1 /*-
2 * Copyright (c) 2011 Michihiro NAKAJIMA
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26 #include "archive_platform.h"
27 __FBSDID("$FreeBSD$");
28
29 #ifdef HAVE_ERRNO_H
30 #include <errno.h>
31 #endif
32 #ifdef HAVE_STDLIB_H
33 #include <stdlib.h>
34 #endif
35 #ifdef HAVE_BZLIB_H
36 #include <cm3p/bzlib.h>
37 #endif
38 #ifdef HAVE_LZMA_H
39 #include <cm3p/lzma.h>
40 #endif
41 #ifdef HAVE_ZLIB_H
42 #include <cm3p/zlib.h>
43 #endif
44
45 #include "archive.h"
46 #include "archive_entry.h"
47 #include "archive_entry_locale.h"
48 #include "archive_ppmd7_private.h"
49 #include "archive_private.h"
50 #include "archive_read_private.h"
51 #include "archive_endian.h"
52
53 #ifndef HAVE_ZLIB_H
54 #include "archive_crc32.h"
55 #endif
56
57 #define _7ZIP_SIGNATURE "7z\xBC\xAF\x27\x1C"
58 #define SFX_MIN_ADDR 0x27000
59 #define SFX_MAX_ADDR 0x60000
60
61
62 /*
63 * Codec ID
64 */
65 #define _7Z_COPY 0
66 #define _7Z_LZMA 0x030101
67 #define _7Z_LZMA2 0x21
68 #define _7Z_DEFLATE 0x040108
69 #define _7Z_BZ2 0x040202
70 #define _7Z_PPMD 0x030401
71 #define _7Z_DELTA 0x03
72 #define _7Z_CRYPTO_MAIN_ZIP 0x06F10101 /* Main Zip crypto algo */
73 #define _7Z_CRYPTO_RAR_29 0x06F10303 /* Rar29 AES-128 + (modified SHA-1) */
74 #define _7Z_CRYPTO_AES_256_SHA_256 0x06F10701 /* AES-256 + SHA-256 */
75
76
77 #define _7Z_X86 0x03030103
78 #define _7Z_X86_BCJ2 0x0303011B
79 #define _7Z_POWERPC 0x03030205
80 #define _7Z_IA64 0x03030401
81 #define _7Z_ARM 0x03030501
82 #define _7Z_ARMTHUMB 0x03030701
83 #define _7Z_SPARC 0x03030805
84
85 /*
86 * 7-Zip header property IDs.
87 */
88 #define kEnd 0x00
89 #define kHeader 0x01
90 #define kArchiveProperties 0x02
91 #define kAdditionalStreamsInfo 0x03
92 #define kMainStreamsInfo 0x04
93 #define kFilesInfo 0x05
94 #define kPackInfo 0x06
95 #define kUnPackInfo 0x07
96 #define kSubStreamsInfo 0x08
97 #define kSize 0x09
98 #define kCRC 0x0A
99 #define kFolder 0x0B
100 #define kCodersUnPackSize 0x0C
101 #define kNumUnPackStream 0x0D
102 #define kEmptyStream 0x0E
103 #define kEmptyFile 0x0F
104 #define kAnti 0x10
105 #define kName 0x11
106 #define kCTime 0x12
107 #define kATime 0x13
108 #define kMTime 0x14
109 #define kAttributes 0x15
110 #define kEncodedHeader 0x17
111 #define kDummy 0x19
112
113 struct _7z_digests {
114 unsigned char *defineds;
115 uint32_t *digests;
116 };
117
118
119 struct _7z_folder {
120 uint64_t numCoders;
121 struct _7z_coder {
122 unsigned long codec;
123 uint64_t numInStreams;
124 uint64_t numOutStreams;
125 uint64_t propertiesSize;
126 unsigned char *properties;
127 } *coders;
128 uint64_t numBindPairs;
129 struct {
130 uint64_t inIndex;
131 uint64_t outIndex;
132 } *bindPairs;
133 uint64_t numPackedStreams;
134 uint64_t *packedStreams;
135 uint64_t numInStreams;
136 uint64_t numOutStreams;
137 uint64_t *unPackSize;
138 unsigned char digest_defined;
139 uint32_t digest;
140 uint64_t numUnpackStreams;
141 uint32_t packIndex;
142 /* Unoperated bytes. */
143 uint64_t skipped_bytes;
144 };
145
146 struct _7z_coders_info {
147 uint64_t numFolders;
148 struct _7z_folder *folders;
149 uint64_t dataStreamIndex;
150 };
151
152 struct _7z_pack_info {
153 uint64_t pos;
154 uint64_t numPackStreams;
155 uint64_t *sizes;
156 struct _7z_digests digest;
157 /* Calculated from pos and numPackStreams. */
158 uint64_t *positions;
159 };
160
161 struct _7z_substream_info {
162 size_t unpack_streams;
163 uint64_t *unpackSizes;
164 unsigned char *digestsDefined;
165 uint32_t *digests;
166 };
167
168 struct _7z_stream_info {
169 struct _7z_pack_info pi;
170 struct _7z_coders_info ci;
171 struct _7z_substream_info ss;
172 };
173
174 struct _7z_header_info {
175 uint64_t dataIndex;
176
177 unsigned char *emptyStreamBools;
178 unsigned char *emptyFileBools;
179 unsigned char *antiBools;
180 unsigned char *attrBools;
181 };
182
183 struct _7zip_entry {
184 size_t name_len;
185 unsigned char *utf16name;
186 #if defined(_WIN32) && !defined(__CYGWIN__) && defined(_DEBUG)
187 const wchar_t *wname;
188 #endif
189 uint32_t folderIndex;
190 uint32_t ssIndex;
191 unsigned flg;
192 #define MTIME_IS_SET (1<<0)
193 #define ATIME_IS_SET (1<<1)
194 #define CTIME_IS_SET (1<<2)
195 #define CRC32_IS_SET (1<<3)
196 #define HAS_STREAM (1<<4)
197
198 time_t mtime;
199 time_t atime;
200 time_t ctime;
201 long mtime_ns;
202 long atime_ns;
203 long ctime_ns;
204 uint32_t mode;
205 uint32_t attr;
206 };
207
208 struct _7zip {
209 /* Structural information about the archive. */
210 struct _7z_stream_info si;
211
212 int header_is_being_read;
213 int header_is_encoded;
214 uint64_t header_bytes_remaining;
215 unsigned long header_crc32;
216 /* Header offset to check that reading points of the file contents
217 * will not exceed the header. */
218 uint64_t header_offset;
219 /* Base offset of the archive file for a seek in case reading SFX. */
220 uint64_t seek_base;
221
222 /* List of entries */
223 size_t entries_remaining;
224 uint64_t numFiles;
225 struct _7zip_entry *entries;
226 struct _7zip_entry *entry;
227 unsigned char *entry_names;
228
229 /* entry_bytes_remaining is the number of bytes we expect. */
230 int64_t entry_offset;
231 uint64_t entry_bytes_remaining;
232
233 /* Running CRC32 of the decompressed data */
234 unsigned long entry_crc32;
235
236 /* Flags to mark progress of decompression. */
237 char end_of_entry;
238
239 /* Uncompressed buffer control. */
240 #define UBUFF_SIZE (64 * 1024)
241 unsigned char *uncompressed_buffer;
242 unsigned char *uncompressed_buffer_pointer;
243 size_t uncompressed_buffer_size;
244 size_t uncompressed_buffer_bytes_remaining;
245
246 /* Offset of the compressed data. */
247 int64_t stream_offset;
248
249 /*
250 * Decompressing control data.
251 */
252 unsigned folder_index;
253 uint64_t folder_outbytes_remaining;
254 unsigned pack_stream_index;
255 unsigned pack_stream_remaining;
256 uint64_t pack_stream_inbytes_remaining;
257 size_t pack_stream_bytes_unconsumed;
258
259 /* The codec information of a folder. */
260 unsigned long codec;
261 unsigned long codec2;
262
263 /*
264 * Decompressor controllers.
265 */
266 /* Decoding LZMA1 and LZMA2 data. */
267 #ifdef HAVE_LZMA_H
268 lzma_stream lzstream;
269 int lzstream_valid;
270 #endif
271 /* Decoding bzip2 data. */
272 #if defined(HAVE_BZLIB_H) && defined(BZ_CONFIG_ERROR)
273 bz_stream bzstream;
274 int bzstream_valid;
275 #endif
276 /* Decoding deflate data. */
277 #ifdef HAVE_ZLIB_H
278 z_stream stream;
279 int stream_valid;
280 #endif
281 /* Decoding PPMd data. */
282 int ppmd7_stat;
283 CPpmd7 ppmd7_context;
284 CPpmd7z_RangeDec range_dec;
285 IByteIn bytein;
286 struct {
287 const unsigned char *next_in;
288 int64_t avail_in;
289 int64_t total_in;
290 unsigned char *next_out;
291 int64_t avail_out;
292 int64_t total_out;
293 int overconsumed;
294 } ppstream;
295 int ppmd7_valid;
296
297 /* Decoding BCJ and BCJ2 data. */
298 uint32_t bcj_state;
299 size_t odd_bcj_size;
300 unsigned char odd_bcj[4];
301 /* Decoding BCJ data. */
302 size_t bcj_prevPosT;
303 uint32_t bcj_prevMask;
304 uint32_t bcj_ip;
305
306 /* Decoding BCJ2 data. */
307 size_t main_stream_bytes_remaining;
308 unsigned char *sub_stream_buff[3];
309 size_t sub_stream_size[3];
310 size_t sub_stream_bytes_remaining[3];
311 unsigned char *tmp_stream_buff;
312 size_t tmp_stream_buff_size;
313 size_t tmp_stream_bytes_avail;
314 size_t tmp_stream_bytes_remaining;
315 #ifdef _LZMA_PROB32
316 #define CProb uint32_t
317 #else
318 #define CProb uint16_t
319 #endif
320 CProb bcj2_p[256 + 2];
321 uint8_t bcj2_prevByte;
322 uint32_t bcj2_range;
323 uint32_t bcj2_code;
324 uint64_t bcj2_outPos;
325
326 /* Filename character-set conversion data. */
327 struct archive_string_conv *sconv;
328
329 char format_name[64];
330
331 /* Custom value that is non-zero if this archive contains encrypted entries. */
332 int has_encrypted_entries;
333 };
334
335 /* Maximum entry size. This limitation prevents reading intentional
336 * corrupted 7-zip files on assuming there are not so many entries in
337 * the files. */
338 #define UMAX_ENTRY ARCHIVE_LITERAL_ULL(100000000)
339
340 static int archive_read_format_7zip_has_encrypted_entries(struct archive_read *);
341 static int archive_read_support_format_7zip_capabilities(struct archive_read *a);
342 static int archive_read_format_7zip_bid(struct archive_read *, int);
343 static int archive_read_format_7zip_cleanup(struct archive_read *);
344 static int archive_read_format_7zip_read_data(struct archive_read *,
345 const void **, size_t *, int64_t *);
346 static int archive_read_format_7zip_read_data_skip(struct archive_read *);
347 static int archive_read_format_7zip_read_header(struct archive_read *,
348 struct archive_entry *);
349 static int check_7zip_header_in_sfx(const char *);
350 static unsigned long decode_codec_id(const unsigned char *, size_t);
351 static int decode_encoded_header_info(struct archive_read *,
352 struct _7z_stream_info *);
353 static int decompress(struct archive_read *, struct _7zip *,
354 void *, size_t *, const void *, size_t *);
355 static ssize_t extract_pack_stream(struct archive_read *, size_t);
356 static void fileTimeToUtc(uint64_t, time_t *, long *);
357 static uint64_t folder_uncompressed_size(struct _7z_folder *);
358 static void free_CodersInfo(struct _7z_coders_info *);
359 static void free_Digest(struct _7z_digests *);
360 static void free_Folder(struct _7z_folder *);
361 static void free_Header(struct _7z_header_info *);
362 static void free_PackInfo(struct _7z_pack_info *);
363 static void free_StreamsInfo(struct _7z_stream_info *);
364 static void free_SubStreamsInfo(struct _7z_substream_info *);
365 static int free_decompression(struct archive_read *, struct _7zip *);
366 static ssize_t get_uncompressed_data(struct archive_read *, const void **,
367 size_t, size_t);
368 static const unsigned char * header_bytes(struct archive_read *, size_t);
369 static int init_decompression(struct archive_read *, struct _7zip *,
370 const struct _7z_coder *, const struct _7z_coder *);
371 static int parse_7zip_uint64(struct archive_read *, uint64_t *);
372 static int read_Bools(struct archive_read *, unsigned char *, size_t);
373 static int read_CodersInfo(struct archive_read *,
374 struct _7z_coders_info *);
375 static int read_Digests(struct archive_read *, struct _7z_digests *,
376 size_t);
377 static int read_Folder(struct archive_read *, struct _7z_folder *);
378 static int read_Header(struct archive_read *, struct _7z_header_info *,
379 int);
380 static int read_PackInfo(struct archive_read *, struct _7z_pack_info *);
381 static int read_StreamsInfo(struct archive_read *,
382 struct _7z_stream_info *);
383 static int read_SubStreamsInfo(struct archive_read *,
384 struct _7z_substream_info *, struct _7z_folder *, size_t);
385 static int read_Times(struct archive_read *, struct _7z_header_info *,
386 int);
387 static void read_consume(struct archive_read *);
388 static ssize_t read_stream(struct archive_read *, const void **, size_t,
389 size_t);
390 static int seek_pack(struct archive_read *);
391 static int64_t skip_stream(struct archive_read *, size_t);
392 static int skip_sfx(struct archive_read *, ssize_t);
393 static int slurp_central_directory(struct archive_read *, struct _7zip *,
394 struct _7z_header_info *);
395 static int setup_decode_folder(struct archive_read *, struct _7z_folder *,
396 int);
397 static void x86_Init(struct _7zip *);
398 static size_t x86_Convert(struct _7zip *, uint8_t *, size_t);
399 static ssize_t Bcj2_Decode(struct _7zip *, uint8_t *, size_t);
400
401
402 int
archive_read_support_format_7zip(struct archive * _a)403 archive_read_support_format_7zip(struct archive *_a)
404 {
405 struct archive_read *a = (struct archive_read *)_a;
406 struct _7zip *zip;
407 int r;
408
409 archive_check_magic(_a, ARCHIVE_READ_MAGIC,
410 ARCHIVE_STATE_NEW, "archive_read_support_format_7zip");
411
412 zip = calloc(1, sizeof(*zip));
413 if (zip == NULL) {
414 archive_set_error(&a->archive, ENOMEM,
415 "Can't allocate 7zip data");
416 return (ARCHIVE_FATAL);
417 }
418
419 /*
420 * Until enough data has been read, we cannot tell about
421 * any encrypted entries yet.
422 */
423 zip->has_encrypted_entries = ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW;
424
425
426 r = __archive_read_register_format(a,
427 zip,
428 "7zip",
429 archive_read_format_7zip_bid,
430 NULL,
431 archive_read_format_7zip_read_header,
432 archive_read_format_7zip_read_data,
433 archive_read_format_7zip_read_data_skip,
434 NULL,
435 archive_read_format_7zip_cleanup,
436 archive_read_support_format_7zip_capabilities,
437 archive_read_format_7zip_has_encrypted_entries);
438
439 if (r != ARCHIVE_OK)
440 free(zip);
441 return (ARCHIVE_OK);
442 }
443
444 static int
archive_read_support_format_7zip_capabilities(struct archive_read * a)445 archive_read_support_format_7zip_capabilities(struct archive_read * a)
446 {
447 (void)a; /* UNUSED */
448 return (ARCHIVE_READ_FORMAT_CAPS_ENCRYPT_DATA |
449 ARCHIVE_READ_FORMAT_CAPS_ENCRYPT_METADATA);
450 }
451
452
453 static int
archive_read_format_7zip_has_encrypted_entries(struct archive_read * _a)454 archive_read_format_7zip_has_encrypted_entries(struct archive_read *_a)
455 {
456 if (_a && _a->format) {
457 struct _7zip * zip = (struct _7zip *)_a->format->data;
458 if (zip) {
459 return zip->has_encrypted_entries;
460 }
461 }
462 return ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW;
463 }
464
465 static int
archive_read_format_7zip_bid(struct archive_read * a,int best_bid)466 archive_read_format_7zip_bid(struct archive_read *a, int best_bid)
467 {
468 const char *p;
469
470 /* If someone has already bid more than 32, then avoid
471 trashing the look-ahead buffers with a seek. */
472 if (best_bid > 32)
473 return (-1);
474
475 if ((p = __archive_read_ahead(a, 6, NULL)) == NULL)
476 return (0);
477
478 /* If first six bytes are the 7-Zip signature,
479 * return the bid right now. */
480 if (memcmp(p, _7ZIP_SIGNATURE, 6) == 0)
481 return (48);
482
483 /*
484 * It may a 7-Zip SFX archive file. If first two bytes are
485 * 'M' and 'Z' available on Windows or first four bytes are
486 * "\x7F\x45LF" available on posix like system, seek the 7-Zip
487 * signature. Although we will perform a seek when reading
488 * a header, what we do not use __archive_read_seek() here is
489 * due to a bidding performance.
490 */
491 if ((p[0] == 'M' && p[1] == 'Z') || memcmp(p, "\x7F\x45LF", 4) == 0) {
492 ssize_t offset = SFX_MIN_ADDR;
493 ssize_t window = 4096;
494 ssize_t bytes_avail;
495 while (offset + window <= (SFX_MAX_ADDR)) {
496 const char *buff = __archive_read_ahead(a,
497 offset + window, &bytes_avail);
498 if (buff == NULL) {
499 /* Remaining bytes are less than window. */
500 window >>= 1;
501 if (window < 0x40)
502 return (0);
503 continue;
504 }
505 p = buff + offset;
506 while (p + 32 < buff + bytes_avail) {
507 int step = check_7zip_header_in_sfx(p);
508 if (step == 0)
509 return (48);
510 p += step;
511 }
512 offset = p - buff;
513 }
514 }
515 return (0);
516 }
517
518 static int
check_7zip_header_in_sfx(const char * p)519 check_7zip_header_in_sfx(const char *p)
520 {
521 switch ((unsigned char)p[5]) {
522 case 0x1C:
523 if (memcmp(p, _7ZIP_SIGNATURE, 6) != 0)
524 return (6);
525 /*
526 * Test the CRC because its extraction code has 7-Zip
527 * Magic Code, so we should do this in order not to
528 * make a mis-detection.
529 */
530 if (crc32(0, (const unsigned char *)p + 12, 20)
531 != archive_le32dec(p + 8))
532 return (6);
533 /* Hit the header! */
534 return (0);
535 case 0x37: return (5);
536 case 0x7A: return (4);
537 case 0xBC: return (3);
538 case 0xAF: return (2);
539 case 0x27: return (1);
540 default: return (6);
541 }
542 }
543
544 static int
skip_sfx(struct archive_read * a,ssize_t bytes_avail)545 skip_sfx(struct archive_read *a, ssize_t bytes_avail)
546 {
547 const void *h;
548 const char *p, *q;
549 size_t skip, offset;
550 ssize_t bytes, window;
551
552 /*
553 * If bytes_avail > SFX_MIN_ADDR we do not have to call
554 * __archive_read_seek() at this time since we have
555 * already had enough data.
556 */
557 if (bytes_avail > SFX_MIN_ADDR)
558 __archive_read_consume(a, SFX_MIN_ADDR);
559 else if (__archive_read_seek(a, SFX_MIN_ADDR, SEEK_SET) < 0)
560 return (ARCHIVE_FATAL);
561
562 offset = 0;
563 window = 1;
564 while (offset + window <= SFX_MAX_ADDR - SFX_MIN_ADDR) {
565 h = __archive_read_ahead(a, window, &bytes);
566 if (h == NULL) {
567 /* Remaining bytes are less than window. */
568 window >>= 1;
569 if (window < 0x40)
570 goto fatal;
571 continue;
572 }
573 if (bytes < 6) {
574 /* This case might happen when window == 1. */
575 window = 4096;
576 continue;
577 }
578 p = (const char *)h;
579 q = p + bytes;
580
581 /*
582 * Scan ahead until we find something that looks
583 * like the 7-Zip header.
584 */
585 while (p + 32 < q) {
586 int step = check_7zip_header_in_sfx(p);
587 if (step == 0) {
588 struct _7zip *zip =
589 (struct _7zip *)a->format->data;
590 skip = p - (const char *)h;
591 __archive_read_consume(a, skip);
592 zip->seek_base = SFX_MIN_ADDR + offset + skip;
593 return (ARCHIVE_OK);
594 }
595 p += step;
596 }
597 skip = p - (const char *)h;
598 __archive_read_consume(a, skip);
599 offset += skip;
600 if (window == 1)
601 window = 4096;
602 }
603 fatal:
604 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
605 "Couldn't find out 7-Zip header");
606 return (ARCHIVE_FATAL);
607 }
608
609 static int
archive_read_format_7zip_read_header(struct archive_read * a,struct archive_entry * entry)610 archive_read_format_7zip_read_header(struct archive_read *a,
611 struct archive_entry *entry)
612 {
613 struct _7zip *zip = (struct _7zip *)a->format->data;
614 struct _7zip_entry *zip_entry;
615 int r, ret = ARCHIVE_OK;
616 struct _7z_folder *folder = 0;
617 uint64_t fidx = 0;
618
619 /*
620 * It should be sufficient to call archive_read_next_header() for
621 * a reader to determine if an entry is encrypted or not. If the
622 * encryption of an entry is only detectable when calling
623 * archive_read_data(), so be it. We'll do the same check there
624 * as well.
625 */
626 if (zip->has_encrypted_entries == ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW) {
627 zip->has_encrypted_entries = 0;
628 }
629
630 a->archive.archive_format = ARCHIVE_FORMAT_7ZIP;
631 if (a->archive.archive_format_name == NULL)
632 a->archive.archive_format_name = "7-Zip";
633
634 if (zip->entries == NULL) {
635 struct _7z_header_info header;
636
637 memset(&header, 0, sizeof(header));
638 r = slurp_central_directory(a, zip, &header);
639 free_Header(&header);
640 if (r != ARCHIVE_OK)
641 return (r);
642 zip->entries_remaining = (size_t)zip->numFiles;
643 zip->entry = zip->entries;
644 } else {
645 ++zip->entry;
646 }
647 zip_entry = zip->entry;
648
649 if (zip->entries_remaining <= 0 || zip_entry == NULL)
650 return ARCHIVE_EOF;
651 --zip->entries_remaining;
652
653 zip->entry_offset = 0;
654 zip->end_of_entry = 0;
655 zip->entry_crc32 = crc32(0, NULL, 0);
656
657 /* Setup a string conversion for a filename. */
658 if (zip->sconv == NULL) {
659 zip->sconv = archive_string_conversion_from_charset(
660 &a->archive, "UTF-16LE", 1);
661 if (zip->sconv == NULL)
662 return (ARCHIVE_FATAL);
663 }
664
665 /* Figure out if the entry is encrypted by looking at the folder
666 that is associated to the current 7zip entry. If the folder
667 has a coder with a _7Z_CRYPTO codec then the folder is encrypted.
668 Hence the entry must also be encrypted. */
669 if (zip_entry && zip_entry->folderIndex < zip->si.ci.numFolders) {
670 folder = &(zip->si.ci.folders[zip_entry->folderIndex]);
671 for (fidx=0; folder && fidx<folder->numCoders; fidx++) {
672 switch(folder->coders[fidx].codec) {
673 case _7Z_CRYPTO_MAIN_ZIP:
674 case _7Z_CRYPTO_RAR_29:
675 case _7Z_CRYPTO_AES_256_SHA_256: {
676 archive_entry_set_is_data_encrypted(entry, 1);
677 zip->has_encrypted_entries = 1;
678 break;
679 }
680 }
681 }
682 }
683
684 /* Now that we've checked for encryption, if there were still no
685 * encrypted entries found we can say for sure that there are none.
686 */
687 if (zip->has_encrypted_entries == ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW) {
688 zip->has_encrypted_entries = 0;
689 }
690
691 if (archive_entry_copy_pathname_l(entry,
692 (const char *)zip_entry->utf16name,
693 zip_entry->name_len, zip->sconv) != 0) {
694 if (errno == ENOMEM) {
695 archive_set_error(&a->archive, ENOMEM,
696 "Can't allocate memory for Pathname");
697 return (ARCHIVE_FATAL);
698 }
699 archive_set_error(&a->archive,
700 ARCHIVE_ERRNO_FILE_FORMAT,
701 "Pathname cannot be converted "
702 "from %s to current locale.",
703 archive_string_conversion_charset_name(zip->sconv));
704 ret = ARCHIVE_WARN;
705 }
706
707 /* Populate some additional entry fields: */
708 archive_entry_set_mode(entry, zip_entry->mode);
709 if (zip_entry->flg & MTIME_IS_SET)
710 archive_entry_set_mtime(entry, zip_entry->mtime,
711 zip_entry->mtime_ns);
712 if (zip_entry->flg & CTIME_IS_SET)
713 archive_entry_set_ctime(entry, zip_entry->ctime,
714 zip_entry->ctime_ns);
715 if (zip_entry->flg & ATIME_IS_SET)
716 archive_entry_set_atime(entry, zip_entry->atime,
717 zip_entry->atime_ns);
718 if (zip_entry->ssIndex != (uint32_t)-1) {
719 zip->entry_bytes_remaining =
720 zip->si.ss.unpackSizes[zip_entry->ssIndex];
721 archive_entry_set_size(entry, zip->entry_bytes_remaining);
722 } else {
723 zip->entry_bytes_remaining = 0;
724 archive_entry_set_size(entry, 0);
725 }
726
727 /* If there's no body, force read_data() to return EOF immediately. */
728 if (zip->entry_bytes_remaining < 1)
729 zip->end_of_entry = 1;
730
731 if ((zip_entry->mode & AE_IFMT) == AE_IFLNK) {
732 unsigned char *symname = NULL;
733 size_t symsize = 0;
734
735 /*
736 * Symbolic-name is recorded as its contents. We have to
737 * read the contents at this time.
738 */
739 while (zip->entry_bytes_remaining > 0) {
740 const void *buff;
741 unsigned char *mem;
742 size_t size;
743 int64_t offset;
744
745 r = archive_read_format_7zip_read_data(a, &buff,
746 &size, &offset);
747 if (r < ARCHIVE_WARN) {
748 free(symname);
749 return (r);
750 }
751 mem = realloc(symname, symsize + size + 1);
752 if (mem == NULL) {
753 free(symname);
754 archive_set_error(&a->archive, ENOMEM,
755 "Can't allocate memory for Symname");
756 return (ARCHIVE_FATAL);
757 }
758 symname = mem;
759 memcpy(symname+symsize, buff, size);
760 symsize += size;
761 }
762 if (symsize == 0) {
763 /* If there is no symname, handle it as a regular
764 * file. */
765 zip_entry->mode &= ~AE_IFMT;
766 zip_entry->mode |= AE_IFREG;
767 archive_entry_set_mode(entry, zip_entry->mode);
768 } else {
769 symname[symsize] = '\0';
770 archive_entry_copy_symlink(entry,
771 (const char *)symname);
772 }
773 free(symname);
774 archive_entry_set_size(entry, 0);
775 }
776
777 /* Set up a more descriptive format name. */
778 sprintf(zip->format_name, "7-Zip");
779 a->archive.archive_format_name = zip->format_name;
780
781 return (ret);
782 }
783
784 static int
archive_read_format_7zip_read_data(struct archive_read * a,const void ** buff,size_t * size,int64_t * offset)785 archive_read_format_7zip_read_data(struct archive_read *a,
786 const void **buff, size_t *size, int64_t *offset)
787 {
788 struct _7zip *zip;
789 ssize_t bytes;
790 int ret = ARCHIVE_OK;
791
792 zip = (struct _7zip *)(a->format->data);
793
794 if (zip->has_encrypted_entries == ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW) {
795 zip->has_encrypted_entries = 0;
796 }
797
798 if (zip->pack_stream_bytes_unconsumed)
799 read_consume(a);
800
801 *offset = zip->entry_offset;
802 *size = 0;
803 *buff = NULL;
804 /*
805 * If we hit end-of-entry last time, clean up and return
806 * ARCHIVE_EOF this time.
807 */
808 if (zip->end_of_entry)
809 return (ARCHIVE_EOF);
810
811 bytes = read_stream(a, buff,
812 (size_t)zip->entry_bytes_remaining, 0);
813 if (bytes < 0)
814 return ((int)bytes);
815 if (bytes == 0) {
816 archive_set_error(&a->archive,
817 ARCHIVE_ERRNO_FILE_FORMAT,
818 "Truncated 7-Zip file body");
819 return (ARCHIVE_FATAL);
820 }
821 zip->entry_bytes_remaining -= bytes;
822 if (zip->entry_bytes_remaining == 0)
823 zip->end_of_entry = 1;
824
825 /* Update checksum */
826 if ((zip->entry->flg & CRC32_IS_SET) && bytes)
827 zip->entry_crc32 = crc32(zip->entry_crc32, *buff,
828 (unsigned)bytes);
829
830 /* If we hit the end, swallow any end-of-data marker. */
831 if (zip->end_of_entry) {
832 /* Check computed CRC against file contents. */
833 if ((zip->entry->flg & CRC32_IS_SET) &&
834 zip->si.ss.digests[zip->entry->ssIndex] !=
835 zip->entry_crc32) {
836 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
837 "7-Zip bad CRC: 0x%lx should be 0x%lx",
838 (unsigned long)zip->entry_crc32,
839 (unsigned long)zip->si.ss.digests[
840 zip->entry->ssIndex]);
841 ret = ARCHIVE_WARN;
842 }
843 }
844
845 *size = bytes;
846 *offset = zip->entry_offset;
847 zip->entry_offset += bytes;
848
849 return (ret);
850 }
851
852 static int
archive_read_format_7zip_read_data_skip(struct archive_read * a)853 archive_read_format_7zip_read_data_skip(struct archive_read *a)
854 {
855 struct _7zip *zip;
856 int64_t bytes_skipped;
857
858 zip = (struct _7zip *)(a->format->data);
859
860 if (zip->pack_stream_bytes_unconsumed)
861 read_consume(a);
862
863 /* If we've already read to end of data, we're done. */
864 if (zip->end_of_entry)
865 return (ARCHIVE_OK);
866
867 /*
868 * If the length is at the beginning, we can skip the
869 * compressed data much more quickly.
870 */
871 bytes_skipped = skip_stream(a, (size_t)zip->entry_bytes_remaining);
872 if (bytes_skipped < 0)
873 return (ARCHIVE_FATAL);
874 zip->entry_bytes_remaining = 0;
875
876 /* This entry is finished and done. */
877 zip->end_of_entry = 1;
878 return (ARCHIVE_OK);
879 }
880
881 static int
archive_read_format_7zip_cleanup(struct archive_read * a)882 archive_read_format_7zip_cleanup(struct archive_read *a)
883 {
884 struct _7zip *zip;
885
886 zip = (struct _7zip *)(a->format->data);
887 free_StreamsInfo(&(zip->si));
888 free(zip->entries);
889 free(zip->entry_names);
890 free_decompression(a, zip);
891 free(zip->uncompressed_buffer);
892 free(zip->sub_stream_buff[0]);
893 free(zip->sub_stream_buff[1]);
894 free(zip->sub_stream_buff[2]);
895 free(zip->tmp_stream_buff);
896 free(zip);
897 (a->format->data) = NULL;
898 return (ARCHIVE_OK);
899 }
900
901 static void
read_consume(struct archive_read * a)902 read_consume(struct archive_read *a)
903 {
904 struct _7zip *zip = (struct _7zip *)a->format->data;
905
906 if (zip->pack_stream_bytes_unconsumed) {
907 __archive_read_consume(a, zip->pack_stream_bytes_unconsumed);
908 zip->stream_offset += zip->pack_stream_bytes_unconsumed;
909 zip->pack_stream_bytes_unconsumed = 0;
910 }
911 }
912
913 #ifdef HAVE_LZMA_H
914
915 /*
916 * Set an error code and choose an error message for liblzma.
917 */
918 static void
set_error(struct archive_read * a,int ret)919 set_error(struct archive_read *a, int ret)
920 {
921
922 switch (ret) {
923 case LZMA_STREAM_END: /* Found end of stream. */
924 case LZMA_OK: /* Decompressor made some progress. */
925 break;
926 case LZMA_MEM_ERROR:
927 archive_set_error(&a->archive, ENOMEM,
928 "Lzma library error: Cannot allocate memory");
929 break;
930 case LZMA_MEMLIMIT_ERROR:
931 archive_set_error(&a->archive, ENOMEM,
932 "Lzma library error: Out of memory");
933 break;
934 case LZMA_FORMAT_ERROR:
935 archive_set_error(&a->archive,
936 ARCHIVE_ERRNO_MISC,
937 "Lzma library error: format not recognized");
938 break;
939 case LZMA_OPTIONS_ERROR:
940 archive_set_error(&a->archive,
941 ARCHIVE_ERRNO_MISC,
942 "Lzma library error: Invalid options");
943 break;
944 case LZMA_DATA_ERROR:
945 archive_set_error(&a->archive,
946 ARCHIVE_ERRNO_MISC,
947 "Lzma library error: Corrupted input data");
948 break;
949 case LZMA_BUF_ERROR:
950 archive_set_error(&a->archive,
951 ARCHIVE_ERRNO_MISC,
952 "Lzma library error: No progress is possible");
953 break;
954 default:
955 /* Return an error. */
956 archive_set_error(&a->archive,
957 ARCHIVE_ERRNO_MISC,
958 "Lzma decompression failed: Unknown error");
959 break;
960 }
961 }
962
963 #endif
964
965 static unsigned long
decode_codec_id(const unsigned char * codecId,size_t id_size)966 decode_codec_id(const unsigned char *codecId, size_t id_size)
967 {
968 unsigned i;
969 unsigned long id = 0;
970
971 for (i = 0; i < id_size; i++) {
972 id <<= 8;
973 id += codecId[i];
974 }
975 return (id);
976 }
977
978 static Byte
ppmd_read(void * p)979 ppmd_read(void *p)
980 {
981 struct archive_read *a = ((IByteIn*)p)->a;
982 struct _7zip *zip = (struct _7zip *)(a->format->data);
983 Byte b;
984
985 if (zip->ppstream.avail_in == 0) {
986 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
987 "Truncated RAR file data");
988 zip->ppstream.overconsumed = 1;
989 return (0);
990 }
991 b = *zip->ppstream.next_in++;
992 zip->ppstream.avail_in--;
993 zip->ppstream.total_in++;
994 return (b);
995 }
996
997 static int
init_decompression(struct archive_read * a,struct _7zip * zip,const struct _7z_coder * coder1,const struct _7z_coder * coder2)998 init_decompression(struct archive_read *a, struct _7zip *zip,
999 const struct _7z_coder *coder1, const struct _7z_coder *coder2)
1000 {
1001 int r;
1002
1003 zip->codec = coder1->codec;
1004 zip->codec2 = -1;
1005
1006 switch (zip->codec) {
1007 case _7Z_COPY:
1008 case _7Z_BZ2:
1009 case _7Z_DEFLATE:
1010 case _7Z_PPMD:
1011 if (coder2 != NULL) {
1012 if (coder2->codec != _7Z_X86 &&
1013 coder2->codec != _7Z_X86_BCJ2) {
1014 archive_set_error(&a->archive,
1015 ARCHIVE_ERRNO_MISC,
1016 "Unsupported filter %lx for %lx",
1017 coder2->codec, coder1->codec);
1018 return (ARCHIVE_FAILED);
1019 }
1020 zip->codec2 = coder2->codec;
1021 zip->bcj_state = 0;
1022 if (coder2->codec == _7Z_X86)
1023 x86_Init(zip);
1024 }
1025 break;
1026 default:
1027 break;
1028 }
1029
1030 switch (zip->codec) {
1031 case _7Z_COPY:
1032 break;
1033
1034 case _7Z_LZMA: case _7Z_LZMA2:
1035 #ifdef HAVE_LZMA_H
1036 #if LZMA_VERSION_MAJOR >= 5
1037 /* Effectively disable the limiter. */
1038 #define LZMA_MEMLIMIT UINT64_MAX
1039 #else
1040 /* NOTE: This needs to check memory size which running system has. */
1041 #define LZMA_MEMLIMIT (1U << 30)
1042 #endif
1043 {
1044 lzma_options_delta delta_opt;
1045 lzma_filter filters[LZMA_FILTERS_MAX], *ff;
1046 int fi = 0;
1047
1048 if (zip->lzstream_valid) {
1049 lzma_end(&(zip->lzstream));
1050 zip->lzstream_valid = 0;
1051 }
1052
1053 /*
1054 * NOTE: liblzma incompletely handle the BCJ+LZMA compressed
1055 * data made by 7-Zip because 7-Zip does not add End-Of-
1056 * Payload Marker(EOPM) at the end of LZMA compressed data,
1057 * and so liblzma cannot know the end of the compressed data
1058 * without EOPM. So consequently liblzma will not return last
1059 * three or four bytes of uncompressed data because
1060 * LZMA_FILTER_X86 filter does not handle input data if its
1061 * data size is less than five bytes. If liblzma detect EOPM
1062 * or know the uncompressed data size, liblzma will flush out
1063 * the remaining that three or four bytes of uncompressed
1064 * data. That is why we have to use our converting program
1065 * for BCJ+LZMA. If we were able to tell the uncompressed
1066 * size to liblzma when using lzma_raw_decoder() liblzma
1067 * could correctly deal with BCJ+LZMA. But unfortunately
1068 * there is no way to do that.
1069 * Discussion about this can be found at XZ Utils forum.
1070 */
1071 if (coder2 != NULL) {
1072 zip->codec2 = coder2->codec;
1073
1074 filters[fi].options = NULL;
1075 switch (zip->codec2) {
1076 case _7Z_X86:
1077 if (zip->codec == _7Z_LZMA2) {
1078 filters[fi].id = LZMA_FILTER_X86;
1079 fi++;
1080 } else
1081 /* Use our filter. */
1082 x86_Init(zip);
1083 break;
1084 case _7Z_X86_BCJ2:
1085 /* Use our filter. */
1086 zip->bcj_state = 0;
1087 break;
1088 case _7Z_DELTA:
1089 if (coder2->propertiesSize != 1) {
1090 archive_set_error(&a->archive,
1091 ARCHIVE_ERRNO_MISC,
1092 "Invalid Delta parameter");
1093 return (ARCHIVE_FAILED);
1094 }
1095 filters[fi].id = LZMA_FILTER_DELTA;
1096 memset(&delta_opt, 0, sizeof(delta_opt));
1097 delta_opt.type = LZMA_DELTA_TYPE_BYTE;
1098 delta_opt.dist =
1099 (uint32_t)coder2->properties[0] + 1;
1100 filters[fi].options = &delta_opt;
1101 fi++;
1102 break;
1103 /* Following filters have not been tested yet. */
1104 case _7Z_POWERPC:
1105 filters[fi].id = LZMA_FILTER_POWERPC;
1106 fi++;
1107 break;
1108 case _7Z_IA64:
1109 filters[fi].id = LZMA_FILTER_IA64;
1110 fi++;
1111 break;
1112 case _7Z_ARM:
1113 filters[fi].id = LZMA_FILTER_ARM;
1114 fi++;
1115 break;
1116 case _7Z_ARMTHUMB:
1117 filters[fi].id = LZMA_FILTER_ARMTHUMB;
1118 fi++;
1119 break;
1120 case _7Z_SPARC:
1121 filters[fi].id = LZMA_FILTER_SPARC;
1122 fi++;
1123 break;
1124 default:
1125 archive_set_error(&a->archive,
1126 ARCHIVE_ERRNO_MISC,
1127 "Unexpected codec ID: %lX", zip->codec2);
1128 return (ARCHIVE_FAILED);
1129 }
1130 }
1131
1132 if (zip->codec == _7Z_LZMA2)
1133 filters[fi].id = LZMA_FILTER_LZMA2;
1134 else
1135 filters[fi].id = LZMA_FILTER_LZMA1;
1136 filters[fi].options = NULL;
1137 ff = &filters[fi];
1138 r = lzma_properties_decode(&filters[fi], NULL,
1139 coder1->properties, (size_t)coder1->propertiesSize);
1140 if (r != LZMA_OK) {
1141 set_error(a, r);
1142 return (ARCHIVE_FAILED);
1143 }
1144 fi++;
1145
1146 filters[fi].id = LZMA_VLI_UNKNOWN;
1147 filters[fi].options = NULL;
1148 r = lzma_raw_decoder(&(zip->lzstream), filters);
1149 free(ff->options);
1150 if (r != LZMA_OK) {
1151 set_error(a, r);
1152 return (ARCHIVE_FAILED);
1153 }
1154 zip->lzstream_valid = 1;
1155 zip->lzstream.total_in = 0;
1156 zip->lzstream.total_out = 0;
1157 break;
1158 }
1159 #else
1160 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1161 "LZMA codec is unsupported");
1162 return (ARCHIVE_FAILED);
1163 #endif
1164 case _7Z_BZ2:
1165 #if defined(HAVE_BZLIB_H) && defined(BZ_CONFIG_ERROR)
1166 if (zip->bzstream_valid) {
1167 BZ2_bzDecompressEnd(&(zip->bzstream));
1168 zip->bzstream_valid = 0;
1169 }
1170 r = BZ2_bzDecompressInit(&(zip->bzstream), 0, 0);
1171 if (r == BZ_MEM_ERROR)
1172 r = BZ2_bzDecompressInit(&(zip->bzstream), 0, 1);
1173 if (r != BZ_OK) {
1174 int err = ARCHIVE_ERRNO_MISC;
1175 const char *detail = NULL;
1176 switch (r) {
1177 case BZ_PARAM_ERROR:
1178 detail = "invalid setup parameter";
1179 break;
1180 case BZ_MEM_ERROR:
1181 err = ENOMEM;
1182 detail = "out of memory";
1183 break;
1184 case BZ_CONFIG_ERROR:
1185 detail = "mis-compiled library";
1186 break;
1187 }
1188 archive_set_error(&a->archive, err,
1189 "Internal error initializing decompressor: %s",
1190 detail != NULL ? detail : "??");
1191 zip->bzstream_valid = 0;
1192 return (ARCHIVE_FAILED);
1193 }
1194 zip->bzstream_valid = 1;
1195 zip->bzstream.total_in_lo32 = 0;
1196 zip->bzstream.total_in_hi32 = 0;
1197 zip->bzstream.total_out_lo32 = 0;
1198 zip->bzstream.total_out_hi32 = 0;
1199 break;
1200 #else
1201 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1202 "BZ2 codec is unsupported");
1203 return (ARCHIVE_FAILED);
1204 #endif
1205 case _7Z_DEFLATE:
1206 #ifdef HAVE_ZLIB_H
1207 if (zip->stream_valid)
1208 r = inflateReset(&(zip->stream));
1209 else
1210 r = inflateInit2(&(zip->stream),
1211 -15 /* Don't check for zlib header */);
1212 if (r != Z_OK) {
1213 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1214 "Couldn't initialize zlib stream.");
1215 return (ARCHIVE_FAILED);
1216 }
1217 zip->stream_valid = 1;
1218 zip->stream.total_in = 0;
1219 zip->stream.total_out = 0;
1220 break;
1221 #else
1222 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1223 "DEFLATE codec is unsupported");
1224 return (ARCHIVE_FAILED);
1225 #endif
1226 case _7Z_PPMD:
1227 {
1228 unsigned order;
1229 uint32_t msize;
1230
1231 if (zip->ppmd7_valid) {
1232 __archive_ppmd7_functions.Ppmd7_Free(
1233 &zip->ppmd7_context);
1234 zip->ppmd7_valid = 0;
1235 }
1236
1237 if (coder1->propertiesSize < 5) {
1238 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1239 "Malformed PPMd parameter");
1240 return (ARCHIVE_FAILED);
1241 }
1242 order = coder1->properties[0];
1243 msize = archive_le32dec(&(coder1->properties[1]));
1244 if (order < PPMD7_MIN_ORDER || order > PPMD7_MAX_ORDER ||
1245 msize < PPMD7_MIN_MEM_SIZE || msize > PPMD7_MAX_MEM_SIZE) {
1246 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1247 "Malformed PPMd parameter");
1248 return (ARCHIVE_FAILED);
1249 }
1250 __archive_ppmd7_functions.Ppmd7_Construct(&zip->ppmd7_context);
1251 r = __archive_ppmd7_functions.Ppmd7_Alloc(
1252 &zip->ppmd7_context, msize);
1253 if (r == 0) {
1254 archive_set_error(&a->archive, ENOMEM,
1255 "Coludn't allocate memory for PPMd");
1256 return (ARCHIVE_FATAL);
1257 }
1258 __archive_ppmd7_functions.Ppmd7_Init(
1259 &zip->ppmd7_context, order);
1260 __archive_ppmd7_functions.Ppmd7z_RangeDec_CreateVTable(
1261 &zip->range_dec);
1262 zip->ppmd7_valid = 1;
1263 zip->ppmd7_stat = 0;
1264 zip->ppstream.overconsumed = 0;
1265 zip->ppstream.total_in = 0;
1266 zip->ppstream.total_out = 0;
1267 break;
1268 }
1269 case _7Z_X86:
1270 case _7Z_X86_BCJ2:
1271 case _7Z_POWERPC:
1272 case _7Z_IA64:
1273 case _7Z_ARM:
1274 case _7Z_ARMTHUMB:
1275 case _7Z_SPARC:
1276 case _7Z_DELTA:
1277 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1278 "Unexpected codec ID: %lX", zip->codec);
1279 return (ARCHIVE_FAILED);
1280 case _7Z_CRYPTO_MAIN_ZIP:
1281 case _7Z_CRYPTO_RAR_29:
1282 case _7Z_CRYPTO_AES_256_SHA_256:
1283 if (a->entry) {
1284 archive_entry_set_is_metadata_encrypted(a->entry, 1);
1285 archive_entry_set_is_data_encrypted(a->entry, 1);
1286 zip->has_encrypted_entries = 1;
1287 }
1288 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1289 "Crypto codec not supported yet (ID: 0x%lX)", zip->codec);
1290 return (ARCHIVE_FAILED);
1291 default:
1292 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1293 "Unknown codec ID: %lX", zip->codec);
1294 return (ARCHIVE_FAILED);
1295 }
1296
1297 return (ARCHIVE_OK);
1298 }
1299
1300 static int
decompress(struct archive_read * a,struct _7zip * zip,void * buff,size_t * outbytes,const void * b,size_t * used)1301 decompress(struct archive_read *a, struct _7zip *zip,
1302 void *buff, size_t *outbytes, const void *b, size_t *used)
1303 {
1304 const uint8_t *t_next_in;
1305 uint8_t *t_next_out;
1306 size_t o_avail_in, o_avail_out;
1307 size_t t_avail_in, t_avail_out;
1308 uint8_t *bcj2_next_out;
1309 size_t bcj2_avail_out;
1310 int r, ret = ARCHIVE_OK;
1311
1312 t_avail_in = o_avail_in = *used;
1313 t_avail_out = o_avail_out = *outbytes;
1314 t_next_in = b;
1315 t_next_out = buff;
1316
1317 if (zip->codec != _7Z_LZMA2 && zip->codec2 == _7Z_X86) {
1318 int i;
1319
1320 /* Do not copy out the BCJ remaining bytes when the output
1321 * buffer size is less than five bytes. */
1322 if (o_avail_in != 0 && t_avail_out < 5 && zip->odd_bcj_size) {
1323 *used = 0;
1324 *outbytes = 0;
1325 return (ret);
1326 }
1327 for (i = 0; zip->odd_bcj_size > 0 && t_avail_out; i++) {
1328 *t_next_out++ = zip->odd_bcj[i];
1329 t_avail_out--;
1330 zip->odd_bcj_size--;
1331 }
1332 if (o_avail_in == 0 || t_avail_out == 0) {
1333 *used = o_avail_in - t_avail_in;
1334 *outbytes = o_avail_out - t_avail_out;
1335 if (o_avail_in == 0)
1336 ret = ARCHIVE_EOF;
1337 return (ret);
1338 }
1339 }
1340
1341 bcj2_next_out = t_next_out;
1342 bcj2_avail_out = t_avail_out;
1343 if (zip->codec2 == _7Z_X86_BCJ2) {
1344 /*
1345 * Decord a remaining decompressed main stream for BCJ2.
1346 */
1347 if (zip->tmp_stream_bytes_remaining) {
1348 ssize_t bytes;
1349 size_t remaining = zip->tmp_stream_bytes_remaining;
1350 bytes = Bcj2_Decode(zip, t_next_out, t_avail_out);
1351 if (bytes < 0) {
1352 archive_set_error(&(a->archive),
1353 ARCHIVE_ERRNO_MISC,
1354 "BCJ2 conversion Failed");
1355 return (ARCHIVE_FAILED);
1356 }
1357 zip->main_stream_bytes_remaining -=
1358 remaining - zip->tmp_stream_bytes_remaining;
1359 t_avail_out -= bytes;
1360 if (o_avail_in == 0 || t_avail_out == 0) {
1361 *used = 0;
1362 *outbytes = o_avail_out - t_avail_out;
1363 if (o_avail_in == 0 &&
1364 zip->tmp_stream_bytes_remaining)
1365 ret = ARCHIVE_EOF;
1366 return (ret);
1367 }
1368 t_next_out += bytes;
1369 bcj2_next_out = t_next_out;
1370 bcj2_avail_out = t_avail_out;
1371 }
1372 t_next_out = zip->tmp_stream_buff;
1373 t_avail_out = zip->tmp_stream_buff_size;
1374 }
1375
1376 switch (zip->codec) {
1377 case _7Z_COPY:
1378 {
1379 size_t bytes =
1380 (t_avail_in > t_avail_out)?t_avail_out:t_avail_in;
1381
1382 memcpy(t_next_out, t_next_in, bytes);
1383 t_avail_in -= bytes;
1384 t_avail_out -= bytes;
1385 if (o_avail_in == 0)
1386 ret = ARCHIVE_EOF;
1387 break;
1388 }
1389 #ifdef HAVE_LZMA_H
1390 case _7Z_LZMA: case _7Z_LZMA2:
1391 zip->lzstream.next_in = t_next_in;
1392 zip->lzstream.avail_in = t_avail_in;
1393 zip->lzstream.next_out = t_next_out;
1394 zip->lzstream.avail_out = t_avail_out;
1395
1396 r = lzma_code(&(zip->lzstream), LZMA_RUN);
1397 switch (r) {
1398 case LZMA_STREAM_END: /* Found end of stream. */
1399 lzma_end(&(zip->lzstream));
1400 zip->lzstream_valid = 0;
1401 ret = ARCHIVE_EOF;
1402 break;
1403 case LZMA_OK: /* Decompressor made some progress. */
1404 break;
1405 default:
1406 archive_set_error(&(a->archive),
1407 ARCHIVE_ERRNO_MISC,
1408 "Decompression failed(%d)",
1409 r);
1410 return (ARCHIVE_FAILED);
1411 }
1412 t_avail_in = zip->lzstream.avail_in;
1413 t_avail_out = zip->lzstream.avail_out;
1414 break;
1415 #endif
1416 #if defined(HAVE_BZLIB_H) && defined(BZ_CONFIG_ERROR)
1417 case _7Z_BZ2:
1418 zip->bzstream.next_in = (char *)(uintptr_t)t_next_in;
1419 zip->bzstream.avail_in = t_avail_in;
1420 zip->bzstream.next_out = (char *)(uintptr_t)t_next_out;
1421 zip->bzstream.avail_out = t_avail_out;
1422 r = BZ2_bzDecompress(&(zip->bzstream));
1423 switch (r) {
1424 case BZ_STREAM_END: /* Found end of stream. */
1425 switch (BZ2_bzDecompressEnd(&(zip->bzstream))) {
1426 case BZ_OK:
1427 break;
1428 default:
1429 archive_set_error(&(a->archive),
1430 ARCHIVE_ERRNO_MISC,
1431 "Failed to clean up decompressor");
1432 return (ARCHIVE_FAILED);
1433 }
1434 zip->bzstream_valid = 0;
1435 ret = ARCHIVE_EOF;
1436 break;
1437 case BZ_OK: /* Decompressor made some progress. */
1438 break;
1439 default:
1440 archive_set_error(&(a->archive),
1441 ARCHIVE_ERRNO_MISC,
1442 "bzip decompression failed");
1443 return (ARCHIVE_FAILED);
1444 }
1445 t_avail_in = zip->bzstream.avail_in;
1446 t_avail_out = zip->bzstream.avail_out;
1447 break;
1448 #endif
1449 #ifdef HAVE_ZLIB_H
1450 case _7Z_DEFLATE:
1451 zip->stream.next_in = (Bytef *)(uintptr_t)t_next_in;
1452 zip->stream.avail_in = (uInt)t_avail_in;
1453 zip->stream.next_out = t_next_out;
1454 zip->stream.avail_out = (uInt)t_avail_out;
1455 r = inflate(&(zip->stream), 0);
1456 switch (r) {
1457 case Z_STREAM_END: /* Found end of stream. */
1458 ret = ARCHIVE_EOF;
1459 break;
1460 case Z_OK: /* Decompressor made some progress.*/
1461 break;
1462 default:
1463 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1464 "File decompression failed (%d)", r);
1465 return (ARCHIVE_FAILED);
1466 }
1467 t_avail_in = zip->stream.avail_in;
1468 t_avail_out = zip->stream.avail_out;
1469 break;
1470 #endif
1471 case _7Z_PPMD:
1472 {
1473 uint64_t flush_bytes;
1474
1475 if (!zip->ppmd7_valid || zip->ppmd7_stat < 0 ||
1476 t_avail_out <= 0) {
1477 archive_set_error(&(a->archive),
1478 ARCHIVE_ERRNO_MISC,
1479 "Decompression internal error");
1480 return (ARCHIVE_FAILED);
1481 }
1482 zip->ppstream.next_in = t_next_in;
1483 zip->ppstream.avail_in = t_avail_in;
1484 zip->ppstream.next_out = t_next_out;
1485 zip->ppstream.avail_out = t_avail_out;
1486 if (zip->ppmd7_stat == 0) {
1487 zip->bytein.a = a;
1488 zip->bytein.Read = &ppmd_read;
1489 zip->range_dec.Stream = &zip->bytein;
1490 r = __archive_ppmd7_functions.Ppmd7z_RangeDec_Init(
1491 &(zip->range_dec));
1492 if (r == 0) {
1493 zip->ppmd7_stat = -1;
1494 archive_set_error(&a->archive,
1495 ARCHIVE_ERRNO_MISC,
1496 "Failed to initialize PPMd range decorder");
1497 return (ARCHIVE_FAILED);
1498 }
1499 if (zip->ppstream.overconsumed) {
1500 zip->ppmd7_stat = -1;
1501 return (ARCHIVE_FAILED);
1502 }
1503 zip->ppmd7_stat = 1;
1504 }
1505
1506 if (t_avail_in == 0)
1507 /* XXX Flush out remaining decoded data XXX */
1508 flush_bytes = zip->folder_outbytes_remaining;
1509 else
1510 flush_bytes = 0;
1511
1512 do {
1513 int sym;
1514
1515 sym = __archive_ppmd7_functions.Ppmd7_DecodeSymbol(
1516 &(zip->ppmd7_context), &(zip->range_dec.p));
1517 if (sym < 0) {
1518 zip->ppmd7_stat = -1;
1519 archive_set_error(&a->archive,
1520 ARCHIVE_ERRNO_FILE_FORMAT,
1521 "Failed to decode PPMd");
1522 return (ARCHIVE_FAILED);
1523 }
1524 if (zip->ppstream.overconsumed) {
1525 zip->ppmd7_stat = -1;
1526 return (ARCHIVE_FAILED);
1527 }
1528 *zip->ppstream.next_out++ = (unsigned char)sym;
1529 zip->ppstream.avail_out--;
1530 zip->ppstream.total_out++;
1531 if (flush_bytes)
1532 flush_bytes--;
1533 } while (zip->ppstream.avail_out &&
1534 (zip->ppstream.avail_in || flush_bytes));
1535
1536 t_avail_in = (size_t)zip->ppstream.avail_in;
1537 t_avail_out = (size_t)zip->ppstream.avail_out;
1538 break;
1539 }
1540 default:
1541 archive_set_error(&(a->archive), ARCHIVE_ERRNO_MISC,
1542 "Decompression internal error");
1543 return (ARCHIVE_FAILED);
1544 }
1545 if (ret != ARCHIVE_OK && ret != ARCHIVE_EOF)
1546 return (ret);
1547
1548 *used = o_avail_in - t_avail_in;
1549 *outbytes = o_avail_out - t_avail_out;
1550
1551 /*
1552 * Decord BCJ.
1553 */
1554 if (zip->codec != _7Z_LZMA2 && zip->codec2 == _7Z_X86) {
1555 size_t l = x86_Convert(zip, buff, *outbytes);
1556 zip->odd_bcj_size = *outbytes - l;
1557 if (zip->odd_bcj_size > 0 && zip->odd_bcj_size <= 4 &&
1558 o_avail_in && ret != ARCHIVE_EOF) {
1559 memcpy(zip->odd_bcj, ((unsigned char *)buff) + l,
1560 zip->odd_bcj_size);
1561 *outbytes = l;
1562 } else
1563 zip->odd_bcj_size = 0;
1564 }
1565
1566 /*
1567 * Decord BCJ2 with a decompressed main stream.
1568 */
1569 if (zip->codec2 == _7Z_X86_BCJ2) {
1570 ssize_t bytes;
1571
1572 zip->tmp_stream_bytes_avail =
1573 zip->tmp_stream_buff_size - t_avail_out;
1574 if (zip->tmp_stream_bytes_avail >
1575 zip->main_stream_bytes_remaining)
1576 zip->tmp_stream_bytes_avail =
1577 zip->main_stream_bytes_remaining;
1578 zip->tmp_stream_bytes_remaining = zip->tmp_stream_bytes_avail;
1579 bytes = Bcj2_Decode(zip, bcj2_next_out, bcj2_avail_out);
1580 if (bytes < 0) {
1581 archive_set_error(&(a->archive),
1582 ARCHIVE_ERRNO_MISC, "BCJ2 conversion Failed");
1583 return (ARCHIVE_FAILED);
1584 }
1585 zip->main_stream_bytes_remaining -=
1586 zip->tmp_stream_bytes_avail
1587 - zip->tmp_stream_bytes_remaining;
1588 bcj2_avail_out -= bytes;
1589 *outbytes = o_avail_out - bcj2_avail_out;
1590 }
1591
1592 return (ret);
1593 }
1594
1595 static int
free_decompression(struct archive_read * a,struct _7zip * zip)1596 free_decompression(struct archive_read *a, struct _7zip *zip)
1597 {
1598 int r = ARCHIVE_OK;
1599
1600 #if !defined(HAVE_ZLIB_H) &&\
1601 !(defined(HAVE_BZLIB_H) && defined(BZ_CONFIG_ERROR))
1602 (void)a;/* UNUSED */
1603 #endif
1604 #ifdef HAVE_LZMA_H
1605 if (zip->lzstream_valid)
1606 lzma_end(&(zip->lzstream));
1607 #endif
1608 #if defined(HAVE_BZLIB_H) && defined(BZ_CONFIG_ERROR)
1609 if (zip->bzstream_valid) {
1610 if (BZ2_bzDecompressEnd(&(zip->bzstream)) != BZ_OK) {
1611 archive_set_error(&a->archive,
1612 ARCHIVE_ERRNO_MISC,
1613 "Failed to clean up bzip2 decompressor");
1614 r = ARCHIVE_FATAL;
1615 }
1616 zip->bzstream_valid = 0;
1617 }
1618 #endif
1619 #ifdef HAVE_ZLIB_H
1620 if (zip->stream_valid) {
1621 if (inflateEnd(&(zip->stream)) != Z_OK) {
1622 archive_set_error(&a->archive,
1623 ARCHIVE_ERRNO_MISC,
1624 "Failed to clean up zlib decompressor");
1625 r = ARCHIVE_FATAL;
1626 }
1627 zip->stream_valid = 0;
1628 }
1629 #endif
1630 if (zip->ppmd7_valid) {
1631 __archive_ppmd7_functions.Ppmd7_Free(
1632 &zip->ppmd7_context);
1633 zip->ppmd7_valid = 0;
1634 }
1635 return (r);
1636 }
1637
1638 static int
parse_7zip_uint64(struct archive_read * a,uint64_t * val)1639 parse_7zip_uint64(struct archive_read *a, uint64_t *val)
1640 {
1641 const unsigned char *p;
1642 unsigned char avail, mask;
1643 int i;
1644
1645 if ((p = header_bytes(a, 1)) == NULL)
1646 return (-1);
1647 avail = *p;
1648 mask = 0x80;
1649 *val = 0;
1650 for (i = 0; i < 8; i++) {
1651 if (avail & mask) {
1652 if ((p = header_bytes(a, 1)) == NULL)
1653 return (-1);
1654 *val |= ((uint64_t)*p) << (8 * i);
1655 mask >>= 1;
1656 continue;
1657 }
1658 *val += ((uint64_t)(avail & (mask -1))) << (8 * i);
1659 break;
1660 }
1661 return (0);
1662 }
1663
1664 static int
read_Bools(struct archive_read * a,unsigned char * data,size_t num)1665 read_Bools(struct archive_read *a, unsigned char *data, size_t num)
1666 {
1667 const unsigned char *p;
1668 unsigned i, mask = 0, avail = 0;
1669
1670 for (i = 0; i < num; i++) {
1671 if (mask == 0) {
1672 if ((p = header_bytes(a, 1)) == NULL)
1673 return (-1);
1674 avail = *p;
1675 mask = 0x80;
1676 }
1677 data[i] = (avail & mask)?1:0;
1678 mask >>= 1;
1679 }
1680 return (0);
1681 }
1682
1683 static void
free_Digest(struct _7z_digests * d)1684 free_Digest(struct _7z_digests *d)
1685 {
1686 free(d->defineds);
1687 free(d->digests);
1688 }
1689
1690 static int
read_Digests(struct archive_read * a,struct _7z_digests * d,size_t num)1691 read_Digests(struct archive_read *a, struct _7z_digests *d, size_t num)
1692 {
1693 const unsigned char *p;
1694 unsigned i;
1695
1696 if (num == 0)
1697 return (-1);
1698 memset(d, 0, sizeof(*d));
1699
1700 d->defineds = malloc(num);
1701 if (d->defineds == NULL)
1702 return (-1);
1703 /*
1704 * Read Bools.
1705 */
1706 if ((p = header_bytes(a, 1)) == NULL)
1707 return (-1);
1708 if (*p == 0) {
1709 if (read_Bools(a, d->defineds, num) < 0)
1710 return (-1);
1711 } else
1712 /* All are defined */
1713 memset(d->defineds, 1, num);
1714
1715 d->digests = calloc(num, sizeof(*d->digests));
1716 if (d->digests == NULL)
1717 return (-1);
1718 for (i = 0; i < num; i++) {
1719 if (d->defineds[i]) {
1720 if ((p = header_bytes(a, 4)) == NULL)
1721 return (-1);
1722 d->digests[i] = archive_le32dec(p);
1723 }
1724 }
1725
1726 return (0);
1727 }
1728
1729 static void
free_PackInfo(struct _7z_pack_info * pi)1730 free_PackInfo(struct _7z_pack_info *pi)
1731 {
1732 free(pi->sizes);
1733 free(pi->positions);
1734 free_Digest(&(pi->digest));
1735 }
1736
1737 static int
read_PackInfo(struct archive_read * a,struct _7z_pack_info * pi)1738 read_PackInfo(struct archive_read *a, struct _7z_pack_info *pi)
1739 {
1740 const unsigned char *p;
1741 unsigned i;
1742
1743 memset(pi, 0, sizeof(*pi));
1744
1745 /*
1746 * Read PackPos.
1747 */
1748 if (parse_7zip_uint64(a, &(pi->pos)) < 0)
1749 return (-1);
1750
1751 /*
1752 * Read NumPackStreams.
1753 */
1754 if (parse_7zip_uint64(a, &(pi->numPackStreams)) < 0)
1755 return (-1);
1756 if (pi->numPackStreams == 0)
1757 return (-1);
1758 if (UMAX_ENTRY < pi->numPackStreams)
1759 return (-1);
1760
1761 /*
1762 * Read PackSizes[num]
1763 */
1764 if ((p = header_bytes(a, 1)) == NULL)
1765 return (-1);
1766 if (*p == kEnd)
1767 /* PackSizes[num] are not present. */
1768 return (0);
1769 if (*p != kSize)
1770 return (-1);
1771 pi->sizes = calloc((size_t)pi->numPackStreams, sizeof(uint64_t));
1772 pi->positions = calloc((size_t)pi->numPackStreams, sizeof(uint64_t));
1773 if (pi->sizes == NULL || pi->positions == NULL)
1774 return (-1);
1775
1776 for (i = 0; i < pi->numPackStreams; i++) {
1777 if (parse_7zip_uint64(a, &(pi->sizes[i])) < 0)
1778 return (-1);
1779 }
1780
1781 /*
1782 * Read PackStreamDigests[num]
1783 */
1784 if ((p = header_bytes(a, 1)) == NULL)
1785 return (-1);
1786 if (*p == kEnd) {
1787 /* PackStreamDigests[num] are not present. */
1788 pi->digest.defineds =
1789 calloc((size_t)pi->numPackStreams, sizeof(*pi->digest.defineds));
1790 pi->digest.digests =
1791 calloc((size_t)pi->numPackStreams, sizeof(*pi->digest.digests));
1792 if (pi->digest.defineds == NULL || pi->digest.digests == NULL)
1793 return (-1);
1794 return (0);
1795 }
1796
1797 if (*p != kCRC)
1798 return (-1);
1799
1800 if (read_Digests(a, &(pi->digest), (size_t)pi->numPackStreams) < 0)
1801 return (-1);
1802
1803 /*
1804 * Must be marked by kEnd.
1805 */
1806 if ((p = header_bytes(a, 1)) == NULL)
1807 return (-1);
1808 if (*p != kEnd)
1809 return (-1);
1810 return (0);
1811 }
1812
1813 static void
free_Folder(struct _7z_folder * f)1814 free_Folder(struct _7z_folder *f)
1815 {
1816 unsigned i;
1817
1818 if (f->coders) {
1819 for (i = 0; i< f->numCoders; i++) {
1820 free(f->coders[i].properties);
1821 }
1822 free(f->coders);
1823 }
1824 free(f->bindPairs);
1825 free(f->packedStreams);
1826 free(f->unPackSize);
1827 }
1828
1829 static int
read_Folder(struct archive_read * a,struct _7z_folder * f)1830 read_Folder(struct archive_read *a, struct _7z_folder *f)
1831 {
1832 struct _7zip *zip = (struct _7zip *)a->format->data;
1833 const unsigned char *p;
1834 uint64_t numInStreamsTotal = 0;
1835 uint64_t numOutStreamsTotal = 0;
1836 unsigned i;
1837
1838 memset(f, 0, sizeof(*f));
1839
1840 /*
1841 * Read NumCoders.
1842 */
1843 if (parse_7zip_uint64(a, &(f->numCoders)) < 0)
1844 return (-1);
1845 if (f->numCoders > 4)
1846 /* Too many coders. */
1847 return (-1);
1848
1849 f->coders = calloc((size_t)f->numCoders, sizeof(*f->coders));
1850 if (f->coders == NULL)
1851 return (-1);
1852 for (i = 0; i< f->numCoders; i++) {
1853 size_t codec_size;
1854 int simple, attr;
1855
1856 if ((p = header_bytes(a, 1)) == NULL)
1857 return (-1);
1858 /*
1859 * 0:3 CodecIdSize
1860 * 4: 0 - IsSimple
1861 * 1 - Is not Simple
1862 * 5: 0 - No Attributes
1863 * 1 - There are Attributes;
1864 * 7: Must be zero.
1865 */
1866 codec_size = *p & 0xf;
1867 simple = (*p & 0x10)?0:1;
1868 attr = *p & 0x20;
1869 if (*p & 0x80)
1870 return (-1);/* Not supported. */
1871
1872 /*
1873 * Read Decompression Method IDs.
1874 */
1875 if ((p = header_bytes(a, codec_size)) == NULL)
1876 return (-1);
1877
1878 f->coders[i].codec = decode_codec_id(p, codec_size);
1879
1880 if (simple) {
1881 f->coders[i].numInStreams = 1;
1882 f->coders[i].numOutStreams = 1;
1883 } else {
1884 if (parse_7zip_uint64(
1885 a, &(f->coders[i].numInStreams)) < 0)
1886 return (-1);
1887 if (UMAX_ENTRY < f->coders[i].numInStreams)
1888 return (-1);
1889 if (parse_7zip_uint64(
1890 a, &(f->coders[i].numOutStreams)) < 0)
1891 return (-1);
1892 if (UMAX_ENTRY < f->coders[i].numOutStreams)
1893 return (-1);
1894 }
1895
1896 if (attr) {
1897 if (parse_7zip_uint64(
1898 a, &(f->coders[i].propertiesSize)) < 0)
1899 return (-1);
1900 if ((p = header_bytes(
1901 a, (size_t)f->coders[i].propertiesSize)) == NULL)
1902 return (-1);
1903 f->coders[i].properties =
1904 malloc((size_t)f->coders[i].propertiesSize);
1905 if (f->coders[i].properties == NULL)
1906 return (-1);
1907 memcpy(f->coders[i].properties, p,
1908 (size_t)f->coders[i].propertiesSize);
1909 }
1910
1911 numInStreamsTotal += f->coders[i].numInStreams;
1912 numOutStreamsTotal += f->coders[i].numOutStreams;
1913 }
1914
1915 if (numOutStreamsTotal == 0 ||
1916 numInStreamsTotal < numOutStreamsTotal-1)
1917 return (-1);
1918
1919 f->numBindPairs = numOutStreamsTotal - 1;
1920 if (zip->header_bytes_remaining < f->numBindPairs)
1921 return (-1);
1922 if (f->numBindPairs > 0) {
1923 f->bindPairs =
1924 calloc((size_t)f->numBindPairs, sizeof(*f->bindPairs));
1925 if (f->bindPairs == NULL)
1926 return (-1);
1927 } else
1928 f->bindPairs = NULL;
1929 for (i = 0; i < f->numBindPairs; i++) {
1930 if (parse_7zip_uint64(a, &(f->bindPairs[i].inIndex)) < 0)
1931 return (-1);
1932 if (UMAX_ENTRY < f->bindPairs[i].inIndex)
1933 return (-1);
1934 if (parse_7zip_uint64(a, &(f->bindPairs[i].outIndex)) < 0)
1935 return (-1);
1936 if (UMAX_ENTRY < f->bindPairs[i].outIndex)
1937 return (-1);
1938 }
1939
1940 f->numPackedStreams = numInStreamsTotal - f->numBindPairs;
1941 f->packedStreams =
1942 calloc((size_t)f->numPackedStreams, sizeof(*f->packedStreams));
1943 if (f->packedStreams == NULL)
1944 return (-1);
1945 if (f->numPackedStreams == 1) {
1946 for (i = 0; i < numInStreamsTotal; i++) {
1947 unsigned j;
1948 for (j = 0; j < f->numBindPairs; j++) {
1949 if (f->bindPairs[j].inIndex == i)
1950 break;
1951 }
1952 if (j == f->numBindPairs)
1953 break;
1954 }
1955 if (i == numInStreamsTotal)
1956 return (-1);
1957 f->packedStreams[0] = i;
1958 } else {
1959 for (i = 0; i < f->numPackedStreams; i++) {
1960 if (parse_7zip_uint64(a, &(f->packedStreams[i])) < 0)
1961 return (-1);
1962 if (UMAX_ENTRY < f->packedStreams[i])
1963 return (-1);
1964 }
1965 }
1966 f->numInStreams = numInStreamsTotal;
1967 f->numOutStreams = numOutStreamsTotal;
1968
1969 return (0);
1970 }
1971
1972 static void
free_CodersInfo(struct _7z_coders_info * ci)1973 free_CodersInfo(struct _7z_coders_info *ci)
1974 {
1975 unsigned i;
1976
1977 if (ci->folders) {
1978 for (i = 0; i < ci->numFolders; i++)
1979 free_Folder(&(ci->folders[i]));
1980 free(ci->folders);
1981 }
1982 }
1983
1984 static int
read_CodersInfo(struct archive_read * a,struct _7z_coders_info * ci)1985 read_CodersInfo(struct archive_read *a, struct _7z_coders_info *ci)
1986 {
1987 const unsigned char *p;
1988 struct _7z_digests digest;
1989 unsigned i;
1990
1991 memset(ci, 0, sizeof(*ci));
1992 memset(&digest, 0, sizeof(digest));
1993
1994 if ((p = header_bytes(a, 1)) == NULL)
1995 goto failed;
1996 if (*p != kFolder)
1997 goto failed;
1998
1999 /*
2000 * Read NumFolders.
2001 */
2002 if (parse_7zip_uint64(a, &(ci->numFolders)) < 0)
2003 goto failed;
2004 if (UMAX_ENTRY < ci->numFolders)
2005 return (-1);
2006
2007 /*
2008 * Read External.
2009 */
2010 if ((p = header_bytes(a, 1)) == NULL)
2011 goto failed;
2012 switch (*p) {
2013 case 0:
2014 ci->folders =
2015 calloc((size_t)ci->numFolders, sizeof(*ci->folders));
2016 if (ci->folders == NULL)
2017 return (-1);
2018 for (i = 0; i < ci->numFolders; i++) {
2019 if (read_Folder(a, &(ci->folders[i])) < 0)
2020 goto failed;
2021 }
2022 break;
2023 case 1:
2024 if (parse_7zip_uint64(a, &(ci->dataStreamIndex)) < 0)
2025 return (-1);
2026 if (UMAX_ENTRY < ci->dataStreamIndex)
2027 return (-1);
2028 if (ci->numFolders > 0) {
2029 archive_set_error(&a->archive, -1,
2030 "Malformed 7-Zip archive");
2031 goto failed;
2032 }
2033 break;
2034 default:
2035 archive_set_error(&a->archive, -1,
2036 "Malformed 7-Zip archive");
2037 goto failed;
2038 }
2039
2040 if ((p = header_bytes(a, 1)) == NULL)
2041 goto failed;
2042 if (*p != kCodersUnPackSize)
2043 goto failed;
2044
2045 for (i = 0; i < ci->numFolders; i++) {
2046 struct _7z_folder *folder = &(ci->folders[i]);
2047 unsigned j;
2048
2049 folder->unPackSize =
2050 calloc((size_t)folder->numOutStreams, sizeof(*folder->unPackSize));
2051 if (folder->unPackSize == NULL)
2052 goto failed;
2053 for (j = 0; j < folder->numOutStreams; j++) {
2054 if (parse_7zip_uint64(a, &(folder->unPackSize[j])) < 0)
2055 goto failed;
2056 }
2057 }
2058
2059 /*
2060 * Read CRCs.
2061 */
2062 if ((p = header_bytes(a, 1)) == NULL)
2063 goto failed;
2064 if (*p == kEnd)
2065 return (0);
2066 if (*p != kCRC)
2067 goto failed;
2068 if (read_Digests(a, &digest, (size_t)ci->numFolders) < 0)
2069 goto failed;
2070 for (i = 0; i < ci->numFolders; i++) {
2071 ci->folders[i].digest_defined = digest.defineds[i];
2072 ci->folders[i].digest = digest.digests[i];
2073 }
2074
2075 /*
2076 * Must be kEnd.
2077 */
2078 if ((p = header_bytes(a, 1)) == NULL)
2079 goto failed;
2080 if (*p != kEnd)
2081 goto failed;
2082 free_Digest(&digest);
2083 return (0);
2084 failed:
2085 free_Digest(&digest);
2086 return (-1);
2087 }
2088
2089 static uint64_t
folder_uncompressed_size(struct _7z_folder * f)2090 folder_uncompressed_size(struct _7z_folder *f)
2091 {
2092 int n = (int)f->numOutStreams;
2093 unsigned pairs = (unsigned)f->numBindPairs;
2094
2095 while (--n >= 0) {
2096 unsigned i;
2097 for (i = 0; i < pairs; i++) {
2098 if (f->bindPairs[i].outIndex == (uint64_t)n)
2099 break;
2100 }
2101 if (i >= pairs)
2102 return (f->unPackSize[n]);
2103 }
2104 return (0);
2105 }
2106
2107 static void
free_SubStreamsInfo(struct _7z_substream_info * ss)2108 free_SubStreamsInfo(struct _7z_substream_info *ss)
2109 {
2110 free(ss->unpackSizes);
2111 free(ss->digestsDefined);
2112 free(ss->digests);
2113 }
2114
2115 static int
read_SubStreamsInfo(struct archive_read * a,struct _7z_substream_info * ss,struct _7z_folder * f,size_t numFolders)2116 read_SubStreamsInfo(struct archive_read *a, struct _7z_substream_info *ss,
2117 struct _7z_folder *f, size_t numFolders)
2118 {
2119 const unsigned char *p;
2120 uint64_t *usizes;
2121 size_t unpack_streams;
2122 int type;
2123 unsigned i;
2124 uint32_t numDigests;
2125
2126 memset(ss, 0, sizeof(*ss));
2127
2128 for (i = 0; i < numFolders; i++)
2129 f[i].numUnpackStreams = 1;
2130
2131 if ((p = header_bytes(a, 1)) == NULL)
2132 return (-1);
2133 type = *p;
2134
2135 if (type == kNumUnPackStream) {
2136 unpack_streams = 0;
2137 for (i = 0; i < numFolders; i++) {
2138 if (parse_7zip_uint64(a, &(f[i].numUnpackStreams)) < 0)
2139 return (-1);
2140 if (UMAX_ENTRY < f[i].numUnpackStreams)
2141 return (-1);
2142 if (unpack_streams > SIZE_MAX - UMAX_ENTRY) {
2143 return (-1);
2144 }
2145 unpack_streams += (size_t)f[i].numUnpackStreams;
2146 }
2147 if ((p = header_bytes(a, 1)) == NULL)
2148 return (-1);
2149 type = *p;
2150 } else
2151 unpack_streams = numFolders;
2152
2153 ss->unpack_streams = unpack_streams;
2154 if (unpack_streams) {
2155 ss->unpackSizes = calloc(unpack_streams,
2156 sizeof(*ss->unpackSizes));
2157 ss->digestsDefined = calloc(unpack_streams,
2158 sizeof(*ss->digestsDefined));
2159 ss->digests = calloc(unpack_streams,
2160 sizeof(*ss->digests));
2161 if (ss->unpackSizes == NULL || ss->digestsDefined == NULL ||
2162 ss->digests == NULL)
2163 return (-1);
2164 }
2165
2166 usizes = ss->unpackSizes;
2167 for (i = 0; i < numFolders; i++) {
2168 unsigned pack;
2169 uint64_t sum;
2170
2171 if (f[i].numUnpackStreams == 0)
2172 continue;
2173
2174 sum = 0;
2175 if (type == kSize) {
2176 for (pack = 1; pack < f[i].numUnpackStreams; pack++) {
2177 if (parse_7zip_uint64(a, usizes) < 0)
2178 return (-1);
2179 sum += *usizes++;
2180 }
2181 }
2182 *usizes++ = folder_uncompressed_size(&f[i]) - sum;
2183 }
2184
2185 if (type == kSize) {
2186 if ((p = header_bytes(a, 1)) == NULL)
2187 return (-1);
2188 type = *p;
2189 }
2190
2191 for (i = 0; i < unpack_streams; i++) {
2192 ss->digestsDefined[i] = 0;
2193 ss->digests[i] = 0;
2194 }
2195
2196 numDigests = 0;
2197 for (i = 0; i < numFolders; i++) {
2198 if (f[i].numUnpackStreams != 1 || !f[i].digest_defined)
2199 numDigests += (uint32_t)f[i].numUnpackStreams;
2200 }
2201
2202 if (type == kCRC) {
2203 struct _7z_digests tmpDigests;
2204 unsigned char *digestsDefined = ss->digestsDefined;
2205 uint32_t * digests = ss->digests;
2206 int di = 0;
2207
2208 memset(&tmpDigests, 0, sizeof(tmpDigests));
2209 if (read_Digests(a, &(tmpDigests), numDigests) < 0) {
2210 free_Digest(&tmpDigests);
2211 return (-1);
2212 }
2213 for (i = 0; i < numFolders; i++) {
2214 if (f[i].numUnpackStreams == 1 && f[i].digest_defined) {
2215 *digestsDefined++ = 1;
2216 *digests++ = f[i].digest;
2217 } else {
2218 unsigned j;
2219
2220 for (j = 0; j < f[i].numUnpackStreams;
2221 j++, di++) {
2222 *digestsDefined++ =
2223 tmpDigests.defineds[di];
2224 *digests++ =
2225 tmpDigests.digests[di];
2226 }
2227 }
2228 }
2229 free_Digest(&tmpDigests);
2230 if ((p = header_bytes(a, 1)) == NULL)
2231 return (-1);
2232 type = *p;
2233 }
2234
2235 /*
2236 * Must be kEnd.
2237 */
2238 if (type != kEnd)
2239 return (-1);
2240 return (0);
2241 }
2242
2243 static void
free_StreamsInfo(struct _7z_stream_info * si)2244 free_StreamsInfo(struct _7z_stream_info *si)
2245 {
2246 free_PackInfo(&(si->pi));
2247 free_CodersInfo(&(si->ci));
2248 free_SubStreamsInfo(&(si->ss));
2249 }
2250
2251 static int
read_StreamsInfo(struct archive_read * a,struct _7z_stream_info * si)2252 read_StreamsInfo(struct archive_read *a, struct _7z_stream_info *si)
2253 {
2254 struct _7zip *zip = (struct _7zip *)a->format->data;
2255 const unsigned char *p;
2256 unsigned i;
2257
2258 memset(si, 0, sizeof(*si));
2259
2260 if ((p = header_bytes(a, 1)) == NULL)
2261 return (-1);
2262 if (*p == kPackInfo) {
2263 uint64_t packPos;
2264
2265 if (read_PackInfo(a, &(si->pi)) < 0)
2266 return (-1);
2267
2268 if (si->pi.positions == NULL || si->pi.sizes == NULL)
2269 return (-1);
2270 /*
2271 * Calculate packed stream positions.
2272 */
2273 packPos = si->pi.pos;
2274 for (i = 0; i < si->pi.numPackStreams; i++) {
2275 si->pi.positions[i] = packPos;
2276 packPos += si->pi.sizes[i];
2277 if (packPos > zip->header_offset)
2278 return (-1);
2279 }
2280 if ((p = header_bytes(a, 1)) == NULL)
2281 return (-1);
2282 }
2283 if (*p == kUnPackInfo) {
2284 uint32_t packIndex;
2285 struct _7z_folder *f;
2286
2287 if (read_CodersInfo(a, &(si->ci)) < 0)
2288 return (-1);
2289
2290 /*
2291 * Calculate packed stream indexes.
2292 */
2293 packIndex = 0;
2294 f = si->ci.folders;
2295 for (i = 0; i < si->ci.numFolders; i++) {
2296 f[i].packIndex = packIndex;
2297 packIndex += (uint32_t)f[i].numPackedStreams;
2298 if (packIndex > si->pi.numPackStreams)
2299 return (-1);
2300 }
2301 if ((p = header_bytes(a, 1)) == NULL)
2302 return (-1);
2303 }
2304
2305 if (*p == kSubStreamsInfo) {
2306 if (read_SubStreamsInfo(a, &(si->ss),
2307 si->ci.folders, (size_t)si->ci.numFolders) < 0)
2308 return (-1);
2309 if ((p = header_bytes(a, 1)) == NULL)
2310 return (-1);
2311 }
2312
2313 /*
2314 * Must be kEnd.
2315 */
2316 if (*p != kEnd)
2317 return (-1);
2318 return (0);
2319 }
2320
2321 static void
free_Header(struct _7z_header_info * h)2322 free_Header(struct _7z_header_info *h)
2323 {
2324 free(h->emptyStreamBools);
2325 free(h->emptyFileBools);
2326 free(h->antiBools);
2327 free(h->attrBools);
2328 }
2329
2330 static int
read_Header(struct archive_read * a,struct _7z_header_info * h,int check_header_id)2331 read_Header(struct archive_read *a, struct _7z_header_info *h,
2332 int check_header_id)
2333 {
2334 struct _7zip *zip = (struct _7zip *)a->format->data;
2335 const unsigned char *p;
2336 struct _7z_folder *folders;
2337 struct _7z_stream_info *si = &(zip->si);
2338 struct _7zip_entry *entries;
2339 uint32_t folderIndex, indexInFolder;
2340 unsigned i;
2341 int eindex, empty_streams, sindex;
2342
2343 if (check_header_id) {
2344 /*
2345 * Read Header.
2346 */
2347 if ((p = header_bytes(a, 1)) == NULL)
2348 return (-1);
2349 if (*p != kHeader)
2350 return (-1);
2351 }
2352
2353 /*
2354 * Read ArchiveProperties.
2355 */
2356 if ((p = header_bytes(a, 1)) == NULL)
2357 return (-1);
2358 if (*p == kArchiveProperties) {
2359 for (;;) {
2360 uint64_t size;
2361 if ((p = header_bytes(a, 1)) == NULL)
2362 return (-1);
2363 if (*p == 0)
2364 break;
2365 if (parse_7zip_uint64(a, &size) < 0)
2366 return (-1);
2367 }
2368 if ((p = header_bytes(a, 1)) == NULL)
2369 return (-1);
2370 }
2371
2372 /*
2373 * Read MainStreamsInfo.
2374 */
2375 if (*p == kMainStreamsInfo) {
2376 if (read_StreamsInfo(a, &(zip->si)) < 0)
2377 return (-1);
2378 if ((p = header_bytes(a, 1)) == NULL)
2379 return (-1);
2380 }
2381 if (*p == kEnd)
2382 return (0);
2383
2384 /*
2385 * Read FilesInfo.
2386 */
2387 if (*p != kFilesInfo)
2388 return (-1);
2389
2390 if (parse_7zip_uint64(a, &(zip->numFiles)) < 0)
2391 return (-1);
2392 if (UMAX_ENTRY < zip->numFiles)
2393 return (-1);
2394
2395 zip->entries = calloc((size_t)zip->numFiles, sizeof(*zip->entries));
2396 if (zip->entries == NULL)
2397 return (-1);
2398 entries = zip->entries;
2399
2400 empty_streams = 0;
2401 for (;;) {
2402 int type;
2403 uint64_t size;
2404 size_t ll;
2405
2406 if ((p = header_bytes(a, 1)) == NULL)
2407 return (-1);
2408 type = *p;
2409 if (type == kEnd)
2410 break;
2411
2412 if (parse_7zip_uint64(a, &size) < 0)
2413 return (-1);
2414 if (zip->header_bytes_remaining < size)
2415 return (-1);
2416 ll = (size_t)size;
2417
2418 switch (type) {
2419 case kEmptyStream:
2420 if (h->emptyStreamBools != NULL)
2421 return (-1);
2422 h->emptyStreamBools = calloc((size_t)zip->numFiles,
2423 sizeof(*h->emptyStreamBools));
2424 if (h->emptyStreamBools == NULL)
2425 return (-1);
2426 if (read_Bools(
2427 a, h->emptyStreamBools, (size_t)zip->numFiles) < 0)
2428 return (-1);
2429 empty_streams = 0;
2430 for (i = 0; i < zip->numFiles; i++) {
2431 if (h->emptyStreamBools[i])
2432 empty_streams++;
2433 }
2434 break;
2435 case kEmptyFile:
2436 if (empty_streams <= 0) {
2437 /* Unexcepted sequence. Skip this. */
2438 if (header_bytes(a, ll) == NULL)
2439 return (-1);
2440 break;
2441 }
2442 if (h->emptyFileBools != NULL)
2443 return (-1);
2444 h->emptyFileBools = calloc(empty_streams,
2445 sizeof(*h->emptyFileBools));
2446 if (h->emptyFileBools == NULL)
2447 return (-1);
2448 if (read_Bools(a, h->emptyFileBools, empty_streams) < 0)
2449 return (-1);
2450 break;
2451 case kAnti:
2452 if (empty_streams <= 0) {
2453 /* Unexcepted sequence. Skip this. */
2454 if (header_bytes(a, ll) == NULL)
2455 return (-1);
2456 break;
2457 }
2458 if (h->antiBools != NULL)
2459 return (-1);
2460 h->antiBools = calloc(empty_streams,
2461 sizeof(*h->antiBools));
2462 if (h->antiBools == NULL)
2463 return (-1);
2464 if (read_Bools(a, h->antiBools, empty_streams) < 0)
2465 return (-1);
2466 break;
2467 case kCTime:
2468 case kATime:
2469 case kMTime:
2470 if (read_Times(a, h, type) < 0)
2471 return (-1);
2472 break;
2473 case kName:
2474 {
2475 unsigned char *np;
2476 size_t nl, nb;
2477
2478 /* Skip one byte. */
2479 if ((p = header_bytes(a, 1)) == NULL)
2480 return (-1);
2481 ll--;
2482
2483 if ((ll & 1) || ll < zip->numFiles * 4)
2484 return (-1);
2485
2486 if (zip->entry_names != NULL)
2487 return (-1);
2488 zip->entry_names = malloc(ll);
2489 if (zip->entry_names == NULL)
2490 return (-1);
2491 np = zip->entry_names;
2492 nb = ll;
2493 /*
2494 * Copy whole file names.
2495 * NOTE: This loop prevents from expanding
2496 * the uncompressed buffer in order not to
2497 * use extra memory resource.
2498 */
2499 while (nb) {
2500 size_t b;
2501 if (nb > UBUFF_SIZE)
2502 b = UBUFF_SIZE;
2503 else
2504 b = nb;
2505 if ((p = header_bytes(a, b)) == NULL)
2506 return (-1);
2507 memcpy(np, p, b);
2508 np += b;
2509 nb -= b;
2510 }
2511 np = zip->entry_names;
2512 nl = ll;
2513
2514 for (i = 0; i < zip->numFiles; i++) {
2515 entries[i].utf16name = np;
2516 #if defined(_WIN32) && !defined(__CYGWIN__) && defined(_DEBUG)
2517 entries[i].wname = (wchar_t *)np;
2518 #endif
2519
2520 /* Find a terminator. */
2521 while (nl >= 2 && (np[0] || np[1])) {
2522 np += 2;
2523 nl -= 2;
2524 }
2525 if (nl < 2)
2526 return (-1);/* Terminator not found */
2527 entries[i].name_len = np - entries[i].utf16name;
2528 np += 2;
2529 nl -= 2;
2530 }
2531 break;
2532 }
2533 case kAttributes:
2534 {
2535 int allAreDefined;
2536
2537 if ((p = header_bytes(a, 2)) == NULL)
2538 return (-1);
2539 allAreDefined = *p;
2540 if (h->attrBools != NULL)
2541 return (-1);
2542 h->attrBools = calloc((size_t)zip->numFiles,
2543 sizeof(*h->attrBools));
2544 if (h->attrBools == NULL)
2545 return (-1);
2546 if (allAreDefined)
2547 memset(h->attrBools, 1, (size_t)zip->numFiles);
2548 else {
2549 if (read_Bools(a, h->attrBools,
2550 (size_t)zip->numFiles) < 0)
2551 return (-1);
2552 }
2553 for (i = 0; i < zip->numFiles; i++) {
2554 if (h->attrBools[i]) {
2555 if ((p = header_bytes(a, 4)) == NULL)
2556 return (-1);
2557 entries[i].attr = archive_le32dec(p);
2558 }
2559 }
2560 break;
2561 }
2562 case kDummy:
2563 if (ll == 0)
2564 break;
2565 __LA_FALLTHROUGH;
2566 default:
2567 if (header_bytes(a, ll) == NULL)
2568 return (-1);
2569 break;
2570 }
2571 }
2572
2573 /*
2574 * Set up entry's attributes.
2575 */
2576 folders = si->ci.folders;
2577 eindex = sindex = 0;
2578 folderIndex = indexInFolder = 0;
2579 for (i = 0; i < zip->numFiles; i++) {
2580 if (h->emptyStreamBools == NULL || h->emptyStreamBools[i] == 0)
2581 entries[i].flg |= HAS_STREAM;
2582 /* The high 16 bits of attributes is a posix file mode. */
2583 entries[i].mode = entries[i].attr >> 16;
2584 if (entries[i].flg & HAS_STREAM) {
2585 if ((size_t)sindex >= si->ss.unpack_streams)
2586 return (-1);
2587 if (entries[i].mode == 0)
2588 entries[i].mode = AE_IFREG | 0666;
2589 if (si->ss.digestsDefined[sindex])
2590 entries[i].flg |= CRC32_IS_SET;
2591 entries[i].ssIndex = sindex;
2592 sindex++;
2593 } else {
2594 int dir;
2595 if (h->emptyFileBools == NULL)
2596 dir = 1;
2597 else {
2598 if (h->emptyFileBools[eindex])
2599 dir = 0;
2600 else
2601 dir = 1;
2602 eindex++;
2603 }
2604 if (entries[i].mode == 0) {
2605 if (dir)
2606 entries[i].mode = AE_IFDIR | 0777;
2607 else
2608 entries[i].mode = AE_IFREG | 0666;
2609 } else if (dir &&
2610 (entries[i].mode & AE_IFMT) != AE_IFDIR) {
2611 entries[i].mode &= ~AE_IFMT;
2612 entries[i].mode |= AE_IFDIR;
2613 }
2614 if ((entries[i].mode & AE_IFMT) == AE_IFDIR &&
2615 entries[i].name_len >= 2 &&
2616 (entries[i].utf16name[entries[i].name_len-2] != '/' ||
2617 entries[i].utf16name[entries[i].name_len-1] != 0)) {
2618 entries[i].utf16name[entries[i].name_len] = '/';
2619 entries[i].utf16name[entries[i].name_len+1] = 0;
2620 entries[i].name_len += 2;
2621 }
2622 entries[i].ssIndex = -1;
2623 }
2624 if (entries[i].attr & 0x01)
2625 entries[i].mode &= ~0222;/* Read only. */
2626
2627 if ((entries[i].flg & HAS_STREAM) == 0 && indexInFolder == 0) {
2628 /*
2629 * The entry is an empty file or a directory file,
2630 * those both have no contents.
2631 */
2632 entries[i].folderIndex = -1;
2633 continue;
2634 }
2635 if (indexInFolder == 0) {
2636 for (;;) {
2637 if (folderIndex >= si->ci.numFolders)
2638 return (-1);
2639 if (folders[folderIndex].numUnpackStreams)
2640 break;
2641 folderIndex++;
2642 }
2643 }
2644 entries[i].folderIndex = folderIndex;
2645 if ((entries[i].flg & HAS_STREAM) == 0)
2646 continue;
2647 indexInFolder++;
2648 if (indexInFolder >= folders[folderIndex].numUnpackStreams) {
2649 folderIndex++;
2650 indexInFolder = 0;
2651 }
2652 }
2653
2654 return (0);
2655 }
2656
2657 #define EPOC_TIME ARCHIVE_LITERAL_ULL(116444736000000000)
2658 static void
fileTimeToUtc(uint64_t fileTime,time_t * timep,long * ns)2659 fileTimeToUtc(uint64_t fileTime, time_t *timep, long *ns)
2660 {
2661
2662 if (fileTime >= EPOC_TIME) {
2663 fileTime -= EPOC_TIME;
2664 /* milli seconds base */
2665 *timep = (time_t)(fileTime / 10000000);
2666 /* nano seconds base */
2667 *ns = (long)(fileTime % 10000000) * 100;
2668 } else {
2669 *timep = 0;
2670 *ns = 0;
2671 }
2672 }
2673
2674 static int
read_Times(struct archive_read * a,struct _7z_header_info * h,int type)2675 read_Times(struct archive_read *a, struct _7z_header_info *h, int type)
2676 {
2677 struct _7zip *zip = (struct _7zip *)a->format->data;
2678 const unsigned char *p;
2679 struct _7zip_entry *entries = zip->entries;
2680 unsigned char *timeBools;
2681 int allAreDefined;
2682 unsigned i;
2683
2684 timeBools = calloc((size_t)zip->numFiles, sizeof(*timeBools));
2685 if (timeBools == NULL)
2686 return (-1);
2687
2688 /* Read allAreDefined. */
2689 if ((p = header_bytes(a, 1)) == NULL)
2690 goto failed;
2691 allAreDefined = *p;
2692 if (allAreDefined)
2693 memset(timeBools, 1, (size_t)zip->numFiles);
2694 else {
2695 if (read_Bools(a, timeBools, (size_t)zip->numFiles) < 0)
2696 goto failed;
2697 }
2698
2699 /* Read external. */
2700 if ((p = header_bytes(a, 1)) == NULL)
2701 goto failed;
2702 if (*p) {
2703 if (parse_7zip_uint64(a, &(h->dataIndex)) < 0)
2704 goto failed;
2705 if (UMAX_ENTRY < h->dataIndex)
2706 goto failed;
2707 }
2708
2709 for (i = 0; i < zip->numFiles; i++) {
2710 if (!timeBools[i])
2711 continue;
2712 if ((p = header_bytes(a, 8)) == NULL)
2713 goto failed;
2714 switch (type) {
2715 case kCTime:
2716 fileTimeToUtc(archive_le64dec(p),
2717 &(entries[i].ctime),
2718 &(entries[i].ctime_ns));
2719 entries[i].flg |= CTIME_IS_SET;
2720 break;
2721 case kATime:
2722 fileTimeToUtc(archive_le64dec(p),
2723 &(entries[i].atime),
2724 &(entries[i].atime_ns));
2725 entries[i].flg |= ATIME_IS_SET;
2726 break;
2727 case kMTime:
2728 fileTimeToUtc(archive_le64dec(p),
2729 &(entries[i].mtime),
2730 &(entries[i].mtime_ns));
2731 entries[i].flg |= MTIME_IS_SET;
2732 break;
2733 }
2734 }
2735
2736 free(timeBools);
2737 return (0);
2738 failed:
2739 free(timeBools);
2740 return (-1);
2741 }
2742
2743 static int
decode_encoded_header_info(struct archive_read * a,struct _7z_stream_info * si)2744 decode_encoded_header_info(struct archive_read *a, struct _7z_stream_info *si)
2745 {
2746 struct _7zip *zip = (struct _7zip *)a->format->data;
2747
2748 errno = 0;
2749 if (read_StreamsInfo(a, si) < 0) {
2750 if (errno == ENOMEM)
2751 archive_set_error(&a->archive, -1,
2752 "Couldn't allocate memory");
2753 else
2754 archive_set_error(&a->archive, -1,
2755 "Malformed 7-Zip archive");
2756 return (ARCHIVE_FATAL);
2757 }
2758
2759 if (si->pi.numPackStreams == 0 || si->ci.numFolders == 0) {
2760 archive_set_error(&a->archive, -1, "Malformed 7-Zip archive");
2761 return (ARCHIVE_FATAL);
2762 }
2763
2764 if (zip->header_offset < si->pi.pos + si->pi.sizes[0] ||
2765 (int64_t)(si->pi.pos + si->pi.sizes[0]) < 0 ||
2766 si->pi.sizes[0] == 0 || (int64_t)si->pi.pos < 0) {
2767 archive_set_error(&a->archive, -1, "Malformed Header offset");
2768 return (ARCHIVE_FATAL);
2769 }
2770
2771 return (ARCHIVE_OK);
2772 }
2773
2774 static const unsigned char *
header_bytes(struct archive_read * a,size_t rbytes)2775 header_bytes(struct archive_read *a, size_t rbytes)
2776 {
2777 struct _7zip *zip = (struct _7zip *)a->format->data;
2778 const unsigned char *p;
2779
2780 if (zip->header_bytes_remaining < rbytes)
2781 return (NULL);
2782 if (zip->pack_stream_bytes_unconsumed)
2783 read_consume(a);
2784
2785 if (zip->header_is_encoded == 0) {
2786 p = __archive_read_ahead(a, rbytes, NULL);
2787 if (p == NULL)
2788 return (NULL);
2789 zip->header_bytes_remaining -= rbytes;
2790 zip->pack_stream_bytes_unconsumed = rbytes;
2791 } else {
2792 const void *buff;
2793 ssize_t bytes;
2794
2795 bytes = read_stream(a, &buff, rbytes, rbytes);
2796 if (bytes <= 0)
2797 return (NULL);
2798 zip->header_bytes_remaining -= bytes;
2799 p = buff;
2800 }
2801
2802 /* Update checksum */
2803 zip->header_crc32 = crc32(zip->header_crc32, p, (unsigned)rbytes);
2804 return (p);
2805 }
2806
2807 static int
slurp_central_directory(struct archive_read * a,struct _7zip * zip,struct _7z_header_info * header)2808 slurp_central_directory(struct archive_read *a, struct _7zip *zip,
2809 struct _7z_header_info *header)
2810 {
2811 const unsigned char *p;
2812 uint64_t next_header_offset;
2813 uint64_t next_header_size;
2814 uint32_t next_header_crc;
2815 ssize_t bytes_avail;
2816 int check_header_crc, r;
2817
2818 if ((p = __archive_read_ahead(a, 32, &bytes_avail)) == NULL)
2819 return (ARCHIVE_FATAL);
2820
2821 if ((p[0] == 'M' && p[1] == 'Z') || memcmp(p, "\x7F\x45LF", 4) == 0) {
2822 /* This is an executable ? Must be self-extracting... */
2823 r = skip_sfx(a, bytes_avail);
2824 if (r < ARCHIVE_WARN)
2825 return (r);
2826 if ((p = __archive_read_ahead(a, 32, &bytes_avail)) == NULL)
2827 return (ARCHIVE_FATAL);
2828 }
2829 zip->seek_base += 32;
2830
2831 if (memcmp(p, _7ZIP_SIGNATURE, 6) != 0) {
2832 archive_set_error(&a->archive, -1, "Not 7-Zip archive file");
2833 return (ARCHIVE_FATAL);
2834 }
2835
2836 /* CRC check. */
2837 if (crc32(0, (const unsigned char *)p + 12, 20)
2838 != archive_le32dec(p + 8)) {
2839 archive_set_error(&a->archive, -1, "Header CRC error");
2840 return (ARCHIVE_FATAL);
2841 }
2842
2843 next_header_offset = archive_le64dec(p + 12);
2844 next_header_size = archive_le64dec(p + 20);
2845 next_header_crc = archive_le32dec(p + 28);
2846
2847 if (next_header_size == 0)
2848 /* There is no entry in an archive file. */
2849 return (ARCHIVE_EOF);
2850
2851 if (((int64_t)next_header_offset) < 0) {
2852 archive_set_error(&a->archive, -1, "Malformed 7-Zip archive");
2853 return (ARCHIVE_FATAL);
2854 }
2855 __archive_read_consume(a, 32);
2856 if (next_header_offset != 0) {
2857 if (bytes_avail >= (ssize_t)next_header_offset)
2858 __archive_read_consume(a, next_header_offset);
2859 else if (__archive_read_seek(a,
2860 next_header_offset + zip->seek_base, SEEK_SET) < 0)
2861 return (ARCHIVE_FATAL);
2862 }
2863 zip->stream_offset = next_header_offset;
2864 zip->header_offset = next_header_offset;
2865 zip->header_bytes_remaining = next_header_size;
2866 zip->header_crc32 = 0;
2867 zip->header_is_encoded = 0;
2868 zip->header_is_being_read = 1;
2869 zip->has_encrypted_entries = 0;
2870 check_header_crc = 1;
2871
2872 if ((p = header_bytes(a, 1)) == NULL) {
2873 archive_set_error(&a->archive,
2874 ARCHIVE_ERRNO_FILE_FORMAT,
2875 "Truncated 7-Zip file body");
2876 return (ARCHIVE_FATAL);
2877 }
2878 /* Parse ArchiveProperties. */
2879 switch (p[0]) {
2880 case kEncodedHeader:
2881 /*
2882 * The archive has an encoded header and we have to decode it
2883 * in order to parse the header correctly.
2884 */
2885 r = decode_encoded_header_info(a, &(zip->si));
2886
2887 /* Check the EncodedHeader CRC.*/
2888 if (r == 0 && zip->header_crc32 != next_header_crc) {
2889 archive_set_error(&a->archive, -1,
2890 "Damaged 7-Zip archive");
2891 r = -1;
2892 }
2893 if (r == 0) {
2894 if (zip->si.ci.folders[0].digest_defined)
2895 next_header_crc = zip->si.ci.folders[0].digest;
2896 else
2897 check_header_crc = 0;
2898 if (zip->pack_stream_bytes_unconsumed)
2899 read_consume(a);
2900 r = setup_decode_folder(a, zip->si.ci.folders, 1);
2901 if (r == 0) {
2902 zip->header_bytes_remaining =
2903 zip->folder_outbytes_remaining;
2904 r = seek_pack(a);
2905 }
2906 }
2907 /* Clean up StreamsInfo. */
2908 free_StreamsInfo(&(zip->si));
2909 memset(&(zip->si), 0, sizeof(zip->si));
2910 if (r < 0)
2911 return (ARCHIVE_FATAL);
2912 zip->header_is_encoded = 1;
2913 zip->header_crc32 = 0;
2914 /* FALL THROUGH */
2915 case kHeader:
2916 /*
2917 * Parse the header.
2918 */
2919 errno = 0;
2920 r = read_Header(a, header, zip->header_is_encoded);
2921 if (r < 0) {
2922 if (errno == ENOMEM)
2923 archive_set_error(&a->archive, -1,
2924 "Couldn't allocate memory");
2925 else
2926 archive_set_error(&a->archive, -1,
2927 "Damaged 7-Zip archive");
2928 return (ARCHIVE_FATAL);
2929 }
2930
2931 /*
2932 * Must be kEnd.
2933 */
2934 if ((p = header_bytes(a, 1)) == NULL ||*p != kEnd) {
2935 archive_set_error(&a->archive, -1,
2936 "Malformed 7-Zip archive");
2937 return (ARCHIVE_FATAL);
2938 }
2939
2940 /* Check the Header CRC.*/
2941 if (check_header_crc && zip->header_crc32 != next_header_crc) {
2942 archive_set_error(&a->archive, -1,
2943 "Malformed 7-Zip archive");
2944 return (ARCHIVE_FATAL);
2945 }
2946 break;
2947 default:
2948 archive_set_error(&a->archive, -1,
2949 "Unexpected Property ID = %X", p[0]);
2950 return (ARCHIVE_FATAL);
2951 }
2952
2953 /* Clean up variables be used for decoding the archive header */
2954 zip->pack_stream_remaining = 0;
2955 zip->pack_stream_index = 0;
2956 zip->folder_outbytes_remaining = 0;
2957 zip->uncompressed_buffer_bytes_remaining = 0;
2958 zip->pack_stream_bytes_unconsumed = 0;
2959 zip->header_is_being_read = 0;
2960
2961 return (ARCHIVE_OK);
2962 }
2963
2964 static ssize_t
get_uncompressed_data(struct archive_read * a,const void ** buff,size_t size,size_t minimum)2965 get_uncompressed_data(struct archive_read *a, const void **buff, size_t size,
2966 size_t minimum)
2967 {
2968 struct _7zip *zip = (struct _7zip *)a->format->data;
2969 ssize_t bytes_avail;
2970
2971 if (zip->codec == _7Z_COPY && zip->codec2 == (unsigned long)-1) {
2972 /* Copy mode. */
2973
2974 *buff = __archive_read_ahead(a, minimum, &bytes_avail);
2975 if (bytes_avail <= 0) {
2976 archive_set_error(&a->archive,
2977 ARCHIVE_ERRNO_FILE_FORMAT,
2978 "Truncated 7-Zip file data");
2979 return (ARCHIVE_FATAL);
2980 }
2981 if ((size_t)bytes_avail >
2982 zip->uncompressed_buffer_bytes_remaining)
2983 bytes_avail = (ssize_t)
2984 zip->uncompressed_buffer_bytes_remaining;
2985 if ((size_t)bytes_avail > size)
2986 bytes_avail = (ssize_t)size;
2987
2988 zip->pack_stream_bytes_unconsumed = bytes_avail;
2989 } else if (zip->uncompressed_buffer_pointer == NULL) {
2990 /* Decompression has failed. */
2991 archive_set_error(&(a->archive),
2992 ARCHIVE_ERRNO_MISC, "Damaged 7-Zip archive");
2993 return (ARCHIVE_FATAL);
2994 } else {
2995 /* Packed mode. */
2996 if (minimum > zip->uncompressed_buffer_bytes_remaining) {
2997 /*
2998 * If remaining uncompressed data size is less than
2999 * the minimum size, fill the buffer up to the
3000 * minimum size.
3001 */
3002 if (extract_pack_stream(a, minimum) < 0)
3003 return (ARCHIVE_FATAL);
3004 }
3005 if (size > zip->uncompressed_buffer_bytes_remaining)
3006 bytes_avail = (ssize_t)
3007 zip->uncompressed_buffer_bytes_remaining;
3008 else
3009 bytes_avail = (ssize_t)size;
3010 *buff = zip->uncompressed_buffer_pointer;
3011 zip->uncompressed_buffer_pointer += bytes_avail;
3012 }
3013 zip->uncompressed_buffer_bytes_remaining -= bytes_avail;
3014 return (bytes_avail);
3015 }
3016
3017 static ssize_t
extract_pack_stream(struct archive_read * a,size_t minimum)3018 extract_pack_stream(struct archive_read *a, size_t minimum)
3019 {
3020 struct _7zip *zip = (struct _7zip *)a->format->data;
3021 ssize_t bytes_avail;
3022 int r;
3023
3024 if (zip->codec == _7Z_COPY && zip->codec2 == (unsigned long)-1) {
3025 if (minimum == 0)
3026 minimum = 1;
3027 if (__archive_read_ahead(a, minimum, &bytes_avail) == NULL
3028 || bytes_avail <= 0) {
3029 archive_set_error(&a->archive,
3030 ARCHIVE_ERRNO_FILE_FORMAT,
3031 "Truncated 7-Zip file body");
3032 return (ARCHIVE_FATAL);
3033 }
3034 if (bytes_avail > (ssize_t)zip->pack_stream_inbytes_remaining)
3035 bytes_avail = (ssize_t)zip->pack_stream_inbytes_remaining;
3036 zip->pack_stream_inbytes_remaining -= bytes_avail;
3037 if (bytes_avail > (ssize_t)zip->folder_outbytes_remaining)
3038 bytes_avail = (ssize_t)zip->folder_outbytes_remaining;
3039 zip->folder_outbytes_remaining -= bytes_avail;
3040 zip->uncompressed_buffer_bytes_remaining = bytes_avail;
3041 return (ARCHIVE_OK);
3042 }
3043
3044 /* If the buffer hasn't been allocated, allocate it now. */
3045 if (zip->uncompressed_buffer == NULL) {
3046 zip->uncompressed_buffer_size = UBUFF_SIZE;
3047 if (zip->uncompressed_buffer_size < minimum) {
3048 zip->uncompressed_buffer_size = minimum + 1023;
3049 zip->uncompressed_buffer_size &= ~0x3ff;
3050 }
3051 zip->uncompressed_buffer =
3052 malloc(zip->uncompressed_buffer_size);
3053 if (zip->uncompressed_buffer == NULL) {
3054 archive_set_error(&a->archive, ENOMEM,
3055 "No memory for 7-Zip decompression");
3056 return (ARCHIVE_FATAL);
3057 }
3058 zip->uncompressed_buffer_bytes_remaining = 0;
3059 } else if (zip->uncompressed_buffer_size < minimum ||
3060 zip->uncompressed_buffer_bytes_remaining < minimum) {
3061 /*
3062 * Make sure the uncompressed buffer can have bytes
3063 * at least `minimum' bytes.
3064 * NOTE: This case happen when reading the header.
3065 */
3066 size_t used;
3067 if (zip->uncompressed_buffer_pointer != 0)
3068 used = zip->uncompressed_buffer_pointer -
3069 zip->uncompressed_buffer;
3070 else
3071 used = 0;
3072 if (zip->uncompressed_buffer_size < minimum) {
3073 /*
3074 * Expand the uncompressed buffer up to
3075 * the minimum size.
3076 */
3077 void *p;
3078 size_t new_size;
3079
3080 new_size = minimum + 1023;
3081 new_size &= ~0x3ff;
3082 p = realloc(zip->uncompressed_buffer, new_size);
3083 if (p == NULL) {
3084 archive_set_error(&a->archive, ENOMEM,
3085 "No memory for 7-Zip decompression");
3086 return (ARCHIVE_FATAL);
3087 }
3088 zip->uncompressed_buffer = (unsigned char *)p;
3089 zip->uncompressed_buffer_size = new_size;
3090 }
3091 /*
3092 * Move unconsumed bytes to the head.
3093 */
3094 if (used) {
3095 memmove(zip->uncompressed_buffer,
3096 zip->uncompressed_buffer + used,
3097 zip->uncompressed_buffer_bytes_remaining);
3098 }
3099 } else
3100 zip->uncompressed_buffer_bytes_remaining = 0;
3101 zip->uncompressed_buffer_pointer = NULL;
3102 for (;;) {
3103 size_t bytes_in, bytes_out;
3104 const void *buff_in;
3105 unsigned char *buff_out;
3106 int end_of_data;
3107
3108 /*
3109 * Note: '1' here is a performance optimization.
3110 * Recall that the decompression layer returns a count of
3111 * available bytes; asking for more than that forces the
3112 * decompressor to combine reads by copying data.
3113 */
3114 buff_in = __archive_read_ahead(a, 1, &bytes_avail);
3115 if (bytes_avail <= 0) {
3116 archive_set_error(&a->archive,
3117 ARCHIVE_ERRNO_FILE_FORMAT,
3118 "Truncated 7-Zip file body");
3119 return (ARCHIVE_FATAL);
3120 }
3121
3122 buff_out = zip->uncompressed_buffer
3123 + zip->uncompressed_buffer_bytes_remaining;
3124 bytes_out = zip->uncompressed_buffer_size
3125 - zip->uncompressed_buffer_bytes_remaining;
3126 bytes_in = bytes_avail;
3127 if (bytes_in > zip->pack_stream_inbytes_remaining)
3128 bytes_in = (size_t)zip->pack_stream_inbytes_remaining;
3129 /* Drive decompression. */
3130 r = decompress(a, zip, buff_out, &bytes_out,
3131 buff_in, &bytes_in);
3132 switch (r) {
3133 case ARCHIVE_OK:
3134 end_of_data = 0;
3135 break;
3136 case ARCHIVE_EOF:
3137 end_of_data = 1;
3138 break;
3139 default:
3140 return (ARCHIVE_FATAL);
3141 }
3142 zip->pack_stream_inbytes_remaining -= bytes_in;
3143 if (bytes_out > zip->folder_outbytes_remaining)
3144 bytes_out = (size_t)zip->folder_outbytes_remaining;
3145 zip->folder_outbytes_remaining -= bytes_out;
3146 zip->uncompressed_buffer_bytes_remaining += bytes_out;
3147 zip->pack_stream_bytes_unconsumed = bytes_in;
3148
3149 /*
3150 * Continue decompression until uncompressed_buffer is full.
3151 */
3152 if (zip->uncompressed_buffer_bytes_remaining ==
3153 zip->uncompressed_buffer_size)
3154 break;
3155 if (zip->codec2 == _7Z_X86 && zip->odd_bcj_size &&
3156 zip->uncompressed_buffer_bytes_remaining + 5 >
3157 zip->uncompressed_buffer_size)
3158 break;
3159 if (zip->pack_stream_inbytes_remaining == 0 &&
3160 zip->folder_outbytes_remaining == 0)
3161 break;
3162 if (end_of_data || (bytes_in == 0 && bytes_out == 0)) {
3163 archive_set_error(&(a->archive),
3164 ARCHIVE_ERRNO_MISC, "Damaged 7-Zip archive");
3165 return (ARCHIVE_FATAL);
3166 }
3167 read_consume(a);
3168 }
3169 if (zip->uncompressed_buffer_bytes_remaining < minimum) {
3170 archive_set_error(&(a->archive),
3171 ARCHIVE_ERRNO_MISC, "Damaged 7-Zip archive");
3172 return (ARCHIVE_FATAL);
3173 }
3174 zip->uncompressed_buffer_pointer = zip->uncompressed_buffer;
3175 return (ARCHIVE_OK);
3176 }
3177
3178 static int
seek_pack(struct archive_read * a)3179 seek_pack(struct archive_read *a)
3180 {
3181 struct _7zip *zip = (struct _7zip *)a->format->data;
3182 int64_t pack_offset;
3183
3184 if (zip->pack_stream_remaining <= 0) {
3185 archive_set_error(&(a->archive),
3186 ARCHIVE_ERRNO_MISC, "Damaged 7-Zip archive");
3187 return (ARCHIVE_FATAL);
3188 }
3189 zip->pack_stream_inbytes_remaining =
3190 zip->si.pi.sizes[zip->pack_stream_index];
3191 pack_offset = zip->si.pi.positions[zip->pack_stream_index];
3192 if (zip->stream_offset != pack_offset) {
3193 if (0 > __archive_read_seek(a, pack_offset + zip->seek_base,
3194 SEEK_SET))
3195 return (ARCHIVE_FATAL);
3196 zip->stream_offset = pack_offset;
3197 }
3198 zip->pack_stream_index++;
3199 zip->pack_stream_remaining--;
3200 return (ARCHIVE_OK);
3201 }
3202
3203 static ssize_t
read_stream(struct archive_read * a,const void ** buff,size_t size,size_t minimum)3204 read_stream(struct archive_read *a, const void **buff, size_t size,
3205 size_t minimum)
3206 {
3207 struct _7zip *zip = (struct _7zip *)a->format->data;
3208 uint64_t skip_bytes = 0;
3209 ssize_t r;
3210
3211 if (zip->uncompressed_buffer_bytes_remaining == 0) {
3212 if (zip->pack_stream_inbytes_remaining > 0) {
3213 r = extract_pack_stream(a, 0);
3214 if (r < 0)
3215 return (r);
3216 return (get_uncompressed_data(a, buff, size, minimum));
3217 } else if (zip->folder_outbytes_remaining > 0) {
3218 /* Extract a remaining pack stream. */
3219 r = extract_pack_stream(a, 0);
3220 if (r < 0)
3221 return (r);
3222 return (get_uncompressed_data(a, buff, size, minimum));
3223 }
3224 } else
3225 return (get_uncompressed_data(a, buff, size, minimum));
3226
3227 /*
3228 * Current pack stream has been consumed.
3229 */
3230 if (zip->pack_stream_remaining == 0) {
3231 if (zip->header_is_being_read) {
3232 /* Invalid sequence. This might happen when
3233 * reading a malformed archive. */
3234 archive_set_error(&(a->archive),
3235 ARCHIVE_ERRNO_MISC, "Malformed 7-Zip archive");
3236 return (ARCHIVE_FATAL);
3237 }
3238
3239 /*
3240 * All current folder's pack streams have been
3241 * consumed. Switch to next folder.
3242 */
3243 if (zip->folder_index == 0 &&
3244 (zip->si.ci.folders[zip->entry->folderIndex].skipped_bytes
3245 || zip->folder_index != zip->entry->folderIndex)) {
3246 zip->folder_index = zip->entry->folderIndex;
3247 skip_bytes =
3248 zip->si.ci.folders[zip->folder_index].skipped_bytes;
3249 }
3250
3251 if (zip->folder_index >= zip->si.ci.numFolders) {
3252 /*
3253 * We have consumed all folders and its pack streams.
3254 */
3255 *buff = NULL;
3256 return (0);
3257 }
3258 r = setup_decode_folder(a,
3259 &(zip->si.ci.folders[zip->folder_index]), 0);
3260 if (r != ARCHIVE_OK)
3261 return (ARCHIVE_FATAL);
3262
3263 zip->folder_index++;
3264 }
3265
3266 /*
3267 * Switch to next pack stream.
3268 */
3269 r = seek_pack(a);
3270 if (r < 0)
3271 return (r);
3272
3273 /* Extract a new pack stream. */
3274 r = extract_pack_stream(a, 0);
3275 if (r < 0)
3276 return (r);
3277
3278 /*
3279 * Skip the bytes we already has skipped in skip_stream().
3280 */
3281 while (skip_bytes) {
3282 ssize_t skipped;
3283
3284 if (zip->uncompressed_buffer_bytes_remaining == 0) {
3285 if (zip->pack_stream_inbytes_remaining > 0) {
3286 r = extract_pack_stream(a, 0);
3287 if (r < 0)
3288 return (r);
3289 } else if (zip->folder_outbytes_remaining > 0) {
3290 /* Extract a remaining pack stream. */
3291 r = extract_pack_stream(a, 0);
3292 if (r < 0)
3293 return (r);
3294 } else {
3295 archive_set_error(&a->archive,
3296 ARCHIVE_ERRNO_FILE_FORMAT,
3297 "Truncated 7-Zip file body");
3298 return (ARCHIVE_FATAL);
3299 }
3300 }
3301 skipped = get_uncompressed_data(
3302 a, buff, (size_t)skip_bytes, 0);
3303 if (skipped < 0)
3304 return (skipped);
3305 skip_bytes -= skipped;
3306 if (zip->pack_stream_bytes_unconsumed)
3307 read_consume(a);
3308 }
3309
3310 return (get_uncompressed_data(a, buff, size, minimum));
3311 }
3312
3313 static int
setup_decode_folder(struct archive_read * a,struct _7z_folder * folder,int header)3314 setup_decode_folder(struct archive_read *a, struct _7z_folder *folder,
3315 int header)
3316 {
3317 struct _7zip *zip = (struct _7zip *)a->format->data;
3318 const struct _7z_coder *coder1, *coder2;
3319 const char *cname = (header)?"archive header":"file content";
3320 unsigned i;
3321 int r, found_bcj2 = 0;
3322
3323 /*
3324 * Release the memory which the previous folder used for BCJ2.
3325 */
3326 for (i = 0; i < 3; i++) {
3327 free(zip->sub_stream_buff[i]);
3328 zip->sub_stream_buff[i] = NULL;
3329 }
3330
3331 /*
3332 * Initialize a stream reader.
3333 */
3334 zip->pack_stream_remaining = (unsigned)folder->numPackedStreams;
3335 zip->pack_stream_index = (unsigned)folder->packIndex;
3336 zip->folder_outbytes_remaining = folder_uncompressed_size(folder);
3337 zip->uncompressed_buffer_bytes_remaining = 0;
3338
3339 /*
3340 * Check coder types.
3341 */
3342 for (i = 0; i < folder->numCoders; i++) {
3343 switch(folder->coders[i].codec) {
3344 case _7Z_CRYPTO_MAIN_ZIP:
3345 case _7Z_CRYPTO_RAR_29:
3346 case _7Z_CRYPTO_AES_256_SHA_256: {
3347 /* For entry that is associated with this folder, mark
3348 it as encrypted (data+metadata). */
3349 zip->has_encrypted_entries = 1;
3350 if (a->entry) {
3351 archive_entry_set_is_data_encrypted(a->entry, 1);
3352 archive_entry_set_is_metadata_encrypted(a->entry, 1);
3353 }
3354 archive_set_error(&(a->archive),
3355 ARCHIVE_ERRNO_MISC,
3356 "The %s is encrypted, "
3357 "but currently not supported", cname);
3358 return (ARCHIVE_FATAL);
3359 }
3360 case _7Z_X86_BCJ2: {
3361 found_bcj2++;
3362 break;
3363 }
3364 }
3365 }
3366 /* Now that we've checked for encryption, if there were still no
3367 * encrypted entries found we can say for sure that there are none.
3368 */
3369 if (zip->has_encrypted_entries == ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW) {
3370 zip->has_encrypted_entries = 0;
3371 }
3372
3373 if ((folder->numCoders > 2 && !found_bcj2) || found_bcj2 > 1) {
3374 archive_set_error(&(a->archive),
3375 ARCHIVE_ERRNO_MISC,
3376 "The %s is encoded with many filters, "
3377 "but currently not supported", cname);
3378 return (ARCHIVE_FATAL);
3379 }
3380 coder1 = &(folder->coders[0]);
3381 if (folder->numCoders == 2)
3382 coder2 = &(folder->coders[1]);
3383 else
3384 coder2 = NULL;
3385
3386 if (found_bcj2) {
3387 /*
3388 * Preparation to decode BCJ2.
3389 * Decoding BCJ2 requires four sources. Those are at least,
3390 * as far as I know, two types of the storage form.
3391 */
3392 const struct _7z_coder *fc = folder->coders;
3393 static const struct _7z_coder coder_copy = {0, 1, 1, 0, NULL};
3394 const struct _7z_coder *scoder[3] =
3395 {&coder_copy, &coder_copy, &coder_copy};
3396 const void *buff;
3397 ssize_t bytes;
3398 unsigned char *b[3] = {NULL, NULL, NULL};
3399 uint64_t sunpack[3] ={-1, -1, -1};
3400 size_t s[3] = {0, 0, 0};
3401 int idx[3] = {0, 1, 2};
3402
3403 if (folder->numCoders == 4 && fc[3].codec == _7Z_X86_BCJ2 &&
3404 folder->numInStreams == 7 && folder->numOutStreams == 4 &&
3405 zip->pack_stream_remaining == 4) {
3406 /* Source type 1 made by 7zr or 7z with -m options. */
3407 if (folder->bindPairs[0].inIndex == 5) {
3408 /* The form made by 7zr */
3409 idx[0] = 1; idx[1] = 2; idx[2] = 0;
3410 scoder[1] = &(fc[1]);
3411 scoder[2] = &(fc[0]);
3412 sunpack[1] = folder->unPackSize[1];
3413 sunpack[2] = folder->unPackSize[0];
3414 coder1 = &(fc[2]);
3415 } else {
3416 /*
3417 * NOTE: Some patterns do not work.
3418 * work:
3419 * 7z a -m0=BCJ2 -m1=COPY -m2=COPY
3420 * -m3=(any)
3421 * 7z a -m0=BCJ2 -m1=COPY -m2=(any)
3422 * -m3=COPY
3423 * 7z a -m0=BCJ2 -m1=(any) -m2=COPY
3424 * -m3=COPY
3425 * not work:
3426 * other patterns.
3427 *
3428 * We have to handle this like `pipe' or
3429 * our libarchive7s filter frame work,
3430 * decoding the BCJ2 main stream sequentially,
3431 * m3 -> m2 -> m1 -> BCJ2.
3432 *
3433 */
3434 if (fc[0].codec == _7Z_COPY &&
3435 fc[1].codec == _7Z_COPY)
3436 coder1 = &(folder->coders[2]);
3437 else if (fc[0].codec == _7Z_COPY &&
3438 fc[2].codec == _7Z_COPY)
3439 coder1 = &(folder->coders[1]);
3440 else if (fc[1].codec == _7Z_COPY &&
3441 fc[2].codec == _7Z_COPY)
3442 coder1 = &(folder->coders[0]);
3443 else {
3444 archive_set_error(&(a->archive),
3445 ARCHIVE_ERRNO_MISC,
3446 "Unsupported form of "
3447 "BCJ2 streams");
3448 return (ARCHIVE_FATAL);
3449 }
3450 }
3451 coder2 = &(fc[3]);
3452 zip->main_stream_bytes_remaining =
3453 (size_t)folder->unPackSize[2];
3454 } else if (coder2 != NULL && coder2->codec == _7Z_X86_BCJ2 &&
3455 zip->pack_stream_remaining == 4 &&
3456 folder->numInStreams == 5 && folder->numOutStreams == 2) {
3457 /* Source type 0 made by 7z */
3458 zip->main_stream_bytes_remaining =
3459 (size_t)folder->unPackSize[0];
3460 } else {
3461 /* We got an unexpected form. */
3462 archive_set_error(&(a->archive),
3463 ARCHIVE_ERRNO_MISC,
3464 "Unsupported form of BCJ2 streams");
3465 return (ARCHIVE_FATAL);
3466 }
3467
3468 /* Skip the main stream at this time. */
3469 if ((r = seek_pack(a)) < 0)
3470 return (r);
3471 zip->pack_stream_bytes_unconsumed =
3472 (size_t)zip->pack_stream_inbytes_remaining;
3473 read_consume(a);
3474
3475 /* Read following three sub streams. */
3476 for (i = 0; i < 3; i++) {
3477 const struct _7z_coder *coder = scoder[i];
3478
3479 if ((r = seek_pack(a)) < 0) {
3480 free(b[0]); free(b[1]); free(b[2]);
3481 return (r);
3482 }
3483
3484 if (sunpack[i] == (uint64_t)-1)
3485 zip->folder_outbytes_remaining =
3486 zip->pack_stream_inbytes_remaining;
3487 else
3488 zip->folder_outbytes_remaining = sunpack[i];
3489
3490 r = init_decompression(a, zip, coder, NULL);
3491 if (r != ARCHIVE_OK) {
3492 free(b[0]); free(b[1]); free(b[2]);
3493 return (ARCHIVE_FATAL);
3494 }
3495
3496 /* Allocate memory for the decoded data of a sub
3497 * stream. */
3498 b[i] = malloc((size_t)zip->folder_outbytes_remaining);
3499 if (b[i] == NULL) {
3500 free(b[0]); free(b[1]); free(b[2]);
3501 archive_set_error(&a->archive, ENOMEM,
3502 "No memory for 7-Zip decompression");
3503 return (ARCHIVE_FATAL);
3504 }
3505
3506 /* Extract a sub stream. */
3507 while (zip->pack_stream_inbytes_remaining > 0) {
3508 r = (int)extract_pack_stream(a, 0);
3509 if (r < 0) {
3510 free(b[0]); free(b[1]); free(b[2]);
3511 return (r);
3512 }
3513 bytes = get_uncompressed_data(a, &buff,
3514 zip->uncompressed_buffer_bytes_remaining,
3515 0);
3516 if (bytes < 0) {
3517 free(b[0]); free(b[1]); free(b[2]);
3518 return ((int)bytes);
3519 }
3520 memcpy(b[i]+s[i], buff, bytes);
3521 s[i] += bytes;
3522 if (zip->pack_stream_bytes_unconsumed)
3523 read_consume(a);
3524 }
3525 }
3526
3527 /* Set the sub streams to the right place. */
3528 for (i = 0; i < 3; i++) {
3529 zip->sub_stream_buff[i] = b[idx[i]];
3530 zip->sub_stream_size[i] = s[idx[i]];
3531 zip->sub_stream_bytes_remaining[i] = s[idx[i]];
3532 }
3533
3534 /* Allocate memory used for decoded main stream bytes. */
3535 if (zip->tmp_stream_buff == NULL) {
3536 zip->tmp_stream_buff_size = 32 * 1024;
3537 zip->tmp_stream_buff =
3538 malloc(zip->tmp_stream_buff_size);
3539 if (zip->tmp_stream_buff == NULL) {
3540 archive_set_error(&a->archive, ENOMEM,
3541 "No memory for 7-Zip decompression");
3542 return (ARCHIVE_FATAL);
3543 }
3544 }
3545 zip->tmp_stream_bytes_avail = 0;
3546 zip->tmp_stream_bytes_remaining = 0;
3547 zip->odd_bcj_size = 0;
3548 zip->bcj2_outPos = 0;
3549
3550 /*
3551 * Reset a stream reader in order to read the main stream
3552 * of BCJ2.
3553 */
3554 zip->pack_stream_remaining = 1;
3555 zip->pack_stream_index = (unsigned)folder->packIndex;
3556 zip->folder_outbytes_remaining =
3557 folder_uncompressed_size(folder);
3558 zip->uncompressed_buffer_bytes_remaining = 0;
3559 }
3560
3561 /*
3562 * Initialize the decompressor for the new folder's pack streams.
3563 */
3564 r = init_decompression(a, zip, coder1, coder2);
3565 if (r != ARCHIVE_OK)
3566 return (ARCHIVE_FATAL);
3567 return (ARCHIVE_OK);
3568 }
3569
3570 static int64_t
skip_stream(struct archive_read * a,size_t skip_bytes)3571 skip_stream(struct archive_read *a, size_t skip_bytes)
3572 {
3573 struct _7zip *zip = (struct _7zip *)a->format->data;
3574 const void *p;
3575 int64_t skipped_bytes;
3576 size_t bytes = skip_bytes;
3577
3578 if (zip->folder_index == 0) {
3579 /*
3580 * Optimization for a list mode.
3581 * Avoid unnecessary decoding operations.
3582 */
3583 zip->si.ci.folders[zip->entry->folderIndex].skipped_bytes
3584 += skip_bytes;
3585 return (skip_bytes);
3586 }
3587
3588 while (bytes) {
3589 skipped_bytes = read_stream(a, &p, bytes, 0);
3590 if (skipped_bytes < 0)
3591 return (skipped_bytes);
3592 if (skipped_bytes == 0) {
3593 archive_set_error(&a->archive,
3594 ARCHIVE_ERRNO_FILE_FORMAT,
3595 "Truncated 7-Zip file body");
3596 return (ARCHIVE_FATAL);
3597 }
3598 bytes -= (size_t)skipped_bytes;
3599 if (zip->pack_stream_bytes_unconsumed)
3600 read_consume(a);
3601 }
3602 return (skip_bytes);
3603 }
3604
3605 /*
3606 * Brought from LZMA SDK.
3607 *
3608 * Bra86.c -- Converter for x86 code (BCJ)
3609 * 2008-10-04 : Igor Pavlov : Public domain
3610 *
3611 */
3612
3613 #define Test86MSByte(b) ((b) == 0 || (b) == 0xFF)
3614
3615 static void
x86_Init(struct _7zip * zip)3616 x86_Init(struct _7zip *zip)
3617 {
3618 zip->bcj_state = 0;
3619 zip->bcj_prevPosT = (size_t)0 - 1;
3620 zip->bcj_prevMask = 0;
3621 zip->bcj_ip = 5;
3622 }
3623
3624 static size_t
x86_Convert(struct _7zip * zip,uint8_t * data,size_t size)3625 x86_Convert(struct _7zip *zip, uint8_t *data, size_t size)
3626 {
3627 static const uint8_t kMaskToAllowedStatus[8] = {1, 1, 1, 0, 1, 0, 0, 0};
3628 static const uint8_t kMaskToBitNumber[8] = {0, 1, 2, 2, 3, 3, 3, 3};
3629 size_t bufferPos, prevPosT;
3630 uint32_t ip, prevMask;
3631
3632 if (size < 5)
3633 return 0;
3634
3635 bufferPos = 0;
3636 prevPosT = zip->bcj_prevPosT;
3637 prevMask = zip->bcj_prevMask;
3638 ip = zip->bcj_ip;
3639
3640 for (;;) {
3641 uint8_t *p = data + bufferPos;
3642 uint8_t *limit = data + size - 4;
3643
3644 for (; p < limit; p++)
3645 if ((*p & 0xFE) == 0xE8)
3646 break;
3647 bufferPos = (size_t)(p - data);
3648 if (p >= limit)
3649 break;
3650 prevPosT = bufferPos - prevPosT;
3651 if (prevPosT > 3)
3652 prevMask = 0;
3653 else {
3654 prevMask = (prevMask << ((int)prevPosT - 1)) & 0x7;
3655 if (prevMask != 0) {
3656 unsigned char b =
3657 p[4 - kMaskToBitNumber[prevMask]];
3658 if (!kMaskToAllowedStatus[prevMask] ||
3659 Test86MSByte(b)) {
3660 prevPosT = bufferPos;
3661 prevMask = ((prevMask << 1) & 0x7) | 1;
3662 bufferPos++;
3663 continue;
3664 }
3665 }
3666 }
3667 prevPosT = bufferPos;
3668
3669 if (Test86MSByte(p[4])) {
3670 uint32_t src = ((uint32_t)p[4] << 24) |
3671 ((uint32_t)p[3] << 16) | ((uint32_t)p[2] << 8) |
3672 ((uint32_t)p[1]);
3673 uint32_t dest;
3674 for (;;) {
3675 uint8_t b;
3676 int b_index;
3677
3678 dest = src - (ip + (uint32_t)bufferPos);
3679 if (prevMask == 0)
3680 break;
3681 b_index = kMaskToBitNumber[prevMask] * 8;
3682 b = (uint8_t)(dest >> (24 - b_index));
3683 if (!Test86MSByte(b))
3684 break;
3685 src = dest ^ ((1 << (32 - b_index)) - 1);
3686 }
3687 p[4] = (uint8_t)(~(((dest >> 24) & 1) - 1));
3688 p[3] = (uint8_t)(dest >> 16);
3689 p[2] = (uint8_t)(dest >> 8);
3690 p[1] = (uint8_t)dest;
3691 bufferPos += 5;
3692 } else {
3693 prevMask = ((prevMask << 1) & 0x7) | 1;
3694 bufferPos++;
3695 }
3696 }
3697 zip->bcj_prevPosT = prevPosT;
3698 zip->bcj_prevMask = prevMask;
3699 zip->bcj_ip += (uint32_t)bufferPos;
3700 return (bufferPos);
3701 }
3702
3703 /*
3704 * Brought from LZMA SDK.
3705 *
3706 * Bcj2.c -- Converter for x86 code (BCJ2)
3707 * 2008-10-04 : Igor Pavlov : Public domain
3708 *
3709 */
3710
3711 #define SZ_ERROR_DATA ARCHIVE_FAILED
3712
3713 #define IsJcc(b0, b1) ((b0) == 0x0F && ((b1) & 0xF0) == 0x80)
3714 #define IsJ(b0, b1) ((b1 & 0xFE) == 0xE8 || IsJcc(b0, b1))
3715
3716 #define kNumTopBits 24
3717 #define kTopValue ((uint32_t)1 << kNumTopBits)
3718
3719 #define kNumBitModelTotalBits 11
3720 #define kBitModelTotal (1 << kNumBitModelTotalBits)
3721 #define kNumMoveBits 5
3722
3723 #define RC_READ_BYTE (*buffer++)
3724 #define RC_TEST { if (buffer == bufferLim) return SZ_ERROR_DATA; }
3725 #define RC_INIT2 zip->bcj2_code = 0; zip->bcj2_range = 0xFFFFFFFF; \
3726 { int ii; for (ii = 0; ii < 5; ii++) { RC_TEST; zip->bcj2_code = (zip->bcj2_code << 8) | RC_READ_BYTE; }}
3727
3728 #define NORMALIZE if (zip->bcj2_range < kTopValue) { RC_TEST; zip->bcj2_range <<= 8; zip->bcj2_code = (zip->bcj2_code << 8) | RC_READ_BYTE; }
3729
3730 #define IF_BIT_0(p) ttt = *(p); bound = (zip->bcj2_range >> kNumBitModelTotalBits) * ttt; if (zip->bcj2_code < bound)
3731 #define UPDATE_0(p) zip->bcj2_range = bound; *(p) = (CProb)(ttt + ((kBitModelTotal - ttt) >> kNumMoveBits)); NORMALIZE;
3732 #define UPDATE_1(p) zip->bcj2_range -= bound; zip->bcj2_code -= bound; *(p) = (CProb)(ttt - (ttt >> kNumMoveBits)); NORMALIZE;
3733
3734 static ssize_t
Bcj2_Decode(struct _7zip * zip,uint8_t * outBuf,size_t outSize)3735 Bcj2_Decode(struct _7zip *zip, uint8_t *outBuf, size_t outSize)
3736 {
3737 size_t inPos = 0, outPos = 0;
3738 const uint8_t *buf0, *buf1, *buf2, *buf3;
3739 size_t size0, size1, size2, size3;
3740 const uint8_t *buffer, *bufferLim;
3741 unsigned int i, j;
3742
3743 size0 = zip->tmp_stream_bytes_remaining;
3744 buf0 = zip->tmp_stream_buff + zip->tmp_stream_bytes_avail - size0;
3745 size1 = zip->sub_stream_bytes_remaining[0];
3746 buf1 = zip->sub_stream_buff[0] + zip->sub_stream_size[0] - size1;
3747 size2 = zip->sub_stream_bytes_remaining[1];
3748 buf2 = zip->sub_stream_buff[1] + zip->sub_stream_size[1] - size2;
3749 size3 = zip->sub_stream_bytes_remaining[2];
3750 buf3 = zip->sub_stream_buff[2] + zip->sub_stream_size[2] - size3;
3751
3752 buffer = buf3;
3753 bufferLim = buffer + size3;
3754
3755 if (zip->bcj_state == 0) {
3756 /*
3757 * Initialize.
3758 */
3759 zip->bcj2_prevByte = 0;
3760 for (i = 0;
3761 i < sizeof(zip->bcj2_p) / sizeof(zip->bcj2_p[0]); i++)
3762 zip->bcj2_p[i] = kBitModelTotal >> 1;
3763 RC_INIT2;
3764 zip->bcj_state = 1;
3765 }
3766
3767 /*
3768 * Gather the odd bytes of a previous call.
3769 */
3770 for (i = 0; zip->odd_bcj_size > 0 && outPos < outSize; i++) {
3771 outBuf[outPos++] = zip->odd_bcj[i];
3772 zip->odd_bcj_size--;
3773 }
3774
3775 if (outSize == 0) {
3776 zip->bcj2_outPos += outPos;
3777 return (outPos);
3778 }
3779
3780 for (;;) {
3781 uint8_t b;
3782 CProb *prob;
3783 uint32_t bound;
3784 uint32_t ttt;
3785
3786 size_t limit = size0 - inPos;
3787 if (outSize - outPos < limit)
3788 limit = outSize - outPos;
3789
3790 if (zip->bcj_state == 1) {
3791 while (limit != 0) {
3792 uint8_t bb = buf0[inPos];
3793 outBuf[outPos++] = bb;
3794 if (IsJ(zip->bcj2_prevByte, bb)) {
3795 zip->bcj_state = 2;
3796 break;
3797 }
3798 inPos++;
3799 zip->bcj2_prevByte = bb;
3800 limit--;
3801 }
3802 }
3803
3804 if (limit == 0 || outPos == outSize)
3805 break;
3806 zip->bcj_state = 1;
3807
3808 b = buf0[inPos++];
3809
3810 if (b == 0xE8)
3811 prob = zip->bcj2_p + zip->bcj2_prevByte;
3812 else if (b == 0xE9)
3813 prob = zip->bcj2_p + 256;
3814 else
3815 prob = zip->bcj2_p + 257;
3816
3817 IF_BIT_0(prob) {
3818 UPDATE_0(prob)
3819 zip->bcj2_prevByte = b;
3820 } else {
3821 uint32_t dest;
3822 const uint8_t *v;
3823 uint8_t out[4];
3824
3825 UPDATE_1(prob)
3826 if (b == 0xE8) {
3827 v = buf1;
3828 if (size1 < 4)
3829 return SZ_ERROR_DATA;
3830 buf1 += 4;
3831 size1 -= 4;
3832 } else {
3833 v = buf2;
3834 if (size2 < 4)
3835 return SZ_ERROR_DATA;
3836 buf2 += 4;
3837 size2 -= 4;
3838 }
3839 dest = (((uint32_t)v[0] << 24) |
3840 ((uint32_t)v[1] << 16) |
3841 ((uint32_t)v[2] << 8) |
3842 ((uint32_t)v[3])) -
3843 ((uint32_t)zip->bcj2_outPos + (uint32_t)outPos + 4);
3844 out[0] = (uint8_t)dest;
3845 out[1] = (uint8_t)(dest >> 8);
3846 out[2] = (uint8_t)(dest >> 16);
3847 out[3] = zip->bcj2_prevByte = (uint8_t)(dest >> 24);
3848
3849 for (i = 0; i < 4 && outPos < outSize; i++)
3850 outBuf[outPos++] = out[i];
3851 if (i < 4) {
3852 /*
3853 * Save odd bytes which we could not add into
3854 * the output buffer because of out of space.
3855 */
3856 zip->odd_bcj_size = 4 -i;
3857 for (; i < 4; i++) {
3858 j = i - 4 + (unsigned)zip->odd_bcj_size;
3859 zip->odd_bcj[j] = out[i];
3860 }
3861 break;
3862 }
3863 }
3864 }
3865 zip->tmp_stream_bytes_remaining -= inPos;
3866 zip->sub_stream_bytes_remaining[0] = size1;
3867 zip->sub_stream_bytes_remaining[1] = size2;
3868 zip->sub_stream_bytes_remaining[2] = bufferLim - buffer;
3869 zip->bcj2_outPos += outPos;
3870
3871 return ((ssize_t)outPos);
3872 }
3873
3874