blob: aebddc87c0f666b94b1de23642326d0bcf7adfd0 [file] [log] [blame]
/*
* Copyright (C) 2008 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* Read-only access to Zip archives, with minimal heap allocation.
*/
#include <assert.h>
#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
#include <limits.h>
#include <log/log.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <utils/FileMap.h>
#include <zlib.h>
#include <JNIHelp.h> // TEMP_FAILURE_RETRY may or may not be in unistd
#include "ziparchive/zip_archive.h"
// This is for windows. If we don't open a file in binary mode, weirds
// things will happen.
#ifndef O_BINARY
#define O_BINARY 0
#endif
/*
* Zip file constants.
*/
static const uint32_t kEOCDSignature = 0x06054b50;
static const uint32_t kEOCDLen = 2;
static const uint32_t kEOCDNumEntries = 8; // offset to #of entries in file
static const uint32_t kEOCDSize = 12; // size of the central directory
static const uint32_t kEOCDFileOffset = 16; // offset to central directory
static const uint32_t kMaxCommentLen = 65535; // longest possible in ushort
static const uint32_t kMaxEOCDSearch = (kMaxCommentLen + kEOCDLen);
static const uint32_t kLFHSignature = 0x04034b50;
static const uint32_t kLFHLen = 30; // excluding variable-len fields
static const uint32_t kLFHGPBFlags = 6; // general purpose bit flags
static const uint32_t kLFHCRC = 14; // offset to CRC
static const uint32_t kLFHCompLen = 18; // offset to compressed length
static const uint32_t kLFHUncompLen = 22; // offset to uncompressed length
static const uint32_t kLFHNameLen = 26; // offset to filename length
static const uint32_t kLFHExtraLen = 28; // offset to extra length
static const uint32_t kCDESignature = 0x02014b50;
static const uint32_t kCDELen = 46; // excluding variable-len fields
static const uint32_t kCDEMethod = 10; // offset to compression method
static const uint32_t kCDEModWhen = 12; // offset to modification timestamp
static const uint32_t kCDECRC = 16; // offset to entry CRC
static const uint32_t kCDECompLen = 20; // offset to compressed length
static const uint32_t kCDEUncompLen = 24; // offset to uncompressed length
static const uint32_t kCDENameLen = 28; // offset to filename length
static const uint32_t kCDEExtraLen = 30; // offset to extra length
static const uint32_t kCDECommentLen = 32; // offset to comment length
static const uint32_t kCDELocalOffset = 42; // offset to local hdr
static const uint32_t kDDOptSignature = 0x08074b50; // *OPTIONAL* data descriptor signature
static const uint32_t kDDSignatureLen = 4;
static const uint32_t kDDLen = 12;
static const uint32_t kDDMaxLen = 16; // max of 16 bytes with a signature, 12 bytes without
static const uint32_t kDDCrc32 = 0; // offset to crc32
static const uint32_t kDDCompLen = 4; // offset to compressed length
static const uint32_t kDDUncompLen = 8; // offset to uncompressed length
static const uint32_t kGPBDDFlagMask = 0x0008; // mask value that signifies that the entry has a DD
static const uint32_t kMaxErrorLen = 1024;
static const char* kErrorMessages[] = {
"Unknown return code.",
"Iteration ended",
"Zlib error",
"Invalid file",
"Invalid handle",
"Duplicate entries in archive",
"Empty archive",
"Entry not found",
"Invalid offset",
"Inconsistent information",
"Invalid entry name",
"I/O Error",
"File mapping failed"
};
static const int32_t kErrorMessageUpperBound = 0;
static const int32_t kIterationEnd = -1;
// We encountered a Zlib error when inflating a stream from this file.
// Usually indicates file corruption.
static const int32_t kZlibError = -2;
// The input file cannot be processed as a zip archive. Usually because
// it's too small, too large or does not have a valid signature.
static const int32_t kInvalidFile = -3;
// An invalid iteration / ziparchive handle was passed in as an input
// argument.
static const int32_t kInvalidHandle = -4;
// The zip archive contained two (or possibly more) entries with the same
// name.
static const int32_t kDuplicateEntry = -5;
// The zip archive contains no entries.
static const int32_t kEmptyArchive = -6;
// The specified entry was not found in the archive.
static const int32_t kEntryNotFound = -7;
// The zip archive contained an invalid local file header pointer.
static const int32_t kInvalidOffset = -8;
// The zip archive contained inconsistent entry information. This could
// be because the central directory & local file header did not agree, or
// if the actual uncompressed length or crc32 do not match their declared
// values.
static const int32_t kInconsistentInformation = -9;
// An invalid entry name was encountered.
static const int32_t kInvalidEntryName = -10;
// An I/O related system call (read, lseek, ftruncate, map) failed.
static const int32_t kIoError = -11;
// We were not able to mmap the central directory or entry contents.
static const int32_t kMmapFailed = -12;
static const int32_t kErrorMessageLowerBound = -13;
static const char kTempMappingFileName[] = "zip: ExtractFileToFile";
/*
* A Read-only Zip archive.
*
* We want "open" and "find entry by name" to be fast operations, and
* we want to use as little memory as possible. We memory-map the zip
* central directory, and load a hash table with pointers to the filenames
* (which aren't null-terminated). The other fields are at a fixed offset
* from the filename, so we don't need to extract those (but we do need
* to byte-read and endian-swap them every time we want them).
*
* It's possible that somebody has handed us a massive (~1GB) zip archive,
* so we can't expect to mmap the entire file.
*
* To speed comparisons when doing a lookup by name, we could make the mapping
* "private" (copy-on-write) and null-terminate the filenames after verifying
* the record structure. However, this requires a private mapping of
* every page that the Central Directory touches. Easier to tuck a copy
* of the string length into the hash table entry.
*/
struct ZipArchive {
/* open Zip archive */
int fd;
/* mapped central directory area */
off64_t directory_offset;
android::FileMap* directory_map;
/* number of entries in the Zip archive */
uint16_t num_entries;
/*
* We know how many entries are in the Zip archive, so we can have a
* fixed-size hash table. We define a load factor of 0.75 and overallocat
* so the maximum number entries can never be higher than
* ((4 * UINT16_MAX) / 3 + 1) which can safely fit into a uint32_t.
*/
uint32_t hash_table_size;
ZipEntryName* hash_table;
};
// Returns 0 on success and negative values on failure.
static android::FileMap* MapFileSegment(const int fd, const off64_t start,
const size_t length, const bool read_only,
const char* debug_file_name) {
android::FileMap* file_map = new android::FileMap;
const bool success = file_map->create(debug_file_name, fd, start, length, read_only);
if (!success) {
file_map->release();
return NULL;
}
return file_map;
}
static int32_t CopyFileToFile(int fd, uint8_t* begin, const uint32_t length, uint64_t *crc_out) {
static const uint32_t kBufSize = 32768;
uint8_t buf[kBufSize];
uint32_t count = 0;
uint64_t crc = 0;
while (count < length) {
uint32_t remaining = length - count;
// Safe conversion because kBufSize is narrow enough for a 32 bit signed
// value.
ssize_t get_size = (remaining > kBufSize) ? kBufSize : remaining;
ssize_t actual = TEMP_FAILURE_RETRY(read(fd, buf, get_size));
if (actual != get_size) {
ALOGW("CopyFileToFile: copy read failed (%zd vs %zd)", actual, get_size);
return kIoError;
}
memcpy(begin + count, buf, get_size);
crc = crc32(crc, buf, get_size);
count += get_size;
}
*crc_out = crc;
return 0;
}
/*
* Round up to the next highest power of 2.
*
* Found on http://graphics.stanford.edu/~seander/bithacks.html.
*/
static uint32_t RoundUpPower2(uint32_t val) {
val--;
val |= val >> 1;
val |= val >> 2;
val |= val >> 4;
val |= val >> 8;
val |= val >> 16;
val++;
return val;
}
static uint32_t ComputeHash(const char* str, uint16_t len) {
uint32_t hash = 0;
while (len--) {
hash = hash * 31 + *str++;
}
return hash;
}
/*
* Convert a ZipEntry to a hash table index, verifying that it's in a
* valid range.
*/
static int64_t EntryToIndex(const ZipEntryName* hash_table,
const uint32_t hash_table_size,
const char* name, uint16_t length) {
const uint32_t hash = ComputeHash(name, length);
// NOTE: (hash_table_size - 1) is guaranteed to be non-negative.
uint32_t ent = hash & (hash_table_size - 1);
while (hash_table[ent].name != NULL) {
if (hash_table[ent].name_length == length &&
memcmp(hash_table[ent].name, name, length) == 0) {
return ent;
}
ent = (ent + 1) & (hash_table_size - 1);
}
ALOGV("Zip: Unable to find entry %.*s", length, name);
return kEntryNotFound;
}
/*
* Add a new entry to the hash table.
*/
static int32_t AddToHash(ZipEntryName *hash_table, const uint64_t hash_table_size,
const char* name, uint16_t length) {
const uint64_t hash = ComputeHash(name, length);
uint32_t ent = hash & (hash_table_size - 1);
/*
* We over-allocated the table, so we're guaranteed to find an empty slot.
* Further, we guarantee that the hashtable size is not 0.
*/
while (hash_table[ent].name != NULL) {
if (hash_table[ent].name_length == length &&
memcmp(hash_table[ent].name, name, length) == 0) {
// We've found a duplicate entry. We don't accept it
ALOGW("Zip: Found duplicate entry %.*s", length, name);
return kDuplicateEntry;
}
ent = (ent + 1) & (hash_table_size - 1);
}
hash_table[ent].name = name;
hash_table[ent].name_length = length;
return 0;
}
/*
* Get 2 little-endian bytes.
*/
static uint16_t get2LE(const uint8_t* src) {
return src[0] | (src[1] << 8);
}
/*
* Get 4 little-endian bytes.
*/
static uint32_t get4LE(const uint8_t* src) {
uint32_t result;
result = src[0];
result |= src[1] << 8;
result |= src[2] << 16;
result |= src[3] << 24;
return result;
}
static int32_t MapCentralDirectory0(int fd, const char* debug_file_name,
ZipArchive* archive, off64_t file_length,
uint32_t read_amount, uint8_t* scan_buffer) {
const off64_t search_start = file_length - read_amount;
if (lseek64(fd, search_start, SEEK_SET) != search_start) {
ALOGW("Zip: seek %" PRId64 " failed: %s", search_start, strerror(errno));
return kIoError;
}
ssize_t actual = TEMP_FAILURE_RETRY(read(fd, scan_buffer, read_amount));
if (actual != (ssize_t) read_amount) {
ALOGW("Zip: read %u failed: %s", read_amount, strerror(errno));
return kIoError;
}
/*
* Scan backward for the EOCD magic. In an archive without a trailing
* comment, we'll find it on the first try. (We may want to consider
* doing an initial minimal read; if we don't find it, retry with a
* second read as above.)
*/
int i;
for (i = read_amount - kEOCDLen; i >= 0; i--) {
if (scan_buffer[i] == 0x50 && get4LE(&scan_buffer[i]) == kEOCDSignature) {
ALOGV("+++ Found EOCD at buf+%d", i);
break;
}
}
if (i < 0) {
ALOGD("Zip: EOCD not found, %s is not zip", debug_file_name);
return kInvalidFile;
}
const off64_t eocd_offset = search_start + i;
const uint8_t* eocd_ptr = scan_buffer + i;
assert(eocd_offset < file_length);
/*
* Grab the CD offset and size, and the number of entries in the
* archive. Verify that they look reasonable. Widen dir_size and
* dir_offset to the file offset type.
*/
const uint16_t num_entries = get2LE(eocd_ptr + kEOCDNumEntries);
const off64_t dir_size = get4LE(eocd_ptr + kEOCDSize);
const off64_t dir_offset = get4LE(eocd_ptr + kEOCDFileOffset);
if (dir_offset + dir_size > eocd_offset) {
ALOGW("Zip: bad offsets (dir %" PRId64 ", size %" PRId64 ", eocd %" PRId64 ")",
dir_offset, dir_size, eocd_offset);
return kInvalidOffset;
}
if (num_entries == 0) {
ALOGW("Zip: empty archive?");
return kEmptyArchive;
}
ALOGV("+++ num_entries=%d dir_size=%" PRId64 " dir_offset=%" PRId64,
num_entries, dir_size, dir_offset);
/*
* It all looks good. Create a mapping for the CD, and set the fields
* in archive.
*/
android::FileMap* map = MapFileSegment(fd, dir_offset, dir_size,
true /* read only */, debug_file_name);
if (map == NULL) {
archive->directory_map = NULL;
return kMmapFailed;
}
archive->directory_map = map;
archive->num_entries = num_entries;
archive->directory_offset = dir_offset;
return 0;
}
/*
* Find the zip Central Directory and memory-map it.
*
* On success, returns 0 after populating fields from the EOCD area:
* directory_offset
* directory_map
* num_entries
*/
static int32_t MapCentralDirectory(int fd, const char* debug_file_name,
ZipArchive* archive) {
// Test file length. We use lseek64 to make sure the file
// is small enough to be a zip file (Its size must be less than
// 0xffffffff bytes).
off64_t file_length = lseek64(fd, 0, SEEK_END);
if (file_length == -1) {
ALOGV("Zip: lseek on fd %d failed", fd);
return kInvalidFile;
}
if (file_length > (off64_t) 0xffffffff) {
ALOGV("Zip: zip file too long %" PRId64, file_length);
return kInvalidFile;
}
if (file_length < (int64_t) kEOCDLen) {
ALOGV("Zip: length %" PRId64 " is too small to be zip", file_length);
return kInvalidFile;
}
/*
* Perform the traditional EOCD snipe hunt.
*
* We're searching for the End of Central Directory magic number,
* which appears at the start of the EOCD block. It's followed by
* 18 bytes of EOCD stuff and up to 64KB of archive comment. We
* need to read the last part of the file into a buffer, dig through
* it to find the magic number, parse some values out, and use those
* to determine the extent of the CD.
*
* We start by pulling in the last part of the file.
*/
uint32_t read_amount = kMaxEOCDSearch;
if (file_length < (off64_t) read_amount) {
read_amount = file_length;
}
uint8_t* scan_buffer = (uint8_t*) malloc(read_amount);
int32_t result = MapCentralDirectory0(fd, debug_file_name, archive,
file_length, read_amount, scan_buffer);
free(scan_buffer);
return result;
}
/*
* Parses the Zip archive's Central Directory. Allocates and populates the
* hash table.
*
* Returns 0 on success.
*/
static int32_t ParseZipArchive(ZipArchive* archive) {
int32_t result = -1;
const uint8_t* cd_ptr = (const uint8_t*) archive->directory_map->getDataPtr();
size_t cd_length = archive->directory_map->getDataLength();
uint16_t num_entries = archive->num_entries;
/*
* Create hash table. We have a minimum 75% load factor, possibly as
* low as 50% after we round off to a power of 2. There must be at
* least one unused entry to avoid an infinite loop during creation.
*/
archive->hash_table_size = RoundUpPower2(1 + (num_entries * 4) / 3);
archive->hash_table = (ZipEntryName*) calloc(archive->hash_table_size,
sizeof(ZipEntryName));
/*
* Walk through the central directory, adding entries to the hash
* table and verifying values.
*/
const uint8_t* ptr = cd_ptr;
for (uint16_t i = 0; i < num_entries; i++) {
if (get4LE(ptr) != kCDESignature) {
ALOGW("Zip: missed a central dir sig (at %d)", i);
goto bail;
}
if (ptr + kCDELen > cd_ptr + cd_length) {
ALOGW("Zip: ran off the end (at %d)", i);
goto bail;
}
const off64_t local_header_offset = get4LE(ptr + kCDELocalOffset);
if (local_header_offset >= archive->directory_offset) {
ALOGW("Zip: bad LFH offset %" PRId64 " at entry %d", local_header_offset, i);
goto bail;
}
const uint16_t file_name_length = get2LE(ptr + kCDENameLen);
const uint16_t extra_length = get2LE(ptr + kCDEExtraLen);
const uint16_t comment_length = get2LE(ptr + kCDECommentLen);
/* add the CDE filename to the hash table */
const int add_result = AddToHash(archive->hash_table,
archive->hash_table_size, (const char*) ptr + kCDELen, file_name_length);
if (add_result) {
ALOGW("Zip: Error adding entry to hash table %d", add_result);
result = add_result;
goto bail;
}
ptr += kCDELen + file_name_length + extra_length + comment_length;
if ((size_t)(ptr - cd_ptr) > cd_length) {
ALOGW("Zip: bad CD advance (%zu vs %zu) at entry %d",
(size_t) (ptr - cd_ptr), cd_length, i);
goto bail;
}
}
ALOGV("+++ zip good scan %d entries", num_entries);
result = 0;
bail:
return result;
}
static int32_t OpenArchiveInternal(ZipArchive* archive,
const char* debug_file_name) {
int32_t result = -1;
if ((result = MapCentralDirectory(archive->fd, debug_file_name, archive))) {
return result;
}
if ((result = ParseZipArchive(archive))) {
return result;
}
return 0;
}
int32_t OpenArchiveFd(int fd, const char* debug_file_name,
ZipArchiveHandle* handle) {
ZipArchive* archive = (ZipArchive*) malloc(sizeof(ZipArchive));
memset(archive, 0, sizeof(*archive));
*handle = archive;
archive->fd = fd;
return OpenArchiveInternal(archive, debug_file_name);
}
int32_t OpenArchive(const char* fileName, ZipArchiveHandle* handle) {
ZipArchive* archive = (ZipArchive*) malloc(sizeof(ZipArchive));
memset(archive, 0, sizeof(*archive));
*handle = archive;
const int fd = open(fileName, O_RDONLY | O_BINARY, 0);
if (fd < 0) {
ALOGW("Unable to open '%s': %s", fileName, strerror(errno));
return kIoError;
} else {
archive->fd = fd;
}
return OpenArchiveInternal(archive, fileName);
}
/*
* Close a ZipArchive, closing the file and freeing the contents.
*/
void CloseArchive(ZipArchiveHandle handle) {
ZipArchive* archive = (ZipArchive*) handle;
ALOGV("Closing archive %p", archive);
if (archive->fd >= 0) {
close(archive->fd);
}
if (archive->directory_map != NULL) {
archive->directory_map->release();
}
free(archive->hash_table);
free(archive);
}
static int32_t UpdateEntryFromDataDescriptor(int fd,
ZipEntry *entry) {
uint8_t ddBuf[kDDMaxLen];
ssize_t actual = TEMP_FAILURE_RETRY(read(fd, ddBuf, sizeof(ddBuf)));
if (actual != sizeof(ddBuf)) {
return kIoError;
}
const uint32_t ddSignature = get4LE(ddBuf);
uint16_t ddOffset = 0;
if (ddSignature == kDDOptSignature) {
ddOffset = 4;
}
entry->crc32 = get4LE(ddBuf + ddOffset + kDDCrc32);
entry->compressed_length = get4LE(ddBuf + ddOffset + kDDCompLen);
entry->uncompressed_length = get4LE(ddBuf + ddOffset + kDDUncompLen);
return 0;
}
// Attempts to read |len| bytes into |buf| at offset |off|.
//
// This method uses pread64 on platforms that support it and
// lseek64 + read on platforms that don't. This implies that
// callers should not rely on the |fd| offset being incremented
// as a side effect of this call.
static inline ssize_t ReadAtOffset(int fd, uint8_t* buf, size_t len,
off64_t off) {
#ifdef HAVE_PREAD
return TEMP_FAILURE_RETRY(pread64(fd, buf, len, off));
#else
// The only supported platform that doesn't support pread at the moment
// is Windows. Only recent versions of windows support unix like forks,
// and even there the semantics are quite different.
if (lseek64(fd, off, SEEK_SET) != off) {
ALOGW("Zip: failed seek to offset %" PRId64, off);
return kIoError;
}
return TEMP_FAILURE_RETRY(read(fd, buf, len));
#endif // HAVE_PREAD
}
static int32_t FindEntry(const ZipArchive* archive, const int ent,
ZipEntry* data) {
const uint16_t nameLen = archive->hash_table[ent].name_length;
const char* name = archive->hash_table[ent].name;
// Recover the start of the central directory entry from the filename
// pointer. The filename is the first entry past the fixed-size data,
// so we can just subtract back from that.
const unsigned char* ptr = (const unsigned char*) name;
ptr -= kCDELen;
// This is the base of our mmapped region, we have to sanity check that
// the name that's in the hash table is a pointer to a location within
// this mapped region.
const unsigned char* base_ptr = (const unsigned char*)
archive->directory_map->getDataPtr();
if (ptr < base_ptr || ptr > base_ptr + archive->directory_map->getDataLength()) {
ALOGW("Zip: Invalid entry pointer");
return kInvalidOffset;
}
// The offset of the start of the central directory in the zipfile.
// We keep this lying around so that we can sanity check all our lengths
// and our per-file structures.
const off64_t cd_offset = archive->directory_offset;
// Fill out the compression method, modification time, crc32
// and other interesting attributes from the central directory. These
// will later be compared against values from the local file header.
data->method = get2LE(ptr + kCDEMethod);
data->mod_time = get4LE(ptr + kCDEModWhen);
data->crc32 = get4LE(ptr + kCDECRC);
data->compressed_length = get4LE(ptr + kCDECompLen);
data->uncompressed_length = get4LE(ptr + kCDEUncompLen);
// Figure out the local header offset from the central directory. The
// actual file data will begin after the local header and the name /
// extra comments.
const off64_t local_header_offset = get4LE(ptr + kCDELocalOffset);
if (local_header_offset + (off64_t) kLFHLen >= cd_offset) {
ALOGW("Zip: bad local hdr offset in zip");
return kInvalidOffset;
}
uint8_t lfh_buf[kLFHLen];
ssize_t actual = ReadAtOffset(archive->fd, lfh_buf, sizeof(lfh_buf),
local_header_offset);
if (actual != sizeof(lfh_buf)) {
ALOGW("Zip: failed reading lfh name from offset %" PRId64, local_header_offset);
return kIoError;
}
if (get4LE(lfh_buf) != kLFHSignature) {
ALOGW("Zip: didn't find signature at start of lfh, offset=%" PRId64,
local_header_offset);
return kInvalidOffset;
}
// Paranoia: Match the values specified in the local file header
// to those specified in the central directory.
const uint16_t lfhGpbFlags = get2LE(lfh_buf + kLFHGPBFlags);
const uint16_t lfhNameLen = get2LE(lfh_buf + kLFHNameLen);
const uint16_t lfhExtraLen = get2LE(lfh_buf + kLFHExtraLen);
if ((lfhGpbFlags & kGPBDDFlagMask) == 0) {
const uint32_t lfhCrc = get4LE(lfh_buf + kLFHCRC);
const uint32_t lfhCompLen = get4LE(lfh_buf + kLFHCompLen);
const uint32_t lfhUncompLen = get4LE(lfh_buf + kLFHUncompLen);
data->has_data_descriptor = 0;
if (data->compressed_length != lfhCompLen || data->uncompressed_length != lfhUncompLen
|| data->crc32 != lfhCrc) {
ALOGW("Zip: size/crc32 mismatch. expected {%d, %d, %x}, was {%d, %d, %x}",
data->compressed_length, data->uncompressed_length, data->crc32,
lfhCompLen, lfhUncompLen, lfhCrc);
return kInconsistentInformation;
}
} else {
data->has_data_descriptor = 1;
}
// Check that the local file header name matches the declared
// name in the central directory.
if (lfhNameLen == nameLen) {
const off64_t name_offset = local_header_offset + kLFHLen;
if (name_offset + lfhNameLen >= cd_offset) {
ALOGW("Zip: Invalid declared length");
return kInvalidOffset;
}
uint8_t* name_buf = (uint8_t*) malloc(nameLen);
ssize_t actual = ReadAtOffset(archive->fd, name_buf, nameLen,
name_offset);
if (actual != nameLen) {
ALOGW("Zip: failed reading lfh name from offset %" PRId64, name_offset);
free(name_buf);
return kIoError;
}
if (memcmp(name, name_buf, nameLen)) {
free(name_buf);
return kInconsistentInformation;
}
free(name_buf);
} else {
ALOGW("Zip: lfh name did not match central directory.");
return kInconsistentInformation;
}
const off64_t data_offset = local_header_offset + kLFHLen + lfhNameLen + lfhExtraLen;
if (data_offset > cd_offset) {
ALOGW("Zip: bad data offset %" PRId64 " in zip", data_offset);
return kInvalidOffset;
}
if ((off64_t)(data_offset + data->compressed_length) > cd_offset) {
ALOGW("Zip: bad compressed length in zip (%" PRId64 " + %zd > %" PRId64 ")",
data_offset, data->compressed_length, cd_offset);
return kInvalidOffset;
}
if (data->method == kCompressStored &&
(off64_t)(data_offset + data->uncompressed_length) > cd_offset) {
ALOGW("Zip: bad uncompressed length in zip (%" PRId64 " + %d > %" PRId64 ")",
data_offset, data->uncompressed_length, cd_offset);
return kInvalidOffset;
}
data->offset = data_offset;
return 0;
}
struct IterationHandle {
uint32_t position;
const char* prefix;
uint16_t prefix_len;
ZipArchive* archive;
};
int32_t StartIteration(ZipArchiveHandle handle, void** cookie_ptr, const char* prefix) {
ZipArchive* archive = (ZipArchive *) handle;
if (archive == NULL || archive->hash_table == NULL) {
ALOGW("Zip: Invalid ZipArchiveHandle");
return kInvalidHandle;
}
IterationHandle* cookie = (IterationHandle*) malloc(sizeof(IterationHandle));
cookie->position = 0;
cookie->prefix = prefix;
cookie->archive = archive;
if (prefix != NULL) {
cookie->prefix_len = strlen(prefix);
}
*cookie_ptr = cookie ;
return 0;
}
int32_t FindEntry(const ZipArchiveHandle handle, const char* entryName,
ZipEntry* data) {
const ZipArchive* archive = (ZipArchive*) handle;
const int nameLen = strlen(entryName);
if (nameLen == 0 || nameLen > 65535) {
ALOGW("Zip: Invalid filename %s", entryName);
return kInvalidEntryName;
}
const int64_t ent = EntryToIndex(archive->hash_table,
archive->hash_table_size, entryName, nameLen);
if (ent < 0) {
ALOGV("Zip: Could not find entry %.*s", nameLen, entryName);
return ent;
}
return FindEntry(archive, ent, data);
}
int32_t Next(void* cookie, ZipEntry* data, ZipEntryName* name) {
IterationHandle* handle = (IterationHandle *) cookie;
if (handle == NULL) {
return kInvalidHandle;
}
ZipArchive* archive = handle->archive;
if (archive == NULL || archive->hash_table == NULL) {
ALOGW("Zip: Invalid ZipArchiveHandle");
return kInvalidHandle;
}
const uint32_t currentOffset = handle->position;
const uint32_t hash_table_length = archive->hash_table_size;
const ZipEntryName *hash_table = archive->hash_table;
for (uint32_t i = currentOffset; i < hash_table_length; ++i) {
if (hash_table[i].name != NULL &&
(handle->prefix == NULL ||
(memcmp(handle->prefix, hash_table[i].name, handle->prefix_len) == 0))) {
handle->position = (i + 1);
const int error = FindEntry(archive, i, data);
if (!error) {
name->name = hash_table[i].name;
name->name_length = hash_table[i].name_length;
}
return error;
}
}
handle->position = 0;
return kIterationEnd;
}
static int32_t InflateToFile(int fd, const ZipEntry* entry,
uint8_t* begin, uint32_t length,
uint64_t* crc_out) {
int32_t result = -1;
const uint32_t kBufSize = 32768;
uint8_t read_buf[kBufSize];
uint8_t write_buf[kBufSize];
z_stream zstream;
int zerr;
/*
* Initialize the zlib stream struct.
*/
memset(&zstream, 0, sizeof(zstream));
zstream.zalloc = Z_NULL;
zstream.zfree = Z_NULL;
zstream.opaque = Z_NULL;
zstream.next_in = NULL;
zstream.avail_in = 0;
zstream.next_out = (Bytef*) write_buf;
zstream.avail_out = kBufSize;
zstream.data_type = Z_UNKNOWN;
/*
* Use the undocumented "negative window bits" feature to tell zlib
* that there's no zlib header waiting for it.
*/
zerr = inflateInit2(&zstream, -MAX_WBITS);
if (zerr != Z_OK) {
if (zerr == Z_VERSION_ERROR) {
ALOGE("Installed zlib is not compatible with linked version (%s)",
ZLIB_VERSION);
} else {
ALOGW("Call to inflateInit2 failed (zerr=%d)", zerr);
}
return kZlibError;
}
const uint32_t uncompressed_length = entry->uncompressed_length;
uint32_t compressed_length = entry->compressed_length;
uint32_t write_count = 0;
do {
/* read as much as we can */
if (zstream.avail_in == 0) {
const ssize_t getSize = (compressed_length > kBufSize) ? kBufSize : compressed_length;
const ssize_t actual = TEMP_FAILURE_RETRY(read(fd, read_buf, getSize));
if (actual != getSize) {
ALOGW("Zip: inflate read failed (%zd vs %zd)", actual, getSize);
result = kIoError;
goto z_bail;
}
compressed_length -= getSize;
zstream.next_in = read_buf;
zstream.avail_in = getSize;
}
/* uncompress the data */
zerr = inflate(&zstream, Z_NO_FLUSH);
if (zerr != Z_OK && zerr != Z_STREAM_END) {
ALOGW("Zip: inflate zerr=%d (nIn=%p aIn=%u nOut=%p aOut=%u)",
zerr, zstream.next_in, zstream.avail_in,
zstream.next_out, zstream.avail_out);
result = kZlibError;
goto z_bail;
}
/* write when we're full or when we're done */
if (zstream.avail_out == 0 ||
(zerr == Z_STREAM_END && zstream.avail_out != kBufSize)) {
const size_t write_size = zstream.next_out - write_buf;
// The file might have declared a bogus length.
if (write_size + write_count > length) {
goto z_bail;
}
memcpy(begin + write_count, write_buf, write_size);
write_count += write_size;
zstream.next_out = write_buf;
zstream.avail_out = kBufSize;
}
} while (zerr == Z_OK);
assert(zerr == Z_STREAM_END); /* other errors should've been caught */
// stream.adler holds the crc32 value for such streams.
*crc_out = zstream.adler;
if (zstream.total_out != uncompressed_length || compressed_length != 0) {
ALOGW("Zip: size mismatch on inflated file (%ld vs %u)",
zstream.total_out, uncompressed_length);
result = kInconsistentInformation;
goto z_bail;
}
result = 0;
z_bail:
inflateEnd(&zstream); /* free up any allocated structures */
return result;
}
int32_t ExtractToMemory(ZipArchiveHandle handle,
ZipEntry* entry, uint8_t* begin, uint32_t size) {
ZipArchive* archive = (ZipArchive*) handle;
const uint16_t method = entry->method;
off64_t data_offset = entry->offset;
if (lseek64(archive->fd, data_offset, SEEK_SET) != data_offset) {
ALOGW("Zip: lseek to data at %" PRId64 " failed", data_offset);
return kIoError;
}
// this should default to kUnknownCompressionMethod.
int32_t return_value = -1;
uint64_t crc = 0;
if (method == kCompressStored) {
return_value = CopyFileToFile(archive->fd, begin, size, &crc);
} else if (method == kCompressDeflated) {
return_value = InflateToFile(archive->fd, entry, begin, size, &crc);
}
if (!return_value && entry->has_data_descriptor) {
return_value = UpdateEntryFromDataDescriptor(archive->fd, entry);
if (return_value) {
return return_value;
}
}
// TODO: Fix this check by passing the right flags to inflate2 so that
// it calculates the CRC for us.
if (entry->crc32 != crc && false) {
ALOGW("Zip: crc mismatch: expected %u, was %" PRIu64, entry->crc32, crc);
return kInconsistentInformation;
}
return return_value;
}
int32_t ExtractEntryToFile(ZipArchiveHandle handle,
ZipEntry* entry, int fd) {
const int32_t declared_length = entry->uncompressed_length;
const off64_t current_offset = lseek64(fd, 0, SEEK_CUR);
if (current_offset == -1) {
ALOGW("Zip: unable to seek to current location on fd %d: %s", fd,
strerror(errno));
return kIoError;
}
int result = TEMP_FAILURE_RETRY(ftruncate(fd, declared_length + current_offset));
if (result == -1) {
ALOGW("Zip: unable to truncate file to %" PRId64 ": %s",
declared_length + current_offset, strerror(errno));
return kIoError;
}
// Don't attempt to map a region of length 0. We still need the
// ftruncate() though, since the API guarantees that we will truncate
// the file to the end of the uncompressed output.
if (declared_length == 0) {
return 0;
}
android::FileMap* map = MapFileSegment(fd, current_offset, declared_length,
false, kTempMappingFileName);
if (map == NULL) {
return kMmapFailed;
}
const int32_t error = ExtractToMemory(handle, entry,
reinterpret_cast<uint8_t*>(map->getDataPtr()),
map->getDataLength());
map->release();
return error;
}
const char* ErrorCodeString(int32_t error_code) {
if (error_code > kErrorMessageLowerBound && error_code < kErrorMessageUpperBound) {
return kErrorMessages[error_code * -1];
}
return kErrorMessages[0];
}
int GetFileDescriptor(const ZipArchiveHandle handle) {
return ((ZipArchive*) handle)->fd;
}