123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288 |
- // SPDX-License-Identifier: 0BSD
- ///////////////////////////////////////////////////////////////////////////////
- //
- /// \file block_decoder.c
- /// \brief Decodes .xz Blocks
- //
- // Author: Lasse Collin
- //
- ///////////////////////////////////////////////////////////////////////////////
- #include "block_decoder.h"
- #include "filter_decoder.h"
- #include "check.h"
- typedef struct {
- enum {
- SEQ_CODE,
- SEQ_PADDING,
- SEQ_CHECK,
- } sequence;
- /// The filters in the chain; initialized with lzma_raw_decoder_init().
- lzma_next_coder next;
- /// Decoding options; we also write Compressed Size and Uncompressed
- /// Size back to this structure when the decoding has been finished.
- lzma_block *block;
- /// Compressed Size calculated while decoding
- lzma_vli compressed_size;
- /// Uncompressed Size calculated while decoding
- lzma_vli uncompressed_size;
- /// Maximum allowed Compressed Size; this takes into account the
- /// size of the Block Header and Check fields when Compressed Size
- /// is unknown.
- lzma_vli compressed_limit;
- /// Maximum allowed Uncompressed Size.
- lzma_vli uncompressed_limit;
- /// Position when reading the Check field
- size_t check_pos;
- /// Check of the uncompressed data
- lzma_check_state check;
- /// True if the integrity check won't be calculated and verified.
- bool ignore_check;
- } lzma_block_coder;
- static inline bool
- is_size_valid(lzma_vli size, lzma_vli reference)
- {
- return reference == LZMA_VLI_UNKNOWN || reference == size;
- }
- static lzma_ret
- block_decode(void *coder_ptr, const lzma_allocator *allocator,
- const uint8_t *restrict in, size_t *restrict in_pos,
- size_t in_size, uint8_t *restrict out,
- size_t *restrict out_pos, size_t out_size, lzma_action action)
- {
- lzma_block_coder *coder = coder_ptr;
- switch (coder->sequence) {
- case SEQ_CODE: {
- const size_t in_start = *in_pos;
- const size_t out_start = *out_pos;
- // Limit the amount of input and output space that we give
- // to the raw decoder based on the information we have
- // (or don't have) from Block Header.
- const size_t in_stop = *in_pos + (size_t)my_min(
- in_size - *in_pos,
- coder->compressed_limit - coder->compressed_size);
- const size_t out_stop = *out_pos + (size_t)my_min(
- out_size - *out_pos,
- coder->uncompressed_limit - coder->uncompressed_size);
- const lzma_ret ret = coder->next.code(coder->next.coder,
- allocator, in, in_pos, in_stop,
- out, out_pos, out_stop, action);
- const size_t in_used = *in_pos - in_start;
- const size_t out_used = *out_pos - out_start;
- // Because we have limited the input and output sizes,
- // we know that these cannot grow too big or overflow.
- coder->compressed_size += in_used;
- coder->uncompressed_size += out_used;
- if (ret == LZMA_OK) {
- const bool comp_done = coder->compressed_size
- == coder->block->compressed_size;
- const bool uncomp_done = coder->uncompressed_size
- == coder->block->uncompressed_size;
- // If both input and output amounts match the sizes
- // in Block Header but we still got LZMA_OK instead
- // of LZMA_STREAM_END, the file is broken.
- if (comp_done && uncomp_done)
- return LZMA_DATA_ERROR;
- // If the decoder has consumed all the input that it
- // needs but it still couldn't fill the output buffer
- // or return LZMA_STREAM_END, the file is broken.
- if (comp_done && *out_pos < out_size)
- return LZMA_DATA_ERROR;
- // If the decoder has produced all the output but
- // it still didn't return LZMA_STREAM_END or consume
- // more input (for example, detecting an end of
- // payload marker may need more input but produce
- // no output) the file is broken.
- if (uncomp_done && *in_pos < in_size)
- return LZMA_DATA_ERROR;
- }
- // Don't waste time updating the integrity check if it will be
- // ignored. Also skip it if no new output was produced. This
- // avoids null pointer + 0 (undefined behavior) when out == 0.
- if (!coder->ignore_check && out_used > 0)
- lzma_check_update(&coder->check, coder->block->check,
- out + out_start, out_used);
- if (ret != LZMA_STREAM_END)
- return ret;
- // Compressed and Uncompressed Sizes are now at their final
- // values. Verify that they match the values given to us.
- if (!is_size_valid(coder->compressed_size,
- coder->block->compressed_size)
- || !is_size_valid(coder->uncompressed_size,
- coder->block->uncompressed_size))
- return LZMA_DATA_ERROR;
- // Copy the values into coder->block. The caller
- // may use this information to construct Index.
- coder->block->compressed_size = coder->compressed_size;
- coder->block->uncompressed_size = coder->uncompressed_size;
- coder->sequence = SEQ_PADDING;
- }
- // Fall through
- case SEQ_PADDING:
- // Compressed Data is padded to a multiple of four bytes.
- while (coder->compressed_size & 3) {
- if (*in_pos >= in_size)
- return LZMA_OK;
- // We use compressed_size here just get the Padding
- // right. The actual Compressed Size was stored to
- // coder->block already, and won't be modified by
- // us anymore.
- ++coder->compressed_size;
- if (in[(*in_pos)++] != 0x00)
- return LZMA_DATA_ERROR;
- }
- if (coder->block->check == LZMA_CHECK_NONE)
- return LZMA_STREAM_END;
- if (!coder->ignore_check)
- lzma_check_finish(&coder->check, coder->block->check);
- coder->sequence = SEQ_CHECK;
- // Fall through
- case SEQ_CHECK: {
- const size_t check_size = lzma_check_size(coder->block->check);
- lzma_bufcpy(in, in_pos, in_size, coder->block->raw_check,
- &coder->check_pos, check_size);
- if (coder->check_pos < check_size)
- return LZMA_OK;
- // Validate the Check only if we support it.
- // coder->check.buffer may be uninitialized
- // when the Check ID is not supported.
- if (!coder->ignore_check
- && lzma_check_is_supported(coder->block->check)
- && memcmp(coder->block->raw_check,
- coder->check.buffer.u8,
- check_size) != 0)
- return LZMA_DATA_ERROR;
- return LZMA_STREAM_END;
- }
- }
- return LZMA_PROG_ERROR;
- }
- static void
- block_decoder_end(void *coder_ptr, const lzma_allocator *allocator)
- {
- lzma_block_coder *coder = coder_ptr;
- lzma_next_end(&coder->next, allocator);
- lzma_free(coder, allocator);
- return;
- }
- extern lzma_ret
- lzma_block_decoder_init(lzma_next_coder *next, const lzma_allocator *allocator,
- lzma_block *block)
- {
- lzma_next_coder_init(&lzma_block_decoder_init, next, allocator);
- // Validate the options. lzma_block_unpadded_size() does that for us
- // except for Uncompressed Size and filters. Filters are validated
- // by the raw decoder.
- if (lzma_block_unpadded_size(block) == 0
- || !lzma_vli_is_valid(block->uncompressed_size))
- return LZMA_PROG_ERROR;
- // Allocate *next->coder if needed.
- lzma_block_coder *coder = next->coder;
- if (coder == NULL) {
- coder = lzma_alloc(sizeof(lzma_block_coder), allocator);
- if (coder == NULL)
- return LZMA_MEM_ERROR;
- next->coder = coder;
- next->code = &block_decode;
- next->end = &block_decoder_end;
- coder->next = LZMA_NEXT_CODER_INIT;
- }
- // Basic initializations
- coder->sequence = SEQ_CODE;
- coder->block = block;
- coder->compressed_size = 0;
- coder->uncompressed_size = 0;
- // If Compressed Size is not known, we calculate the maximum allowed
- // value so that encoded size of the Block (including Block Padding)
- // is still a valid VLI and a multiple of four.
- coder->compressed_limit
- = block->compressed_size == LZMA_VLI_UNKNOWN
- ? (LZMA_VLI_MAX & ~LZMA_VLI_C(3))
- - block->header_size
- - lzma_check_size(block->check)
- : block->compressed_size;
- // With Uncompressed Size this is simpler. If Block Header lacks
- // the size info, then LZMA_VLI_MAX is the maximum possible
- // Uncompressed Size.
- coder->uncompressed_limit
- = block->uncompressed_size == LZMA_VLI_UNKNOWN
- ? LZMA_VLI_MAX
- : block->uncompressed_size;
- // Initialize the check. It's caller's problem if the Check ID is not
- // supported, and the Block decoder cannot verify the Check field.
- // Caller can test lzma_check_is_supported(block->check).
- coder->check_pos = 0;
- lzma_check_init(&coder->check, block->check);
- coder->ignore_check = block->version >= 1
- ? block->ignore_check : false;
- // Initialize the filter chain.
- return lzma_raw_decoder_init(&coder->next, allocator,
- block->filters);
- }
- extern LZMA_API(lzma_ret)
- lzma_block_decoder(lzma_stream *strm, lzma_block *block)
- {
- lzma_next_strm_init(lzma_block_decoder_init, strm, block);
- strm->internal->supported_actions[LZMA_RUN] = true;
- strm->internal->supported_actions[LZMA_FINISH] = true;
- return LZMA_OK;
- }
|