1 /*- 2 * Copyright (c) 2007 Joerg Sonnenberger 3 * Copyright (c) 2012 Michihiro NAKAJIMA 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 #include "archive_platform.h" 28 __FBSDID("$FreeBSD$"); 29 30 #ifdef HAVE_SYS_WAIT_H 31 # include <sys/wait.h> 32 #endif 33 #ifdef HAVE_ERRNO_H 34 # include <errno.h> 35 #endif 36 #ifdef HAVE_FCNTL_H 37 # include <fcntl.h> 38 #endif 39 #ifdef HAVE_LIMITS_H 40 # include <limits.h> 41 #endif 42 #ifdef HAVE_SIGNAL_H 43 # include <signal.h> 44 #endif 45 #ifdef HAVE_STDLIB_H 46 # include <stdlib.h> 47 #endif 48 #ifdef HAVE_STRING_H 49 # include <string.h> 50 #endif 51 #ifdef HAVE_UNISTD_H 52 # include <unistd.h> 53 #endif 54 55 #include "archive.h" 56 #include "archive_private.h" 57 #include "archive_string.h" 58 #include "archive_read_private.h" 59 #include "filter_fork.h" 60 61 62 #if ARCHIVE_VERSION_NUMBER < 4000000 63 /* Deprecated; remove in libarchive 4.0 */ 64 int 65 archive_read_support_compression_program(struct archive *a, const char *cmd) 66 { 67 return archive_read_support_filter_program(a, cmd); 68 } 69 70 int 71 archive_read_support_compression_program_signature(struct archive *a, 72 const char *cmd, const void *signature, size_t signature_len) 73 { 74 return archive_read_support_filter_program_signature(a, 75 cmd, signature, signature_len); 76 } 77 #endif 78 79 int 80 archive_read_support_filter_program(struct archive *a, const char *cmd) 81 { 82 return (archive_read_support_filter_program_signature(a, cmd, NULL, 0)); 83 } 84 85 /* 86 * The bidder object stores the command and the signature to watch for. 87 * The 'inhibit' entry here is used to ensure that unchecked filters never 88 * bid twice in the same pipeline. 89 */ 90 struct program_bidder { 91 char *description; 92 char *cmd; 93 void *signature; 94 size_t signature_len; 95 int inhibit; 96 }; 97 98 static int program_bidder_bid(struct archive_read_filter_bidder *, 99 struct archive_read_filter *upstream); 100 static int program_bidder_init(struct archive_read_filter *); 101 static int program_bidder_free(struct archive_read_filter_bidder *); 102 103 /* 104 * The actual filter needs to track input and output data. 105 */ 106 struct program_filter { 107 struct archive_string description; 108 #if defined(_WIN32) && !defined(__CYGWIN__) 109 HANDLE child; 110 #else 111 pid_t child; 112 #endif 113 int exit_status; 114 int waitpid_return; 115 int child_stdin, child_stdout; 116 117 char *out_buf; 118 size_t out_buf_len; 119 }; 120 121 static ssize_t program_filter_read(struct archive_read_filter *, 122 const void **); 123 static int program_filter_close(struct archive_read_filter *); 124 static void free_state(struct program_bidder *); 125 126 static int 127 set_bidder_signature(struct archive_read_filter_bidder *bidder, 128 struct program_bidder *state, const void *signature, size_t signature_len) 129 { 130 131 if (signature != NULL && signature_len > 0) { 132 state->signature_len = signature_len; 133 state->signature = malloc(signature_len); 134 memcpy(state->signature, signature, signature_len); 135 } 136 137 /* 138 * Fill in the bidder object. 139 */ 140 bidder->data = state; 141 bidder->bid = program_bidder_bid; 142 bidder->init = program_bidder_init; 143 bidder->options = NULL; 144 bidder->free = program_bidder_free; 145 return (ARCHIVE_OK); 146 } 147 148 int 149 archive_read_support_filter_program_signature(struct archive *_a, 150 const char *cmd, const void *signature, size_t signature_len) 151 { 152 struct archive_read *a = (struct archive_read *)_a; 153 struct archive_read_filter_bidder *bidder; 154 struct program_bidder *state; 155 156 /* 157 * Get a bidder object from the read core. 158 */ 159 if (__archive_read_get_bidder(a, &bidder) != ARCHIVE_OK) 160 return (ARCHIVE_FATAL); 161 162 /* 163 * Allocate our private state. 164 */ 165 state = (struct program_bidder *)calloc(1, sizeof (*state)); 166 if (state == NULL) 167 goto memerr; 168 state->cmd = strdup(cmd); 169 if (state->cmd == NULL) 170 goto memerr; 171 172 return set_bidder_signature(bidder, state, signature, signature_len); 173 memerr: 174 free_state(state); 175 archive_set_error(_a, ENOMEM, "Can't allocate memory"); 176 return (ARCHIVE_FATAL); 177 } 178 179 static int 180 program_bidder_free(struct archive_read_filter_bidder *self) 181 { 182 struct program_bidder *state = (struct program_bidder *)self->data; 183 184 free_state(state); 185 return (ARCHIVE_OK); 186 } 187 188 static void 189 free_state(struct program_bidder *state) 190 { 191 192 if (state) { 193 free(state->cmd); 194 free(state->signature); 195 free(state); 196 } 197 } 198 199 /* 200 * If we do have a signature, bid only if that matches. 201 * 202 * If there's no signature, we bid INT_MAX the first time 203 * we're called, then never bid again. 204 */ 205 static int 206 program_bidder_bid(struct archive_read_filter_bidder *self, 207 struct archive_read_filter *upstream) 208 { 209 struct program_bidder *state = self->data; 210 const char *p; 211 212 /* If we have a signature, use that to match. */ 213 if (state->signature_len > 0) { 214 p = __archive_read_filter_ahead(upstream, 215 state->signature_len, NULL); 216 if (p == NULL) 217 return (0); 218 /* No match, so don't bid. */ 219 if (memcmp(p, state->signature, state->signature_len) != 0) 220 return (0); 221 return ((int)state->signature_len * 8); 222 } 223 224 /* Otherwise, bid once and then never bid again. */ 225 if (state->inhibit) 226 return (0); 227 state->inhibit = 1; 228 return (INT_MAX); 229 } 230 231 /* 232 * Shut down the child, return ARCHIVE_OK if it exited normally. 233 * 234 * Note that the return value is sticky; if we're called again, 235 * we won't reap the child again, but we will return the same status 236 * (including error message if the child came to a bad end). 237 */ 238 static int 239 child_stop(struct archive_read_filter *self, struct program_filter *state) 240 { 241 /* Close our side of the I/O with the child. */ 242 if (state->child_stdin != -1) { 243 close(state->child_stdin); 244 state->child_stdin = -1; 245 } 246 if (state->child_stdout != -1) { 247 close(state->child_stdout); 248 state->child_stdout = -1; 249 } 250 251 if (state->child != 0) { 252 /* Reap the child. */ 253 do { 254 state->waitpid_return 255 = waitpid(state->child, &state->exit_status, 0); 256 } while (state->waitpid_return == -1 && errno == EINTR); 257 #if defined(_WIN32) && !defined(__CYGWIN__) 258 CloseHandle(state->child); 259 #endif 260 state->child = 0; 261 } 262 263 if (state->waitpid_return < 0) { 264 /* waitpid() failed? This is ugly. */ 265 archive_set_error(&self->archive->archive, ARCHIVE_ERRNO_MISC, 266 "Child process exited badly"); 267 return (ARCHIVE_WARN); 268 } 269 270 #if !defined(_WIN32) || defined(__CYGWIN__) 271 if (WIFSIGNALED(state->exit_status)) { 272 #ifdef SIGPIPE 273 /* If the child died because we stopped reading before 274 * it was done, that's okay. Some archive formats 275 * have padding at the end that we routinely ignore. */ 276 /* The alternative to this would be to add a step 277 * before close(child_stdout) above to read from the 278 * child until the child has no more to write. */ 279 if (WTERMSIG(state->exit_status) == SIGPIPE) 280 return (ARCHIVE_OK); 281 #endif 282 archive_set_error(&self->archive->archive, ARCHIVE_ERRNO_MISC, 283 "Child process exited with signal %d", 284 WTERMSIG(state->exit_status)); 285 return (ARCHIVE_WARN); 286 } 287 #endif /* !_WIN32 || __CYGWIN__ */ 288 289 if (WIFEXITED(state->exit_status)) { 290 if (WEXITSTATUS(state->exit_status) == 0) 291 return (ARCHIVE_OK); 292 293 archive_set_error(&self->archive->archive, 294 ARCHIVE_ERRNO_MISC, 295 "Child process exited with status %d", 296 WEXITSTATUS(state->exit_status)); 297 return (ARCHIVE_WARN); 298 } 299 300 return (ARCHIVE_WARN); 301 } 302 303 /* 304 * Use select() to decide whether the child is ready for read or write. 305 */ 306 static ssize_t 307 child_read(struct archive_read_filter *self, char *buf, size_t buf_len) 308 { 309 struct program_filter *state = self->data; 310 ssize_t ret, requested, avail; 311 const char *p; 312 #if defined(_WIN32) && !defined(__CYGWIN__) 313 HANDLE handle = (HANDLE)_get_osfhandle(state->child_stdout); 314 #endif 315 316 requested = buf_len > SSIZE_MAX ? SSIZE_MAX : buf_len; 317 318 for (;;) { 319 do { 320 #if defined(_WIN32) && !defined(__CYGWIN__) 321 /* Avoid infinity wait. 322 * Note: If there is no data in the pipe, ReadFile() 323 * called in read() never returns and so we won't 324 * write remaining encoded data to the pipe. 325 * Note: This way may cause performance problem. 326 * we are looking forward to great code to resolve 327 * this. */ 328 DWORD pipe_avail = -1; 329 int cnt = 2; 330 331 while (PeekNamedPipe(handle, NULL, 0, NULL, 332 &pipe_avail, NULL) != 0 && pipe_avail == 0 && 333 cnt--) 334 Sleep(5); 335 if (pipe_avail == 0) { 336 ret = -1; 337 errno = EAGAIN; 338 break; 339 } 340 #endif 341 ret = read(state->child_stdout, buf, requested); 342 } while (ret == -1 && errno == EINTR); 343 344 if (ret > 0) 345 return (ret); 346 if (ret == 0 || (ret == -1 && errno == EPIPE)) 347 /* Child has closed its output; reap the child 348 * and return the status. */ 349 return (child_stop(self, state)); 350 if (ret == -1 && errno != EAGAIN) 351 return (-1); 352 353 if (state->child_stdin == -1) { 354 /* Block until child has some I/O ready. */ 355 __archive_check_child(state->child_stdin, 356 state->child_stdout); 357 continue; 358 } 359 360 /* Get some more data from upstream. */ 361 p = __archive_read_filter_ahead(self->upstream, 1, &avail); 362 if (p == NULL) { 363 close(state->child_stdin); 364 state->child_stdin = -1; 365 fcntl(state->child_stdout, F_SETFL, 0); 366 if (avail < 0) 367 return (avail); 368 continue; 369 } 370 371 do { 372 ret = write(state->child_stdin, p, avail); 373 } while (ret == -1 && errno == EINTR); 374 375 if (ret > 0) { 376 /* Consume whatever we managed to write. */ 377 __archive_read_filter_consume(self->upstream, ret); 378 } else if (ret == -1 && errno == EAGAIN) { 379 /* Block until child has some I/O ready. */ 380 __archive_check_child(state->child_stdin, 381 state->child_stdout); 382 } else { 383 /* Write failed. */ 384 close(state->child_stdin); 385 state->child_stdin = -1; 386 fcntl(state->child_stdout, F_SETFL, 0); 387 /* If it was a bad error, we're done; otherwise 388 * it was EPIPE or EOF, and we can still read 389 * from the child. */ 390 if (ret == -1 && errno != EPIPE) 391 return (-1); 392 } 393 } 394 } 395 396 int 397 __archive_read_program(struct archive_read_filter *self, const char *cmd) 398 { 399 struct program_filter *state; 400 static const size_t out_buf_len = 65536; 401 char *out_buf; 402 const char *prefix = "Program: "; 403 pid_t child; 404 size_t l; 405 406 l = strlen(prefix) + strlen(cmd) + 1; 407 state = (struct program_filter *)calloc(1, sizeof(*state)); 408 out_buf = (char *)malloc(out_buf_len); 409 if (state == NULL || out_buf == NULL || 410 archive_string_ensure(&state->description, l) == NULL) { 411 archive_set_error(&self->archive->archive, ENOMEM, 412 "Can't allocate input data"); 413 if (state != NULL) { 414 archive_string_free(&state->description); 415 free(state); 416 } 417 free(out_buf); 418 return (ARCHIVE_FATAL); 419 } 420 archive_strcpy(&state->description, prefix); 421 archive_strcat(&state->description, cmd); 422 423 self->code = ARCHIVE_FILTER_PROGRAM; 424 self->name = state->description.s; 425 426 state->out_buf = out_buf; 427 state->out_buf_len = out_buf_len; 428 429 child = __archive_create_child(cmd, &state->child_stdin, 430 &state->child_stdout); 431 if (child == -1) { 432 free(state->out_buf); 433 free(state); 434 archive_set_error(&self->archive->archive, EINVAL, 435 "Can't initialize filter; unable to run program \"%s\"", 436 cmd); 437 return (ARCHIVE_FATAL); 438 } 439 #if defined(_WIN32) && !defined(__CYGWIN__) 440 state->child = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, child); 441 if (state->child == NULL) { 442 child_stop(self, state); 443 free(state->out_buf); 444 free(state); 445 archive_set_error(&self->archive->archive, EINVAL, 446 "Can't initialize filter; unable to run program \"%s\"", 447 cmd); 448 return (ARCHIVE_FATAL); 449 } 450 #else 451 state->child = child; 452 #endif 453 454 self->data = state; 455 self->read = program_filter_read; 456 self->skip = NULL; 457 self->close = program_filter_close; 458 459 /* XXX Check that we can read at least one byte? */ 460 return (ARCHIVE_OK); 461 } 462 463 static int 464 program_bidder_init(struct archive_read_filter *self) 465 { 466 struct program_bidder *bidder_state; 467 468 bidder_state = (struct program_bidder *)self->bidder->data; 469 return (__archive_read_program(self, bidder_state->cmd)); 470 } 471 472 static ssize_t 473 program_filter_read(struct archive_read_filter *self, const void **buff) 474 { 475 struct program_filter *state; 476 ssize_t bytes; 477 size_t total; 478 char *p; 479 480 state = (struct program_filter *)self->data; 481 482 total = 0; 483 p = state->out_buf; 484 while (state->child_stdout != -1 && total < state->out_buf_len) { 485 bytes = child_read(self, p, state->out_buf_len - total); 486 if (bytes < 0) 487 /* No recovery is possible if we can no longer 488 * read from the child. */ 489 return (ARCHIVE_FATAL); 490 if (bytes == 0) 491 /* We got EOF from the child. */ 492 break; 493 total += bytes; 494 p += bytes; 495 } 496 497 *buff = state->out_buf; 498 return (total); 499 } 500 501 static int 502 program_filter_close(struct archive_read_filter *self) 503 { 504 struct program_filter *state; 505 int e; 506 507 state = (struct program_filter *)self->data; 508 e = child_stop(self, state); 509 510 /* Release our private data. */ 511 free(state->out_buf); 512 archive_string_free(&state->description); 513 free(state); 514 515 return (e); 516 } 517