/* Unzcrash - Tests robustness of decompressors to corrupted data.
Inspired by unzcrash.c from Julian Seward's bzip2.
Copyright (C) 2008, 2009, 2010, 2011, 2012, 2013, 2014
Antonio Diaz Diaz.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see .
*/
/*
Exit status: 0 for a normal exit, 1 for environmental problems
(file not found, invalid flags, I/O errors, etc), 2 to indicate a
corrupt or invalid input file, 3 for an internal consistency error
(eg, bug) which caused unzcrash to panic.
*/
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include "../arg_parser.h"
#if CHAR_BIT != 8
#error "Environments where CHAR_BIT != 8 are not supported."
#endif
namespace {
const char * const Program_name = "Unzcrash";
const char * const program_name = "unzcrash";
const char * const program_year = "2014";
const char * invocation_name = 0;
int verbosity = 0;
void show_help()
{
std::printf( "%s - Tests robustness of decompressors to corrupted data.\n", Program_name );
std::printf( "\nUsage: %s [options] \"lzip -tv\" filename.lz\n", invocation_name );
std::printf( "\nThis program reads the specified file and then repeatedly decompresses\n"
"it, increasing 256 times each byte of the compressed data, so as to test\n"
"all possible one-byte errors. This should not cause any invalid memory\n"
"accesses. If it does, please, report it as a bug.\n"
"\nOptions:\n"
" -h, --help display this help and exit\n"
" -V, --version output version information and exit\n"
" -b, --bits= test N-bit errors instead of full byte\n"
" -p, --position= first byte position to test [default 0]\n"
" -q, --quiet suppress all messages\n"
" -s, --size= number of byte positions to test [all]\n"
" -v, --verbose be verbose (a 2nd -v gives more)\n"
"Examples of : 1 1,2,3 1-4 1,3-5,8 1-3,5-8\n"
"\nExit status: 0 for a normal exit, 1 for environmental problems (file\n"
"not found, invalid flags, I/O errors, etc), 2 to indicate a corrupt or\n"
"invalid input file, 3 for an internal consistency error (eg, bug) which\n"
"caused unzcrash to panic.\n"
"\nReport bugs to lzip-bug@nongnu.org\n"
"Lziprecover home page: http://www.nongnu.org/lzip/lziprecover.html\n" );
}
void show_version()
{
std::printf( "%s %s\n", Program_name, PROGVERSION );
std::printf( "Copyright (C) %s Antonio Diaz Diaz.\n", program_year );
std::printf( "License GPLv3+: GNU GPL version 3 or later \n"
"This is free software: you are free to change and redistribute it.\n"
"There is NO WARRANTY, to the extent permitted by law.\n" );
}
void show_error( const char * const msg, const int errcode = 0,
const bool help = false )
{
if( verbosity >= 0 )
{
if( msg && msg[0] )
{
std::fprintf( stderr, "%s: %s", program_name, msg );
if( errcode > 0 )
std::fprintf( stderr, ": %s", std::strerror( errcode ) );
std::fprintf( stderr, "\n" );
}
if( help )
std::fprintf( stderr, "Try '%s --help' for more information.\n",
invocation_name );
}
}
void internal_error( const char * const msg )
{
if( verbosity >= 0 )
std::fprintf( stderr, "%s: internal error: %s\n", program_name, msg );
std::exit( 3 );
}
unsigned long long getnum( const char * const ptr,
const unsigned long long llimit,
const unsigned long long ulimit )
{
char * tail;
errno = 0;
unsigned long long result = strtoull( ptr, &tail, 0 );
if( tail == ptr )
{
show_error( "Bad or missing numerical argument.", 0, true );
std::exit( 1 );
}
if( !errno && tail[0] )
{
int factor = ( tail[1] == 'i' ) ? 1024 : 1000;
int exponent = 0;
bool bad_multiplier = false;
switch( tail[0] )
{
case ' ': break;
case 'Y': exponent = 8; break;
case 'Z': exponent = 7; break;
case 'E': exponent = 6; break;
case 'P': exponent = 5; break;
case 'T': exponent = 4; break;
case 'G': exponent = 3; break;
case 'M': exponent = 2; break;
case 'K': if( factor == 1024 ) exponent = 1; else bad_multiplier = true;
break;
case 'k': if( factor == 1000 ) exponent = 1; else bad_multiplier = true;
break;
default : bad_multiplier = true;
}
if( bad_multiplier )
{
show_error( "Bad multiplier in numerical argument.", 0, true );
std::exit( 1 );
}
for( int i = 0; i < exponent; ++i )
{
if( ulimit / factor >= result ) result *= factor;
else { errno = ERANGE; break; }
}
}
if( !errno && ( result < llimit || result > ulimit ) ) errno = ERANGE;
if( errno )
{
show_error( "Numerical argument out of limits." );
std::exit( 1 );
}
return result;
}
class Bitset8 // 8 value bitset (1 to 8)
{
bool data[8];
static bool valid_digit( const unsigned char ch )
{ return ( ch >= '1' && ch <= '8' ); }
public:
Bitset8() { for( int i = 0; i < 8; ++i ) data[i] = true; }
bool includes( const int i ) const
{ return ( i >= 1 && i <= 8 && data[i-1] ); }
// Recognized formats: 1 1,2,3 1-4 1,3-5,8 1-3,5-8
bool parse( const char * p )
{
for( int i = 0; i < 8; ++i ) data[i] = false;
while( true )
{
const unsigned char ch1 = *p++;
if( !valid_digit( ch1 ) ) break;
if( *p != '-' ) data[ch1-'1'] = true;
else
{
++p;
if( !valid_digit( *p ) || ch1 > *p ) break;
for( int c = ch1; c <= *p; ++c ) data[c-'1'] = true;
++p;
}
if( *p == 0 ) return true;
if( *p == ',' ) ++p; else break;
}
show_error( "Invalid value or range." );
return false;
}
// number of N-bit errors per byte (N=0 to 8): 1 8 28 56 70 56 28 8 1
void print() const
{
std::fflush( stderr );
int c = 0;
for( int i = 0; i < 8; ++i ) if( data[i] ) ++c;
if( c == 8 ) std::printf( "Testing full byte.\n" );
else if( c == 0 ) std::printf( "Nothing to test.\n" );
else
{
std::printf( "Testing " );
for( int i = 0; i < 8; ++i )
if( data[i] )
{
std::printf( "%d", i + 1 );
if( --c ) std::printf( "," );
}
std::printf( " bit errors.\n" );
}
std::fflush( stdout );
}
};
int differing_bits( const uint8_t byte1, const uint8_t byte2 )
{
int count = 0;
uint8_t dif = byte1 ^ byte2;
while( dif )
{ count += ( dif & 1 ); dif >>= 1; }
return count;
}
} // end namespace
int main( const int argc, const char * const argv[] )
{
enum { buffer_size = 3 << 20 };
Bitset8 bits; // if Bitset8::parse not called test full byte
int pos = 0;
int max_size = buffer_size;
invocation_name = argv[0];
const Arg_parser::Option options[] =
{
{ 'h', "help", Arg_parser::no },
{ 'b', "bits", Arg_parser::yes },
{ 'p', "position", Arg_parser::yes },
{ 'q', "quiet", Arg_parser::no },
{ 's', "size", Arg_parser::yes },
{ 'v', "verbose", Arg_parser::no },
{ 'V', "version", Arg_parser::no },
{ 0 , 0, Arg_parser::no } };
const Arg_parser parser( argc, argv, options );
if( parser.error().size() ) // bad option
{ show_error( parser.error().c_str(), 0, true ); return 1; }
int argind = 0;
for( ; argind < parser.arguments(); ++argind )
{
const int code = parser.code( argind );
if( !code ) break; // no more options
const char * const arg = parser.argument( argind ).c_str();
switch( code )
{
case 'h': show_help(); return 0;
case 'b': if( !bits.parse( arg ) ) return 1; break;
case 'p': pos = getnum( arg, 0, buffer_size - 1 ); break;
case 'q': verbosity = -1; break;
case 's': max_size = getnum( arg, 1, buffer_size ); break;
case 'v': if( verbosity < 4 ) ++verbosity; break;
case 'V': show_version(); return 0;
default : internal_error( "uncaught option." );
}
} // end process options
if( argind + 2 != parser.arguments() )
{
if( verbosity >= 0 )
std::fprintf( stderr, "Usage: %s \"lzip -tv\" filename.lz\n",
invocation_name );
return 1;
}
FILE *f = std::fopen( parser.argument( argind + 1 ).c_str(), "rb" );
if( !f )
{
if( verbosity >= 0 )
std::fprintf( stderr, "Can't open file '%s' for reading\n",
parser.argument( argind + 1 ).c_str() );
return 1;
}
uint8_t * const buffer = new uint8_t[buffer_size];
const int size = std::fread( buffer, 1, buffer_size, f );
if( size >= buffer_size )
{
if( verbosity >= 0 )
std::fprintf( stderr, "input file '%s' is too large.\n",
parser.argument( argind + 1 ).c_str() );
return 2;
}
std::fclose( f );
f = popen( parser.argument( argind ).c_str(), "w" );
if( !f )
{ show_error( "Can't open pipe", errno ); return 1; }
const int wr = std::fwrite( buffer, 1, size, f );
if( wr != size || pclose( f ) != 0 )
{
if( verbosity >= 0 )
std::fprintf( stderr, "Could not run '%s' : %s.\n",
parser.argument( argind ).c_str(), std::strerror( errno ) );
return 1;
}
std::signal( SIGPIPE, SIG_IGN );
if( verbosity >= 1 ) bits.print();
const int end = ( ( pos + max_size < size ) ? pos + max_size : size );
for( int i = pos; i < end; ++i )
{
if( verbosity >= 0 )
std::fprintf( stderr, "byte %d\n", i );
const uint8_t byte = buffer[i];
for( int j = 0; j < 255; ++j )
{
++buffer[i];
if( bits.includes( differing_bits( byte, buffer[i] ) ) )
{
f = popen( parser.argument( argind ).c_str(), "w" );
if( !f )
{ show_error( "Can't open pipe", errno ); return 1; }
std::fwrite( buffer, 1, size, f );
if( pclose( f ) == 0 && verbosity >= 0 )
std::fprintf( stderr, "0x%02X (0x%02X+0x%02X) passed the test\n",
buffer[i], byte, j + 1 );
}
}
buffer[i] = byte;
}
delete[] buffer;
return 0;
}