/src/libreoffice/package/source/zipapi/XUnbufferedStream.cxx
Line | Count | Source |
1 | | /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 | | /* |
3 | | * This file is part of the LibreOffice project. |
4 | | * |
5 | | * This Source Code Form is subject to the terms of the Mozilla Public |
6 | | * License, v. 2.0. If a copy of the MPL was not distributed with this |
7 | | * file, You can obtain one at http://mozilla.org/MPL/2.0/. |
8 | | * |
9 | | * This file incorporates work covered by the following license notice: |
10 | | * |
11 | | * Licensed to the Apache Software Foundation (ASF) under one or more |
12 | | * contributor license agreements. See the NOTICE file distributed |
13 | | * with this work for additional information regarding copyright |
14 | | * ownership. The ASF licenses this file to you under the Apache |
15 | | * License, Version 2.0 (the "License"); you may not use this file |
16 | | * except in compliance with the License. You may obtain a copy of |
17 | | * the License at http://www.apache.org/licenses/LICENSE-2.0 . |
18 | | */ |
19 | | |
20 | | #include <com/sun/star/packages/zip/ZipConstants.hpp> |
21 | | #include <com/sun/star/packages/zip/ZipIOException.hpp> |
22 | | #include <com/sun/star/xml/crypto/CipherID.hpp> |
23 | | |
24 | | #include "XUnbufferedStream.hxx" |
25 | | #include <EncryptionData.hxx> |
26 | | #include <package/InflateZlib.hxx> |
27 | | #include <EncryptedDataHeader.hxx> |
28 | | #include <algorithm> |
29 | | #include <string.h> |
30 | | #include <o3tl/safeint.hxx> |
31 | | #include <osl/diagnose.h> |
32 | | #include <osl/mutex.hxx> |
33 | | #include <utility> |
34 | | #include <comphelper/diagnose_ex.hxx> |
35 | | #include <ZipFile.hxx> |
36 | | |
37 | | using namespace ::com::sun::star; |
38 | | using namespace com::sun::star::packages::zip::ZipConstants; |
39 | | using namespace com::sun::star::io; |
40 | | using namespace com::sun::star::uno; |
41 | | using com::sun::star::packages::zip::ZipIOException; |
42 | | |
43 | | XUnbufferedStream::XUnbufferedStream( |
44 | | const uno::Reference< uno::XComponentContext >& xContext, |
45 | | rtl::Reference< comphelper::RefCountedMutex > aMutexHolder, |
46 | | ZipEntry const & rEntry, |
47 | | Reference < XInputStream > const & xNewZipStream, |
48 | | const ::rtl::Reference< EncryptionData >& rData, |
49 | | sal_Int8 nStreamMode, |
50 | | ::std::optional<sal_Int64> const oDecryptedSize, |
51 | | const OUString& aMediaType, |
52 | | bool bRecoveryMode ) |
53 | 185k | : maMutexHolder(std::move( aMutexHolder )) |
54 | 185k | , mxZipStream ( xNewZipStream ) |
55 | 185k | , mxZipSeek ( xNewZipStream, UNO_QUERY ) |
56 | 185k | , maEntry ( rEntry ) |
57 | 185k | , mnBlockSize( 1 ) |
58 | 185k | , maInflater( std::make_unique<ZipUtils::InflateZlib>(true) ) |
59 | 185k | , mbRawStream ( nStreamMode == UNBUFF_STREAM_RAW || nStreamMode == UNBUFF_STREAM_WRAPPEDRAW ) |
60 | 185k | , mbWrappedRaw ( nStreamMode == UNBUFF_STREAM_WRAPPEDRAW ) |
61 | 185k | , mnHeaderToRead ( 0 ) |
62 | 185k | , mnZipCurrent ( 0 ) |
63 | 185k | , mnZipEnd ( 0 ) |
64 | 185k | , mnZipSize ( 0 ) |
65 | 185k | , mnMyCurrent ( 0 ) |
66 | 185k | , mbCheckCRC(!bRecoveryMode) |
67 | 185k | { |
68 | 185k | mnZipCurrent = maEntry.nOffset; |
69 | 185k | sal_Int64 nSize; // data size in the zip file |
70 | | // this can actually happen in recovery |
71 | 185k | assert(bRecoveryMode || maEntry.nMethod != STORED || maEntry.nCompressedSize == maEntry.nSize); |
72 | 185k | if ( mbRawStream ) |
73 | 1.01k | { |
74 | 1.01k | mnZipSize = maEntry.nCompressedSize; |
75 | 1.01k | nSize = mnZipSize; |
76 | 1.01k | } |
77 | 184k | else |
78 | 184k | { |
79 | 184k | mnZipSize = oDecryptedSize ? *oDecryptedSize : maEntry.nSize; |
80 | 184k | nSize = maEntry.nCompressedSize; |
81 | 184k | } |
82 | | |
83 | 185k | if (mnZipSize < 0) |
84 | 0 | throw ZipIOException(u"The stream seems to be broken!"_ustr); |
85 | | |
86 | 185k | if (o3tl::checked_add(maEntry.nOffset, nSize, mnZipEnd)) |
87 | 0 | throw ZipIOException(u"Integer-overflow"_ustr); |
88 | | |
89 | 185k | bool bHaveEncryptData = rData.is() && rData->m_aInitVector.hasElements() && |
90 | 0 | ((rData->m_aSalt.hasElements() && (rData->m_oPBKDFIterationCount || rData->m_oArgon2Args)) |
91 | 0 | || |
92 | 0 | rData->m_aKey.hasElements()); |
93 | 185k | bool bMustDecrypt = nStreamMode == UNBUFF_STREAM_DATA && bHaveEncryptData && oDecryptedSize; |
94 | | |
95 | 185k | if ( bMustDecrypt ) |
96 | 0 | { |
97 | 0 | m_xCipherContext = ZipFile::StaticGetCipher( xContext, rData, false ); |
98 | | // this is only relevant when padding is used |
99 | 0 | mnBlockSize = ( rData->m_nEncAlg == xml::crypto::CipherID::AES_CBC_W3C_PADDING ? 16 : 1 ); |
100 | 0 | } |
101 | | |
102 | 185k | if (!(bHaveEncryptData && mbWrappedRaw && oDecryptedSize)) |
103 | 185k | return; |
104 | | |
105 | | // if we have the data needed to decrypt it, but didn't want it decrypted (or |
106 | | // we couldn't decrypt it due to wrong password), then we prepend this |
107 | | // data to the stream |
108 | | |
109 | | // Make a buffer big enough to hold both the header and the data itself |
110 | 0 | maHeader.realloc ( n_ConstHeaderSize + |
111 | 0 | rData->m_aInitVector.getLength() + |
112 | 0 | rData->m_aSalt.getLength() + |
113 | 0 | rData->m_aDigest.getLength() + |
114 | 0 | aMediaType.getLength() * sizeof( sal_Unicode ) ); |
115 | 0 | sal_Int8 * pHeader = maHeader.getArray(); |
116 | 0 | ZipFile::StaticFillHeader(rData, *oDecryptedSize, aMediaType, pHeader); |
117 | 0 | mnHeaderToRead = static_cast < sal_Int16 > ( maHeader.getLength() ); |
118 | 0 | mnZipSize += mnHeaderToRead; |
119 | 0 | } |
120 | | |
121 | | // allows to read package raw stream |
122 | | XUnbufferedStream::XUnbufferedStream( |
123 | | rtl::Reference< comphelper::RefCountedMutex > aMutexHolder, |
124 | | const Reference < XInputStream >& xRawStream, |
125 | | const ::rtl::Reference< EncryptionData >& rData ) |
126 | 0 | : maMutexHolder(std::move( aMutexHolder )) |
127 | 0 | , mxZipStream ( xRawStream ) |
128 | 0 | , mxZipSeek ( xRawStream, UNO_QUERY ) |
129 | 0 | , mnBlockSize( 1 ) |
130 | 0 | , maInflater( std::make_unique<ZipUtils::InflateZlib>(true) ) |
131 | 0 | , mbRawStream ( false ) |
132 | 0 | , mbWrappedRaw ( false ) |
133 | 0 | , mnHeaderToRead ( 0 ) |
134 | 0 | , mnZipCurrent ( 0 ) |
135 | 0 | , mnZipEnd ( 0 ) |
136 | 0 | , mnZipSize ( 0 ) |
137 | 0 | , mnMyCurrent ( 0 ) |
138 | 0 | , mbCheckCRC( false ) |
139 | 0 | { |
140 | | // for this scenario maEntry is not set !!! |
141 | 0 | OSL_ENSURE( mxZipSeek.is(), "The stream must be seekable!" ); |
142 | | |
143 | | // skip raw header, it must be already parsed to rData |
144 | 0 | mnZipCurrent = n_ConstHeaderSize + rData->m_aInitVector.getLength() + |
145 | 0 | rData->m_aSalt.getLength() + rData->m_aDigest.getLength(); |
146 | |
|
147 | 0 | try { |
148 | 0 | if ( mxZipSeek.is() ) |
149 | 0 | mnZipSize = mxZipSeek->getLength(); |
150 | 0 | } catch( const Exception& ) |
151 | 0 | { |
152 | | // in case of problem the size will stay set to 0 |
153 | 0 | TOOLS_WARN_EXCEPTION("package", "ignoring"); |
154 | 0 | } |
155 | | |
156 | 0 | mnZipEnd = mnZipCurrent + mnZipSize; |
157 | | |
158 | | // the raw data will not be decrypted, no need for the cipher |
159 | | // m_xCipherContext = ZipFile::StaticGetCipher( xContext, rData, false ); |
160 | 0 | } |
161 | | |
162 | | XUnbufferedStream::~XUnbufferedStream() |
163 | 185k | { |
164 | 185k | } |
165 | | |
166 | | sal_Int32 SAL_CALL XUnbufferedStream::readBytes( Sequence< sal_Int8 >& aData, sal_Int32 nBytesToRead ) |
167 | 199k | { |
168 | 199k | ::osl::MutexGuard aGuard( maMutexHolder->GetMutex() ); |
169 | | |
170 | 199k | sal_Int32 nRequestedBytes = nBytesToRead; |
171 | 199k | OSL_ENSURE( !mnHeaderToRead || mbWrappedRaw, "Only encrypted raw stream can be provided with header!" ); |
172 | 199k | if ( mnMyCurrent + nRequestedBytes > mnZipSize + maHeader.getLength() ) |
173 | 21.8k | nRequestedBytes = static_cast < sal_Int32 > ( mnZipSize + maHeader.getLength() - mnMyCurrent ); |
174 | | |
175 | 199k | sal_Int32 nTotal = 0; |
176 | 199k | aData.realloc ( nRequestedBytes ); |
177 | 199k | if ( nRequestedBytes ) |
178 | 199k | { |
179 | 199k | sal_Int32 nRead = 0; |
180 | 199k | sal_Int32 nLastRead = 0; |
181 | 199k | if ( mbRawStream ) |
182 | 1.02k | { |
183 | 1.02k | sal_Int64 nDiff = mnZipEnd - mnZipCurrent; |
184 | | |
185 | 1.02k | if ( mbWrappedRaw && mnHeaderToRead ) |
186 | 0 | { |
187 | 0 | sal_Int16 nHeadRead = static_cast< sal_Int16 >(( nRequestedBytes > mnHeaderToRead ? |
188 | 0 | mnHeaderToRead : nRequestedBytes )); |
189 | 0 | std::copy_n(maHeader.getConstArray() + maHeader.getLength() - mnHeaderToRead, |
190 | 0 | nHeadRead, aData.getArray()); |
191 | 0 | mnHeaderToRead = mnHeaderToRead - nHeadRead; |
192 | |
|
193 | 0 | if ( nHeadRead < nRequestedBytes ) |
194 | 0 | { |
195 | 0 | sal_Int32 nToRead = nRequestedBytes - nHeadRead; |
196 | 0 | nToRead = ( nDiff < nToRead ) ? sal::static_int_cast< sal_Int32 >( nDiff ) : nToRead; |
197 | |
|
198 | 0 | Sequence< sal_Int8 > aPureData( nToRead ); |
199 | 0 | mxZipSeek->seek ( mnZipCurrent ); |
200 | 0 | nRead = mxZipStream->readBytes ( aPureData, nToRead ); |
201 | 0 | mnZipCurrent += nRead; |
202 | |
|
203 | 0 | aPureData.realloc( nRead ); |
204 | 0 | if ( mbCheckCRC ) |
205 | 0 | maCRC.update( aPureData ); |
206 | |
|
207 | 0 | aData.realloc( nHeadRead + nRead ); |
208 | |
|
209 | 0 | std::copy_n(aPureData.begin(), nRead, aData.getArray() + nHeadRead); |
210 | 0 | } |
211 | |
|
212 | 0 | nRead += nHeadRead; |
213 | 0 | } |
214 | 1.02k | else |
215 | 1.02k | { |
216 | 1.02k | mxZipSeek->seek ( mnZipCurrent ); |
217 | | |
218 | 1.02k | nRead = mxZipStream->readBytes ( |
219 | 1.02k | aData, |
220 | 1.02k | std::min<sal_Int64>(nDiff, nRequestedBytes) ); |
221 | | |
222 | 1.02k | mnZipCurrent += nRead; |
223 | | |
224 | 1.02k | aData.realloc( nRead ); |
225 | 1.02k | if ( mbWrappedRaw && mbCheckCRC ) |
226 | 0 | maCRC.update( aData ); |
227 | 1.02k | } |
228 | 1.02k | } |
229 | 198k | else |
230 | 198k | { |
231 | 198k | for (;;) |
232 | 382k | { |
233 | 382k | nLastRead = maInflater->doInflateSegment( aData, nRead, aData.getLength() - nRead ); |
234 | 382k | if ( 0 != nLastRead && ( nRead + nLastRead == nRequestedBytes || mnZipCurrent >= mnZipEnd ) ) |
235 | 171k | break; |
236 | 210k | nRead += nLastRead; |
237 | 210k | if ( nRead > nRequestedBytes ) |
238 | 0 | throw RuntimeException( |
239 | 0 | u"Should not be possible to read more than requested!"_ustr ); |
240 | | |
241 | 210k | if ( maInflater->finished() || maInflater->getLastInflateError() ) |
242 | 26.2k | throw ZipIOException(u"The stream seems to be broken!"_ustr ); |
243 | | |
244 | 184k | if ( maInflater->needsDictionary() ) |
245 | 0 | throw ZipIOException(u"Dictionaries are not supported!"_ustr ); |
246 | | |
247 | 184k | sal_Int32 nDiff = static_cast< sal_Int32 >( mnZipEnd - mnZipCurrent ); |
248 | 184k | if ( nDiff <= 0 ) |
249 | 532 | { |
250 | 532 | throw ZipIOException(u"The stream seems to be broken!"_ustr ); |
251 | 532 | } |
252 | | |
253 | 184k | mxZipSeek->seek ( mnZipCurrent ); |
254 | | |
255 | 184k | sal_Int32 nToRead = std::max( nRequestedBytes, static_cast< sal_Int32 >( 8192 ) ); |
256 | 184k | if ( mnBlockSize > 1 ) |
257 | 0 | nToRead = nToRead + mnBlockSize - nToRead % mnBlockSize; |
258 | 184k | nToRead = std::min( nDiff, nToRead ); |
259 | | |
260 | 184k | sal_Int32 nZipRead = mxZipStream->readBytes( maCompBuffer, nToRead ); |
261 | 184k | if ( nZipRead < nToRead ) |
262 | 0 | throw ZipIOException(u"No expected data!"_ustr ); |
263 | | |
264 | 184k | mnZipCurrent += nZipRead; |
265 | | // maCompBuffer now has the data, check if we need to decrypt |
266 | | // before passing to the Inflater |
267 | 184k | if ( m_xCipherContext.is() ) |
268 | 0 | { |
269 | 0 | if ( mbCheckCRC ) |
270 | 0 | maCRC.update( maCompBuffer ); |
271 | |
|
272 | 0 | maCompBuffer = m_xCipherContext->convertWithCipherContext( maCompBuffer ); |
273 | 0 | if ( mnZipCurrent == mnZipEnd ) |
274 | 0 | { |
275 | | // this should throw if AEAD is in use and the tag fails to validate |
276 | 0 | uno::Sequence< sal_Int8 > aSuffix = m_xCipherContext->finalizeCipherContextAndDispose(); |
277 | 0 | if ( aSuffix.hasElements() ) |
278 | 0 | { |
279 | 0 | sal_Int32 nOldLen = maCompBuffer.getLength(); |
280 | 0 | maCompBuffer.realloc( nOldLen + aSuffix.getLength() ); |
281 | 0 | memcpy( maCompBuffer.getArray() + nOldLen, aSuffix.getConstArray(), aSuffix.getLength() ); |
282 | 0 | } |
283 | 0 | } |
284 | 0 | } |
285 | 184k | maInflater->setInput ( maCompBuffer ); |
286 | | |
287 | 184k | } |
288 | 198k | } |
289 | | |
290 | 172k | mnMyCurrent += nRead + nLastRead; |
291 | 172k | nTotal = nRead + nLastRead; |
292 | 172k | if ( nTotal < nRequestedBytes) |
293 | 7.62k | aData.realloc ( nTotal ); |
294 | | |
295 | 172k | if ( mbCheckCRC && ( !mbRawStream || mbWrappedRaw ) ) |
296 | 171k | { |
297 | 171k | if ( !m_xCipherContext.is() && !mbWrappedRaw ) |
298 | 171k | maCRC.update( aData ); |
299 | | |
300 | 171k | if ( mnZipSize + maHeader.getLength() == mnMyCurrent && maCRC.getValue() != maEntry.nCrc ) |
301 | 15.5k | throw ZipIOException(u"The stream seems to be broken!"_ustr ); |
302 | 171k | } |
303 | 172k | } |
304 | | |
305 | 157k | return nTotal; |
306 | 199k | } |
307 | | |
308 | | sal_Int32 SAL_CALL XUnbufferedStream::readSomeBytes( Sequence< sal_Int8 >& aData, sal_Int32 nMaxBytesToRead ) |
309 | 0 | { |
310 | 0 | return readBytes ( aData, nMaxBytesToRead ); |
311 | 0 | } |
312 | | void SAL_CALL XUnbufferedStream::skipBytes( sal_Int32 nBytesToSkip ) |
313 | 0 | { |
314 | 0 | if ( nBytesToSkip ) |
315 | 0 | { |
316 | 0 | Sequence < sal_Int8 > aSequence ( nBytesToSkip ); |
317 | 0 | readBytes ( aSequence, nBytesToSkip ); |
318 | 0 | } |
319 | 0 | } |
320 | | |
321 | | sal_Int32 SAL_CALL XUnbufferedStream::available( ) |
322 | 349k | { |
323 | | //available size must include the prepended header in case of wrapped raw stream |
324 | 349k | return static_cast< sal_Int32 > ( std::min< sal_Int64 >( SAL_MAX_INT32, (mnZipSize + mnHeaderToRead - mnMyCurrent) ) ); |
325 | 349k | } |
326 | | |
327 | | void SAL_CALL XUnbufferedStream::closeInput( ) |
328 | 15.1k | { |
329 | 15.1k | } |
330 | | |
331 | | /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ |