summaryrefslogtreecommitdiffstats
path: root/src/liblzma/common/lzip_decoder.c
blob: 651a0ae712c837590ca6c88e735d8d3300efc90e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
// SPDX-License-Identifier: 0BSD

///////////////////////////////////////////////////////////////////////////////
//
/// \file       lzip_decoder.c
/// \brief      Decodes .lz (lzip) files
//
//  Author:     Michał Górny
//              Lasse Collin
//
///////////////////////////////////////////////////////////////////////////////

#include "lzip_decoder.h"
#include "lzma_decoder.h"
#include "check.h"


// .lz format version 0 lacks the 64-bit Member size field in the footer.
#define LZIP_V0_FOOTER_SIZE 12
#define LZIP_V1_FOOTER_SIZE 20
#define LZIP_FOOTER_SIZE_MAX LZIP_V1_FOOTER_SIZE

// lc/lp/pb are hardcoded in the .lz format.
#define LZIP_LC 3
#define LZIP_LP 0
#define LZIP_PB 2


typedef struct {
	enum {
		SEQ_ID_STRING,
		SEQ_VERSION,
		SEQ_DICT_SIZE,
		SEQ_CODER_INIT,
		SEQ_LZMA_STREAM,
		SEQ_MEMBER_FOOTER,
	} sequence;

	/// .lz member format version
	uint32_t version;

	/// CRC32 of the uncompressed data in the .lz member
	uint32_t crc32;

	/// Uncompressed size of the .lz member
	uint64_t uncompressed_size;

	/// Compressed size of the .lz member
	uint64_t member_size;

	/// Memory usage limit
	uint64_t memlimit;

	/// Amount of memory actually needed
	uint64_t memusage;

	/// If true, LZMA_GET_CHECK is returned after decoding the header
	/// fields. As all files use CRC32 this is redundant but it's
	/// implemented anyway since the initialization functions supports
	/// all other flags in addition to LZMA_TELL_ANY_CHECK.
	bool tell_any_check;

	/// If true, we won't calculate or verify the CRC32 of
	/// the uncompressed data.
	bool ignore_check;

	/// If true, we will decode concatenated .lz members and stop if
	/// non-.lz data is seen after at least one member has been
	/// successfully decoded.
	bool concatenated;

	/// When decoding concatenated .lz members, this is true as long as
	/// we are decoding the first .lz member. This is needed to avoid
	/// incorrect LZMA_FORMAT_ERROR in case there is non-.lz data at
	/// the end of the file.
	bool first_member;

	/// Reading position in the header and footer fields
	size_t pos;

	/// Buffer to hold the .lz footer fields
	uint8_t buffer[LZIP_FOOTER_SIZE_MAX];

	/// Options decoded from the .lz header that needed to initialize
	/// the LZMA1 decoder.
	lzma_options_lzma options;

	/// LZMA1 decoder
	lzma_next_coder lzma_decoder;

} lzma_lzip_coder;


static lzma_ret
lzip_decode(void *coder_ptr, const lzma_allocator *allocator,
		const uint8_t *restrict in, size_t *restrict in_pos,
		size_t in_size, uint8_t *restrict out,
		size_t *restrict out_pos, size_t out_size, lzma_action action)
{
	lzma_lzip_coder *coder = coder_ptr;

	while (true)
	switch (coder->sequence) {
	case SEQ_ID_STRING: {
		// The "ID string" or magic bytes are "LZIP" in US-ASCII.
		const uint8_t lzip_id_string[4] = { 0x4C, 0x5A, 0x49, 0x50 };

		while (coder->pos < sizeof(lzip_id_string)) {
			if (*in_pos >= in_size) {
				// If we are on the 2nd+ concatenated member
				// and the input ends before we can read
				// the magic bytes, we discard the bytes that
				// were already read (up to 3) and finish.
				// See the reasoning below.
				return !coder->first_member
						&& action == LZMA_FINISH
					? LZMA_STREAM_END : LZMA_OK;
			}

			if (in[*in_pos] != lzip_id_string[coder->pos]) {
				// The .lz format allows putting non-.lz data
				// at the end of the file. If we have seen
				// at least one valid .lz member already,
				// then we won't consume the byte at *in_pos
				// and will return LZMA_STREAM_END. This way
				// apps can easily locate and read the non-.lz
				// data after the .lz member(s).
				//
				// NOTE: If the first 1-3 bytes of the non-.lz
				// data match the .lz ID string then the first
				// 1-3 bytes of the junk will get ignored by
				// us. If apps want to properly locate the
				// trailing data they must ensure that the
				// first byte of their custom data isn't the
				// same as the first byte of .lz ID string.
				// With the liblzma API we cannot rewind the
				// input position across calls to lzma_code().
				return !coder->first_member
					? LZMA_STREAM_END : LZMA_FORMAT_ERROR;
			}

			++*in_pos;
			++coder->pos;
		}

		coder->pos = 0;

		coder->crc32 = 0;
		coder->uncompressed_size = 0;
		coder->member_size = sizeof(lzip_id_string);

		coder->sequence = SEQ_VERSION;
	}

	// Fall through

	case SEQ_VERSION:
		if (*in_pos >= in_size)
			return LZMA_OK;

		coder->version = in[(*in_pos)++];

		// We support version 0 and unextended version 1.
		if (coder->version > 1)
			return LZMA_OPTIONS_ERROR;

		++coder->member_size;
		coder->sequence = SEQ_DICT_SIZE;

		// .lz versions 0 and 1 use CRC32 as the integrity check
		// so if the application wanted to know that
		// (LZMA_TELL_ANY_CHECK) we can tell it now.
		if (coder->tell_any_check)
			return LZMA_GET_CHECK;

	// Fall through

	case SEQ_DICT_SIZE: {
		if (*in_pos >= in_size)
			return LZMA_OK;

		const uint32_t ds = in[(*in_pos)++];
		++coder->member_size;

		// The five lowest bits are for the base-2 logarithm of
		// the dictionary size and the highest three bits are
		// the fractional part (0/16 to 7/16) that will be
		// subtracted to get the final value.
		//
		// For example, with 0xB5:
		//     b2log = 21
		//     fracnum = 5
		//     dict_size = 2^21 - 2^21 * 5 / 16 = 1408 KiB
		const uint32_t b2log = ds & 0x1F;
		const uint32_t fracnum = ds >> 5;

		// The format versions 0 and 1 allow dictionary size in the
		// range [4 KiB, 512 MiB].
		if (b2log < 12 || b2log > 29 || (b2log == 12 && fracnum > 0))
			return LZMA_DATA_ERROR;

		//   2^[b2log] - 2^[b2log] * [fracnum] / 16
		// = 2^[b2log] - [fracnum] * 2^([b2log] - 4)
		coder->options.dict_size = (UINT32_C(1) << b2log)
				- (fracnum << (b2log - 4));

		assert(coder->options.dict_size >= 4096);
		assert(coder->options.dict_size <= (UINT32_C(512) << 20));

		coder->options.preset_dict = NULL;
		coder->options.lc = LZIP_LC;
		coder->options.lp = LZIP_LP;
		coder->options.pb = LZIP_PB;

		// Calculate the memory usage.
		coder->memusage = lzma_lzma_decoder_memusage(&coder->options)
				+ LZMA_MEMUSAGE_BASE;

		// Initialization is a separate step because if we return
		// LZMA_MEMLIMIT_ERROR we need to be able to restart after
		// the memlimit has been increased.
		coder->sequence = SEQ_CODER_INIT;
	}

	// Fall through

	case SEQ_CODER_INIT: {
		if (coder->memusage > coder->memlimit)
			return LZMA_MEMLIMIT_ERROR;

		const lzma_filter_info filters[2] = {
			{
				.id = LZMA_FILTER_LZMA1,
				.init = &lzma_lzma_decoder_init,
				.options = &coder->options,
			}, {
				.init = NULL,
			}
		};

		return_if_error(lzma_next_filter_init(&coder->lzma_decoder,
				allocator, filters));

		coder->crc32 = 0;
		coder->sequence = SEQ_LZMA_STREAM;
	}

	// Fall through

	case SEQ_LZMA_STREAM: {
		const size_t in_start = *in_pos;
		const size_t out_start = *out_pos;

		const lzma_ret ret = coder->lzma_decoder.code(
				coder->lzma_decoder.coder, allocator,
				in, in_pos, in_size, out, out_pos, out_size,
				action);

		const size_t out_used = *out_pos - out_start;

		coder->member_size += *in_pos - in_start;
		coder->uncompressed_size += out_used;

		// Don't update the CRC32 if the integrity check will be
		// ignored or if there was no new output. The latter is
		// important in case out == NULL to avoid null pointer + 0
		// which is undefined behavior.
		if (!coder->ignore_check && out_used > 0)
			coder->crc32 = lzma_crc32(out + out_start, out_used,
					coder->crc32);

		if (ret != LZMA_STREAM_END)
			return ret;

		coder->sequence = SEQ_MEMBER_FOOTER;
	}

	// Fall through

	case SEQ_MEMBER_FOOTER: {
		// The footer of .lz version 0 lacks the Member size field.
		// This is the only difference between version 0 and
		// unextended version 1 formats.
		const size_t footer_size = coder->version == 0
				? LZIP_V0_FOOTER_SIZE
				: LZIP_V1_FOOTER_SIZE;

		// Copy the CRC32, Data size, and Member size fields to
		// the internal buffer.
		lzma_bufcpy(in, in_pos, in_size, coder->buffer, &coder->pos,
				footer_size);

		// Return if we didn't get the whole footer yet.
		if (coder->pos < footer_size)
			return LZMA_OK;

		coder->pos = 0;
		coder->member_size += footer_size;

		// Check that the footer fields match the observed data.
		if (!coder->ignore_check
				&& coder->crc32 != read32le(&coder->buffer[0]))
			return LZMA_DATA_ERROR;

		if (coder->uncompressed_size != read64le(&coder->buffer[4]))
			return LZMA_DATA_ERROR;

		if (coder->version > 0) {
			// .lz version 0 has no Member size field.
			if (coder->member_size != read64le(&coder->buffer[12]))
				return LZMA_DATA_ERROR;
		}

		// Decoding is finished if we weren't requested to decode
		// more than one .lz member.
		if (!coder->concatenated)
			return LZMA_STREAM_END;

		coder->first_member = false;
		coder->sequence = SEQ_ID_STRING;
		break;
	}

	default:
		assert(0);
		return LZMA_PROG_ERROR;
	}

	// Never reached
}


static void
lzip_decoder_end(void *coder_ptr, const lzma_allocator *allocator)
{
	lzma_lzip_coder *coder = coder_ptr;
	lzma_next_end(&coder->lzma_decoder, allocator);
	lzma_free(coder, allocator);
	return;
}


static lzma_check
lzip_decoder_get_check(const void *coder_ptr lzma_attribute((__unused__)))
{
	return LZMA_CHECK_CRC32;
}


static lzma_ret
lzip_decoder_memconfig(void *coder_ptr, uint64_t *memusage,
		uint64_t *old_memlimit, uint64_t new_memlimit)
{
	lzma_lzip_coder *coder = coder_ptr;

	*memusage = coder->memusage;
	*old_memlimit = coder->memlimit;

	if (new_memlimit != 0) {
		if (new_memlimit < coder->memusage)
			return LZMA_MEMLIMIT_ERROR;

		coder->memlimit = new_memlimit;
	}

	return LZMA_OK;
}


extern lzma_ret
lzma_lzip_decoder_init(
		lzma_next_coder *next, const lzma_allocator *allocator,
		uint64_t memlimit, uint32_t flags)
{
	lzma_next_coder_init(&lzma_lzip_decoder_init, next, allocator);

	if (flags & ~LZMA_SUPPORTED_FLAGS)
		return LZMA_OPTIONS_ERROR;

	lzma_lzip_coder *coder = next->coder;
	if (coder == NULL) {
		coder = lzma_alloc(sizeof(lzma_lzip_coder), allocator);
		if (coder == NULL)
			return LZMA_MEM_ERROR;

		next->coder = coder;
		next->code = &lzip_decode;
		next->end = &lzip_decoder_end;
		next->get_check = &lzip_decoder_get_check;
		next->memconfig = &lzip_decoder_memconfig;

		coder->lzma_decoder = LZMA_NEXT_CODER_INIT;
	}

	coder->sequence = SEQ_ID_STRING;
	coder->memlimit = my_max(1, memlimit);
	coder->memusage = LZMA_MEMUSAGE_BASE;
	coder->tell_any_check = (flags & LZMA_TELL_ANY_CHECK) != 0;
	coder->ignore_check = (flags & LZMA_IGNORE_CHECK) != 0;
	coder->concatenated = (flags & LZMA_CONCATENATED) != 0;
	coder->first_member = true;
	coder->pos = 0;

	return LZMA_OK;
}


extern LZMA_API(lzma_ret)
lzma_lzip_decoder(lzma_stream *strm, uint64_t memlimit, uint32_t flags)
{
	lzma_next_strm_init(lzma_lzip_decoder_init, strm, memlimit, flags);

	strm->internal->supported_actions[LZMA_RUN] = true;
	strm->internal->supported_actions[LZMA_FINISH] = true;

	return LZMA_OK;
}