/src/libreoffice/package/source/zipapi/XUnbufferedStream.cxx
Line | Count | Source |
1 | | /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 | | /* |
3 | | * This file is part of the LibreOffice project. |
4 | | * |
5 | | * This Source Code Form is subject to the terms of the Mozilla Public |
6 | | * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 | | * file, You can obtain one at http://mozilla.org/MPL/2.0/. |
8 | | * |
9 | | * This file incorporates work covered by the following license notice: |
10 | | * |
11 | | * Licensed to the Apache Software Foundation (ASF) under one or more |
12 | | * contributor license agreements. See the NOTICE file distributed |
13 | | * with this work for additional information regarding copyright |
14 | | * ownership. The ASF licenses this file to you under the Apache |
15 | | * License, Version 2.0 (the "License"); you may not use this file |
16 | | * except in compliance with the License. You may obtain a copy of |
17 | | * the License at http://www.apache.org/licenses/LICENSE-2.0 . |
18 | | */ |
19 | | |
20 | | #include <com/sun/star/packages/zip/ZipConstants.hpp> |
21 | | #include <com/sun/star/packages/zip/ZipIOException.hpp> |
22 | | #include <com/sun/star/xml/crypto/CipherID.hpp> |
23 | | |
24 | | #include "XUnbufferedStream.hxx" |
25 | | #include <EncryptionData.hxx> |
26 | | #include <package/InflateZlib.hxx> |
27 | | #include <EncryptedDataHeader.hxx> |
28 | | #include <algorithm> |
29 | | #include <string.h> |
30 | | #include <o3tl/safeint.hxx> |
31 | | #include <osl/diagnose.h> |
32 | | #include <osl/mutex.hxx> |
33 | | #include <utility> |
34 | | #include <comphelper/diagnose_ex.hxx> |
35 | | #include <ZipFile.hxx> |
36 | | |
37 | | using namespace ::com::sun::star; |
38 | | using namespace com::sun::star::packages::zip::ZipConstants; |
39 | | using namespace com::sun::star::io; |
40 | | using namespace com::sun::star::uno; |
41 | | using com::sun::star::packages::zip::ZipIOException; |
42 | | |
43 | | XUnbufferedStream::XUnbufferedStream( |
44 | | const uno::Reference< uno::XComponentContext >& xContext, |
45 | | rtl::Reference< comphelper::RefCountedMutex > aMutexHolder, |
46 | | ZipEntry const & rEntry, |
47 | | Reference < XInputStream > const & xNewZipStream, |
48 | | const ::rtl::Reference< EncryptionData >& rData, |
49 | | sal_Int8 nStreamMode, |
50 | | ::std::optional<sal_Int64> const oDecryptedSize, |
51 | | const OUString& aMediaType, |
52 | | bool bRecoveryMode ) |
53 | 192k | : maMutexHolder(std::move( aMutexHolder )) |
54 | 192k | , mxZipStream ( xNewZipStream ) |
55 | 192k | , mxZipSeek ( xNewZipStream, UNO_QUERY ) |
56 | 192k | , maEntry ( rEntry ) |
57 | 192k | , mnBlockSize( 1 ) |
58 | 192k | , maInflater( std::make_unique<ZipUtils::InflateZlib>(true) ) |
59 | 192k | , mbRawStream ( nStreamMode == UNBUFF_STREAM_RAW || nStreamMode == UNBUFF_STREAM_WRAPPEDRAW ) |
60 | 192k | , mbWrappedRaw ( nStreamMode == UNBUFF_STREAM_WRAPPEDRAW ) |
61 | 192k | , mnHeaderToRead ( 0 ) |
62 | 192k | , mnZipCurrent ( 0 ) |
63 | 192k | , mnZipEnd ( 0 ) |
64 | 192k | , mnZipSize ( 0 ) |
65 | 192k | , mnMyCurrent ( 0 ) |
66 | 192k | , mbCheckCRC(!bRecoveryMode) |
67 | 192k | { |
68 | 192k | mnZipCurrent = maEntry.nOffset; |
69 | 192k | sal_Int64 nSize; // data size in the zip file |
70 | | // this can actually happen in recovery |
71 | 192k | assert(bRecoveryMode || maEntry.nMethod != STORED || maEntry.nCompressedSize == maEntry.nSize); |
72 | 192k | if ( mbRawStream ) |
73 | 865 | { |
74 | 865 | mnZipSize = maEntry.nCompressedSize; |
75 | 865 | nSize = mnZipSize; |
76 | 865 | } |
77 | 191k | else |
78 | 191k | { |
79 | 191k | mnZipSize = oDecryptedSize ? *oDecryptedSize : maEntry.nSize; |
80 | 191k | nSize = maEntry.nCompressedSize; |
81 | 191k | } |
82 | | |
83 | 192k | if (mnZipSize < 0) |
84 | 0 | throw ZipIOException(u"The stream seems to be broken!"_ustr); |
85 | | |
86 | 192k | if (o3tl::checked_add(maEntry.nOffset, nSize, mnZipEnd)) |
87 | 0 | throw ZipIOException(u"Integer-overflow"_ustr); |
88 | | |
89 | 192k | bool bHaveEncryptData = rData.is() && rData->m_aInitVector.hasElements() && |
90 | 0 | ((rData->m_aSalt.hasElements() && (rData->m_oPBKDFIterationCount || rData->m_oArgon2Args)) |
91 | 0 | || |
92 | 0 | rData->m_aKey.hasElements()); |
93 | 192k | bool bMustDecrypt = nStreamMode == UNBUFF_STREAM_DATA && bHaveEncryptData && oDecryptedSize; |
94 | | |
95 | 192k | if ( bMustDecrypt ) |
96 | 0 | { |
97 | 0 | m_xCipherContext = ZipFile::StaticGetCipher( xContext, rData, false ); |
98 | | // this is only relevant when padding is used |
99 | 0 | mnBlockSize = ( rData->m_nEncAlg == xml::crypto::CipherID::AES_CBC_W3C_PADDING ? 16 : 1 ); |
100 | 0 | } |
101 | | |
102 | 192k | if (!(bHaveEncryptData && mbWrappedRaw && oDecryptedSize)) |
103 | 192k | return; |
104 | | |
105 | | // if we have the data needed to decrypt it, but didn't want it decrypted (or |
106 | | // we couldn't decrypt it due to wrong password), then we prepend this |
107 | | // data to the stream |
108 | | |
109 | | // Make a buffer big enough to hold both the header and the data itself |
110 | 0 | maHeader.realloc ( n_ConstHeaderSize + |
111 | 0 | rData->m_aInitVector.getLength() + |
112 | 0 | rData->m_aSalt.getLength() + |
113 | 0 | rData->m_aDigest.getLength() + |
114 | 0 | aMediaType.getLength() * sizeof( sal_Unicode ) ); |
115 | 0 | sal_Int8 * pHeader = maHeader.getArray(); |
116 | 0 | ZipFile::StaticFillHeader(rData, *oDecryptedSize, aMediaType, pHeader); |
117 | 0 | mnHeaderToRead = static_cast < sal_Int16 > ( maHeader.getLength() ); |
118 | 0 | mnZipSize += mnHeaderToRead; |
119 | 0 | } |
120 | | |
121 | | // allows to read package raw stream |
122 | | XUnbufferedStream::XUnbufferedStream( |
123 | | rtl::Reference< comphelper::RefCountedMutex > aMutexHolder, |
124 | | const Reference < XInputStream >& xRawStream, |
125 | | const ::rtl::Reference< EncryptionData >& rData ) |
126 | 0 | : maMutexHolder(std::move( aMutexHolder )) |
127 | 0 | , mxZipStream ( xRawStream ) |
128 | 0 | , mxZipSeek ( xRawStream, UNO_QUERY ) |
129 | 0 | , mnBlockSize( 1 ) |
130 | 0 | , maInflater( std::make_unique<ZipUtils::InflateZlib>(true) ) |
131 | 0 | , mbRawStream ( false ) |
132 | 0 | , mbWrappedRaw ( false ) |
133 | 0 | , mnHeaderToRead ( 0 ) |
134 | 0 | , mnZipCurrent ( 0 ) |
135 | 0 | , mnZipEnd ( 0 ) |
136 | 0 | , mnZipSize ( 0 ) |
137 | 0 | , mnMyCurrent ( 0 ) |
138 | 0 | , mbCheckCRC( false ) |
139 | 0 | { |
140 | | // for this scenario maEntry is not set !!! |
141 | 0 | OSL_ENSURE( mxZipSeek.is(), "The stream must be seekable!" ); |
142 | | |
143 | | // skip raw header, it must be already parsed to rData |
144 | 0 | mnZipCurrent = n_ConstHeaderSize + rData->m_aInitVector.getLength() + |
145 | 0 | rData->m_aSalt.getLength() + rData->m_aDigest.getLength(); |
146 | |
|
147 | 0 | try { |
148 | 0 | if ( mxZipSeek.is() ) |
149 | 0 | mnZipSize = mxZipSeek->getLength(); |
150 | 0 | } catch( const Exception& ) |
151 | 0 | { |
152 | | // in case of problem the size will stay set to 0 |
153 | 0 | TOOLS_WARN_EXCEPTION("package", "ignoring"); |
154 | 0 | } |
155 | | |
156 | 0 | mnZipEnd = mnZipCurrent + mnZipSize; |
157 | | |
158 | | // the raw data will not be decrypted, no need for the cipher |
159 | | // m_xCipherContext = ZipFile::StaticGetCipher( xContext, rData, false ); |
160 | 0 | } |
161 | | |
162 | | XUnbufferedStream::~XUnbufferedStream() |
163 | 192k | { |
164 | 192k | } |
165 | | |
166 | | sal_Int32 SAL_CALL XUnbufferedStream::readBytes( Sequence< sal_Int8 >& aData, sal_Int32 nBytesToRead ) |
167 | 207k | { |
168 | 207k | ::osl::MutexGuard aGuard( maMutexHolder->GetMutex() ); |
169 | | |
170 | 207k | sal_Int32 nRequestedBytes = nBytesToRead; |
171 | 207k | OSL_ENSURE( !mnHeaderToRead || mbWrappedRaw, "Only encrypted raw stream can be provided with header!" ); |
172 | 207k | if ( mnMyCurrent + nRequestedBytes > mnZipSize + maHeader.getLength() ) |
173 | 22.2k | nRequestedBytes = static_cast < sal_Int32 > ( mnZipSize + maHeader.getLength() - mnMyCurrent ); |
174 | | |
175 | 207k | sal_Int32 nTotal = 0; |
176 | 207k | aData.realloc ( nRequestedBytes ); |
177 | 207k | if ( nRequestedBytes ) |
178 | 207k | { |
179 | 207k | sal_Int32 nRead = 0; |
180 | 207k | sal_Int32 nLastRead = 0; |
181 | 207k | if ( mbRawStream ) |
182 | 869 | { |
183 | 869 | sal_Int64 nDiff = mnZipEnd - mnZipCurrent; |
184 | | |
185 | 869 | if ( mbWrappedRaw && mnHeaderToRead ) |
186 | 0 | { |
187 | 0 | sal_Int16 nHeadRead = static_cast< sal_Int16 >(( nRequestedBytes > mnHeaderToRead ? |
188 | 0 | mnHeaderToRead : nRequestedBytes )); |
189 | 0 | memcpy ( aData.getArray(), maHeader.getConstArray() + maHeader.getLength() - mnHeaderToRead, nHeadRead ); |
190 | 0 | mnHeaderToRead = mnHeaderToRead - nHeadRead; |
191 | |
|
192 | 0 | if ( nHeadRead < nRequestedBytes ) |
193 | 0 | { |
194 | 0 | sal_Int32 nToRead = nRequestedBytes - nHeadRead; |
195 | 0 | nToRead = ( nDiff < nToRead ) ? sal::static_int_cast< sal_Int32 >( nDiff ) : nToRead; |
196 | |
|
197 | 0 | Sequence< sal_Int8 > aPureData( nToRead ); |
198 | 0 | mxZipSeek->seek ( mnZipCurrent ); |
199 | 0 | nRead = mxZipStream->readBytes ( aPureData, nToRead ); |
200 | 0 | mnZipCurrent += nRead; |
201 | |
|
202 | 0 | aPureData.realloc( nRead ); |
203 | 0 | if ( mbCheckCRC ) |
204 | 0 | maCRC.update( aPureData ); |
205 | |
|
206 | 0 | aData.realloc( nHeadRead + nRead ); |
207 | |
|
208 | 0 | std::copy_n(aPureData.begin(), nRead, aData.getArray() + nHeadRead); |
209 | 0 | } |
210 | |
|
211 | 0 | nRead += nHeadRead; |
212 | 0 | } |
213 | 869 | else |
214 | 869 | { |
215 | 869 | mxZipSeek->seek ( mnZipCurrent ); |
216 | | |
217 | 869 | nRead = mxZipStream->readBytes ( |
218 | 869 | aData, |
219 | 869 | std::min<sal_Int64>(nDiff, nRequestedBytes) ); |
220 | | |
221 | 869 | mnZipCurrent += nRead; |
222 | | |
223 | 869 | aData.realloc( nRead ); |
224 | 869 | if ( mbWrappedRaw && mbCheckCRC ) |
225 | 0 | maCRC.update( aData ); |
226 | 869 | } |
227 | 869 | } |
228 | 206k | else |
229 | 206k | { |
230 | 206k | for (;;) |
231 | 397k | { |
232 | 397k | nLastRead = maInflater->doInflateSegment( aData, nRead, aData.getLength() - nRead ); |
233 | 397k | if ( 0 != nLastRead && ( nRead + nLastRead == nRequestedBytes || mnZipCurrent >= mnZipEnd ) ) |
234 | 178k | break; |
235 | 219k | nRead += nLastRead; |
236 | 219k | if ( nRead > nRequestedBytes ) |
237 | 0 | throw RuntimeException( |
238 | 0 | u"Should not be possible to read more than requested!"_ustr ); |
239 | | |
240 | 219k | if ( maInflater->finished() || maInflater->getLastInflateError() ) |
241 | 27.5k | throw ZipIOException(u"The stream seems to be broken!"_ustr ); |
242 | | |
243 | 191k | if ( maInflater->needsDictionary() ) |
244 | 0 | throw ZipIOException(u"Dictionaries are not supported!"_ustr ); |
245 | | |
246 | 191k | sal_Int32 nDiff = static_cast< sal_Int32 >( mnZipEnd - mnZipCurrent ); |
247 | 191k | if ( nDiff <= 0 ) |
248 | 574 | { |
249 | 574 | throw ZipIOException(u"The stream seems to be broken!"_ustr ); |
250 | 574 | } |
251 | | |
252 | 191k | mxZipSeek->seek ( mnZipCurrent ); |
253 | | |
254 | 191k | sal_Int32 nToRead = std::max( nRequestedBytes, static_cast< sal_Int32 >( 8192 ) ); |
255 | 191k | if ( mnBlockSize > 1 ) |
256 | 0 | nToRead = nToRead + mnBlockSize - nToRead % mnBlockSize; |
257 | 191k | nToRead = std::min( nDiff, nToRead ); |
258 | | |
259 | 191k | sal_Int32 nZipRead = mxZipStream->readBytes( maCompBuffer, nToRead ); |
260 | 191k | if ( nZipRead < nToRead ) |
261 | 0 | throw ZipIOException(u"No expected data!"_ustr ); |
262 | | |
263 | 191k | mnZipCurrent += nZipRead; |
264 | | // maCompBuffer now has the data, check if we need to decrypt |
265 | | // before passing to the Inflater |
266 | 191k | if ( m_xCipherContext.is() ) |
267 | 0 | { |
268 | 0 | if ( mbCheckCRC ) |
269 | 0 | maCRC.update( maCompBuffer ); |
270 | |
|
271 | 0 | maCompBuffer = m_xCipherContext->convertWithCipherContext( maCompBuffer ); |
272 | 0 | if ( mnZipCurrent == mnZipEnd ) |
273 | 0 | { |
274 | | // this should throw if AEAD is in use and the tag fails to validate |
275 | 0 | uno::Sequence< sal_Int8 > aSuffix = m_xCipherContext->finalizeCipherContextAndDispose(); |
276 | 0 | if ( aSuffix.hasElements() ) |
277 | 0 | { |
278 | 0 | sal_Int32 nOldLen = maCompBuffer.getLength(); |
279 | 0 | maCompBuffer.realloc( nOldLen + aSuffix.getLength() ); |
280 | 0 | memcpy( maCompBuffer.getArray() + nOldLen, aSuffix.getConstArray(), aSuffix.getLength() ); |
281 | 0 | } |
282 | 0 | } |
283 | 0 | } |
284 | 191k | maInflater->setInput ( maCompBuffer ); |
285 | | |
286 | 191k | } |
287 | 206k | } |
288 | | |
289 | 179k | mnMyCurrent += nRead + nLastRead; |
290 | 179k | nTotal = nRead + nLastRead; |
291 | 179k | if ( nTotal < nRequestedBytes) |
292 | 8.14k | aData.realloc ( nTotal ); |
293 | | |
294 | 179k | if ( mbCheckCRC && ( !mbRawStream || mbWrappedRaw ) ) |
295 | 178k | { |
296 | 178k | if ( !m_xCipherContext.is() && !mbWrappedRaw ) |
297 | 178k | maCRC.update( aData ); |
298 | | |
299 | 178k | if ( mnZipSize + maHeader.getLength() == mnMyCurrent && maCRC.getValue() != maEntry.nCrc ) |
300 | 16.6k | throw ZipIOException(u"The stream seems to be broken!"_ustr ); |
301 | 178k | } |
302 | 179k | } |
303 | | |
304 | 162k | return nTotal; |
305 | 207k | } |
306 | | |
307 | | sal_Int32 SAL_CALL XUnbufferedStream::readSomeBytes( Sequence< sal_Int8 >& aData, sal_Int32 nMaxBytesToRead ) |
308 | 0 | { |
309 | 0 | return readBytes ( aData, nMaxBytesToRead ); |
310 | 0 | } |
311 | | void SAL_CALL XUnbufferedStream::skipBytes( sal_Int32 nBytesToSkip ) |
312 | 0 | { |
313 | 0 | if ( nBytesToSkip ) |
314 | 0 | { |
315 | 0 | Sequence < sal_Int8 > aSequence ( nBytesToSkip ); |
316 | 0 | readBytes ( aSequence, nBytesToSkip ); |
317 | 0 | } |
318 | 0 | } |
319 | | |
320 | | sal_Int32 SAL_CALL XUnbufferedStream::available( ) |
321 | 363k | { |
322 | | //available size must include the prepended header in case of wrapped raw stream |
323 | 363k | return static_cast< sal_Int32 > ( std::min< sal_Int64 >( SAL_MAX_INT32, (mnZipSize + mnHeaderToRead - mnMyCurrent) ) ); |
324 | 363k | } |
325 | | |
326 | | void SAL_CALL XUnbufferedStream::closeInput( ) |
327 | 15.0k | { |
328 | 15.0k | } |
329 | | |
330 | | /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ |