |
428 | | int); |
429 | | static int new_node(struct huffman_code *); |
430 | | static int make_table(struct archive_read *, struct huffman_code *); |
431 | | static int make_table_recurse(struct archive_read *, struct huffman_code *, int, |
432 | | struct huffman_table_entry *, int, int); |
433 | | static int expand(struct archive_read *, int64_t *); |
434 | | static int copy_from_lzss_window_to_unp(struct archive_read *, const void **, |
435 | | int64_t, int); |
436 | | static const void *rar_read_ahead(struct archive_read *, size_t, ssize_t *); |
437 | | static int parse_filter(struct archive_read *, const uint8_t *, uint16_t, |
438 | | uint8_t); |
439 | | static int run_filters(struct archive_read *); |
440 | | static void clear_filters(struct rar_filters *); |
441 | | static struct rar_filter *create_filter(struct rar_program_code *, |
442 | | const uint8_t *, uint32_t, |
443 | | uint32_t[8], size_t, uint32_t); |
444 | | static void delete_filter(struct rar_filter *filter); |
445 | | static struct rar_program_code *compile_program(const uint8_t *, size_t); |
446 | | static void delete_program_code(struct rar_program_code *prog); |
447 | | static uint32_t membr_next_rarvm_number(struct memory_bit_reader *br); |
448 | | static inline uint32_t membr_bits(struct memory_bit_reader *br, int bits); |
449 | | static int membr_fill(struct memory_bit_reader *br, int bits); |
450 | | static int read_filter(struct archive_read *, int64_t *); |
451 | | static int rar_decode_byte(struct archive_read*, uint8_t *); |
452 | | static int execute_filter(struct archive_read*, struct rar_filter *, |
453 | | struct rar_virtual_machine *, size_t); |
454 | | static int copy_from_lzss_window(struct archive_read *, void *, int64_t, int); |
455 | | static inline void vm_write_32(struct rar_virtual_machine*, size_t, uint32_t); |
456 | | static inline uint32_t vm_read_32(struct rar_virtual_machine*, size_t); |
457 | | |
458 | | /* |
459 | | * Bit stream reader. |
460 | | */ |
461 | | /* Check that the cache buffer has enough bits. */ |
462 | 0 | #define rar_br_has(br, n) ((br)->cache_avail >= n) |
463 | | /* Get compressed data by bit. */ |
464 | | #define rar_br_bits(br, n) \ |
465 | 0 | (((uint32_t)((br)->cache_buffer >> \ |
466 | 0 | ((br)->cache_avail - (n)))) & cache_masks[n]) |
467 | | #define rar_br_bits_forced(br, n) \ |
468 | | (((uint32_t)((br)->cache_buffer << \ |
469 | | ((n) - (br)->cache_avail))) & cache_masks[n]) |
470 | | /* Read ahead to make sure the cache buffer has enough compressed data we |
471 | | * will use. |
472 | | * True : completed, there is enough data in the cache buffer. |
473 | | * False : there is no data in the stream. */ |
474 | | #define rar_br_read_ahead(a, br, n) \ |
475 | 0 | ((rar_br_has(br, (n)) || rar_br_fillup(a, br)) || rar_br_has(br, (n))) |
476 | | /* Notify how many bits we consumed. */ |
477 | 0 | #define rar_br_consume(br, n) ((br)->cache_avail -= (n)) |
478 | 0 | #define rar_br_consume_unalined_bits(br) ((br)->cache_avail &= ~7) |
479 | | |
480 | | static const uint32_t cache_masks[] = { |
481 | | 0x00000000, 0x00000001, 0x00000003, 0x00000007, |
482 | | 0x0000000F, 0x0000001F, 0x0000003F, 0x0000007F, |
483 | | 0x000000FF, 0x000001FF, 0x000003FF, 0x000007FF, |
484 | | 0x00000FFF, 0x00001FFF, 0x00003FFF, 0x00007FFF, |
485 | | 0x0000FFFF, 0x0001FFFF, 0x0003FFFF, 0x0007FFFF, |
486 | | 0x000FFFFF, 0x001FFFFF, 0x003FFFFF, 0x007FFFFF, |
487 | | 0x00FFFFFF, 0x01FFFFFF, 0x03FFFFFF, 0x07FFFFFF, |
488 | | 0x0FFFFFFF, 0x1FFFFFFF, 0x3FFFFFFF, 0x7FFFFFFF, |
489 | | 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF |
490 | | }; |
491 | | |
492 | | /* |
493 | | * Shift away used bits in the cache data and fill it up with following bits. |
494 | | * Call this when cache buffer does not have enough bits you need. |
495 | | * |
496 | | * Returns 1 if the cache buffer is full. |
497 | | * Returns 0 if the cache buffer is not full; input buffer is empty. |
498 | | */ |
499 | | static int |
500 | | rar_br_fillup(struct archive_read *a, struct rar_br *br) |
501 | 0 | { |
502 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
503 | 0 | int n = CACHE_BITS - br->cache_avail; |
504 | |
|
505 | 0 | for (;;) { |
506 | 0 | switch (n >> 3) { |
507 | 0 | case 8: |
508 | 0 | if (br->avail_in >= 8) { |
509 | 0 | br->cache_buffer = |
510 | 0 | ((uint64_t)br->next_in[0]) << 56 | |
511 | 0 | ((uint64_t)br->next_in[1]) << 48 | |
512 | 0 | ((uint64_t)br->next_in[2]) << 40 | |
513 | 0 | ((uint64_t)br->next_in[3]) << 32 | |
514 | 0 | ((uint32_t)br->next_in[4]) << 24 | |
515 | 0 | ((uint32_t)br->next_in[5]) << 16 | |
516 | 0 | ((uint32_t)br->next_in[6]) << 8 | |
517 | 0 | (uint32_t)br->next_in[7]; |
518 | 0 | br->next_in += 8; |
519 | 0 | br->avail_in -= 8; |
520 | 0 | br->cache_avail += 8 * 8; |
521 | 0 | rar->bytes_unconsumed += 8; |
522 | 0 | rar->bytes_remaining -= 8; |
523 | 0 | return (1); |
524 | 0 | } |
525 | 0 | break; |
526 | 0 | case 7: |
527 | 0 | if (br->avail_in >= 7) { |
528 | 0 | br->cache_buffer = |
529 | 0 | (br->cache_buffer << 56) | |
530 | 0 | ((uint64_t)br->next_in[0]) << 48 | |
531 | 0 | ((uint64_t)br->next_in[1]) << 40 | |
532 | 0 | ((uint64_t)br->next_in[2]) << 32 | |
533 | 0 | ((uint32_t)br->next_in[3]) << 24 | |
534 | 0 | ((uint32_t)br->next_in[4]) << 16 | |
535 | 0 | ((uint32_t)br->next_in[5]) << 8 | |
536 | 0 | (uint32_t)br->next_in[6]; |
537 | 0 | br->next_in += 7; |
538 | 0 | br->avail_in -= 7; |
539 | 0 | br->cache_avail += 7 * 8; |
540 | 0 | rar->bytes_unconsumed += 7; |
541 | 0 | rar->bytes_remaining -= 7; |
542 | 0 | return (1); |
543 | 0 | } |
544 | 0 | break; |
545 | 0 | case 6: |
546 | 0 | if (br->avail_in >= 6) { |
547 | 0 | br->cache_buffer = |
548 | 0 | (br->cache_buffer << 48) | |
549 | 0 | ((uint64_t)br->next_in[0]) << 40 | |
550 | 0 | ((uint64_t)br->next_in[1]) << 32 | |
551 | 0 | ((uint32_t)br->next_in[2]) << 24 | |
552 | 0 | ((uint32_t)br->next_in[3]) << 16 | |
553 | 0 | ((uint32_t)br->next_in[4]) << 8 | |
554 | 0 | (uint32_t)br->next_in[5]; |
555 | 0 | br->next_in += 6; |
556 | 0 | br->avail_in -= 6; |
557 | 0 | br->cache_avail += 6 * 8; |
558 | 0 | rar->bytes_unconsumed += 6; |
559 | 0 | rar->bytes_remaining -= 6; |
560 | 0 | return (1); |
561 | 0 | } |
562 | 0 | break; |
563 | 0 | case 0: |
564 | | /* We have enough compressed data in |
565 | | * the cache buffer.*/ |
566 | 0 | return (1); |
567 | 0 | default: |
568 | 0 | break; |
569 | 0 | } |
570 | 0 | if (br->avail_in <= 0) { |
571 | |
|
572 | 0 | if (rar->bytes_unconsumed > 0) { |
573 | | /* Consume as much as the decompressor |
574 | | * actually used. */ |
575 | 0 | __archive_read_consume(a, rar->bytes_unconsumed); |
576 | 0 | rar->bytes_unconsumed = 0; |
577 | 0 | } |
578 | 0 | br->next_in = rar_read_ahead(a, 1, &(br->avail_in)); |
579 | 0 | if (br->next_in == NULL) |
580 | 0 | return (0); |
581 | 0 | if (br->avail_in == 0) |
582 | 0 | return (0); |
583 | 0 | } |
584 | 0 | br->cache_buffer = |
585 | 0 | (br->cache_buffer << 8) | *br->next_in++; |
586 | 0 | br->avail_in--; |
587 | 0 | br->cache_avail += 8; |
588 | 0 | n -= 8; |
589 | 0 | rar->bytes_unconsumed++; |
590 | 0 | rar->bytes_remaining--; |
591 | 0 | } |
592 | 0 | } |
593 | | |
594 | | static int |
595 | | rar_br_preparation(struct archive_read *a, struct rar_br *br) |
596 | 0 | { |
597 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
598 | |
|
599 | 0 | if (rar->bytes_remaining > 0) { |
600 | 0 | br->next_in = rar_read_ahead(a, 1, &(br->avail_in)); |
601 | 0 | if (br->next_in == NULL) { |
602 | 0 | archive_set_error(&a->archive, |
603 | 0 | ARCHIVE_ERRNO_FILE_FORMAT, |
604 | 0 | "Truncated RAR file data"); |
605 | 0 | return (ARCHIVE_FATAL); |
606 | 0 | } |
607 | 0 | if (br->cache_avail == 0) |
608 | 0 | (void)rar_br_fillup(a, br); |
609 | 0 | } |
610 | 0 | return (ARCHIVE_OK); |
611 | 0 | } |
612 | | |
613 | | /* Find last bit set */ |
614 | | static inline int |
615 | | rar_fls(unsigned int word) |
616 | 0 | { |
617 | 0 | word |= (word >> 1); |
618 | 0 | word |= (word >> 2); |
619 | 0 | word |= (word >> 4); |
620 | 0 | word |= (word >> 8); |
621 | 0 | word |= (word >> 16); |
622 | 0 | return word - (word >> 1); |
623 | 0 | } |
624 | | |
625 | | /* LZSS functions */ |
626 | | static inline int64_t |
627 | | lzss_position(struct lzss *lzss) |
628 | 0 | { |
629 | 0 | return lzss->position; |
630 | 0 | } |
631 | | |
632 | | static inline int |
633 | | lzss_mask(struct lzss *lzss) |
634 | 0 | { |
635 | 0 | return lzss->mask; |
636 | 0 | } |
637 | | |
638 | | static inline int |
639 | | lzss_size(struct lzss *lzss) |
640 | 0 | { |
641 | 0 | return lzss->mask + 1; |
642 | 0 | } |
643 | | |
644 | | static inline int |
645 | | lzss_offset_for_position(struct lzss *lzss, int64_t pos) |
646 | 0 | { |
647 | 0 | return (int)(pos & lzss->mask); |
648 | 0 | } |
649 | | |
650 | | static inline unsigned char * |
651 | | lzss_pointer_for_position(struct lzss *lzss, int64_t pos) |
652 | 0 | { |
653 | 0 | return &lzss->window[lzss_offset_for_position(lzss, pos)]; |
654 | 0 | } |
655 | | |
656 | | static inline int |
657 | | lzss_current_offset(struct lzss *lzss) |
658 | 0 | { |
659 | 0 | return lzss_offset_for_position(lzss, lzss->position); |
660 | 0 | } |
661 | | |
662 | | static inline uint8_t * |
663 | | lzss_current_pointer(struct lzss *lzss) |
664 | 0 | { |
665 | 0 | return lzss_pointer_for_position(lzss, lzss->position); |
666 | 0 | } |
667 | | |
668 | | static inline void |
669 | | lzss_emit_literal(struct rar *rar, uint8_t literal) |
670 | 0 | { |
671 | 0 | *lzss_current_pointer(&rar->lzss) = literal; |
672 | 0 | rar->lzss.position++; |
673 | 0 | } |
674 | | |
675 | | static inline void |
676 | | lzss_emit_match(struct rar *rar, int offset, int length) |
677 | 0 | { |
678 | 0 | int dstoffs = lzss_current_offset(&rar->lzss); |
679 | 0 | int srcoffs = (dstoffs - offset) & lzss_mask(&rar->lzss); |
680 | 0 | int l, li, remaining; |
681 | 0 | unsigned char *d, *s; |
682 | |
|
683 | 0 | remaining = length; |
684 | 0 | while (remaining > 0) { |
685 | 0 | l = remaining; |
686 | 0 | if (dstoffs > srcoffs) { |
687 | 0 | if (l > lzss_size(&rar->lzss) - dstoffs) |
688 | 0 | l = lzss_size(&rar->lzss) - dstoffs; |
689 | 0 | } else { |
690 | 0 | if (l > lzss_size(&rar->lzss) - srcoffs) |
691 | 0 | l = lzss_size(&rar->lzss) - srcoffs; |
692 | 0 | } |
693 | 0 | d = &(rar->lzss.window[dstoffs]); |
694 | 0 | s = &(rar->lzss.window[srcoffs]); |
695 | 0 | if ((dstoffs + l < srcoffs) || (srcoffs + l < dstoffs)) |
696 | 0 | memcpy(d, s, l); |
697 | 0 | else { |
698 | 0 | for (li = 0; li < l; li++) |
699 | 0 | d[li] = s[li]; |
700 | 0 | } |
701 | 0 | remaining -= l; |
702 | 0 | dstoffs = (dstoffs + l) & lzss_mask(&(rar->lzss)); |
703 | 0 | srcoffs = (srcoffs + l) & lzss_mask(&(rar->lzss)); |
704 | 0 | } |
705 | 0 | rar->lzss.position += length; |
706 | 0 | } |
707 | | |
708 | | static Byte |
709 | | ppmd_read(void *p) |
710 | 0 | { |
711 | 0 | struct archive_read *a = ((IByteIn*)p)->a; |
712 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
713 | 0 | struct rar_br *br = &(rar->br); |
714 | 0 | Byte b; |
715 | 0 | if (!rar_br_read_ahead(a, br, 8)) |
716 | 0 | { |
717 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
718 | 0 | "Truncated RAR file data"); |
719 | 0 | rar->valid = 0; |
720 | 0 | return 0; |
721 | 0 | } |
722 | 0 | b = rar_br_bits(br, 8); |
723 | 0 | rar_br_consume(br, 8); |
724 | 0 | return b; |
725 | 0 | } |
726 | | |
727 | | int |
728 | | archive_read_support_format_rar(struct archive *_a) |
729 | 8.06k | { |
730 | 8.06k | struct archive_read *a = (struct archive_read *)_a; |
731 | 8.06k | struct rar *rar; |
732 | 8.06k | int r; |
733 | | |
734 | 8.06k | archive_check_magic(_a, ARCHIVE_READ_MAGIC, ARCHIVE_STATE_NEW, |
735 | 8.06k | "archive_read_support_format_rar"); |
736 | | |
737 | 8.06k | rar = (struct rar *)calloc(1, sizeof(*rar)); |
738 | 8.06k | if (rar == NULL) |
739 | 0 | { |
740 | 0 | archive_set_error(&a->archive, ENOMEM, "Can't allocate rar data"); |
741 | 0 | return (ARCHIVE_FATAL); |
742 | 0 | } |
743 | | |
744 | | /* |
745 | | * Until enough data has been read, we cannot tell about |
746 | | * any encrypted entries yet. |
747 | | */ |
748 | 8.06k | rar->has_encrypted_entries = ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW; |
749 | | |
750 | 8.06k | r = __archive_read_register_format(a, |
751 | 8.06k | rar, |
752 | 8.06k | "rar", |
753 | 8.06k | archive_read_format_rar_bid, |
754 | 8.06k | archive_read_format_rar_options, |
755 | 8.06k | archive_read_format_rar_read_header, |
756 | 8.06k | archive_read_format_rar_read_data, |
757 | 8.06k | archive_read_format_rar_read_data_skip, |
758 | 8.06k | archive_read_format_rar_seek_data, |
759 | 8.06k | archive_read_format_rar_cleanup, |
760 | 8.06k | archive_read_support_format_rar_capabilities, |
761 | 8.06k | archive_read_format_rar_has_encrypted_entries); |
762 | | |
763 | 8.06k | if (r != ARCHIVE_OK) |
764 | 0 | free(rar); |
765 | 8.06k | return (r); |
766 | 8.06k | } |
767 | | |
768 | | static int |
769 | | archive_read_support_format_rar_capabilities(struct archive_read * a) |
770 | 42 | { |
771 | 42 | (void)a; /* UNUSED */ |
772 | 42 | return (ARCHIVE_READ_FORMAT_CAPS_ENCRYPT_DATA |
773 | 42 | | ARCHIVE_READ_FORMAT_CAPS_ENCRYPT_METADATA); |
774 | 42 | } |
775 | | |
776 | | static int |
777 | | archive_read_format_rar_has_encrypted_entries(struct archive_read *_a) |
778 | 21 | { |
779 | 21 | if (_a && _a->format) { |
780 | 21 | struct rar * rar = (struct rar *)_a->format->data; |
781 | 21 | if (rar) { |
782 | 21 | return rar->has_encrypted_entries; |
783 | 21 | } |
784 | 21 | } |
785 | 0 | return ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW; |
786 | 21 | } |
787 | | |
788 | | |
789 | | static int |
790 | | archive_read_format_rar_bid(struct archive_read *a, int best_bid) |
791 | 6.19k | { |
792 | 6.19k | const char *p; |
793 | | |
794 | | /* If there's already a bid > 30, we'll never win. */ |
795 | 6.19k | if (best_bid > 30) |
796 | 339 | return (-1); |
797 | | |
798 | 5.85k | if ((p = __archive_read_ahead(a, 7, NULL)) == NULL) |
799 | 1.39k | return (-1); |
800 | | |
801 | 4.45k | if (memcmp(p, RAR_SIGNATURE, 7) == 0) |
802 | 14 | return (30); |
803 | | |
804 | 4.44k | if ((p[0] == 'M' && p[1] == 'Z') || memcmp(p, "\x7F\x45LF", 4) == 0) { |
805 | | /* This is a PE file */ |
806 | 443 | ssize_t offset = 0x10000; |
807 | 443 | ssize_t window = 4096; |
808 | 443 | ssize_t bytes_avail; |
809 | 2.12k | while (offset + window <= (1024 * 128)) { |
810 | 1.94k | const char *buff = __archive_read_ahead(a, offset + window, &bytes_avail); |
811 | 1.94k | if (buff == NULL) { |
812 | | /* Remaining bytes are less than window. */ |
813 | 1.73k | window >>= 1; |
814 | 1.73k | if (window < 0x40) |
815 | 247 | return (0); |
816 | 1.48k | continue; |
817 | 1.73k | } |
818 | 205 | p = buff + offset; |
819 | 2.64M | while (p + 7 < buff + bytes_avail) { |
820 | 2.64M | if (memcmp(p, RAR_SIGNATURE, 7) == 0) |
821 | 7 | return (30); |
822 | 2.64M | p += 0x10; |
823 | 2.64M | } |
824 | 198 | offset = p - buff; |
825 | 198 | } |
826 | 443 | } |
827 | 4.19k | return (0); |
828 | 4.44k | } |
829 | | |
830 | | static int |
831 | | skip_sfx(struct archive_read *a) |
832 | 0 | { |
833 | 0 | const void *h; |
834 | 0 | const char *p, *q; |
835 | 0 | size_t skip, total; |
836 | 0 | ssize_t bytes, window; |
837 | |
|
838 | 0 | total = 0; |
839 | 0 | window = 4096; |
840 | 0 | while (total + window <= (1024 * 128)) { |
841 | 0 | h = __archive_read_ahead(a, window, &bytes); |
842 | 0 | if (h == NULL) { |
843 | | /* Remaining bytes are less than window. */ |
844 | 0 | window >>= 1; |
845 | 0 | if (window < 0x40) |
846 | 0 | goto fatal; |
847 | 0 | continue; |
848 | 0 | } |
849 | 0 | if (bytes < 0x40) |
850 | 0 | goto fatal; |
851 | 0 | p = h; |
852 | 0 | q = p + bytes; |
853 | | |
854 | | /* |
855 | | * Scan ahead until we find something that looks |
856 | | * like the RAR header. |
857 | | */ |
858 | 0 | while (p + 7 < q) { |
859 | 0 | if (memcmp(p, RAR_SIGNATURE, 7) == 0) { |
860 | 0 | skip = p - (const char *)h; |
861 | 0 | __archive_read_consume(a, skip); |
862 | 0 | return (ARCHIVE_OK); |
863 | 0 | } |
864 | 0 | p += 0x10; |
865 | 0 | } |
866 | 0 | skip = p - (const char *)h; |
867 | 0 | __archive_read_consume(a, skip); |
868 | 0 | total += skip; |
869 | 0 | } |
870 | 0 | fatal: |
871 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
872 | 0 | "Couldn't find out RAR header"); |
873 | 0 | return (ARCHIVE_FATAL); |
874 | 0 | } |
875 | | |
876 | | static int |
877 | | archive_read_format_rar_options(struct archive_read *a, |
878 | | const char *key, const char *val) |
879 | 0 | { |
880 | 0 | struct rar *rar; |
881 | 0 | int ret = ARCHIVE_FAILED; |
882 | |
|
883 | 0 | rar = (struct rar *)(a->format->data); |
884 | 0 | if (strcmp(key, "hdrcharset") == 0) { |
885 | 0 | if (val == NULL || val[0] == 0) |
886 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, |
887 | 0 | "rar: hdrcharset option needs a character-set name"); |
888 | 0 | else { |
889 | 0 | rar->opt_sconv = |
890 | 0 | archive_string_conversion_from_charset( |
891 | 0 | &a->archive, val, 0); |
892 | 0 | if (rar->opt_sconv != NULL) |
893 | 0 | ret = ARCHIVE_OK; |
894 | 0 | else |
895 | 0 | ret = ARCHIVE_FATAL; |
896 | 0 | } |
897 | 0 | return (ret); |
898 | 0 | } |
899 | | |
900 | | /* Note: The "warn" return is just to inform the options |
901 | | * supervisor that we didn't handle it. It will generate |
902 | | * a suitable error if no one used this option. */ |
903 | 0 | return (ARCHIVE_WARN); |
904 | 0 | } |
905 | | |
906 | | static int |
907 | | archive_read_format_rar_read_header(struct archive_read *a, |
908 | | struct archive_entry *entry) |
909 | 0 | { |
910 | 0 | const void *h; |
911 | 0 | const char *p; |
912 | 0 | struct rar *rar; |
913 | 0 | size_t skip; |
914 | 0 | char head_type; |
915 | 0 | int ret; |
916 | 0 | unsigned flags; |
917 | 0 | unsigned long crc32_expected; |
918 | |
|
919 | 0 | a->archive.archive_format = ARCHIVE_FORMAT_RAR; |
920 | 0 | if (a->archive.archive_format_name == NULL) |
921 | 0 | a->archive.archive_format_name = "RAR"; |
922 | |
|
923 | 0 | rar = (struct rar *)(a->format->data); |
924 | | |
925 | | /* |
926 | | * It should be sufficient to call archive_read_next_header() for |
927 | | * a reader to determine if an entry is encrypted or not. If the |
928 | | * encryption of an entry is only detectable when calling |
929 | | * archive_read_data(), so be it. We'll do the same check there |
930 | | * as well. |
931 | | */ |
932 | 0 | if (rar->has_encrypted_entries == ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW) { |
933 | 0 | rar->has_encrypted_entries = 0; |
934 | 0 | } |
935 | | |
936 | | /* RAR files can be generated without EOF headers, so return ARCHIVE_EOF if |
937 | | * this fails. |
938 | | */ |
939 | 0 | if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) |
940 | 0 | return (ARCHIVE_EOF); |
941 | | |
942 | 0 | p = h; |
943 | 0 | if (rar->found_first_header == 0 && |
944 | 0 | ((p[0] == 'M' && p[1] == 'Z') || memcmp(p, "\x7F\x45LF", 4) == 0)) { |
945 | | /* This is an executable ? Must be self-extracting... */ |
946 | 0 | ret = skip_sfx(a); |
947 | 0 | if (ret < ARCHIVE_WARN) |
948 | 0 | return (ret); |
949 | 0 | } |
950 | 0 | rar->found_first_header = 1; |
951 | |
|
952 | 0 | while (1) |
953 | 0 | { |
954 | 0 | unsigned long crc32_val; |
955 | |
|
956 | 0 | if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) |
957 | 0 | return (ARCHIVE_FATAL); |
958 | 0 | p = h; |
959 | |
|
960 | 0 | head_type = p[2]; |
961 | 0 | switch(head_type) |
962 | 0 | { |
963 | 0 | case MARK_HEAD: |
964 | 0 | if (memcmp(p, RAR_SIGNATURE, 7) != 0) { |
965 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
966 | 0 | "Invalid marker header"); |
967 | 0 | return (ARCHIVE_FATAL); |
968 | 0 | } |
969 | 0 | __archive_read_consume(a, 7); |
970 | 0 | break; |
971 | | |
972 | 0 | case MAIN_HEAD: |
973 | 0 | rar->main_flags = archive_le16dec(p + 3); |
974 | 0 | skip = archive_le16dec(p + 5); |
975 | 0 | if (skip < 7 + sizeof(rar->reserved1) + sizeof(rar->reserved2)) { |
976 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
977 | 0 | "Invalid header size"); |
978 | 0 | return (ARCHIVE_FATAL); |
979 | 0 | } |
980 | 0 | if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) |
981 | 0 | return (ARCHIVE_FATAL); |
982 | 0 | p = h; |
983 | 0 | memcpy(rar->reserved1, p + 7, sizeof(rar->reserved1)); |
984 | 0 | memcpy(rar->reserved2, p + 7 + sizeof(rar->reserved1), |
985 | 0 | sizeof(rar->reserved2)); |
986 | 0 | if (rar->main_flags & MHD_ENCRYPTVER) { |
987 | 0 | if (skip < 7 + sizeof(rar->reserved1) + sizeof(rar->reserved2)+1) { |
988 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
989 | 0 | "Invalid header size"); |
990 | 0 | return (ARCHIVE_FATAL); |
991 | 0 | } |
992 | 0 | rar->encryptver = *(p + 7 + sizeof(rar->reserved1) + |
993 | 0 | sizeof(rar->reserved2)); |
994 | 0 | } |
995 | | |
996 | | /* Main header is password encrypted, so we cannot read any |
997 | | file names or any other info about files from the header. */ |
998 | 0 | if (rar->main_flags & MHD_PASSWORD) |
999 | 0 | { |
1000 | 0 | archive_entry_set_is_metadata_encrypted(entry, 1); |
1001 | 0 | archive_entry_set_is_data_encrypted(entry, 1); |
1002 | 0 | rar->has_encrypted_entries = 1; |
1003 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1004 | 0 | "RAR encryption support unavailable."); |
1005 | 0 | return (ARCHIVE_FATAL); |
1006 | 0 | } |
1007 | | |
1008 | 0 | crc32_val = crc32(0, (const unsigned char *)p + 2, (unsigned)skip - 2); |
1009 | 0 | if ((crc32_val & 0xffff) != archive_le16dec(p)) { |
1010 | 0 | #ifndef DONT_FAIL_ON_CRC_ERROR |
1011 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1012 | 0 | "Header CRC error"); |
1013 | 0 | return (ARCHIVE_FATAL); |
1014 | 0 | #endif |
1015 | 0 | } |
1016 | 0 | __archive_read_consume(a, skip); |
1017 | 0 | break; |
1018 | | |
1019 | 0 | case FILE_HEAD: |
1020 | 0 | return read_header(a, entry, head_type); |
1021 | | |
1022 | 0 | case COMM_HEAD: |
1023 | 0 | case AV_HEAD: |
1024 | 0 | case SUB_HEAD: |
1025 | 0 | case PROTECT_HEAD: |
1026 | 0 | case SIGN_HEAD: |
1027 | 0 | case ENDARC_HEAD: |
1028 | 0 | flags = archive_le16dec(p + 3); |
1029 | 0 | skip = archive_le16dec(p + 5); |
1030 | 0 | if (skip < 7) { |
1031 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1032 | 0 | "Invalid header size too small"); |
1033 | 0 | return (ARCHIVE_FATAL); |
1034 | 0 | } |
1035 | 0 | if (flags & HD_ADD_SIZE_PRESENT) |
1036 | 0 | { |
1037 | 0 | if (skip < 7 + 4) { |
1038 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1039 | 0 | "Invalid header size too small"); |
1040 | 0 | return (ARCHIVE_FATAL); |
1041 | 0 | } |
1042 | 0 | if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) |
1043 | 0 | return (ARCHIVE_FATAL); |
1044 | 0 | p = h; |
1045 | 0 | skip += archive_le32dec(p + 7); |
1046 | 0 | } |
1047 | | |
1048 | | /* Skip over the 2-byte CRC at the beginning of the header. */ |
1049 | 0 | crc32_expected = archive_le16dec(p); |
1050 | 0 | __archive_read_consume(a, 2); |
1051 | 0 | skip -= 2; |
1052 | | |
1053 | | /* Skim the entire header and compute the CRC. */ |
1054 | 0 | crc32_val = 0; |
1055 | 0 | while (skip > 0) { |
1056 | 0 | size_t to_read = skip; |
1057 | 0 | if (to_read > 32 * 1024) |
1058 | 0 | to_read = 32 * 1024; |
1059 | 0 | if ((h = __archive_read_ahead(a, to_read, NULL)) == NULL) { |
1060 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1061 | 0 | "Bad RAR file"); |
1062 | 0 | return (ARCHIVE_FATAL); |
1063 | 0 | } |
1064 | 0 | p = h; |
1065 | 0 | crc32_val = crc32(crc32_val, (const unsigned char *)p, (unsigned int)to_read); |
1066 | 0 | __archive_read_consume(a, to_read); |
1067 | 0 | skip -= to_read; |
1068 | 0 | } |
1069 | 0 | if ((crc32_val & 0xffff) != crc32_expected) { |
1070 | 0 | #ifndef DONT_FAIL_ON_CRC_ERROR |
1071 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1072 | 0 | "Header CRC error"); |
1073 | 0 | return (ARCHIVE_FATAL); |
1074 | 0 | #endif |
1075 | 0 | } |
1076 | 0 | if (head_type == ENDARC_HEAD) |
1077 | 0 | return (ARCHIVE_EOF); |
1078 | 0 | break; |
1079 | | |
1080 | 0 | case NEWSUB_HEAD: |
1081 | 0 | if ((ret = read_header(a, entry, head_type)) < ARCHIVE_WARN) |
1082 | 0 | return ret; |
1083 | 0 | break; |
1084 | | |
1085 | 0 | default: |
1086 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1087 | 0 | "Bad RAR file"); |
1088 | 0 | return (ARCHIVE_FATAL); |
1089 | 0 | } |
1090 | 0 | } |
1091 | 0 | } |
1092 | | |
1093 | | static int |
1094 | | archive_read_format_rar_read_data(struct archive_read *a, const void **buff, |
1095 | | size_t *size, int64_t *offset) |
1096 | 0 | { |
1097 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
1098 | 0 | int ret; |
1099 | |
|
1100 | 0 | if (rar->has_encrypted_entries == ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW) { |
1101 | 0 | rar->has_encrypted_entries = 0; |
1102 | 0 | } |
1103 | |
|
1104 | 0 | if (rar->bytes_unconsumed > 0) { |
1105 | | /* Consume as much as the decompressor actually used. */ |
1106 | 0 | __archive_read_consume(a, rar->bytes_unconsumed); |
1107 | 0 | rar->bytes_unconsumed = 0; |
1108 | 0 | } |
1109 | |
|
1110 | 0 | *buff = NULL; |
1111 | 0 | if (rar->entry_eof || rar->offset_seek >= rar->unp_size) { |
1112 | 0 | *size = 0; |
1113 | 0 | *offset = rar->offset; |
1114 | 0 | if (*offset < rar->unp_size) |
1115 | 0 | *offset = rar->unp_size; |
1116 | 0 | return (ARCHIVE_EOF); |
1117 | 0 | } |
1118 | | |
1119 | 0 | switch (rar->compression_method) |
1120 | 0 | { |
1121 | 0 | case COMPRESS_METHOD_STORE: |
1122 | 0 | ret = read_data_stored(a, buff, size, offset); |
1123 | 0 | break; |
1124 | | |
1125 | 0 | case COMPRESS_METHOD_FASTEST: |
1126 | 0 | case COMPRESS_METHOD_FAST: |
1127 | 0 | case COMPRESS_METHOD_NORMAL: |
1128 | 0 | case COMPRESS_METHOD_GOOD: |
1129 | 0 | case COMPRESS_METHOD_BEST: |
1130 | 0 | ret = read_data_compressed(a, buff, size, offset, 0); |
1131 | 0 | if (ret != ARCHIVE_OK && ret != ARCHIVE_WARN) { |
1132 | 0 | __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context); |
1133 | 0 | rar->start_new_table = 1; |
1134 | 0 | rar->ppmd_valid = 0; |
1135 | 0 | } |
1136 | 0 | break; |
1137 | | |
1138 | 0 | default: |
1139 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1140 | 0 | "Unsupported compression method for RAR file."); |
1141 | 0 | ret = ARCHIVE_FATAL; |
1142 | 0 | break; |
1143 | 0 | } |
1144 | 0 | return (ret); |
1145 | 0 | } |
1146 | | |
1147 | | static int |
1148 | | archive_read_format_rar_read_data_skip(struct archive_read *a) |
1149 | 0 | { |
1150 | 0 | struct rar *rar; |
1151 | 0 | int64_t bytes_skipped; |
1152 | 0 | int ret; |
1153 | |
|
1154 | 0 | rar = (struct rar *)(a->format->data); |
1155 | |
|
1156 | 0 | if (rar->bytes_unconsumed > 0) { |
1157 | | /* Consume as much as the decompressor actually used. */ |
1158 | 0 | __archive_read_consume(a, rar->bytes_unconsumed); |
1159 | 0 | rar->bytes_unconsumed = 0; |
1160 | 0 | } |
1161 | |
|
1162 | 0 | if (rar->bytes_remaining > 0) { |
1163 | 0 | bytes_skipped = __archive_read_consume(a, rar->bytes_remaining); |
1164 | 0 | if (bytes_skipped < 0) |
1165 | 0 | return (ARCHIVE_FATAL); |
1166 | 0 | } |
1167 | | |
1168 | | /* Compressed data to skip must be read from each header in a multivolume |
1169 | | * archive. |
1170 | | */ |
1171 | 0 | if (rar->main_flags & MHD_VOLUME && rar->file_flags & FHD_SPLIT_AFTER) |
1172 | 0 | { |
1173 | 0 | ret = archive_read_format_rar_read_header(a, a->entry); |
1174 | 0 | if (ret == (ARCHIVE_EOF)) |
1175 | 0 | ret = archive_read_format_rar_read_header(a, a->entry); |
1176 | 0 | if (ret != (ARCHIVE_OK)) |
1177 | 0 | return ret; |
1178 | 0 | return archive_read_format_rar_read_data_skip(a); |
1179 | 0 | } |
1180 | | |
1181 | 0 | return (ARCHIVE_OK); |
1182 | 0 | } |
1183 | | |
1184 | | static int64_t |
1185 | | archive_read_format_rar_seek_data(struct archive_read *a, int64_t offset, |
1186 | | int whence) |
1187 | 0 | { |
1188 | 0 | int64_t client_offset, ret; |
1189 | 0 | unsigned int i; |
1190 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
1191 | |
|
1192 | 0 | if (rar->compression_method == COMPRESS_METHOD_STORE) |
1193 | 0 | { |
1194 | | /* Modify the offset for use with SEEK_SET */ |
1195 | 0 | switch (whence) |
1196 | 0 | { |
1197 | 0 | case SEEK_CUR: |
1198 | 0 | client_offset = rar->offset_seek; |
1199 | 0 | break; |
1200 | 0 | case SEEK_END: |
1201 | 0 | client_offset = rar->unp_size; |
1202 | 0 | break; |
1203 | 0 | case SEEK_SET: |
1204 | 0 | default: |
1205 | 0 | client_offset = 0; |
1206 | 0 | } |
1207 | 0 | client_offset += offset; |
1208 | 0 | if (client_offset < 0) |
1209 | 0 | { |
1210 | | /* Can't seek past beginning of data block */ |
1211 | 0 | return -1; |
1212 | 0 | } |
1213 | 0 | else if (client_offset > rar->unp_size) |
1214 | 0 | { |
1215 | | /* |
1216 | | * Set the returned offset but only seek to the end of |
1217 | | * the data block. |
1218 | | */ |
1219 | 0 | rar->offset_seek = client_offset; |
1220 | 0 | client_offset = rar->unp_size; |
1221 | 0 | } |
1222 | | |
1223 | 0 | client_offset += rar->dbo[0].start_offset; |
1224 | 0 | i = 0; |
1225 | 0 | while (i < rar->cursor) |
1226 | 0 | { |
1227 | 0 | i++; |
1228 | 0 | client_offset += rar->dbo[i].start_offset - rar->dbo[i-1].end_offset; |
1229 | 0 | } |
1230 | 0 | if (rar->main_flags & MHD_VOLUME) |
1231 | 0 | { |
1232 | | /* Find the appropriate offset among the multivolume archive */ |
1233 | 0 | while (1) |
1234 | 0 | { |
1235 | 0 | if (client_offset < rar->dbo[rar->cursor].start_offset && |
1236 | 0 | rar->file_flags & FHD_SPLIT_BEFORE) |
1237 | 0 | { |
1238 | | /* Search backwards for the correct data block */ |
1239 | 0 | if (rar->cursor == 0) |
1240 | 0 | { |
1241 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, |
1242 | 0 | "Attempt to seek past beginning of RAR data block"); |
1243 | 0 | return (ARCHIVE_FAILED); |
1244 | 0 | } |
1245 | 0 | rar->cursor--; |
1246 | 0 | client_offset -= rar->dbo[rar->cursor+1].start_offset - |
1247 | 0 | rar->dbo[rar->cursor].end_offset; |
1248 | 0 | if (client_offset < rar->dbo[rar->cursor].start_offset) |
1249 | 0 | continue; |
1250 | 0 | ret = __archive_read_seek(a, rar->dbo[rar->cursor].start_offset - |
1251 | 0 | rar->dbo[rar->cursor].header_size, SEEK_SET); |
1252 | 0 | if (ret < (ARCHIVE_OK)) |
1253 | 0 | return ret; |
1254 | 0 | ret = archive_read_format_rar_read_header(a, a->entry); |
1255 | 0 | if (ret != (ARCHIVE_OK)) |
1256 | 0 | { |
1257 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, |
1258 | 0 | "Error during seek of RAR file"); |
1259 | 0 | return (ARCHIVE_FAILED); |
1260 | 0 | } |
1261 | 0 | rar->cursor--; |
1262 | 0 | break; |
1263 | 0 | } |
1264 | 0 | else if (client_offset > rar->dbo[rar->cursor].end_offset && |
1265 | 0 | rar->file_flags & FHD_SPLIT_AFTER) |
1266 | 0 | { |
1267 | | /* Search forward for the correct data block */ |
1268 | 0 | rar->cursor++; |
1269 | 0 | if (rar->cursor < rar->nodes && |
1270 | 0 | client_offset > rar->dbo[rar->cursor].end_offset) |
1271 | 0 | { |
1272 | 0 | client_offset += rar->dbo[rar->cursor].start_offset - |
1273 | 0 | rar->dbo[rar->cursor-1].end_offset; |
1274 | 0 | continue; |
1275 | 0 | } |
1276 | 0 | rar->cursor--; |
1277 | 0 | ret = __archive_read_seek(a, rar->dbo[rar->cursor].end_offset, |
1278 | 0 | SEEK_SET); |
1279 | 0 | if (ret < (ARCHIVE_OK)) |
1280 | 0 | return ret; |
1281 | 0 | ret = archive_read_format_rar_read_header(a, a->entry); |
1282 | 0 | if (ret == (ARCHIVE_EOF)) |
1283 | 0 | { |
1284 | 0 | rar->has_endarc_header = 1; |
1285 | 0 | ret = archive_read_format_rar_read_header(a, a->entry); |
1286 | 0 | } |
1287 | 0 | if (ret != (ARCHIVE_OK)) |
1288 | 0 | { |
1289 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, |
1290 | 0 | "Error during seek of RAR file"); |
1291 | 0 | return (ARCHIVE_FAILED); |
1292 | 0 | } |
1293 | 0 | client_offset += rar->dbo[rar->cursor].start_offset - |
1294 | 0 | rar->dbo[rar->cursor-1].end_offset; |
1295 | 0 | continue; |
1296 | 0 | } |
1297 | 0 | break; |
1298 | 0 | } |
1299 | 0 | } |
1300 | | |
1301 | 0 | ret = __archive_read_seek(a, client_offset, SEEK_SET); |
1302 | 0 | if (ret < (ARCHIVE_OK)) |
1303 | 0 | return ret; |
1304 | 0 | rar->bytes_remaining = rar->dbo[rar->cursor].end_offset - ret; |
1305 | 0 | i = rar->cursor; |
1306 | 0 | while (i > 0) |
1307 | 0 | { |
1308 | 0 | i--; |
1309 | 0 | ret -= rar->dbo[i+1].start_offset - rar->dbo[i].end_offset; |
1310 | 0 | } |
1311 | 0 | ret -= rar->dbo[0].start_offset; |
1312 | | |
1313 | | /* Always restart reading the file after a seek */ |
1314 | 0 | __archive_reset_read_data(&a->archive); |
1315 | |
|
1316 | 0 | rar->bytes_unconsumed = 0; |
1317 | 0 | rar->offset = 0; |
1318 | | |
1319 | | /* |
1320 | | * If a seek past the end of file was requested, return the requested |
1321 | | * offset. |
1322 | | */ |
1323 | 0 | if (ret == rar->unp_size && rar->offset_seek > rar->unp_size) |
1324 | 0 | return rar->offset_seek; |
1325 | | |
1326 | | /* Return the new offset */ |
1327 | 0 | rar->offset_seek = ret; |
1328 | 0 | return rar->offset_seek; |
1329 | 0 | } |
1330 | 0 | else |
1331 | 0 | { |
1332 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, |
1333 | 0 | "Seeking of compressed RAR files is unsupported"); |
1334 | 0 | } |
1335 | 0 | return (ARCHIVE_FAILED); |
1336 | 0 | } |
1337 | | |
1338 | | static int |
1339 | | archive_read_format_rar_cleanup(struct archive_read *a) |
1340 | 8.06k | { |
1341 | 8.06k | struct rar *rar; |
1342 | | |
1343 | 8.06k | rar = (struct rar *)(a->format->data); |
1344 | 8.06k | free_codes(a); |
1345 | 8.06k | clear_filters(&rar->filters); |
1346 | 8.06k | free(rar->filename); |
1347 | 8.06k | free(rar->filename_save); |
1348 | 8.06k | free(rar->dbo); |
1349 | 8.06k | free(rar->unp_buffer); |
1350 | 8.06k | free(rar->lzss.window); |
1351 | 8.06k | __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context); |
1352 | 8.06k | free(rar); |
1353 | 8.06k | (a->format->data) = NULL; |
1354 | 8.06k | return (ARCHIVE_OK); |
1355 | 8.06k | } |
1356 | | |
1357 | | static int |
1358 | | read_header(struct archive_read *a, struct archive_entry *entry, |
1359 | | char head_type) |
1360 | 0 | { |
1361 | 0 | const void *h; |
1362 | 0 | const char *p, *endp; |
1363 | 0 | struct rar *rar; |
1364 | 0 | struct rar_header rar_header; |
1365 | 0 | struct rar_file_header file_header; |
1366 | 0 | int64_t header_size; |
1367 | 0 | unsigned filename_size, end; |
1368 | 0 | char *filename; |
1369 | 0 | char *strp; |
1370 | 0 | char packed_size[8]; |
1371 | 0 | char unp_size[8]; |
1372 | 0 | int ttime; |
1373 | 0 | struct archive_string_conv *sconv, *fn_sconv; |
1374 | 0 | unsigned long crc32_val; |
1375 | 0 | int ret = (ARCHIVE_OK), ret2; |
1376 | |
|
1377 | 0 | rar = (struct rar *)(a->format->data); |
1378 | | |
1379 | | /* Setup a string conversion object for non-rar-unicode filenames. */ |
1380 | 0 | sconv = rar->opt_sconv; |
1381 | 0 | if (sconv == NULL) { |
1382 | 0 | if (!rar->init_default_conversion) { |
1383 | 0 | rar->sconv_default = |
1384 | 0 | archive_string_default_conversion_for_read( |
1385 | 0 | &(a->archive)); |
1386 | 0 | rar->init_default_conversion = 1; |
1387 | 0 | } |
1388 | 0 | sconv = rar->sconv_default; |
1389 | 0 | } |
1390 | | |
1391 | |
|
1392 | 0 | if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) |
1393 | 0 | return (ARCHIVE_FATAL); |
1394 | 0 | p = h; |
1395 | 0 | memcpy(&rar_header, p, sizeof(rar_header)); |
1396 | 0 | rar->file_flags = archive_le16dec(rar_header.flags); |
1397 | 0 | header_size = archive_le16dec(rar_header.size); |
1398 | 0 | if (header_size < (int64_t)sizeof(file_header) + 7) { |
1399 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1400 | 0 | "Invalid header size"); |
1401 | 0 | return (ARCHIVE_FATAL); |
1402 | 0 | } |
1403 | 0 | crc32_val = crc32(0, (const unsigned char *)p + 2, 7 - 2); |
1404 | 0 | __archive_read_consume(a, 7); |
1405 | |
|
1406 | 0 | if (!(rar->file_flags & FHD_SOLID)) |
1407 | 0 | { |
1408 | 0 | rar->compression_method = 0; |
1409 | 0 | rar->packed_size = 0; |
1410 | 0 | rar->unp_size = 0; |
1411 | 0 | rar->mtime = 0; |
1412 | 0 | rar->ctime = 0; |
1413 | 0 | rar->atime = 0; |
1414 | 0 | rar->arctime = 0; |
1415 | 0 | rar->mode = 0; |
1416 | 0 | memset(&rar->salt, 0, sizeof(rar->salt)); |
1417 | 0 | rar->atime = 0; |
1418 | 0 | rar->ansec = 0; |
1419 | 0 | rar->ctime = 0; |
1420 | 0 | rar->cnsec = 0; |
1421 | 0 | rar->mtime = 0; |
1422 | 0 | rar->mnsec = 0; |
1423 | 0 | rar->arctime = 0; |
1424 | 0 | rar->arcnsec = 0; |
1425 | 0 | } |
1426 | 0 | else |
1427 | 0 | { |
1428 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1429 | 0 | "RAR solid archive support unavailable."); |
1430 | 0 | return (ARCHIVE_FATAL); |
1431 | 0 | } |
1432 | | |
1433 | 0 | if ((h = __archive_read_ahead(a, (size_t)header_size - 7, NULL)) == NULL) |
1434 | 0 | return (ARCHIVE_FATAL); |
1435 | | |
1436 | | /* File Header CRC check. */ |
1437 | 0 | crc32_val = crc32(crc32_val, h, (unsigned)(header_size - 7)); |
1438 | 0 | if ((crc32_val & 0xffff) != archive_le16dec(rar_header.crc)) { |
1439 | 0 | #ifndef DONT_FAIL_ON_CRC_ERROR |
1440 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1441 | 0 | "Header CRC error"); |
1442 | 0 | return (ARCHIVE_FATAL); |
1443 | 0 | #endif |
1444 | 0 | } |
1445 | | /* If no CRC error, Go on parsing File Header. */ |
1446 | 0 | p = h; |
1447 | 0 | endp = p + header_size - 7; |
1448 | 0 | memcpy(&file_header, p, sizeof(file_header)); |
1449 | 0 | p += sizeof(file_header); |
1450 | |
|
1451 | 0 | rar->compression_method = file_header.method; |
1452 | |
|
1453 | 0 | ttime = archive_le32dec(file_header.file_time); |
1454 | 0 | rar->mtime = get_time(ttime); |
1455 | |
|
1456 | 0 | rar->file_crc = archive_le32dec(file_header.file_crc); |
1457 | |
|
1458 | 0 | if (rar->file_flags & FHD_PASSWORD) |
1459 | 0 | { |
1460 | 0 | archive_entry_set_is_data_encrypted(entry, 1); |
1461 | 0 | rar->has_encrypted_entries = 1; |
1462 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1463 | 0 | "RAR encryption support unavailable."); |
1464 | | /* Since it is only the data part itself that is encrypted we can at least |
1465 | | extract information about the currently processed entry and don't need |
1466 | | to return ARCHIVE_FATAL here. */ |
1467 | | /*return (ARCHIVE_FATAL);*/ |
1468 | 0 | } |
1469 | |
|
1470 | 0 | if (rar->file_flags & FHD_LARGE) |
1471 | 0 | { |
1472 | 0 | memcpy(packed_size, file_header.pack_size, 4); |
1473 | 0 | memcpy(packed_size + 4, p, 4); /* High pack size */ |
1474 | 0 | p += 4; |
1475 | 0 | memcpy(unp_size, file_header.unp_size, 4); |
1476 | 0 | memcpy(unp_size + 4, p, 4); /* High unpack size */ |
1477 | 0 | p += 4; |
1478 | 0 | rar->packed_size = archive_le64dec(&packed_size); |
1479 | 0 | rar->unp_size = archive_le64dec(&unp_size); |
1480 | 0 | } |
1481 | 0 | else |
1482 | 0 | { |
1483 | 0 | rar->packed_size = archive_le32dec(file_header.pack_size); |
1484 | 0 | rar->unp_size = archive_le32dec(file_header.unp_size); |
1485 | 0 | } |
1486 | |
|
1487 | 0 | if (rar->packed_size < 0 || rar->unp_size < 0) |
1488 | 0 | { |
1489 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1490 | 0 | "Invalid sizes specified."); |
1491 | 0 | return (ARCHIVE_FATAL); |
1492 | 0 | } |
1493 | | |
1494 | 0 | rar->bytes_remaining = rar->packed_size; |
1495 | | |
1496 | | /* TODO: RARv3 subblocks contain comments. For now the complete block is |
1497 | | * consumed at the end. |
1498 | | */ |
1499 | 0 | if (head_type == NEWSUB_HEAD) { |
1500 | 0 | size_t distance = p - (const char *)h; |
1501 | 0 | header_size += rar->packed_size; |
1502 | | /* Make sure we have the extended data. */ |
1503 | 0 | if ((h = __archive_read_ahead(a, (size_t)header_size - 7, NULL)) == NULL) |
1504 | 0 | return (ARCHIVE_FATAL); |
1505 | 0 | p = h; |
1506 | 0 | endp = p + header_size - 7; |
1507 | 0 | p += distance; |
1508 | 0 | } |
1509 | | |
1510 | 0 | filename_size = archive_le16dec(file_header.name_size); |
1511 | 0 | if (p + filename_size > endp) { |
1512 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1513 | 0 | "Invalid filename size"); |
1514 | 0 | return (ARCHIVE_FATAL); |
1515 | 0 | } |
1516 | 0 | if (rar->filename_allocated < filename_size * 2 + 2) { |
1517 | 0 | char *newptr; |
1518 | 0 | size_t newsize = filename_size * 2 + 2; |
1519 | 0 | newptr = realloc(rar->filename, newsize); |
1520 | 0 | if (newptr == NULL) { |
1521 | 0 | archive_set_error(&a->archive, ENOMEM, |
1522 | 0 | "Couldn't allocate memory."); |
1523 | 0 | return (ARCHIVE_FATAL); |
1524 | 0 | } |
1525 | 0 | rar->filename = newptr; |
1526 | 0 | rar->filename_allocated = newsize; |
1527 | 0 | } |
1528 | 0 | filename = rar->filename; |
1529 | 0 | memcpy(filename, p, filename_size); |
1530 | 0 | filename[filename_size] = '\0'; |
1531 | 0 | if (rar->file_flags & FHD_UNICODE) |
1532 | 0 | { |
1533 | 0 | if (filename_size != strlen(filename)) |
1534 | 0 | { |
1535 | 0 | unsigned char highbyte, flagbits, flagbyte; |
1536 | 0 | unsigned fn_end, offset; |
1537 | |
|
1538 | 0 | end = filename_size; |
1539 | 0 | fn_end = filename_size * 2; |
1540 | 0 | filename_size = 0; |
1541 | 0 | offset = (unsigned)strlen(filename) + 1; |
1542 | 0 | highbyte = *(p + offset++); |
1543 | 0 | flagbits = 0; |
1544 | 0 | flagbyte = 0; |
1545 | 0 | while (offset < end && filename_size < fn_end) |
1546 | 0 | { |
1547 | 0 | if (!flagbits) |
1548 | 0 | { |
1549 | 0 | flagbyte = *(p + offset++); |
1550 | 0 | flagbits = 8; |
1551 | 0 | } |
1552 | |
|
1553 | 0 | flagbits -= 2; |
1554 | 0 | switch((flagbyte >> flagbits) & 3) |
1555 | 0 | { |
1556 | 0 | case 0: |
1557 | 0 | filename[filename_size++] = '\0'; |
1558 | 0 | filename[filename_size++] = *(p + offset++); |
1559 | 0 | break; |
1560 | 0 | case 1: |
1561 | 0 | filename[filename_size++] = highbyte; |
1562 | 0 | filename[filename_size++] = *(p + offset++); |
1563 | 0 | break; |
1564 | 0 | case 2: |
1565 | 0 | filename[filename_size++] = *(p + offset + 1); |
1566 | 0 | filename[filename_size++] = *(p + offset); |
1567 | 0 | offset += 2; |
1568 | 0 | break; |
1569 | 0 | case 3: |
1570 | 0 | { |
1571 | 0 | char extra, high; |
1572 | 0 | uint8_t length = *(p + offset++); |
1573 | |
|
1574 | 0 | if (length & 0x80) { |
1575 | 0 | extra = *(p + offset++); |
1576 | 0 | high = (char)highbyte; |
1577 | 0 | } else |
1578 | 0 | extra = high = 0; |
1579 | 0 | length = (length & 0x7f) + 2; |
1580 | 0 | while (length && filename_size < fn_end) { |
1581 | 0 | unsigned cp = filename_size >> 1; |
1582 | 0 | filename[filename_size++] = high; |
1583 | 0 | filename[filename_size++] = p[cp] + extra; |
1584 | 0 | length--; |
1585 | 0 | } |
1586 | 0 | } |
1587 | 0 | break; |
1588 | 0 | } |
1589 | 0 | } |
1590 | 0 | if (filename_size > fn_end) { |
1591 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1592 | 0 | "Invalid filename"); |
1593 | 0 | return (ARCHIVE_FATAL); |
1594 | 0 | } |
1595 | 0 | filename[filename_size++] = '\0'; |
1596 | | /* |
1597 | | * Do not increment filename_size here as the computations below |
1598 | | * add the space for the terminating NUL explicitly. |
1599 | | */ |
1600 | 0 | filename[filename_size] = '\0'; |
1601 | | |
1602 | | /* Decoded unicode form is UTF-16BE, so we have to update a string |
1603 | | * conversion object for it. */ |
1604 | 0 | if (rar->sconv_utf16be == NULL) { |
1605 | 0 | rar->sconv_utf16be = archive_string_conversion_from_charset( |
1606 | 0 | &a->archive, "UTF-16BE", 1); |
1607 | 0 | if (rar->sconv_utf16be == NULL) |
1608 | 0 | return (ARCHIVE_FATAL); |
1609 | 0 | } |
1610 | 0 | fn_sconv = rar->sconv_utf16be; |
1611 | |
|
1612 | 0 | strp = filename; |
1613 | 0 | while (memcmp(strp, "\x00\x00", 2)) |
1614 | 0 | { |
1615 | 0 | if (!memcmp(strp, "\x00\\", 2)) |
1616 | 0 | *(strp + 1) = '/'; |
1617 | 0 | strp += 2; |
1618 | 0 | } |
1619 | 0 | p += offset; |
1620 | 0 | } else { |
1621 | | /* |
1622 | | * If FHD_UNICODE is set but no unicode data, this file name form |
1623 | | * is UTF-8, so we have to update a string conversion object for |
1624 | | * it accordingly. |
1625 | | */ |
1626 | 0 | if (rar->sconv_utf8 == NULL) { |
1627 | 0 | rar->sconv_utf8 = archive_string_conversion_from_charset( |
1628 | 0 | &a->archive, "UTF-8", 1); |
1629 | 0 | if (rar->sconv_utf8 == NULL) |
1630 | 0 | return (ARCHIVE_FATAL); |
1631 | 0 | } |
1632 | 0 | fn_sconv = rar->sconv_utf8; |
1633 | 0 | while ((strp = strchr(filename, '\\')) != NULL) |
1634 | 0 | *strp = '/'; |
1635 | 0 | p += filename_size; |
1636 | 0 | } |
1637 | 0 | } |
1638 | 0 | else |
1639 | 0 | { |
1640 | 0 | fn_sconv = sconv; |
1641 | 0 | while ((strp = strchr(filename, '\\')) != NULL) |
1642 | 0 | *strp = '/'; |
1643 | 0 | p += filename_size; |
1644 | 0 | } |
1645 | | |
1646 | | /* Split file in multivolume RAR. No more need to process header. */ |
1647 | 0 | if (rar->filename_save && |
1648 | 0 | filename_size == rar->filename_save_size && |
1649 | 0 | !memcmp(rar->filename, rar->filename_save, filename_size + 1)) |
1650 | 0 | { |
1651 | 0 | __archive_read_consume(a, header_size - 7); |
1652 | 0 | rar->cursor++; |
1653 | 0 | if (rar->cursor >= rar->nodes) |
1654 | 0 | { |
1655 | 0 | rar->nodes++; |
1656 | 0 | if ((rar->dbo = |
1657 | 0 | realloc(rar->dbo, sizeof(*rar->dbo) * rar->nodes)) == NULL) |
1658 | 0 | { |
1659 | 0 | archive_set_error(&a->archive, ENOMEM, "Couldn't allocate memory."); |
1660 | 0 | return (ARCHIVE_FATAL); |
1661 | 0 | } |
1662 | 0 | rar->dbo[rar->cursor].header_size = header_size; |
1663 | 0 | rar->dbo[rar->cursor].start_offset = -1; |
1664 | 0 | rar->dbo[rar->cursor].end_offset = -1; |
1665 | 0 | } |
1666 | 0 | if (rar->dbo[rar->cursor].start_offset < 0) |
1667 | 0 | { |
1668 | 0 | rar->dbo[rar->cursor].start_offset = a->filter->position; |
1669 | 0 | rar->dbo[rar->cursor].end_offset = rar->dbo[rar->cursor].start_offset + |
1670 | 0 | rar->packed_size; |
1671 | 0 | } |
1672 | 0 | return ret; |
1673 | 0 | } |
1674 | 0 | else if (rar->filename_must_match) |
1675 | 0 | { |
1676 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1677 | 0 | "Mismatch of file parts split across multi-volume archive"); |
1678 | 0 | return (ARCHIVE_FATAL); |
1679 | 0 | } |
1680 | | |
1681 | 0 | rar->filename_save = (char*)realloc(rar->filename_save, |
1682 | 0 | filename_size + 1); |
1683 | 0 | memcpy(rar->filename_save, rar->filename, filename_size + 1); |
1684 | 0 | rar->filename_save_size = filename_size; |
1685 | | |
1686 | | /* Set info for seeking */ |
1687 | 0 | free(rar->dbo); |
1688 | 0 | if ((rar->dbo = calloc(1, sizeof(*rar->dbo))) == NULL) |
1689 | 0 | { |
1690 | 0 | archive_set_error(&a->archive, ENOMEM, "Couldn't allocate memory."); |
1691 | 0 | return (ARCHIVE_FATAL); |
1692 | 0 | } |
1693 | 0 | rar->dbo[0].header_size = header_size; |
1694 | 0 | rar->dbo[0].start_offset = -1; |
1695 | 0 | rar->dbo[0].end_offset = -1; |
1696 | 0 | rar->cursor = 0; |
1697 | 0 | rar->nodes = 1; |
1698 | |
|
1699 | 0 | if (rar->file_flags & FHD_SALT) |
1700 | 0 | { |
1701 | 0 | if (p + 8 > endp) { |
1702 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1703 | 0 | "Invalid header size"); |
1704 | 0 | return (ARCHIVE_FATAL); |
1705 | 0 | } |
1706 | 0 | memcpy(rar->salt, p, 8); |
1707 | 0 | p += 8; |
1708 | 0 | } |
1709 | | |
1710 | 0 | if (rar->file_flags & FHD_EXTTIME) { |
1711 | 0 | if (read_exttime(p, rar, endp) < 0) { |
1712 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1713 | 0 | "Invalid header size"); |
1714 | 0 | return (ARCHIVE_FATAL); |
1715 | 0 | } |
1716 | 0 | } |
1717 | | |
1718 | 0 | __archive_read_consume(a, header_size - 7); |
1719 | 0 | rar->dbo[0].start_offset = a->filter->position; |
1720 | 0 | rar->dbo[0].end_offset = rar->dbo[0].start_offset + rar->packed_size; |
1721 | |
|
1722 | 0 | switch(file_header.host_os) |
1723 | 0 | { |
1724 | 0 | case OS_MSDOS: |
1725 | 0 | case OS_OS2: |
1726 | 0 | case OS_WIN32: |
1727 | 0 | rar->mode = archive_le32dec(file_header.file_attr); |
1728 | 0 | if (rar->mode & FILE_ATTRIBUTE_DIRECTORY) |
1729 | 0 | rar->mode = AE_IFDIR | S_IXUSR | S_IXGRP | S_IXOTH; |
1730 | 0 | else |
1731 | 0 | rar->mode = AE_IFREG; |
1732 | 0 | rar->mode |= S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH; |
1733 | 0 | break; |
1734 | | |
1735 | 0 | case OS_UNIX: |
1736 | 0 | case OS_MAC_OS: |
1737 | 0 | case OS_BEOS: |
1738 | 0 | rar->mode = archive_le32dec(file_header.file_attr); |
1739 | 0 | break; |
1740 | | |
1741 | 0 | default: |
1742 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1743 | 0 | "Unknown file attributes from RAR file's host OS"); |
1744 | 0 | return (ARCHIVE_FATAL); |
1745 | 0 | } |
1746 | | |
1747 | 0 | rar->bytes_uncopied = rar->bytes_unconsumed = 0; |
1748 | 0 | rar->lzss.position = rar->offset = 0; |
1749 | 0 | rar->offset_seek = 0; |
1750 | 0 | rar->dictionary_size = 0; |
1751 | 0 | rar->offset_outgoing = 0; |
1752 | 0 | rar->br.cache_avail = 0; |
1753 | 0 | rar->br.avail_in = 0; |
1754 | 0 | rar->crc_calculated = 0; |
1755 | 0 | rar->entry_eof = 0; |
1756 | 0 | rar->valid = 1; |
1757 | 0 | rar->is_ppmd_block = 0; |
1758 | 0 | rar->start_new_table = 1; |
1759 | 0 | free(rar->unp_buffer); |
1760 | 0 | rar->unp_buffer = NULL; |
1761 | 0 | rar->unp_offset = 0; |
1762 | 0 | rar->unp_buffer_size = UNP_BUFFER_SIZE; |
1763 | 0 | memset(rar->lengthtable, 0, sizeof(rar->lengthtable)); |
1764 | 0 | __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context); |
1765 | 0 | rar->ppmd_valid = rar->ppmd_eod = 0; |
1766 | 0 | rar->filters.filterstart = INT64_MAX; |
1767 | | |
1768 | | /* Don't set any archive entries for non-file header types */ |
1769 | 0 | if (head_type == NEWSUB_HEAD) |
1770 | 0 | return ret; |
1771 | | |
1772 | 0 | archive_entry_set_mtime(entry, rar->mtime, rar->mnsec); |
1773 | 0 | archive_entry_set_ctime(entry, rar->ctime, rar->cnsec); |
1774 | 0 | archive_entry_set_atime(entry, rar->atime, rar->ansec); |
1775 | 0 | archive_entry_set_size(entry, rar->unp_size); |
1776 | 0 | archive_entry_set_mode(entry, rar->mode); |
1777 | |
|
1778 | 0 | if (archive_entry_copy_pathname_l(entry, filename, filename_size, fn_sconv)) |
1779 | 0 | { |
1780 | 0 | if (errno == ENOMEM) |
1781 | 0 | { |
1782 | 0 | archive_set_error(&a->archive, ENOMEM, |
1783 | 0 | "Can't allocate memory for Pathname"); |
1784 | 0 | return (ARCHIVE_FATAL); |
1785 | 0 | } |
1786 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1787 | 0 | "Pathname cannot be converted from %s to current locale.", |
1788 | 0 | archive_string_conversion_charset_name(fn_sconv)); |
1789 | 0 | ret = (ARCHIVE_WARN); |
1790 | 0 | } |
1791 | | |
1792 | 0 | if (((rar->mode) & AE_IFMT) == AE_IFLNK) |
1793 | 0 | { |
1794 | | /* Make sure a symbolic-link file does not have its body. */ |
1795 | 0 | rar->bytes_remaining = 0; |
1796 | 0 | archive_entry_set_size(entry, 0); |
1797 | | |
1798 | | /* Read a symbolic-link name. */ |
1799 | 0 | if ((ret2 = read_symlink_stored(a, entry, sconv)) < (ARCHIVE_WARN)) |
1800 | 0 | return ret2; |
1801 | 0 | if (ret > ret2) |
1802 | 0 | ret = ret2; |
1803 | 0 | } |
1804 | | |
1805 | 0 | if (rar->bytes_remaining == 0) |
1806 | 0 | rar->entry_eof = 1; |
1807 | |
|
1808 | 0 | return ret; |
1809 | 0 | } |
1810 | | |
1811 | | static time_t |
1812 | | get_time(int ttime) |
1813 | 0 | { |
1814 | 0 | struct tm tm; |
1815 | 0 | tm.tm_sec = 2 * (ttime & 0x1f); |
1816 | 0 | tm.tm_min = (ttime >> 5) & 0x3f; |
1817 | 0 | tm.tm_hour = (ttime >> 11) & 0x1f; |
1818 | 0 | tm.tm_mday = (ttime >> 16) & 0x1f; |
1819 | 0 | tm.tm_mon = ((ttime >> 21) & 0x0f) - 1; |
1820 | 0 | tm.tm_year = ((ttime >> 25) & 0x7f) + 80; |
1821 | 0 | tm.tm_isdst = -1; |
1822 | 0 | return mktime(&tm); |
1823 | 0 | } |
1824 | | |
1825 | | static int |
1826 | | read_exttime(const char *p, struct rar *rar, const char *endp) |
1827 | 0 | { |
1828 | 0 | unsigned rmode, flags, rem, j, count; |
1829 | 0 | int ttime, i; |
1830 | 0 | struct tm *tm; |
1831 | 0 | time_t t; |
1832 | 0 | long nsec; |
1833 | 0 | #if defined(HAVE_LOCALTIME_R) || defined(HAVE_LOCALTIME_S) |
1834 | 0 | struct tm tmbuf; |
1835 | 0 | #endif |
1836 | |
|
1837 | 0 | if (p + 2 > endp) |
1838 | 0 | return (-1); |
1839 | 0 | flags = archive_le16dec(p); |
1840 | 0 | p += 2; |
1841 | |
|
1842 | 0 | for (i = 3; i >= 0; i--) |
1843 | 0 | { |
1844 | 0 | t = 0; |
1845 | 0 | if (i == 3) |
1846 | 0 | t = rar->mtime; |
1847 | 0 | rmode = flags >> i * 4; |
1848 | 0 | if (rmode & 8) |
1849 | 0 | { |
1850 | 0 | if (!t) |
1851 | 0 | { |
1852 | 0 | if (p + 4 > endp) |
1853 | 0 | return (-1); |
1854 | 0 | ttime = archive_le32dec(p); |
1855 | 0 | t = get_time(ttime); |
1856 | 0 | p += 4; |
1857 | 0 | } |
1858 | 0 | rem = 0; |
1859 | 0 | count = rmode & 3; |
1860 | 0 | if (p + count > endp) |
1861 | 0 | return (-1); |
1862 | 0 | for (j = 0; j < count; j++) |
1863 | 0 | { |
1864 | 0 | rem = (((unsigned)(unsigned char)*p) << 16) | (rem >> 8); |
1865 | 0 | p++; |
1866 | 0 | } |
1867 | | #if defined(HAVE_LOCALTIME_S) |
1868 | | tm = localtime_s(&tmbuf, &t) ? NULL : &tmbuf; |
1869 | | #elif defined(HAVE_LOCALTIME_R) |
1870 | 0 | tm = localtime_r(&t, &tmbuf); |
1871 | | #else |
1872 | | tm = localtime(&t); |
1873 | | #endif |
1874 | 0 | nsec = tm->tm_sec + rem / NS_UNIT; |
1875 | 0 | if (rmode & 4) |
1876 | 0 | { |
1877 | 0 | tm->tm_sec++; |
1878 | 0 | t = mktime(tm); |
1879 | 0 | } |
1880 | 0 | if (i == 3) |
1881 | 0 | { |
1882 | 0 | rar->mtime = t; |
1883 | 0 | rar->mnsec = nsec; |
1884 | 0 | } |
1885 | 0 | else if (i == 2) |
1886 | 0 | { |
1887 | 0 | rar->ctime = t; |
1888 | 0 | rar->cnsec = nsec; |
1889 | 0 | } |
1890 | 0 | else if (i == 1) |
1891 | 0 | { |
1892 | 0 | rar->atime = t; |
1893 | 0 | rar->ansec = nsec; |
1894 | 0 | } |
1895 | 0 | else |
1896 | 0 | { |
1897 | 0 | rar->arctime = t; |
1898 | 0 | rar->arcnsec = nsec; |
1899 | 0 | } |
1900 | 0 | } |
1901 | 0 | } |
1902 | 0 | return (0); |
1903 | 0 | } |
1904 | | |
1905 | | static int |
1906 | | read_symlink_stored(struct archive_read *a, struct archive_entry *entry, |
1907 | | struct archive_string_conv *sconv) |
1908 | 0 | { |
1909 | 0 | const void *h; |
1910 | 0 | const char *p; |
1911 | 0 | struct rar *rar; |
1912 | 0 | int ret = (ARCHIVE_OK); |
1913 | |
|
1914 | 0 | rar = (struct rar *)(a->format->data); |
1915 | 0 | if ((h = rar_read_ahead(a, (size_t)rar->packed_size, NULL)) == NULL) |
1916 | 0 | return (ARCHIVE_FATAL); |
1917 | 0 | p = h; |
1918 | |
|
1919 | 0 | if (archive_entry_copy_symlink_l(entry, |
1920 | 0 | p, (size_t)rar->packed_size, sconv)) |
1921 | 0 | { |
1922 | 0 | if (errno == ENOMEM) |
1923 | 0 | { |
1924 | 0 | archive_set_error(&a->archive, ENOMEM, |
1925 | 0 | "Can't allocate memory for link"); |
1926 | 0 | return (ARCHIVE_FATAL); |
1927 | 0 | } |
1928 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1929 | 0 | "link cannot be converted from %s to current locale.", |
1930 | 0 | archive_string_conversion_charset_name(sconv)); |
1931 | 0 | ret = (ARCHIVE_WARN); |
1932 | 0 | } |
1933 | 0 | __archive_read_consume(a, rar->packed_size); |
1934 | 0 | return ret; |
1935 | 0 | } |
1936 | | |
1937 | | static int |
1938 | | read_data_stored(struct archive_read *a, const void **buff, size_t *size, |
1939 | | int64_t *offset) |
1940 | 0 | { |
1941 | 0 | struct rar *rar; |
1942 | 0 | ssize_t bytes_avail; |
1943 | |
|
1944 | 0 | rar = (struct rar *)(a->format->data); |
1945 | 0 | if (rar->bytes_remaining == 0 && |
1946 | 0 | !(rar->main_flags & MHD_VOLUME && rar->file_flags & FHD_SPLIT_AFTER)) |
1947 | 0 | { |
1948 | 0 | *buff = NULL; |
1949 | 0 | *size = 0; |
1950 | 0 | *offset = rar->offset; |
1951 | 0 | if (rar->file_crc != rar->crc_calculated) { |
1952 | 0 | #ifndef DONT_FAIL_ON_CRC_ERROR |
1953 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1954 | 0 | "File CRC error"); |
1955 | 0 | return (ARCHIVE_FATAL); |
1956 | 0 | #endif |
1957 | 0 | } |
1958 | 0 | rar->entry_eof = 1; |
1959 | 0 | return (ARCHIVE_EOF); |
1960 | 0 | } |
1961 | | |
1962 | 0 | *buff = rar_read_ahead(a, 1, &bytes_avail); |
1963 | 0 | if (bytes_avail <= 0) |
1964 | 0 | { |
1965 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
1966 | 0 | "Truncated RAR file data"); |
1967 | 0 | return (ARCHIVE_FATAL); |
1968 | 0 | } |
1969 | | |
1970 | 0 | *size = bytes_avail; |
1971 | 0 | *offset = rar->offset; |
1972 | 0 | rar->offset += bytes_avail; |
1973 | 0 | rar->offset_seek += bytes_avail; |
1974 | 0 | rar->bytes_remaining -= bytes_avail; |
1975 | 0 | rar->bytes_unconsumed = bytes_avail; |
1976 | | /* Calculate File CRC. */ |
1977 | 0 | rar->crc_calculated = crc32(rar->crc_calculated, *buff, |
1978 | 0 | (unsigned)bytes_avail); |
1979 | 0 | return (ARCHIVE_OK); |
1980 | 0 | } |
1981 | | |
1982 | | static int |
1983 | | read_data_compressed(struct archive_read *a, const void **buff, size_t *size, |
1984 | | int64_t *offset, size_t looper) |
1985 | 0 | { |
1986 | 0 | if (looper++ > MAX_COMPRESS_DEPTH) |
1987 | 0 | return (ARCHIVE_FATAL); |
1988 | | |
1989 | 0 | struct rar *rar; |
1990 | 0 | int64_t start, end; |
1991 | 0 | size_t bs; |
1992 | 0 | int ret = (ARCHIVE_OK), sym, code, lzss_offset, length, i; |
1993 | |
|
1994 | 0 | rar = (struct rar *)(a->format->data); |
1995 | |
|
1996 | 0 | do { |
1997 | 0 | if (!rar->valid) |
1998 | 0 | return (ARCHIVE_FATAL); |
1999 | | |
2000 | 0 | if (rar->filters.bytes_ready > 0) |
2001 | 0 | { |
2002 | | /* Flush unp_buffer first */ |
2003 | 0 | if (rar->unp_offset > 0) |
2004 | 0 | { |
2005 | 0 | *buff = rar->unp_buffer; |
2006 | 0 | *size = rar->unp_offset; |
2007 | 0 | rar->unp_offset = 0; |
2008 | 0 | *offset = rar->offset_outgoing; |
2009 | 0 | rar->offset_outgoing += *size; |
2010 | 0 | } |
2011 | 0 | else |
2012 | 0 | { |
2013 | 0 | *buff = rar->filters.bytes; |
2014 | 0 | *size = rar->filters.bytes_ready; |
2015 | |
|
2016 | 0 | rar->offset += *size; |
2017 | 0 | *offset = rar->offset_outgoing; |
2018 | 0 | rar->offset_outgoing += *size; |
2019 | |
|
2020 | 0 | rar->filters.bytes_ready -= *size; |
2021 | 0 | rar->filters.bytes += *size; |
2022 | 0 | } |
2023 | 0 | goto ending_block; |
2024 | 0 | } |
2025 | | |
2026 | 0 | if (rar->ppmd_eod || |
2027 | 0 | (rar->dictionary_size && rar->offset >= rar->unp_size)) |
2028 | 0 | { |
2029 | 0 | if (rar->unp_offset > 0) { |
2030 | | /* |
2031 | | * We have unprocessed extracted data. write it out. |
2032 | | */ |
2033 | 0 | *buff = rar->unp_buffer; |
2034 | 0 | *size = rar->unp_offset; |
2035 | 0 | *offset = rar->offset_outgoing; |
2036 | 0 | rar->offset_outgoing += *size; |
2037 | | /* Calculate File CRC. */ |
2038 | 0 | rar->crc_calculated = crc32(rar->crc_calculated, *buff, |
2039 | 0 | (unsigned)*size); |
2040 | 0 | rar->unp_offset = 0; |
2041 | 0 | return (ARCHIVE_OK); |
2042 | 0 | } |
2043 | 0 | *buff = NULL; |
2044 | 0 | *size = 0; |
2045 | 0 | *offset = rar->offset; |
2046 | 0 | if (rar->file_crc != rar->crc_calculated) { |
2047 | 0 | #ifndef DONT_FAIL_ON_CRC_ERROR |
2048 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2049 | 0 | "File CRC error"); |
2050 | 0 | return (ARCHIVE_FATAL); |
2051 | 0 | #endif |
2052 | 0 | } |
2053 | 0 | rar->entry_eof = 1; |
2054 | 0 | return (ARCHIVE_EOF); |
2055 | 0 | } |
2056 | | |
2057 | 0 | if (!rar->is_ppmd_block && rar->dictionary_size && rar->bytes_uncopied > 0) |
2058 | 0 | { |
2059 | 0 | if (rar->bytes_uncopied > (rar->unp_buffer_size - rar->unp_offset)) |
2060 | 0 | bs = rar->unp_buffer_size - rar->unp_offset; |
2061 | 0 | else |
2062 | 0 | bs = (size_t)rar->bytes_uncopied; |
2063 | 0 | ret = copy_from_lzss_window_to_unp(a, buff, rar->offset, (int)bs); |
2064 | 0 | if (ret != ARCHIVE_OK) |
2065 | 0 | return (ret); |
2066 | 0 | rar->offset += bs; |
2067 | 0 | rar->bytes_uncopied -= bs; |
2068 | 0 | if (*buff != NULL) { |
2069 | 0 | rar->unp_offset = 0; |
2070 | 0 | *size = rar->unp_buffer_size; |
2071 | 0 | *offset = rar->offset_outgoing; |
2072 | 0 | rar->offset_outgoing += *size; |
2073 | | /* Calculate File CRC. */ |
2074 | 0 | rar->crc_calculated = crc32(rar->crc_calculated, *buff, |
2075 | 0 | (unsigned)*size); |
2076 | 0 | return (ret); |
2077 | 0 | } |
2078 | 0 | continue; |
2079 | 0 | } |
2080 | | |
2081 | 0 | if (rar->filters.lastend == rar->filters.filterstart) |
2082 | 0 | { |
2083 | 0 | if (!run_filters(a)) |
2084 | 0 | return (ARCHIVE_FATAL); |
2085 | 0 | continue; |
2086 | 0 | } |
2087 | | |
2088 | 0 | if (!rar->br.next_in && |
2089 | 0 | (ret = rar_br_preparation(a, &(rar->br))) < ARCHIVE_WARN) |
2090 | 0 | return (ret); |
2091 | 0 | if (rar->start_new_table && ((ret = parse_codes(a)) < (ARCHIVE_WARN))) |
2092 | 0 | return (ret); |
2093 | | |
2094 | 0 | if (rar->is_ppmd_block) |
2095 | 0 | { |
2096 | 0 | if ((sym = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( |
2097 | 0 | &rar->ppmd7_context, &rar->range_dec.p)) < 0) |
2098 | 0 | { |
2099 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2100 | 0 | "Invalid symbol"); |
2101 | 0 | return (ARCHIVE_FATAL); |
2102 | 0 | } |
2103 | 0 | if(sym != rar->ppmd_escape) |
2104 | 0 | { |
2105 | 0 | lzss_emit_literal(rar, sym); |
2106 | 0 | rar->bytes_uncopied++; |
2107 | 0 | } |
2108 | 0 | else |
2109 | 0 | { |
2110 | 0 | if ((code = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( |
2111 | 0 | &rar->ppmd7_context, &rar->range_dec.p)) < 0) |
2112 | 0 | { |
2113 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2114 | 0 | "Invalid symbol"); |
2115 | 0 | return (ARCHIVE_FATAL); |
2116 | 0 | } |
2117 | | |
2118 | 0 | switch(code) |
2119 | 0 | { |
2120 | 0 | case 0: |
2121 | 0 | rar->start_new_table = 1; |
2122 | 0 | return read_data_compressed(a, buff, size, offset, looper); |
2123 | | |
2124 | 0 | case 2: |
2125 | 0 | rar->ppmd_eod = 1;/* End Of ppmd Data. */ |
2126 | 0 | continue; |
2127 | | |
2128 | 0 | case 3: |
2129 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, |
2130 | 0 | "Parsing filters is unsupported."); |
2131 | 0 | return (ARCHIVE_FAILED); |
2132 | | |
2133 | 0 | case 4: |
2134 | 0 | lzss_offset = 0; |
2135 | 0 | for (i = 2; i >= 0; i--) |
2136 | 0 | { |
2137 | 0 | if ((code = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( |
2138 | 0 | &rar->ppmd7_context, &rar->range_dec.p)) < 0) |
2139 | 0 | { |
2140 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2141 | 0 | "Invalid symbol"); |
2142 | 0 | return (ARCHIVE_FATAL); |
2143 | 0 | } |
2144 | 0 | lzss_offset |= code << (i * 8); |
2145 | 0 | } |
2146 | 0 | if ((length = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( |
2147 | 0 | &rar->ppmd7_context, &rar->range_dec.p)) < 0) |
2148 | 0 | { |
2149 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2150 | 0 | "Invalid symbol"); |
2151 | 0 | return (ARCHIVE_FATAL); |
2152 | 0 | } |
2153 | 0 | lzss_emit_match(rar, lzss_offset + 2, length + 32); |
2154 | 0 | rar->bytes_uncopied += length + 32; |
2155 | 0 | break; |
2156 | | |
2157 | 0 | case 5: |
2158 | 0 | if ((length = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( |
2159 | 0 | &rar->ppmd7_context, &rar->range_dec.p)) < 0) |
2160 | 0 | { |
2161 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2162 | 0 | "Invalid symbol"); |
2163 | 0 | return (ARCHIVE_FATAL); |
2164 | 0 | } |
2165 | 0 | lzss_emit_match(rar, 1, length + 4); |
2166 | 0 | rar->bytes_uncopied += length + 4; |
2167 | 0 | break; |
2168 | | |
2169 | 0 | default: |
2170 | 0 | lzss_emit_literal(rar, sym); |
2171 | 0 | rar->bytes_uncopied++; |
2172 | 0 | } |
2173 | 0 | } |
2174 | 0 | } |
2175 | 0 | else |
2176 | 0 | { |
2177 | 0 | start = rar->offset; |
2178 | 0 | end = start + rar->dictionary_size; |
2179 | 0 | if (rar->filters.filterstart < end) { |
2180 | 0 | end = rar->filters.filterstart; |
2181 | 0 | } |
2182 | |
|
2183 | 0 | ret = expand(a, &end); |
2184 | 0 | if (ret != ARCHIVE_OK) |
2185 | 0 | return (ret); |
2186 | | |
2187 | 0 | rar->bytes_uncopied = end - start; |
2188 | 0 | rar->filters.lastend = end; |
2189 | 0 | if (rar->filters.lastend != rar->filters.filterstart && rar->bytes_uncopied == 0) { |
2190 | | /* Broken RAR files cause this case. |
2191 | | * NOTE: If this case were possible on a normal RAR file |
2192 | | * we would find out where it was actually bad and |
2193 | | * what we would do to solve it. */ |
2194 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2195 | 0 | "Internal error extracting RAR file"); |
2196 | 0 | return (ARCHIVE_FATAL); |
2197 | 0 | } |
2198 | 0 | } |
2199 | 0 | if (rar->bytes_uncopied > (rar->unp_buffer_size - rar->unp_offset)) |
2200 | 0 | bs = rar->unp_buffer_size - rar->unp_offset; |
2201 | 0 | else |
2202 | 0 | bs = (size_t)rar->bytes_uncopied; |
2203 | 0 | ret = copy_from_lzss_window_to_unp(a, buff, rar->offset, (int)bs); |
2204 | 0 | if (ret != ARCHIVE_OK) |
2205 | 0 | return (ret); |
2206 | 0 | rar->offset += bs; |
2207 | 0 | rar->bytes_uncopied -= bs; |
2208 | | /* |
2209 | | * If *buff is NULL, it means unp_buffer is not full. |
2210 | | * So we have to continue extracting a RAR file. |
2211 | | */ |
2212 | 0 | } while (*buff == NULL); |
2213 | | |
2214 | 0 | rar->unp_offset = 0; |
2215 | 0 | *size = rar->unp_buffer_size; |
2216 | 0 | *offset = rar->offset_outgoing; |
2217 | 0 | rar->offset_outgoing += *size; |
2218 | 0 | ending_block: |
2219 | | /* Calculate File CRC. */ |
2220 | 0 | rar->crc_calculated = crc32(rar->crc_calculated, *buff, (unsigned)*size); |
2221 | 0 | return ret; |
2222 | 0 | } |
2223 | | |
2224 | | static int |
2225 | | parse_codes(struct archive_read *a) |
2226 | 0 | { |
2227 | 0 | int i, j, val, n, r; |
2228 | 0 | unsigned char bitlengths[MAX_SYMBOLS], zerocount, ppmd_flags; |
2229 | 0 | unsigned int maxorder; |
2230 | 0 | struct huffman_code precode; |
2231 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
2232 | 0 | struct rar_br *br = &(rar->br); |
2233 | |
|
2234 | 0 | free_codes(a); |
2235 | | |
2236 | | /* Skip to the next byte */ |
2237 | 0 | rar_br_consume_unalined_bits(br); |
2238 | | |
2239 | | /* PPMd block flag */ |
2240 | 0 | if (!rar_br_read_ahead(a, br, 1)) |
2241 | 0 | goto truncated_data; |
2242 | 0 | if ((rar->is_ppmd_block = rar_br_bits(br, 1)) != 0) |
2243 | 0 | { |
2244 | 0 | rar_br_consume(br, 1); |
2245 | 0 | if (!rar_br_read_ahead(a, br, 7)) |
2246 | 0 | goto truncated_data; |
2247 | 0 | ppmd_flags = rar_br_bits(br, 7); |
2248 | 0 | rar_br_consume(br, 7); |
2249 | | |
2250 | | /* Memory is allocated in MB */ |
2251 | 0 | if (ppmd_flags & 0x20) |
2252 | 0 | { |
2253 | 0 | if (!rar_br_read_ahead(a, br, 8)) |
2254 | 0 | goto truncated_data; |
2255 | 0 | rar->dictionary_size = (rar_br_bits(br, 8) + 1) << 20; |
2256 | 0 | rar_br_consume(br, 8); |
2257 | 0 | } |
2258 | | |
2259 | 0 | if (ppmd_flags & 0x40) |
2260 | 0 | { |
2261 | 0 | if (!rar_br_read_ahead(a, br, 8)) |
2262 | 0 | goto truncated_data; |
2263 | 0 | rar->ppmd_escape = rar->ppmd7_context.InitEsc = rar_br_bits(br, 8); |
2264 | 0 | rar_br_consume(br, 8); |
2265 | 0 | } |
2266 | 0 | else |
2267 | 0 | rar->ppmd_escape = 2; |
2268 | | |
2269 | 0 | if (ppmd_flags & 0x20) |
2270 | 0 | { |
2271 | 0 | maxorder = (ppmd_flags & 0x1F) + 1; |
2272 | 0 | if(maxorder > 16) |
2273 | 0 | maxorder = 16 + (maxorder - 16) * 3; |
2274 | |
|
2275 | 0 | if (maxorder == 1) |
2276 | 0 | { |
2277 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2278 | 0 | "Truncated RAR file data"); |
2279 | 0 | return (ARCHIVE_FATAL); |
2280 | 0 | } |
2281 | | |
2282 | | /* Make sure ppmd7_contest is freed before Ppmd7_Construct |
2283 | | * because reading a broken file cause this abnormal sequence. */ |
2284 | 0 | __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context); |
2285 | |
|
2286 | 0 | rar->bytein.a = a; |
2287 | 0 | rar->bytein.Read = &ppmd_read; |
2288 | 0 | __archive_ppmd7_functions.PpmdRAR_RangeDec_CreateVTable(&rar->range_dec); |
2289 | 0 | rar->range_dec.Stream = &rar->bytein; |
2290 | 0 | __archive_ppmd7_functions.Ppmd7_Construct(&rar->ppmd7_context); |
2291 | |
|
2292 | 0 | if (rar->dictionary_size == 0) { |
2293 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2294 | 0 | "Invalid zero dictionary size"); |
2295 | 0 | return (ARCHIVE_FATAL); |
2296 | 0 | } |
2297 | | |
2298 | 0 | if (!__archive_ppmd7_functions.Ppmd7_Alloc(&rar->ppmd7_context, |
2299 | 0 | rar->dictionary_size)) |
2300 | 0 | { |
2301 | 0 | archive_set_error(&a->archive, ENOMEM, |
2302 | 0 | "Out of memory"); |
2303 | 0 | return (ARCHIVE_FATAL); |
2304 | 0 | } |
2305 | 0 | if (!__archive_ppmd7_functions.PpmdRAR_RangeDec_Init(&rar->range_dec)) |
2306 | 0 | { |
2307 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2308 | 0 | "Unable to initialize PPMd range decoder"); |
2309 | 0 | return (ARCHIVE_FATAL); |
2310 | 0 | } |
2311 | 0 | __archive_ppmd7_functions.Ppmd7_Init(&rar->ppmd7_context, maxorder); |
2312 | 0 | rar->ppmd_valid = 1; |
2313 | 0 | } |
2314 | 0 | else |
2315 | 0 | { |
2316 | 0 | if (!rar->ppmd_valid) { |
2317 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2318 | 0 | "Invalid PPMd sequence"); |
2319 | 0 | return (ARCHIVE_FATAL); |
2320 | 0 | } |
2321 | 0 | if (!__archive_ppmd7_functions.PpmdRAR_RangeDec_Init(&rar->range_dec)) |
2322 | 0 | { |
2323 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2324 | 0 | "Unable to initialize PPMd range decoder"); |
2325 | 0 | return (ARCHIVE_FATAL); |
2326 | 0 | } |
2327 | 0 | } |
2328 | 0 | } |
2329 | 0 | else |
2330 | 0 | { |
2331 | 0 | rar_br_consume(br, 1); |
2332 | | |
2333 | | /* Keep existing table flag */ |
2334 | 0 | if (!rar_br_read_ahead(a, br, 1)) |
2335 | 0 | goto truncated_data; |
2336 | 0 | if (!rar_br_bits(br, 1)) |
2337 | 0 | memset(rar->lengthtable, 0, sizeof(rar->lengthtable)); |
2338 | 0 | rar_br_consume(br, 1); |
2339 | |
|
2340 | 0 | memset(&bitlengths, 0, sizeof(bitlengths)); |
2341 | 0 | for (i = 0; i < MAX_SYMBOLS;) |
2342 | 0 | { |
2343 | 0 | if (!rar_br_read_ahead(a, br, 4)) |
2344 | 0 | goto truncated_data; |
2345 | 0 | bitlengths[i++] = rar_br_bits(br, 4); |
2346 | 0 | rar_br_consume(br, 4); |
2347 | 0 | if (bitlengths[i-1] == 0xF) |
2348 | 0 | { |
2349 | 0 | if (!rar_br_read_ahead(a, br, 4)) |
2350 | 0 | goto truncated_data; |
2351 | 0 | zerocount = rar_br_bits(br, 4); |
2352 | 0 | rar_br_consume(br, 4); |
2353 | 0 | if (zerocount) |
2354 | 0 | { |
2355 | 0 | i--; |
2356 | 0 | for (j = 0; j < zerocount + 2 && i < MAX_SYMBOLS; j++) |
2357 | 0 | bitlengths[i++] = 0; |
2358 | 0 | } |
2359 | 0 | } |
2360 | 0 | } |
2361 | | |
2362 | 0 | memset(&precode, 0, sizeof(precode)); |
2363 | 0 | r = create_code(a, &precode, bitlengths, MAX_SYMBOLS, MAX_SYMBOL_LENGTH); |
2364 | 0 | if (r != ARCHIVE_OK) { |
2365 | 0 | free(precode.tree); |
2366 | 0 | free(precode.table); |
2367 | 0 | return (r); |
2368 | 0 | } |
2369 | | |
2370 | 0 | for (i = 0; i < HUFFMAN_TABLE_SIZE;) |
2371 | 0 | { |
2372 | 0 | if ((val = read_next_symbol(a, &precode)) < 0) { |
2373 | 0 | free(precode.tree); |
2374 | 0 | free(precode.table); |
2375 | 0 | return (ARCHIVE_FATAL); |
2376 | 0 | } |
2377 | 0 | if (val < 16) |
2378 | 0 | { |
2379 | 0 | rar->lengthtable[i] = (rar->lengthtable[i] + val) & 0xF; |
2380 | 0 | i++; |
2381 | 0 | } |
2382 | 0 | else if (val < 18) |
2383 | 0 | { |
2384 | 0 | if (i == 0) |
2385 | 0 | { |
2386 | 0 | free(precode.tree); |
2387 | 0 | free(precode.table); |
2388 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2389 | 0 | "Internal error extracting RAR file."); |
2390 | 0 | return (ARCHIVE_FATAL); |
2391 | 0 | } |
2392 | | |
2393 | 0 | if(val == 16) { |
2394 | 0 | if (!rar_br_read_ahead(a, br, 3)) { |
2395 | 0 | free(precode.tree); |
2396 | 0 | free(precode.table); |
2397 | 0 | goto truncated_data; |
2398 | 0 | } |
2399 | 0 | n = rar_br_bits(br, 3) + 3; |
2400 | 0 | rar_br_consume(br, 3); |
2401 | 0 | } else { |
2402 | 0 | if (!rar_br_read_ahead(a, br, 7)) { |
2403 | 0 | free(precode.tree); |
2404 | 0 | free(precode.table); |
2405 | 0 | goto truncated_data; |
2406 | 0 | } |
2407 | 0 | n = rar_br_bits(br, 7) + 11; |
2408 | 0 | rar_br_consume(br, 7); |
2409 | 0 | } |
2410 | | |
2411 | 0 | for (j = 0; j < n && i < HUFFMAN_TABLE_SIZE; j++) |
2412 | 0 | { |
2413 | 0 | rar->lengthtable[i] = rar->lengthtable[i-1]; |
2414 | 0 | i++; |
2415 | 0 | } |
2416 | 0 | } |
2417 | 0 | else |
2418 | 0 | { |
2419 | 0 | if(val == 18) { |
2420 | 0 | if (!rar_br_read_ahead(a, br, 3)) { |
2421 | 0 | free(precode.tree); |
2422 | 0 | free(precode.table); |
2423 | 0 | goto truncated_data; |
2424 | 0 | } |
2425 | 0 | n = rar_br_bits(br, 3) + 3; |
2426 | 0 | rar_br_consume(br, 3); |
2427 | 0 | } else { |
2428 | 0 | if (!rar_br_read_ahead(a, br, 7)) { |
2429 | 0 | free(precode.tree); |
2430 | 0 | free(precode.table); |
2431 | 0 | goto truncated_data; |
2432 | 0 | } |
2433 | 0 | n = rar_br_bits(br, 7) + 11; |
2434 | 0 | rar_br_consume(br, 7); |
2435 | 0 | } |
2436 | | |
2437 | 0 | for(j = 0; j < n && i < HUFFMAN_TABLE_SIZE; j++) |
2438 | 0 | rar->lengthtable[i++] = 0; |
2439 | 0 | } |
2440 | 0 | } |
2441 | 0 | free(precode.tree); |
2442 | 0 | free(precode.table); |
2443 | |
|
2444 | 0 | r = create_code(a, &rar->maincode, &rar->lengthtable[0], MAINCODE_SIZE, |
2445 | 0 | MAX_SYMBOL_LENGTH); |
2446 | 0 | if (r != ARCHIVE_OK) |
2447 | 0 | return (r); |
2448 | 0 | r = create_code(a, &rar->offsetcode, &rar->lengthtable[MAINCODE_SIZE], |
2449 | 0 | OFFSETCODE_SIZE, MAX_SYMBOL_LENGTH); |
2450 | 0 | if (r != ARCHIVE_OK) |
2451 | 0 | return (r); |
2452 | 0 | r = create_code(a, &rar->lowoffsetcode, |
2453 | 0 | &rar->lengthtable[MAINCODE_SIZE + OFFSETCODE_SIZE], |
2454 | 0 | LOWOFFSETCODE_SIZE, MAX_SYMBOL_LENGTH); |
2455 | 0 | if (r != ARCHIVE_OK) |
2456 | 0 | return (r); |
2457 | 0 | r = create_code(a, &rar->lengthcode, |
2458 | 0 | &rar->lengthtable[MAINCODE_SIZE + OFFSETCODE_SIZE + |
2459 | 0 | LOWOFFSETCODE_SIZE], LENGTHCODE_SIZE, MAX_SYMBOL_LENGTH); |
2460 | 0 | if (r != ARCHIVE_OK) |
2461 | 0 | return (r); |
2462 | 0 | } |
2463 | | |
2464 | 0 | if (!rar->dictionary_size || !rar->lzss.window) |
2465 | 0 | { |
2466 | | /* Seems as though dictionary sizes are not used. Even so, minimize |
2467 | | * memory usage as much as possible. |
2468 | | */ |
2469 | 0 | void *new_window; |
2470 | 0 | unsigned int new_size; |
2471 | |
|
2472 | 0 | if (rar->unp_size >= DICTIONARY_MAX_SIZE) |
2473 | 0 | new_size = DICTIONARY_MAX_SIZE; |
2474 | 0 | else |
2475 | 0 | new_size = rar_fls((unsigned int)rar->unp_size) << 1; |
2476 | 0 | if (new_size == 0) { |
2477 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2478 | 0 | "Zero window size is invalid."); |
2479 | 0 | return (ARCHIVE_FATAL); |
2480 | 0 | } |
2481 | 0 | new_window = realloc(rar->lzss.window, new_size); |
2482 | 0 | if (new_window == NULL) { |
2483 | 0 | archive_set_error(&a->archive, ENOMEM, |
2484 | 0 | "Unable to allocate memory for uncompressed data."); |
2485 | 0 | return (ARCHIVE_FATAL); |
2486 | 0 | } |
2487 | 0 | rar->lzss.window = (unsigned char *)new_window; |
2488 | 0 | rar->dictionary_size = new_size; |
2489 | 0 | memset(rar->lzss.window, 0, rar->dictionary_size); |
2490 | 0 | rar->lzss.mask = rar->dictionary_size - 1; |
2491 | 0 | } |
2492 | | |
2493 | 0 | rar->start_new_table = 0; |
2494 | 0 | return (ARCHIVE_OK); |
2495 | 0 | truncated_data: |
2496 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2497 | 0 | "Truncated RAR file data"); |
2498 | 0 | rar->valid = 0; |
2499 | 0 | return (ARCHIVE_FATAL); |
2500 | 0 | } |
2501 | | |
2502 | | static void |
2503 | | free_codes(struct archive_read *a) |
2504 | 8.06k | { |
2505 | 8.06k | struct rar *rar = (struct rar *)(a->format->data); |
2506 | 8.06k | free(rar->maincode.tree); |
2507 | 8.06k | free(rar->offsetcode.tree); |
2508 | 8.06k | free(rar->lowoffsetcode.tree); |
2509 | 8.06k | free(rar->lengthcode.tree); |
2510 | 8.06k | free(rar->maincode.table); |
2511 | 8.06k | free(rar->offsetcode.table); |
2512 | 8.06k | free(rar->lowoffsetcode.table); |
2513 | 8.06k | free(rar->lengthcode.table); |
2514 | 8.06k | memset(&rar->maincode, 0, sizeof(rar->maincode)); |
2515 | 8.06k | memset(&rar->offsetcode, 0, sizeof(rar->offsetcode)); |
2516 | 8.06k | memset(&rar->lowoffsetcode, 0, sizeof(rar->lowoffsetcode)); |
2517 | 8.06k | memset(&rar->lengthcode, 0, sizeof(rar->lengthcode)); |
2518 | 8.06k | } |
2519 | | |
2520 | | |
2521 | | static int |
2522 | | read_next_symbol(struct archive_read *a, struct huffman_code *code) |
2523 | 0 | { |
2524 | 0 | unsigned char bit; |
2525 | 0 | unsigned int bits; |
2526 | 0 | int length, value, node; |
2527 | 0 | struct rar *rar; |
2528 | 0 | struct rar_br *br; |
2529 | |
|
2530 | 0 | if (!code->table) |
2531 | 0 | { |
2532 | 0 | if (make_table(a, code) != (ARCHIVE_OK)) |
2533 | 0 | return -1; |
2534 | 0 | } |
2535 | | |
2536 | 0 | rar = (struct rar *)(a->format->data); |
2537 | 0 | br = &(rar->br); |
2538 | | |
2539 | | /* Look ahead (peek) at bits */ |
2540 | 0 | if (!rar_br_read_ahead(a, br, code->tablesize)) { |
2541 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2542 | 0 | "Truncated RAR file data"); |
2543 | 0 | rar->valid = 0; |
2544 | 0 | return -1; |
2545 | 0 | } |
2546 | 0 | bits = rar_br_bits(br, code->tablesize); |
2547 | |
|
2548 | 0 | length = code->table[bits].length; |
2549 | 0 | value = code->table[bits].value; |
2550 | |
|
2551 | 0 | if (length < 0) |
2552 | 0 | { |
2553 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2554 | 0 | "Invalid prefix code in bitstream"); |
2555 | 0 | return -1; |
2556 | 0 | } |
2557 | | |
2558 | 0 | if (length <= code->tablesize) |
2559 | 0 | { |
2560 | | /* Skip length bits */ |
2561 | 0 | rar_br_consume(br, length); |
2562 | 0 | return value; |
2563 | 0 | } |
2564 | | |
2565 | | /* Skip tablesize bits */ |
2566 | 0 | rar_br_consume(br, code->tablesize); |
2567 | |
|
2568 | 0 | node = value; |
2569 | 0 | while (!(code->tree[node].branches[0] == |
2570 | 0 | code->tree[node].branches[1])) |
2571 | 0 | { |
2572 | 0 | if (!rar_br_read_ahead(a, br, 1)) { |
2573 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2574 | 0 | "Truncated RAR file data"); |
2575 | 0 | rar->valid = 0; |
2576 | 0 | return -1; |
2577 | 0 | } |
2578 | 0 | bit = rar_br_bits(br, 1); |
2579 | 0 | rar_br_consume(br, 1); |
2580 | |
|
2581 | 0 | if (code->tree[node].branches[bit] < 0) |
2582 | 0 | { |
2583 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2584 | 0 | "Invalid prefix code in bitstream"); |
2585 | 0 | return -1; |
2586 | 0 | } |
2587 | 0 | node = code->tree[node].branches[bit]; |
2588 | 0 | } |
2589 | | |
2590 | 0 | return code->tree[node].branches[0]; |
2591 | 0 | } |
2592 | | |
2593 | | static int |
2594 | | create_code(struct archive_read *a, struct huffman_code *code, |
2595 | | unsigned char *lengths, int numsymbols, char maxlength) |
2596 | 0 | { |
2597 | 0 | int i, j, codebits = 0, symbolsleft = numsymbols; |
2598 | |
|
2599 | 0 | code->numentries = 0; |
2600 | 0 | code->numallocatedentries = 0; |
2601 | 0 | if (new_node(code) < 0) { |
2602 | 0 | archive_set_error(&a->archive, ENOMEM, |
2603 | 0 | "Unable to allocate memory for node data."); |
2604 | 0 | return (ARCHIVE_FATAL); |
2605 | 0 | } |
2606 | 0 | code->numentries = 1; |
2607 | 0 | code->minlength = INT_MAX; |
2608 | 0 | code->maxlength = INT_MIN; |
2609 | 0 | codebits = 0; |
2610 | 0 | for(i = 1; i <= maxlength; i++) |
2611 | 0 | { |
2612 | 0 | for(j = 0; j < numsymbols; j++) |
2613 | 0 | { |
2614 | 0 | if (lengths[j] != i) continue; |
2615 | 0 | if (add_value(a, code, j, codebits, i) != ARCHIVE_OK) |
2616 | 0 | return (ARCHIVE_FATAL); |
2617 | 0 | codebits++; |
2618 | 0 | if (--symbolsleft <= 0) |
2619 | 0 | break; |
2620 | 0 | } |
2621 | 0 | if (symbolsleft <= 0) |
2622 | 0 | break; |
2623 | 0 | codebits <<= 1; |
2624 | 0 | } |
2625 | 0 | return (ARCHIVE_OK); |
2626 | 0 | } |
2627 | | |
2628 | | static int |
2629 | | add_value(struct archive_read *a, struct huffman_code *code, int value, |
2630 | | int codebits, int length) |
2631 | 0 | { |
2632 | 0 | int lastnode, bitpos, bit; |
2633 | | /* int repeatpos, repeatnode, nextnode; */ |
2634 | |
|
2635 | 0 | free(code->table); |
2636 | 0 | code->table = NULL; |
2637 | |
|
2638 | 0 | if(length > code->maxlength) |
2639 | 0 | code->maxlength = length; |
2640 | 0 | if(length < code->minlength) |
2641 | 0 | code->minlength = length; |
2642 | | |
2643 | | /* |
2644 | | * Dead code, repeatpos was is -1 |
2645 | | * |
2646 | | repeatpos = -1; |
2647 | | if (repeatpos == 0 || (repeatpos >= 0 |
2648 | | && (((codebits >> (repeatpos - 1)) & 3) == 0 |
2649 | | || ((codebits >> (repeatpos - 1)) & 3) == 3))) |
2650 | | { |
2651 | | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2652 | | "Invalid repeat position"); |
2653 | | return (ARCHIVE_FATAL); |
2654 | | } |
2655 | | */ |
2656 | |
|
2657 | 0 | lastnode = 0; |
2658 | 0 | for (bitpos = length - 1; bitpos >= 0; bitpos--) |
2659 | 0 | { |
2660 | 0 | bit = (codebits >> bitpos) & 1; |
2661 | | |
2662 | | /* Leaf node check */ |
2663 | 0 | if (code->tree[lastnode].branches[0] == |
2664 | 0 | code->tree[lastnode].branches[1]) |
2665 | 0 | { |
2666 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2667 | 0 | "Prefix found"); |
2668 | 0 | return (ARCHIVE_FATAL); |
2669 | 0 | } |
2670 | | |
2671 | | /* |
2672 | | * Dead code, repeatpos was -1, bitpos >=0 |
2673 | | * |
2674 | | if (bitpos == repeatpos) |
2675 | | { |
2676 | | * Open branch check * |
2677 | | if (!(code->tree[lastnode].branches[bit] < 0)) |
2678 | | { |
2679 | | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2680 | | "Invalid repeating code"); |
2681 | | return (ARCHIVE_FATAL); |
2682 | | } |
2683 | | |
2684 | | if ((repeatnode = new_node(code)) < 0) { |
2685 | | archive_set_error(&a->archive, ENOMEM, |
2686 | | "Unable to allocate memory for node data."); |
2687 | | return (ARCHIVE_FATAL); |
2688 | | } |
2689 | | if ((nextnode = new_node(code)) < 0) { |
2690 | | archive_set_error(&a->archive, ENOMEM, |
2691 | | "Unable to allocate memory for node data."); |
2692 | | return (ARCHIVE_FATAL); |
2693 | | } |
2694 | | |
2695 | | * Set branches * |
2696 | | code->tree[lastnode].branches[bit] = repeatnode; |
2697 | | code->tree[repeatnode].branches[bit] = repeatnode; |
2698 | | code->tree[repeatnode].branches[bit^1] = nextnode; |
2699 | | lastnode = nextnode; |
2700 | | |
2701 | | bitpos++; * terminating bit already handled, skip it * |
2702 | | } |
2703 | | else |
2704 | | { |
2705 | | */ |
2706 | | /* Open branch check */ |
2707 | 0 | if (code->tree[lastnode].branches[bit] < 0) |
2708 | 0 | { |
2709 | 0 | if (new_node(code) < 0) { |
2710 | 0 | archive_set_error(&a->archive, ENOMEM, |
2711 | 0 | "Unable to allocate memory for node data."); |
2712 | 0 | return (ARCHIVE_FATAL); |
2713 | 0 | } |
2714 | 0 | code->tree[lastnode].branches[bit] = code->numentries++; |
2715 | 0 | } |
2716 | | |
2717 | | /* set to branch */ |
2718 | 0 | lastnode = code->tree[lastnode].branches[bit]; |
2719 | | /* } */ |
2720 | 0 | } |
2721 | | |
2722 | 0 | if (!(code->tree[lastnode].branches[0] == -1 |
2723 | 0 | && code->tree[lastnode].branches[1] == -2)) |
2724 | 0 | { |
2725 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2726 | 0 | "Prefix found"); |
2727 | 0 | return (ARCHIVE_FATAL); |
2728 | 0 | } |
2729 | | |
2730 | | /* Set leaf value */ |
2731 | 0 | code->tree[lastnode].branches[0] = value; |
2732 | 0 | code->tree[lastnode].branches[1] = value; |
2733 | |
|
2734 | 0 | return (ARCHIVE_OK); |
2735 | 0 | } |
2736 | | |
2737 | | static int |
2738 | | new_node(struct huffman_code *code) |
2739 | 0 | { |
2740 | 0 | void *new_tree; |
2741 | 0 | if (code->numallocatedentries == code->numentries) { |
2742 | 0 | int new_num_entries = 256; |
2743 | 0 | if (code->numentries > 0) { |
2744 | 0 | new_num_entries = code->numentries * 2; |
2745 | 0 | } |
2746 | 0 | new_tree = realloc(code->tree, new_num_entries * sizeof(*code->tree)); |
2747 | 0 | if (new_tree == NULL) |
2748 | 0 | return (-1); |
2749 | 0 | code->tree = (struct huffman_tree_node *)new_tree; |
2750 | 0 | code->numallocatedentries = new_num_entries; |
2751 | 0 | } |
2752 | 0 | code->tree[code->numentries].branches[0] = -1; |
2753 | 0 | code->tree[code->numentries].branches[1] = -2; |
2754 | 0 | return 1; |
2755 | 0 | } |
2756 | | |
2757 | | static int |
2758 | | make_table(struct archive_read *a, struct huffman_code *code) |
2759 | 0 | { |
2760 | 0 | if (code->maxlength < code->minlength || code->maxlength > 10) |
2761 | 0 | code->tablesize = 10; |
2762 | 0 | else |
2763 | 0 | code->tablesize = code->maxlength; |
2764 | |
|
2765 | 0 | code->table = |
2766 | 0 | (struct huffman_table_entry *)calloc(1, sizeof(*code->table) |
2767 | 0 | * ((size_t)1 << code->tablesize)); |
2768 | |
|
2769 | 0 | return make_table_recurse(a, code, 0, code->table, 0, code->tablesize); |
2770 | 0 | } |
2771 | | |
2772 | | static int |
2773 | | make_table_recurse(struct archive_read *a, struct huffman_code *code, int node, |
2774 | | struct huffman_table_entry *table, int depth, |
2775 | | int maxdepth) |
2776 | 0 | { |
2777 | 0 | int currtablesize, i, ret = (ARCHIVE_OK); |
2778 | |
|
2779 | 0 | if (!code->tree) |
2780 | 0 | { |
2781 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2782 | 0 | "Huffman tree was not created."); |
2783 | 0 | return (ARCHIVE_FATAL); |
2784 | 0 | } |
2785 | 0 | if (node < 0 || node >= code->numentries) |
2786 | 0 | { |
2787 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
2788 | 0 | "Invalid location to Huffman tree specified."); |
2789 | 0 | return (ARCHIVE_FATAL); |
2790 | 0 | } |
2791 | | |
2792 | 0 | currtablesize = 1 << (maxdepth - depth); |
2793 | |
|
2794 | 0 | if (code->tree[node].branches[0] == |
2795 | 0 | code->tree[node].branches[1]) |
2796 | 0 | { |
2797 | 0 | for(i = 0; i < currtablesize; i++) |
2798 | 0 | { |
2799 | 0 | table[i].length = depth; |
2800 | 0 | table[i].value = code->tree[node].branches[0]; |
2801 | 0 | } |
2802 | 0 | } |
2803 | | /* |
2804 | | * Dead code, node >= 0 |
2805 | | * |
2806 | | else if (node < 0) |
2807 | | { |
2808 | | for(i = 0; i < currtablesize; i++) |
2809 | | table[i].length = -1; |
2810 | | } |
2811 | | */ |
2812 | 0 | else |
2813 | 0 | { |
2814 | 0 | if(depth == maxdepth) |
2815 | 0 | { |
2816 | 0 | table[0].length = maxdepth + 1; |
2817 | 0 | table[0].value = node; |
2818 | 0 | } |
2819 | 0 | else |
2820 | 0 | { |
2821 | 0 | ret |= make_table_recurse(a, code, code->tree[node].branches[0], table, |
2822 | 0 | depth + 1, maxdepth); |
2823 | 0 | ret |= make_table_recurse(a, code, code->tree[node].branches[1], |
2824 | 0 | table + currtablesize / 2, depth + 1, maxdepth); |
2825 | 0 | } |
2826 | 0 | } |
2827 | 0 | return ret; |
2828 | 0 | } |
2829 | | |
2830 | | static int |
2831 | | expand(struct archive_read *a, int64_t *end) |
2832 | 0 | { |
2833 | 0 | static const unsigned char lengthbases[] = |
2834 | 0 | { 0, 1, 2, 3, 4, 5, 6, |
2835 | 0 | 7, 8, 10, 12, 14, 16, 20, |
2836 | 0 | 24, 28, 32, 40, 48, 56, 64, |
2837 | 0 | 80, 96, 112, 128, 160, 192, 224 }; |
2838 | 0 | static const unsigned char lengthbits[] = |
2839 | 0 | { 0, 0, 0, 0, 0, 0, 0, |
2840 | 0 | 0, 1, 1, 1, 1, 2, 2, |
2841 | 0 | 2, 2, 3, 3, 3, 3, 4, |
2842 | 0 | 4, 4, 4, 5, 5, 5, 5 }; |
2843 | 0 | static const int lengthb_min = minimum( |
2844 | 0 | (int)(sizeof(lengthbases)/sizeof(lengthbases[0])), |
2845 | 0 | (int)(sizeof(lengthbits)/sizeof(lengthbits[0])) |
2846 | 0 | ); |
2847 | 0 | static const unsigned int offsetbases[] = |
2848 | 0 | { 0, 1, 2, 3, 4, 6, |
2849 | 0 | 8, 12, 16, 24, 32, 48, |
2850 | 0 | 64, 96, 128, 192, 256, 384, |
2851 | 0 | 512, 768, 1024, 1536, 2048, 3072, |
2852 | 0 | 4096, 6144, 8192, 12288, 16384, 24576, |
2853 | 0 | 32768, 49152, 65536, 98304, 131072, 196608, |
2854 | 0 | 262144, 327680, 393216, 458752, 524288, 589824, |
2855 | 0 | 655360, 720896, 786432, 851968, 917504, 983040, |
2856 | 0 | 1048576, 1310720, 1572864, 1835008, 2097152, 2359296, |
2857 | 0 | 2621440, 2883584, 3145728, 3407872, 3670016, 3932160 }; |
2858 | 0 | static const unsigned char offsetbits[] = |
2859 | 0 | { 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, |
2860 | 0 | 5, 5, 6, 6, 7, 7, 8, 8, 9, 9, 10, 10, |
2861 | 0 | 11, 11, 12, 12, 13, 13, 14, 14, 15, 15, 16, 16, |
2862 | 0 | 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, |
2863 | 0 | 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18 }; |
2864 | 0 | static const int offsetb_min = minimum( |
2865 | 0 | (int)(sizeof(offsetbases)/sizeof(offsetbases[0])), |
2866 | 0 | (int)(sizeof(offsetbits)/sizeof(offsetbits[0])) |
2867 | 0 | ); |
2868 | 0 | static const unsigned char shortbases[] = |
2869 | 0 | { 0, 4, 8, 16, 32, 64, 128, 192 }; |
2870 | 0 | static const unsigned char shortbits[] = |
2871 | 0 | { 2, 2, 3, 4, 5, 6, 6, 6 }; |
2872 | |
|
2873 | 0 | int symbol, offs, len, offsindex, lensymbol, i, offssymbol, lowoffsetsymbol; |
2874 | 0 | unsigned char newfile; |
2875 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
2876 | 0 | struct rar_br *br = &(rar->br); |
2877 | |
|
2878 | 0 | if (rar->filters.filterstart < *end) |
2879 | 0 | *end = rar->filters.filterstart; |
2880 | |
|
2881 | 0 | while (1) |
2882 | 0 | { |
2883 | 0 | if(lzss_position(&rar->lzss) >= *end) { |
2884 | 0 | return (ARCHIVE_OK); |
2885 | 0 | } |
2886 | | |
2887 | 0 | if(rar->is_ppmd_block) { |
2888 | 0 | *end = lzss_position(&rar->lzss); |
2889 | 0 | return (ARCHIVE_OK); |
2890 | 0 | } |
2891 | | |
2892 | 0 | if ((symbol = read_next_symbol(a, &rar->maincode)) < 0) |
2893 | 0 | return (ARCHIVE_FATAL); |
2894 | | |
2895 | 0 | if (symbol < 256) |
2896 | 0 | { |
2897 | 0 | lzss_emit_literal(rar, symbol); |
2898 | 0 | continue; |
2899 | 0 | } |
2900 | 0 | else if (symbol == 256) |
2901 | 0 | { |
2902 | 0 | if (!rar_br_read_ahead(a, br, 1)) |
2903 | 0 | goto truncated_data; |
2904 | 0 | newfile = !rar_br_bits(br, 1); |
2905 | 0 | rar_br_consume(br, 1); |
2906 | |
|
2907 | 0 | if(newfile) |
2908 | 0 | { |
2909 | 0 | rar->start_new_block = 1; |
2910 | 0 | if (!rar_br_read_ahead(a, br, 1)) |
2911 | 0 | goto truncated_data; |
2912 | 0 | rar->start_new_table = rar_br_bits(br, 1); |
2913 | 0 | rar_br_consume(br, 1); |
2914 | 0 | *end = lzss_position(&rar->lzss); |
2915 | 0 | return (ARCHIVE_OK); |
2916 | 0 | } |
2917 | 0 | else |
2918 | 0 | { |
2919 | 0 | if (parse_codes(a) != ARCHIVE_OK) |
2920 | 0 | return (ARCHIVE_FATAL); |
2921 | 0 | continue; |
2922 | 0 | } |
2923 | 0 | } |
2924 | 0 | else if(symbol==257) |
2925 | 0 | { |
2926 | 0 | if (!read_filter(a, end)) |
2927 | 0 | return (ARCHIVE_FATAL); |
2928 | 0 | continue; |
2929 | 0 | } |
2930 | 0 | else if(symbol==258) |
2931 | 0 | { |
2932 | 0 | if(rar->lastlength == 0) |
2933 | 0 | continue; |
2934 | | |
2935 | 0 | offs = rar->lastoffset; |
2936 | 0 | len = rar->lastlength; |
2937 | 0 | } |
2938 | 0 | else if (symbol <= 262) |
2939 | 0 | { |
2940 | 0 | offsindex = symbol - 259; |
2941 | 0 | offs = rar->oldoffset[offsindex]; |
2942 | |
|
2943 | 0 | if ((lensymbol = read_next_symbol(a, &rar->lengthcode)) < 0) |
2944 | 0 | goto bad_data; |
2945 | 0 | if (lensymbol > lengthb_min) |
2946 | 0 | goto bad_data; |
2947 | 0 | len = lengthbases[lensymbol] + 2; |
2948 | 0 | if (lengthbits[lensymbol] > 0) { |
2949 | 0 | if (!rar_br_read_ahead(a, br, lengthbits[lensymbol])) |
2950 | 0 | goto truncated_data; |
2951 | 0 | len += rar_br_bits(br, lengthbits[lensymbol]); |
2952 | 0 | rar_br_consume(br, lengthbits[lensymbol]); |
2953 | 0 | } |
2954 | | |
2955 | 0 | for (i = offsindex; i > 0; i--) |
2956 | 0 | rar->oldoffset[i] = rar->oldoffset[i-1]; |
2957 | 0 | rar->oldoffset[0] = offs; |
2958 | 0 | } |
2959 | 0 | else if(symbol<=270) |
2960 | 0 | { |
2961 | 0 | offs = shortbases[symbol-263] + 1; |
2962 | 0 | if(shortbits[symbol-263] > 0) { |
2963 | 0 | if (!rar_br_read_ahead(a, br, shortbits[symbol-263])) |
2964 | 0 | goto truncated_data; |
2965 | 0 | offs += rar_br_bits(br, shortbits[symbol-263]); |
2966 | 0 | rar_br_consume(br, shortbits[symbol-263]); |
2967 | 0 | } |
2968 | | |
2969 | 0 | len = 2; |
2970 | |
|
2971 | 0 | for(i = 3; i > 0; i--) |
2972 | 0 | rar->oldoffset[i] = rar->oldoffset[i-1]; |
2973 | 0 | rar->oldoffset[0] = offs; |
2974 | 0 | } |
2975 | 0 | else |
2976 | 0 | { |
2977 | 0 | if (symbol-271 > lengthb_min) |
2978 | 0 | goto bad_data; |
2979 | 0 | len = lengthbases[symbol-271]+3; |
2980 | 0 | if(lengthbits[symbol-271] > 0) { |
2981 | 0 | if (!rar_br_read_ahead(a, br, lengthbits[symbol-271])) |
2982 | 0 | goto truncated_data; |
2983 | 0 | len += rar_br_bits(br, lengthbits[symbol-271]); |
2984 | 0 | rar_br_consume(br, lengthbits[symbol-271]); |
2985 | 0 | } |
2986 | | |
2987 | 0 | if ((offssymbol = read_next_symbol(a, &rar->offsetcode)) < 0) |
2988 | 0 | goto bad_data; |
2989 | 0 | if (offssymbol > offsetb_min) |
2990 | 0 | goto bad_data; |
2991 | 0 | offs = offsetbases[offssymbol]+1; |
2992 | 0 | if(offsetbits[offssymbol] > 0) |
2993 | 0 | { |
2994 | 0 | if(offssymbol > 9) |
2995 | 0 | { |
2996 | 0 | if(offsetbits[offssymbol] > 4) { |
2997 | 0 | if (!rar_br_read_ahead(a, br, offsetbits[offssymbol] - 4)) |
2998 | 0 | goto truncated_data; |
2999 | 0 | offs += rar_br_bits(br, offsetbits[offssymbol] - 4) << 4; |
3000 | 0 | rar_br_consume(br, offsetbits[offssymbol] - 4); |
3001 | 0 | } |
3002 | | |
3003 | 0 | if(rar->numlowoffsetrepeats > 0) |
3004 | 0 | { |
3005 | 0 | rar->numlowoffsetrepeats--; |
3006 | 0 | offs += rar->lastlowoffset; |
3007 | 0 | } |
3008 | 0 | else |
3009 | 0 | { |
3010 | 0 | if ((lowoffsetsymbol = |
3011 | 0 | read_next_symbol(a, &rar->lowoffsetcode)) < 0) |
3012 | 0 | return (ARCHIVE_FATAL); |
3013 | 0 | if(lowoffsetsymbol == 16) |
3014 | 0 | { |
3015 | 0 | rar->numlowoffsetrepeats = 15; |
3016 | 0 | offs += rar->lastlowoffset; |
3017 | 0 | } |
3018 | 0 | else |
3019 | 0 | { |
3020 | 0 | offs += lowoffsetsymbol; |
3021 | 0 | rar->lastlowoffset = lowoffsetsymbol; |
3022 | 0 | } |
3023 | 0 | } |
3024 | 0 | } |
3025 | 0 | else { |
3026 | 0 | if (!rar_br_read_ahead(a, br, offsetbits[offssymbol])) |
3027 | 0 | goto truncated_data; |
3028 | 0 | offs += rar_br_bits(br, offsetbits[offssymbol]); |
3029 | 0 | rar_br_consume(br, offsetbits[offssymbol]); |
3030 | 0 | } |
3031 | 0 | } |
3032 | | |
3033 | 0 | if (offs >= 0x40000) |
3034 | 0 | len++; |
3035 | 0 | if (offs >= 0x2000) |
3036 | 0 | len++; |
3037 | |
|
3038 | 0 | for(i = 3; i > 0; i--) |
3039 | 0 | rar->oldoffset[i] = rar->oldoffset[i-1]; |
3040 | 0 | rar->oldoffset[0] = offs; |
3041 | 0 | } |
3042 | | |
3043 | 0 | rar->lastoffset = offs; |
3044 | 0 | rar->lastlength = len; |
3045 | |
|
3046 | 0 | lzss_emit_match(rar, rar->lastoffset, rar->lastlength); |
3047 | 0 | } |
3048 | 0 | truncated_data: |
3049 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
3050 | 0 | "Truncated RAR file data"); |
3051 | 0 | rar->valid = 0; |
3052 | 0 | return (ARCHIVE_FATAL); |
3053 | 0 | bad_data: |
3054 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
3055 | 0 | "Bad RAR file data"); |
3056 | 0 | return (ARCHIVE_FATAL); |
3057 | 0 | } |
3058 | | |
3059 | | static int |
3060 | | copy_from_lzss_window(struct archive_read *a, void *buffer, |
3061 | | int64_t startpos, int length) |
3062 | 0 | { |
3063 | 0 | int windowoffs, firstpart; |
3064 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
3065 | |
|
3066 | 0 | windowoffs = lzss_offset_for_position(&rar->lzss, startpos); |
3067 | 0 | firstpart = lzss_size(&rar->lzss) - windowoffs; |
3068 | 0 | if (firstpart < 0) { |
3069 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
3070 | 0 | "Bad RAR file data"); |
3071 | 0 | return (ARCHIVE_FATAL); |
3072 | 0 | } |
3073 | 0 | if (firstpart < length) { |
3074 | 0 | memcpy(buffer, &rar->lzss.window[windowoffs], firstpart); |
3075 | 0 | memcpy(buffer, &rar->lzss.window[0], length - firstpart); |
3076 | 0 | } else { |
3077 | 0 | memcpy(buffer, &rar->lzss.window[windowoffs], length); |
3078 | 0 | } |
3079 | 0 | return (ARCHIVE_OK); |
3080 | 0 | } |
3081 | | |
3082 | | static int |
3083 | | copy_from_lzss_window_to_unp(struct archive_read *a, const void **buffer, |
3084 | | int64_t startpos, int length) |
3085 | 0 | { |
3086 | 0 | int windowoffs, firstpart; |
3087 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
3088 | |
|
3089 | 0 | if (!rar->unp_buffer) |
3090 | 0 | { |
3091 | 0 | if ((rar->unp_buffer = malloc(rar->unp_buffer_size)) == NULL) |
3092 | 0 | { |
3093 | 0 | archive_set_error(&a->archive, ENOMEM, |
3094 | 0 | "Unable to allocate memory for uncompressed data."); |
3095 | 0 | return (ARCHIVE_FATAL); |
3096 | 0 | } |
3097 | 0 | } |
3098 | | |
3099 | 0 | windowoffs = lzss_offset_for_position(&rar->lzss, startpos); |
3100 | 0 | if(windowoffs + length <= lzss_size(&rar->lzss)) { |
3101 | 0 | memcpy(&rar->unp_buffer[rar->unp_offset], &rar->lzss.window[windowoffs], |
3102 | 0 | length); |
3103 | 0 | } else if (length <= lzss_size(&rar->lzss)) { |
3104 | 0 | firstpart = lzss_size(&rar->lzss) - windowoffs; |
3105 | 0 | if (firstpart < 0) { |
3106 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
3107 | 0 | "Bad RAR file data"); |
3108 | 0 | return (ARCHIVE_FATAL); |
3109 | 0 | } |
3110 | 0 | if (firstpart < length) { |
3111 | 0 | memcpy(&rar->unp_buffer[rar->unp_offset], |
3112 | 0 | &rar->lzss.window[windowoffs], firstpart); |
3113 | 0 | memcpy(&rar->unp_buffer[rar->unp_offset + firstpart], |
3114 | 0 | &rar->lzss.window[0], length - firstpart); |
3115 | 0 | } else { |
3116 | 0 | memcpy(&rar->unp_buffer[rar->unp_offset], |
3117 | 0 | &rar->lzss.window[windowoffs], length); |
3118 | 0 | } |
3119 | 0 | } else { |
3120 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, |
3121 | 0 | "Bad RAR file data"); |
3122 | 0 | return (ARCHIVE_FATAL); |
3123 | 0 | } |
3124 | 0 | rar->unp_offset += length; |
3125 | 0 | if (rar->unp_offset >= rar->unp_buffer_size) |
3126 | 0 | *buffer = rar->unp_buffer; |
3127 | 0 | else |
3128 | 0 | *buffer = NULL; |
3129 | 0 | return (ARCHIVE_OK); |
3130 | 0 | } |
3131 | | |
3132 | | static const void * |
3133 | | rar_read_ahead(struct archive_read *a, size_t min, ssize_t *avail) |
3134 | 0 | { |
3135 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
3136 | 0 | const void *h = __archive_read_ahead(a, min, avail); |
3137 | 0 | int ret; |
3138 | 0 | if (avail) |
3139 | 0 | { |
3140 | 0 | if (a->archive.read_data_is_posix_read && *avail > (ssize_t)a->archive.read_data_requested) |
3141 | 0 | *avail = a->archive.read_data_requested; |
3142 | 0 | if (*avail > rar->bytes_remaining) |
3143 | 0 | *avail = (ssize_t)rar->bytes_remaining; |
3144 | 0 | if (*avail < 0) |
3145 | 0 | return NULL; |
3146 | 0 | else if (*avail == 0 && rar->main_flags & MHD_VOLUME && |
3147 | 0 | rar->file_flags & FHD_SPLIT_AFTER) |
3148 | 0 | { |
3149 | 0 | rar->filename_must_match = 1; |
3150 | 0 | ret = archive_read_format_rar_read_header(a, a->entry); |
3151 | 0 | if (ret == (ARCHIVE_EOF)) |
3152 | 0 | { |
3153 | 0 | rar->has_endarc_header = 1; |
3154 | 0 | ret = archive_read_format_rar_read_header(a, a->entry); |
3155 | 0 | } |
3156 | 0 | rar->filename_must_match = 0; |
3157 | 0 | if (ret != (ARCHIVE_OK)) |
3158 | 0 | return NULL; |
3159 | 0 | return rar_read_ahead(a, min, avail); |
3160 | 0 | } |
3161 | 0 | } |
3162 | 0 | return h; |
3163 | 0 | } |
3164 | | |
3165 | | static int |
3166 | | parse_filter(struct archive_read *a, const uint8_t *bytes, uint16_t length, uint8_t flags) |
3167 | 0 | { |
3168 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
3169 | 0 | struct rar_filters *filters = &rar->filters; |
3170 | |
|
3171 | 0 | struct memory_bit_reader br = { 0 }; |
3172 | 0 | struct rar_program_code *prog; |
3173 | 0 | struct rar_filter *filter, **nextfilter; |
3174 | |
|
3175 | 0 | uint32_t numprogs, num, blocklength, globaldatalen; |
3176 | 0 | uint8_t *globaldata; |
3177 | 0 | size_t blockstartpos; |
3178 | 0 | uint32_t registers[8] = { 0 }; |
3179 | 0 | uint32_t i; |
3180 | |
|
3181 | 0 | br.bytes = bytes; |
3182 | 0 | br.length = length; |
3183 | |
|
3184 | 0 | numprogs = 0; |
3185 | 0 | for (prog = filters->progs; prog; prog = prog->next) |
3186 | 0 | numprogs++; |
3187 | |
|
3188 | 0 | if ((flags & 0x80)) |
3189 | 0 | { |
3190 | 0 | num = membr_next_rarvm_number(&br); |
3191 | 0 | if (num == 0) |
3192 | 0 | { |
3193 | 0 | delete_filter(filters->stack); |
3194 | 0 | filters->stack = NULL; |
3195 | 0 | delete_program_code(filters->progs); |
3196 | 0 | filters->progs = NULL; |
3197 | 0 | } |
3198 | 0 | else |
3199 | 0 | num--; |
3200 | 0 | if (num > numprogs) { |
3201 | 0 | return 0; |
3202 | 0 | } |
3203 | 0 | filters->lastfilternum = num; |
3204 | 0 | } |
3205 | 0 | else |
3206 | 0 | num = filters->lastfilternum; |
3207 | | |
3208 | 0 | prog = filters->progs; |
3209 | 0 | for (i = 0; i < num; i++) |
3210 | 0 | prog = prog->next; |
3211 | 0 | if (prog) |
3212 | 0 | prog->usagecount++; |
3213 | |
|
3214 | 0 | blockstartpos = membr_next_rarvm_number(&br) + (size_t)lzss_position(&rar->lzss); |
3215 | 0 | if ((flags & 0x40)) |
3216 | 0 | blockstartpos += 258; |
3217 | 0 | if ((flags & 0x20)) |
3218 | 0 | blocklength = membr_next_rarvm_number(&br); |
3219 | 0 | else |
3220 | 0 | blocklength = prog ? prog->oldfilterlength : 0; |
3221 | |
|
3222 | 0 | registers[3] = PROGRAM_SYSTEM_GLOBAL_ADDRESS; |
3223 | 0 | registers[4] = blocklength; |
3224 | 0 | registers[5] = prog ? prog->usagecount : 0; |
3225 | 0 | registers[7] = VM_MEMORY_SIZE; |
3226 | |
|
3227 | 0 | if ((flags & 0x10)) |
3228 | 0 | { |
3229 | 0 | uint8_t mask = (uint8_t)membr_bits(&br, 7); |
3230 | 0 | for (i = 0; i < 7; i++) |
3231 | 0 | if ((mask & (1 << i))) |
3232 | 0 | registers[i] = membr_next_rarvm_number(&br); |
3233 | 0 | } |
3234 | |
|
3235 | 0 | if (!prog) |
3236 | 0 | { |
3237 | 0 | uint32_t len = membr_next_rarvm_number(&br); |
3238 | 0 | uint8_t *bytecode; |
3239 | 0 | struct rar_program_code **next; |
3240 | |
|
3241 | 0 | if (len == 0 || len > 0x10000) |
3242 | 0 | return 0; |
3243 | 0 | bytecode = malloc(len); |
3244 | 0 | if (!bytecode) |
3245 | 0 | return 0; |
3246 | 0 | for (i = 0; i < len; i++) |
3247 | 0 | bytecode[i] = (uint8_t)membr_bits(&br, 8); |
3248 | 0 | prog = compile_program(bytecode, len); |
3249 | 0 | if (!prog) { |
3250 | 0 | free(bytecode); |
3251 | 0 | return 0; |
3252 | 0 | } |
3253 | 0 | free(bytecode); |
3254 | 0 | next = &filters->progs; |
3255 | 0 | while (*next) |
3256 | 0 | next = &(*next)->next; |
3257 | 0 | *next = prog; |
3258 | 0 | } |
3259 | 0 | prog->oldfilterlength = blocklength; |
3260 | |
|
3261 | 0 | globaldata = NULL; |
3262 | 0 | globaldatalen = 0; |
3263 | 0 | if ((flags & 0x08)) |
3264 | 0 | { |
3265 | 0 | globaldatalen = membr_next_rarvm_number(&br); |
3266 | 0 | if (globaldatalen > PROGRAM_USER_GLOBAL_SIZE) |
3267 | 0 | return 0; |
3268 | 0 | globaldata = malloc(globaldatalen + PROGRAM_SYSTEM_GLOBAL_SIZE); |
3269 | 0 | if (!globaldata) |
3270 | 0 | return 0; |
3271 | 0 | for (i = 0; i < globaldatalen; i++) |
3272 | 0 | globaldata[i + PROGRAM_SYSTEM_GLOBAL_SIZE] = (uint8_t)membr_bits(&br, 8); |
3273 | 0 | } |
3274 | | |
3275 | 0 | if (br.at_eof) |
3276 | 0 | { |
3277 | 0 | free(globaldata); |
3278 | 0 | return 0; |
3279 | 0 | } |
3280 | | |
3281 | 0 | filter = create_filter(prog, globaldata, globaldatalen, registers, blockstartpos, blocklength); |
3282 | 0 | free(globaldata); |
3283 | 0 | if (!filter) |
3284 | 0 | return 0; |
3285 | | |
3286 | 0 | for (i = 0; i < 7; i++) |
3287 | 0 | archive_le32enc(&filter->globaldata[i * 4], registers[i]); |
3288 | 0 | archive_le32enc(&filter->globaldata[0x1C], blocklength); |
3289 | 0 | archive_le32enc(&filter->globaldata[0x20], 0); |
3290 | 0 | archive_le32enc(&filter->globaldata[0x2C], prog->usagecount); |
3291 | |
|
3292 | 0 | nextfilter = &filters->stack; |
3293 | 0 | while (*nextfilter) |
3294 | 0 | nextfilter = &(*nextfilter)->next; |
3295 | 0 | *nextfilter = filter; |
3296 | |
|
3297 | 0 | if (!filters->stack->next) |
3298 | 0 | filters->filterstart = blockstartpos; |
3299 | |
|
3300 | 0 | return 1; |
3301 | 0 | } |
3302 | | |
3303 | | static struct rar_filter * |
3304 | | create_filter(struct rar_program_code *prog, const uint8_t *globaldata, uint32_t globaldatalen, uint32_t registers[8], size_t startpos, uint32_t length) |
3305 | 0 | { |
3306 | 0 | struct rar_filter *filter; |
3307 | |
|
3308 | 0 | filter = calloc(1, sizeof(*filter)); |
3309 | 0 | if (!filter) |
3310 | 0 | return NULL; |
3311 | 0 | filter->prog = prog; |
3312 | 0 | filter->globaldatalen = globaldatalen > PROGRAM_SYSTEM_GLOBAL_SIZE ? globaldatalen : PROGRAM_SYSTEM_GLOBAL_SIZE; |
3313 | 0 | filter->globaldata = calloc(1, filter->globaldatalen); |
3314 | 0 | if (!filter->globaldata) |
3315 | 0 | return NULL; |
3316 | 0 | if (globaldata) |
3317 | 0 | memcpy(filter->globaldata, globaldata, globaldatalen); |
3318 | 0 | if (registers) |
3319 | 0 | memcpy(filter->initialregisters, registers, sizeof(filter->initialregisters)); |
3320 | 0 | filter->blockstartpos = startpos; |
3321 | 0 | filter->blocklength = length; |
3322 | |
|
3323 | 0 | return filter; |
3324 | 0 | } |
3325 | | |
3326 | | static int |
3327 | | run_filters(struct archive_read *a) |
3328 | 0 | { |
3329 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
3330 | 0 | struct rar_filters *filters = &rar->filters; |
3331 | 0 | struct rar_filter *filter = filters->stack; |
3332 | 0 | struct rar_filter *f; |
3333 | 0 | size_t start, end; |
3334 | 0 | int64_t tend; |
3335 | 0 | uint32_t lastfilteraddress; |
3336 | 0 | uint32_t lastfilterlength; |
3337 | 0 | int ret; |
3338 | |
|
3339 | 0 | if (filters == NULL || filter == NULL) |
3340 | 0 | return (0); |
3341 | | |
3342 | 0 | start = filters->filterstart; |
3343 | 0 | end = start + filter->blocklength; |
3344 | |
|
3345 | 0 | filters->filterstart = INT64_MAX; |
3346 | 0 | tend = (int64_t)end; |
3347 | 0 | ret = expand(a, &tend); |
3348 | 0 | if (ret != ARCHIVE_OK) |
3349 | 0 | return 0; |
3350 | | |
3351 | | /* Check if filter stack was modified in expand() */ |
3352 | 0 | ret = ARCHIVE_FATAL; |
3353 | 0 | f = filters->stack; |
3354 | 0 | while (f) |
3355 | 0 | { |
3356 | 0 | if (f == filter) |
3357 | 0 | { |
3358 | 0 | ret = ARCHIVE_OK; |
3359 | 0 | break; |
3360 | 0 | } |
3361 | 0 | f = f->next; |
3362 | 0 | } |
3363 | 0 | if (ret != ARCHIVE_OK) |
3364 | 0 | return 0; |
3365 | | |
3366 | 0 | if (tend < 0) |
3367 | 0 | return 0; |
3368 | 0 | end = (size_t)tend; |
3369 | 0 | if (end != start + filter->blocklength) |
3370 | 0 | return 0; |
3371 | | |
3372 | 0 | if (!filters->vm) |
3373 | 0 | { |
3374 | 0 | filters->vm = calloc(1, sizeof(*filters->vm)); |
3375 | 0 | if (!filters->vm) |
3376 | 0 | return 0; |
3377 | 0 | } |
3378 | | |
3379 | 0 | ret = copy_from_lzss_window(a, filters->vm->memory, start, filter->blocklength); |
3380 | 0 | if (ret != ARCHIVE_OK) |
3381 | 0 | return 0; |
3382 | 0 | if (!execute_filter(a, filter, filters->vm, rar->offset)) |
3383 | 0 | return 0; |
3384 | | |
3385 | 0 | lastfilteraddress = filter->filteredblockaddress; |
3386 | 0 | lastfilterlength = filter->filteredblocklength; |
3387 | 0 | filters->stack = filter->next; |
3388 | 0 | filter->next = NULL; |
3389 | 0 | delete_filter(filter); |
3390 | |
|
3391 | 0 | while ((filter = filters->stack) != NULL && (int64_t)filter->blockstartpos == filters->filterstart && filter->blocklength == lastfilterlength) |
3392 | 0 | { |
3393 | 0 | memmove(&filters->vm->memory[0], &filters->vm->memory[lastfilteraddress], lastfilterlength); |
3394 | 0 | if (!execute_filter(a, filter, filters->vm, rar->offset)) |
3395 | 0 | return 0; |
3396 | | |
3397 | 0 | lastfilteraddress = filter->filteredblockaddress; |
3398 | 0 | lastfilterlength = filter->filteredblocklength; |
3399 | 0 | filters->stack = filter->next; |
3400 | 0 | filter->next = NULL; |
3401 | 0 | delete_filter(filter); |
3402 | 0 | } |
3403 | | |
3404 | 0 | if (filters->stack) |
3405 | 0 | { |
3406 | 0 | if (filters->stack->blockstartpos < end) |
3407 | 0 | return 0; |
3408 | 0 | filters->filterstart = filters->stack->blockstartpos; |
3409 | 0 | } |
3410 | | |
3411 | 0 | filters->lastend = end; |
3412 | 0 | filters->bytes = &filters->vm->memory[lastfilteraddress]; |
3413 | 0 | filters->bytes_ready = lastfilterlength; |
3414 | |
|
3415 | 0 | return 1; |
3416 | 0 | } |
3417 | | |
3418 | | static struct rar_program_code * |
3419 | | compile_program(const uint8_t *bytes, size_t length) |
3420 | 0 | { |
3421 | 0 | struct memory_bit_reader br = { 0 }; |
3422 | 0 | struct rar_program_code *prog; |
3423 | | // uint32_t instrcount = 0; |
3424 | 0 | uint8_t xor; |
3425 | 0 | size_t i; |
3426 | |
|
3427 | 0 | xor = 0; |
3428 | 0 | for (i = 1; i < length; i++) |
3429 | 0 | xor ^= bytes[i]; |
3430 | 0 | if (!length || xor != bytes[0]) |
3431 | 0 | return NULL; |
3432 | | |
3433 | 0 | br.bytes = bytes; |
3434 | 0 | br.length = length; |
3435 | 0 | br.offset = 1; |
3436 | |
|
3437 | 0 | prog = calloc(1, sizeof(*prog)); |
3438 | 0 | if (!prog) |
3439 | 0 | return NULL; |
3440 | 0 | prog->fingerprint = crc32(0, bytes, (unsigned int)length) | ((uint64_t)length << 32); |
3441 | |
|
3442 | 0 | if (membr_bits(&br, 1)) |
3443 | 0 | { |
3444 | 0 | prog->staticdatalen = membr_next_rarvm_number(&br) + 1; |
3445 | 0 | prog->staticdata = malloc(prog->staticdatalen); |
3446 | 0 | if (!prog->staticdata) |
3447 | 0 | { |
3448 | 0 | delete_program_code(prog); |
3449 | 0 | return NULL; |
3450 | 0 | } |
3451 | 0 | for (i = 0; i < prog->staticdatalen; i++) |
3452 | 0 | prog->staticdata[i] = (uint8_t)membr_bits(&br, 8); |
3453 | 0 | } |
3454 | | |
3455 | 0 | return prog; |
3456 | 0 | } |
3457 | | |
3458 | | static void |
3459 | | delete_filter(struct rar_filter *filter) |
3460 | 8.06k | { |
3461 | 8.06k | while (filter) |
3462 | 0 | { |
3463 | 0 | struct rar_filter *next = filter->next; |
3464 | 0 | free(filter->globaldata); |
3465 | 0 | free(filter); |
3466 | 0 | filter = next; |
3467 | 0 | } |
3468 | 8.06k | } |
3469 | | |
3470 | | static void |
3471 | | clear_filters(struct rar_filters *filters) |
3472 | 8.06k | { |
3473 | 8.06k | delete_filter(filters->stack); |
3474 | 8.06k | delete_program_code(filters->progs); |
3475 | 8.06k | free(filters->vm); |
3476 | 8.06k | } |
3477 | | |
3478 | | static void |
3479 | | delete_program_code(struct rar_program_code *prog) |
3480 | 8.06k | { |
3481 | 8.06k | while (prog) |
3482 | 0 | { |
3483 | 0 | struct rar_program_code *next = prog->next; |
3484 | 0 | free(prog->staticdata); |
3485 | 0 | free(prog->globalbackup); |
3486 | 0 | free(prog); |
3487 | 0 | prog = next; |
3488 | 0 | } |
3489 | 8.06k | } |
3490 | | |
3491 | | static uint32_t |
3492 | | membr_next_rarvm_number(struct memory_bit_reader *br) |
3493 | 0 | { |
3494 | 0 | uint32_t val; |
3495 | 0 | switch (membr_bits(br, 2)) |
3496 | 0 | { |
3497 | 0 | case 0: |
3498 | 0 | return membr_bits(br, 4); |
3499 | 0 | case 1: |
3500 | 0 | val = membr_bits(br, 8); |
3501 | 0 | if (val >= 16) |
3502 | 0 | return val; |
3503 | 0 | return 0xFFFFFF00 | (val << 4) | membr_bits(br, 4); |
3504 | 0 | case 2: |
3505 | 0 | return membr_bits(br, 16); |
3506 | 0 | default: |
3507 | 0 | return membr_bits(br, 32); |
3508 | 0 | } |
3509 | 0 | } |
3510 | | |
3511 | | static inline uint32_t |
3512 | | membr_bits(struct memory_bit_reader *br, int bits) |
3513 | 0 | { |
3514 | 0 | if (bits > br->available && (br->at_eof || !membr_fill(br, bits))) |
3515 | 0 | return 0; |
3516 | 0 | return (uint32_t)((br->bits >> (br->available -= bits)) & (((uint64_t)1 << bits) - 1)); |
3517 | 0 | } |
3518 | | |
3519 | | static int |
3520 | | membr_fill(struct memory_bit_reader *br, int bits) |
3521 | 0 | { |
3522 | 0 | while (br->available < bits && br->offset < br->length) |
3523 | 0 | { |
3524 | 0 | br->bits = (br->bits << 8) | br->bytes[br->offset++]; |
3525 | 0 | br->available += 8; |
3526 | 0 | } |
3527 | 0 | if (bits > br->available) |
3528 | 0 | { |
3529 | 0 | br->at_eof = 1; |
3530 | 0 | return 0; |
3531 | 0 | } |
3532 | 0 | return 1; |
3533 | 0 | } |
3534 | | |
3535 | | static int |
3536 | | read_filter(struct archive_read *a, int64_t *end) |
3537 | 0 | { |
3538 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
3539 | 0 | uint8_t flags, val, *code; |
3540 | 0 | uint16_t length, i; |
3541 | |
|
3542 | 0 | if (!rar_decode_byte(a, &flags)) |
3543 | 0 | return 0; |
3544 | 0 | length = (flags & 0x07) + 1; |
3545 | 0 | if (length == 7) |
3546 | 0 | { |
3547 | 0 | if (!rar_decode_byte(a, &val)) |
3548 | 0 | return 0; |
3549 | 0 | length = val + 7; |
3550 | 0 | } |
3551 | 0 | else if (length == 8) |
3552 | 0 | { |
3553 | 0 | if (!rar_decode_byte(a, &val)) |
3554 | 0 | return 0; |
3555 | 0 | length = val << 8; |
3556 | 0 | if (!rar_decode_byte(a, &val)) |
3557 | 0 | return 0; |
3558 | 0 | length |= val; |
3559 | 0 | } |
3560 | | |
3561 | 0 | code = malloc(length); |
3562 | 0 | if (!code) |
3563 | 0 | return 0; |
3564 | 0 | for (i = 0; i < length; i++) |
3565 | 0 | { |
3566 | 0 | if (!rar_decode_byte(a, &code[i])) |
3567 | 0 | { |
3568 | 0 | free(code); |
3569 | 0 | return 0; |
3570 | 0 | } |
3571 | 0 | } |
3572 | 0 | if (!parse_filter(a, code, length, flags)) |
3573 | 0 | { |
3574 | 0 | free(code); |
3575 | 0 | return 0; |
3576 | 0 | } |
3577 | 0 | free(code); |
3578 | |
|
3579 | 0 | if (rar->filters.filterstart < *end) |
3580 | 0 | *end = rar->filters.filterstart; |
3581 | |
|
3582 | 0 | return 1; |
3583 | 0 | } |
3584 | | |
3585 | | static int |
3586 | | execute_filter_delta(struct rar_filter *filter, struct rar_virtual_machine *vm) |
3587 | 0 | { |
3588 | 0 | uint32_t length = filter->initialregisters[4]; |
3589 | 0 | uint32_t numchannels = filter->initialregisters[0]; |
3590 | 0 | uint8_t *src, *dst; |
3591 | 0 | uint32_t i, idx; |
3592 | |
|
3593 | 0 | if (length > PROGRAM_WORK_SIZE / 2) |
3594 | 0 | return 0; |
3595 | | |
3596 | 0 | src = &vm->memory[0]; |
3597 | 0 | dst = &vm->memory[length]; |
3598 | 0 | for (i = 0; i < numchannels; i++) |
3599 | 0 | { |
3600 | 0 | uint8_t lastbyte = 0; |
3601 | 0 | for (idx = i; idx < length; idx += numchannels) |
3602 | 0 | lastbyte = dst[idx] = lastbyte - *src++; |
3603 | 0 | } |
3604 | |
|
3605 | 0 | filter->filteredblockaddress = length; |
3606 | 0 | filter->filteredblocklength = length; |
3607 | |
|
3608 | 0 | return 1; |
3609 | 0 | } |
3610 | | |
3611 | | static int |
3612 | | execute_filter_e8(struct rar_filter *filter, struct rar_virtual_machine *vm, size_t pos, int e9also) |
3613 | 0 | { |
3614 | 0 | uint32_t length = filter->initialregisters[4]; |
3615 | 0 | uint32_t filesize = 0x1000000; |
3616 | 0 | uint32_t i; |
3617 | |
|
3618 | 0 | if (length > PROGRAM_WORK_SIZE || length < 4) |
3619 | 0 | return 0; |
3620 | | |
3621 | 0 | for (i = 0; i <= length - 5; i++) |
3622 | 0 | { |
3623 | 0 | if (vm->memory[i] == 0xE8 || (e9also && vm->memory[i] == 0xE9)) |
3624 | 0 | { |
3625 | 0 | uint32_t currpos = (uint32_t)pos + i + 1; |
3626 | 0 | int32_t address = (int32_t)vm_read_32(vm, i + 1); |
3627 | 0 | if (address < 0 && currpos >= (uint32_t)-address) |
3628 | 0 | vm_write_32(vm, i + 1, address + filesize); |
3629 | 0 | else if (address >= 0 && (uint32_t)address < filesize) |
3630 | 0 | vm_write_32(vm, i + 1, address - currpos); |
3631 | 0 | i += 4; |
3632 | 0 | } |
3633 | 0 | } |
3634 | |
|
3635 | 0 | filter->filteredblockaddress = 0; |
3636 | 0 | filter->filteredblocklength = length; |
3637 | |
|
3638 | 0 | return 1; |
3639 | 0 | } |
3640 | | |
3641 | | static int |
3642 | | execute_filter_rgb(struct rar_filter *filter, struct rar_virtual_machine *vm) |
3643 | 0 | { |
3644 | 0 | uint32_t stride = filter->initialregisters[0]; |
3645 | 0 | uint32_t byteoffset = filter->initialregisters[1]; |
3646 | 0 | uint32_t blocklength = filter->initialregisters[4]; |
3647 | 0 | uint8_t *src, *dst; |
3648 | 0 | uint32_t i, j; |
3649 | |
|
3650 | 0 | if (blocklength > PROGRAM_WORK_SIZE / 2 || stride > blocklength) |
3651 | 0 | return 0; |
3652 | | |
3653 | 0 | src = &vm->memory[0]; |
3654 | 0 | dst = &vm->memory[blocklength]; |
3655 | 0 | for (i = 0; i < 3; i++) { |
3656 | 0 | uint8_t byte = 0; |
3657 | 0 | uint8_t *prev = dst + i - stride; |
3658 | 0 | for (j = i; j < blocklength; j += 3) |
3659 | 0 | { |
3660 | 0 | if (prev >= dst) |
3661 | 0 | { |
3662 | 0 | uint32_t delta1 = abs(prev[3] - prev[0]); |
3663 | 0 | uint32_t delta2 = abs(byte - prev[0]); |
3664 | 0 | uint32_t delta3 = abs(prev[3] - prev[0] + byte - prev[0]); |
3665 | 0 | if (delta1 > delta2 || delta1 > delta3) |
3666 | 0 | byte = delta2 <= delta3 ? prev[3] : prev[0]; |
3667 | 0 | } |
3668 | 0 | byte -= *src++; |
3669 | 0 | dst[j] = byte; |
3670 | 0 | prev += 3; |
3671 | 0 | } |
3672 | 0 | } |
3673 | 0 | for (i = byteoffset; i < blocklength - 2; i += 3) |
3674 | 0 | { |
3675 | 0 | dst[i] += dst[i + 1]; |
3676 | 0 | dst[i + 2] += dst[i + 1]; |
3677 | 0 | } |
3678 | |
|
3679 | 0 | filter->filteredblockaddress = blocklength; |
3680 | 0 | filter->filteredblocklength = blocklength; |
3681 | |
|
3682 | 0 | return 1; |
3683 | 0 | } |
3684 | | |
3685 | | static int |
3686 | | execute_filter_audio(struct rar_filter *filter, struct rar_virtual_machine *vm) |
3687 | 0 | { |
3688 | 0 | uint32_t length = filter->initialregisters[4]; |
3689 | 0 | uint32_t numchannels = filter->initialregisters[0]; |
3690 | 0 | uint8_t *src, *dst; |
3691 | 0 | uint32_t i, j; |
3692 | |
|
3693 | 0 | if (length > PROGRAM_WORK_SIZE / 2) |
3694 | 0 | return 0; |
3695 | | |
3696 | 0 | src = &vm->memory[0]; |
3697 | 0 | dst = &vm->memory[length]; |
3698 | 0 | for (i = 0; i < numchannels; i++) |
3699 | 0 | { |
3700 | 0 | struct audio_state state; |
3701 | 0 | memset(&state, 0, sizeof(state)); |
3702 | 0 | for (j = i; j < length; j += numchannels) |
3703 | 0 | { |
3704 | 0 | int8_t delta = (int8_t)*src++; |
3705 | 0 | uint8_t predbyte, byte; |
3706 | 0 | int prederror; |
3707 | 0 | state.delta[2] = state.delta[1]; |
3708 | 0 | state.delta[1] = state.lastdelta - state.delta[0]; |
3709 | 0 | state.delta[0] = state.lastdelta; |
3710 | 0 | predbyte = ((8 * state.lastbyte + state.weight[0] * state.delta[0] + state.weight[1] * state.delta[1] + state.weight[2] * state.delta[2]) >> 3) & 0xFF; |
3711 | 0 | byte = (predbyte - delta) & 0xFF; |
3712 | 0 | prederror = delta << 3; |
3713 | 0 | state.error[0] += abs(prederror); |
3714 | 0 | state.error[1] += abs(prederror - state.delta[0]); state.error[2] += abs(prederror + state.delta[0]); |
3715 | 0 | state.error[3] += abs(prederror - state.delta[1]); state.error[4] += abs(prederror + state.delta[1]); |
3716 | 0 | state.error[5] += abs(prederror - state.delta[2]); state.error[6] += abs(prederror + state.delta[2]); |
3717 | 0 | state.lastdelta = (int8_t)(byte - state.lastbyte); |
3718 | 0 | dst[j] = state.lastbyte = byte; |
3719 | 0 | if (!(state.count++ & 0x1F)) |
3720 | 0 | { |
3721 | 0 | uint8_t k, idx = 0; |
3722 | 0 | for (k = 1; k < 7; k++) |
3723 | 0 | { |
3724 | 0 | if (state.error[k] < state.error[idx]) |
3725 | 0 | idx = k; |
3726 | 0 | } |
3727 | 0 | memset(state.error, 0, sizeof(state.error)); |
3728 | 0 | switch (idx) |
3729 | 0 | { |
3730 | 0 | case 1: if (state.weight[0] >= -16) state.weight[0]--; break; |
3731 | 0 | case 2: if (state.weight[0] < 16) state.weight[0]++; break; |
3732 | 0 | case 3: if (state.weight[1] >= -16) state.weight[1]--; break; |
3733 | 0 | case 4: if (state.weight[1] < 16) state.weight[1]++; break; |
3734 | 0 | case 5: if (state.weight[2] >= -16) state.weight[2]--; break; |
3735 | 0 | case 6: if (state.weight[2] < 16) state.weight[2]++; break; |
3736 | 0 | } |
3737 | 0 | } |
3738 | 0 | } |
3739 | 0 | } |
3740 | | |
3741 | 0 | filter->filteredblockaddress = length; |
3742 | 0 | filter->filteredblocklength = length; |
3743 | |
|
3744 | 0 | return 1; |
3745 | 0 | } |
3746 | | |
3747 | | |
3748 | | static int |
3749 | | execute_filter(struct archive_read *a, struct rar_filter *filter, struct rar_virtual_machine *vm, size_t pos) |
3750 | 0 | { |
3751 | 0 | if (filter->prog->fingerprint == 0x1D0E06077D) |
3752 | 0 | return execute_filter_delta(filter, vm); |
3753 | 0 | if (filter->prog->fingerprint == 0x35AD576887) |
3754 | 0 | return execute_filter_e8(filter, vm, pos, 0); |
3755 | 0 | if (filter->prog->fingerprint == 0x393CD7E57E) |
3756 | 0 | return execute_filter_e8(filter, vm, pos, 1); |
3757 | 0 | if (filter->prog->fingerprint == 0x951C2C5DC8) |
3758 | 0 | return execute_filter_rgb(filter, vm); |
3759 | 0 | if (filter->prog->fingerprint == 0xD8BC85E701) |
3760 | 0 | return execute_filter_audio(filter, vm); |
3761 | | |
3762 | 0 | archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, "No support for RAR VM program filter"); |
3763 | 0 | return 0; |
3764 | 0 | } |
3765 | | |
3766 | | static int |
3767 | | rar_decode_byte(struct archive_read *a, uint8_t *byte) |
3768 | 0 | { |
3769 | 0 | struct rar *rar = (struct rar *)(a->format->data); |
3770 | 0 | struct rar_br *br = &(rar->br); |
3771 | 0 | if (!rar_br_read_ahead(a, br, 8)) |
3772 | 0 | return 0; |
3773 | 0 | *byte = (uint8_t)rar_br_bits(br, 8); |
3774 | 0 | rar_br_consume(br, 8); |
3775 | 0 | return 1; |
3776 | 0 | } |
3777 | | |
3778 | | static inline void |
3779 | | vm_write_32(struct rar_virtual_machine* vm, size_t offset, uint32_t u32) |
3780 | 0 | { |
3781 | 0 | archive_le32enc(vm->memory + offset, u32); |
3782 | 0 | } |
3783 | | |
3784 | | static inline uint32_t |
3785 | | vm_read_32(struct rar_virtual_machine* vm, size_t offset) |
3786 | 0 | { |
3787 | 0 | return archive_le32dec(vm->memory + offset); |
3788 | 0 | } |