1 /*- 2 * Copyright (c) 2003-2007 Tim Kientzle 3 * Copyright (c) 2011 Andres Mejia 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26 27 #include "archive_platform.h" 28 29 #ifdef HAVE_ERRNO_H 30 #include <errno.h> 31 #endif 32 #include <time.h> 33 #include <limits.h> 34 #ifdef HAVE_ZLIB_H 35 #include <zlib.h> /* crc32 */ 36 #endif 37 38 #include "archive.h" 39 #ifndef HAVE_ZLIB_H 40 #include "archive_crc32.h" 41 #endif 42 #include "archive_endian.h" 43 #include "archive_entry.h" 44 #include "archive_entry_locale.h" 45 #include "archive_ppmd7_private.h" 46 #include "archive_private.h" 47 #include "archive_read_private.h" 48 49 /* RAR signature, also known as the mark header */ 50 #define RAR_SIGNATURE "\x52\x61\x72\x21\x1A\x07\x00" 51 52 /* Header types */ 53 #define MARK_HEAD 0x72 54 #define MAIN_HEAD 0x73 55 #define FILE_HEAD 0x74 56 #define COMM_HEAD 0x75 57 #define AV_HEAD 0x76 58 #define SUB_HEAD 0x77 59 #define PROTECT_HEAD 0x78 60 #define SIGN_HEAD 0x79 61 #define NEWSUB_HEAD 0x7a 62 #define ENDARC_HEAD 0x7b 63 64 /* Main Header Flags */ 65 #define MHD_VOLUME 0x0001 66 #define MHD_COMMENT 0x0002 67 #define MHD_LOCK 0x0004 68 #define MHD_SOLID 0x0008 69 #define MHD_NEWNUMBERING 0x0010 70 #define MHD_AV 0x0020 71 #define MHD_PROTECT 0x0040 72 #define MHD_PASSWORD 0x0080 73 #define MHD_FIRSTVOLUME 0x0100 74 #define MHD_ENCRYPTVER 0x0200 75 76 /* Flags common to all headers */ 77 #define HD_MARKDELETION 0x4000 78 #define HD_ADD_SIZE_PRESENT 0x8000 79 80 /* File Header Flags */ 81 #define FHD_SPLIT_BEFORE 0x0001 82 #define FHD_SPLIT_AFTER 0x0002 83 #define FHD_PASSWORD 0x0004 84 #define FHD_COMMENT 0x0008 85 #define FHD_SOLID 0x0010 86 #define FHD_LARGE 0x0100 87 #define FHD_UNICODE 0x0200 88 #define FHD_SALT 0x0400 89 #define FHD_VERSION 0x0800 90 #define FHD_EXTTIME 0x1000 91 #define FHD_EXTFLAGS 0x2000 92 93 /* File dictionary sizes */ 94 #define DICTIONARY_SIZE_64 0x00 95 #define DICTIONARY_SIZE_128 0x20 96 #define DICTIONARY_SIZE_256 0x40 97 #define DICTIONARY_SIZE_512 0x60 98 #define DICTIONARY_SIZE_1024 0x80 99 #define DICTIONARY_SIZE_2048 0xA0 100 #define DICTIONARY_SIZE_4096 0xC0 101 #define FILE_IS_DIRECTORY 0xE0 102 #define DICTIONARY_MASK FILE_IS_DIRECTORY 103 104 /* OS Flags */ 105 #define OS_MSDOS 0 106 #define OS_OS2 1 107 #define OS_WIN32 2 108 #define OS_UNIX 3 109 #define OS_MAC_OS 4 110 #define OS_BEOS 5 111 112 /* Compression Methods */ 113 #define COMPRESS_METHOD_STORE 0x30 114 /* LZSS */ 115 #define COMPRESS_METHOD_FASTEST 0x31 116 #define COMPRESS_METHOD_FAST 0x32 117 #define COMPRESS_METHOD_NORMAL 0x33 118 /* PPMd Variant H */ 119 #define COMPRESS_METHOD_GOOD 0x34 120 #define COMPRESS_METHOD_BEST 0x35 121 122 #define CRC_POLYNOMIAL 0xEDB88320 123 124 #define NS_UNIT 10000000 125 126 #define DICTIONARY_MAX_SIZE 0x400000 127 128 #define MAINCODE_SIZE 299 129 #define OFFSETCODE_SIZE 60 130 #define LOWOFFSETCODE_SIZE 17 131 #define LENGTHCODE_SIZE 28 132 #define HUFFMAN_TABLE_SIZE \ 133 MAINCODE_SIZE + OFFSETCODE_SIZE + LOWOFFSETCODE_SIZE + LENGTHCODE_SIZE 134 135 #define MAX_SYMBOL_LENGTH 0xF 136 #define MAX_SYMBOLS 20 137 138 /* 139 * Considering L1,L2 cache miss and a calling of write system-call, 140 * the best size of the output buffer(uncompressed buffer) is 128K. 141 * If the structure of extracting process is changed, this value 142 * might be researched again. 143 */ 144 #define UNP_BUFFER_SIZE (128 * 1024) 145 146 /* Define this here for non-Windows platforms */ 147 #if !((defined(__WIN32__) || defined(_WIN32) || defined(__WIN32)) && !defined(__CYGWIN__)) 148 #define FILE_ATTRIBUTE_DIRECTORY 0x10 149 #endif 150 151 /* Fields common to all headers */ 152 struct rar_header 153 { 154 char crc[2]; 155 char type; 156 char flags[2]; 157 char size[2]; 158 }; 159 160 /* Fields common to all file headers */ 161 struct rar_file_header 162 { 163 char pack_size[4]; 164 char unp_size[4]; 165 char host_os; 166 char file_crc[4]; 167 char file_time[4]; 168 char unp_ver; 169 char method; 170 char name_size[2]; 171 char file_attr[4]; 172 }; 173 174 struct huffman_tree_node 175 { 176 int branches[2]; 177 }; 178 179 struct huffman_table_entry 180 { 181 unsigned int length; 182 int value; 183 }; 184 185 struct huffman_code 186 { 187 struct huffman_tree_node *tree; 188 int numentries; 189 int minlength; 190 int maxlength; 191 int tablesize; 192 struct huffman_table_entry *table; 193 }; 194 195 struct lzss 196 { 197 unsigned char *window; 198 int mask; 199 int64_t position; 200 }; 201 202 struct rar 203 { 204 /* Entries from main RAR header */ 205 unsigned main_flags; 206 unsigned long file_crc; 207 char reserved1[2]; 208 char reserved2[4]; 209 char encryptver; 210 211 /* File header entries */ 212 char compression_method; 213 unsigned file_flags; 214 int64_t packed_size; 215 int64_t unp_size; 216 time_t mtime; 217 long mnsec; 218 mode_t mode; 219 char *filename; 220 size_t filename_allocated; 221 222 /* File header optional entries */ 223 char salt[8]; 224 time_t atime; 225 long ansec; 226 time_t ctime; 227 long cnsec; 228 time_t arctime; 229 long arcnsec; 230 231 /* Fields to help with tracking decompression of files. */ 232 int64_t bytes_unconsumed; 233 int64_t bytes_remaining; 234 int64_t bytes_uncopied; 235 int64_t offset; 236 int64_t offset_outgoing; 237 char valid; 238 unsigned int unp_offset; 239 unsigned int unp_buffer_size; 240 unsigned char *unp_buffer; 241 unsigned int dictionary_size; 242 char start_new_block; 243 char entry_eof; 244 unsigned long crc_calculated; 245 int found_first_header; 246 247 /* LZSS members */ 248 struct huffman_code maincode; 249 struct huffman_code offsetcode; 250 struct huffman_code lowoffsetcode; 251 struct huffman_code lengthcode; 252 unsigned char lengthtable[HUFFMAN_TABLE_SIZE]; 253 struct lzss lzss; 254 char output_last_match; 255 unsigned int lastlength; 256 unsigned int lastoffset; 257 unsigned int oldoffset[4]; 258 unsigned int lastlowoffset; 259 unsigned int numlowoffsetrepeats; 260 int64_t filterstart; 261 char start_new_table; 262 263 /* PPMd Variant H members */ 264 char ppmd_valid; 265 char ppmd_eod; 266 char is_ppmd_block; 267 int ppmd_escape; 268 CPpmd7 ppmd7_context; 269 CPpmd7z_RangeDec range_dec; 270 IByteIn bytein; 271 272 /* 273 * String conversion object. 274 */ 275 int init_default_conversion; 276 struct archive_string_conv *sconv_default; 277 struct archive_string_conv *opt_sconv; 278 struct archive_string_conv *sconv_utf8; 279 struct archive_string_conv *sconv_utf16be; 280 281 /* 282 * Bit stream reader. 283 */ 284 struct rar_br { 285 #define CACHE_TYPE uint64_t 286 #define CACHE_BITS (8 * sizeof(CACHE_TYPE)) 287 /* Cache buffer. */ 288 CACHE_TYPE cache_buffer; 289 /* Indicates how many bits avail in cache_buffer. */ 290 int cache_avail; 291 ssize_t avail_in; 292 const unsigned char *next_in; 293 } br; 294 }; 295 296 static int archive_read_format_rar_bid(struct archive_read *, int); 297 static int archive_read_format_rar_options(struct archive_read *, 298 const char *, const char *); 299 static int archive_read_format_rar_read_header(struct archive_read *, 300 struct archive_entry *); 301 static int archive_read_format_rar_read_data(struct archive_read *, 302 const void **, size_t *, int64_t *); 303 static int archive_read_format_rar_read_data_skip(struct archive_read *a); 304 static int archive_read_format_rar_cleanup(struct archive_read *); 305 306 /* Support functions */ 307 static int read_header(struct archive_read *, struct archive_entry *, char); 308 static time_t get_time(int time); 309 static int read_exttime(const char *, struct rar *, const char *); 310 static int read_symlink_stored(struct archive_read *, struct archive_entry *, 311 struct archive_string_conv *); 312 static int read_data_stored(struct archive_read *, const void **, size_t *, 313 int64_t *); 314 static int read_data_compressed(struct archive_read *, const void **, size_t *, 315 int64_t *); 316 static int rar_br_preparation(struct archive_read *, struct rar_br *); 317 static int parse_codes(struct archive_read *); 318 static void free_codes(struct archive_read *); 319 static int read_next_symbol(struct archive_read *, struct huffman_code *); 320 static int create_code(struct archive_read *, struct huffman_code *, 321 unsigned char *, int, char); 322 static int add_value(struct archive_read *, struct huffman_code *, int, int, 323 int); 324 static int new_node(struct huffman_code *); 325 static int make_table(struct archive_read *, struct huffman_code *); 326 static int make_table_recurse(struct archive_read *, struct huffman_code *, int, 327 struct huffman_table_entry *, int, int); 328 static int64_t expand(struct archive_read *, int64_t); 329 static int copy_from_lzss_window(struct archive_read *, const void **, 330 int64_t, int); 331 332 /* 333 * Bit stream reader. 334 */ 335 /* Check that the cache buffer has enough bits. */ 336 #define rar_br_has(br, n) ((br)->cache_avail >= n) 337 /* Get compressed data by bit. */ 338 #define rar_br_bits(br, n) \ 339 (((uint32_t)((br)->cache_buffer >> \ 340 ((br)->cache_avail - (n)))) & cache_masks[n]) 341 #define rar_br_bits_forced(br, n) \ 342 (((uint32_t)((br)->cache_buffer << \ 343 ((n) - (br)->cache_avail))) & cache_masks[n]) 344 /* Read ahead to make sure the cache buffer has enough compressed data we 345 * will use. 346 * True : completed, there is enough data in the cache buffer. 347 * False : there is no data in the stream. */ 348 #define rar_br_read_ahead(a, br, n) \ 349 ((rar_br_has(br, (n)) || rar_br_fillup(a, br)) || rar_br_has(br, (n))) 350 /* Notify how many bits we consumed. */ 351 #define rar_br_consume(br, n) ((br)->cache_avail -= (n)) 352 #define rar_br_consume_unalined_bits(br) ((br)->cache_avail &= ~7) 353 354 static const uint32_t cache_masks[] = { 355 0x00000000, 0x00000001, 0x00000003, 0x00000007, 356 0x0000000F, 0x0000001F, 0x0000003F, 0x0000007F, 357 0x000000FF, 0x000001FF, 0x000003FF, 0x000007FF, 358 0x00000FFF, 0x00001FFF, 0x00003FFF, 0x00007FFF, 359 0x0000FFFF, 0x0001FFFF, 0x0003FFFF, 0x0007FFFF, 360 0x000FFFFF, 0x001FFFFF, 0x003FFFFF, 0x007FFFFF, 361 0x00FFFFFF, 0x01FFFFFF, 0x03FFFFFF, 0x07FFFFFF, 362 0x0FFFFFFF, 0x1FFFFFFF, 0x3FFFFFFF, 0x7FFFFFFF, 363 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF 364 }; 365 366 /* 367 * Shift away used bits in the cache data and fill it up with following bits. 368 * Call this when cache buffer does not have enough bits you need. 369 * 370 * Returns 1 if the cache buffer is full. 371 * Returns 0 if the cache buffer is not full; input buffer is empty. 372 */ 373 static int 374 rar_br_fillup(struct archive_read *a, struct rar_br *br) 375 { 376 struct rar *rar = (struct rar *)(a->format->data); 377 int n = CACHE_BITS - br->cache_avail; 378 379 for (;;) { 380 switch (n >> 3) { 381 case 8: 382 if (br->avail_in >= 8) { 383 br->cache_buffer = 384 ((uint64_t)br->next_in[0]) << 56 | 385 ((uint64_t)br->next_in[1]) << 48 | 386 ((uint64_t)br->next_in[2]) << 40 | 387 ((uint64_t)br->next_in[3]) << 32 | 388 ((uint32_t)br->next_in[4]) << 24 | 389 ((uint32_t)br->next_in[5]) << 16 | 390 ((uint32_t)br->next_in[6]) << 8 | 391 (uint32_t)br->next_in[7]; 392 br->next_in += 8; 393 br->avail_in -= 8; 394 br->cache_avail += 8 * 8; 395 rar->bytes_unconsumed += 8; 396 rar->bytes_remaining -= 8; 397 return (1); 398 } 399 break; 400 case 7: 401 if (br->avail_in >= 7) { 402 br->cache_buffer = 403 (br->cache_buffer << 56) | 404 ((uint64_t)br->next_in[0]) << 48 | 405 ((uint64_t)br->next_in[1]) << 40 | 406 ((uint64_t)br->next_in[2]) << 32 | 407 ((uint32_t)br->next_in[3]) << 24 | 408 ((uint32_t)br->next_in[4]) << 16 | 409 ((uint32_t)br->next_in[5]) << 8 | 410 (uint32_t)br->next_in[6]; 411 br->next_in += 7; 412 br->avail_in -= 7; 413 br->cache_avail += 7 * 8; 414 rar->bytes_unconsumed += 7; 415 rar->bytes_remaining -= 7; 416 return (1); 417 } 418 break; 419 case 6: 420 if (br->avail_in >= 6) { 421 br->cache_buffer = 422 (br->cache_buffer << 48) | 423 ((uint64_t)br->next_in[0]) << 40 | 424 ((uint64_t)br->next_in[1]) << 32 | 425 ((uint32_t)br->next_in[2]) << 24 | 426 ((uint32_t)br->next_in[3]) << 16 | 427 ((uint32_t)br->next_in[4]) << 8 | 428 (uint32_t)br->next_in[5]; 429 br->next_in += 6; 430 br->avail_in -= 6; 431 br->cache_avail += 6 * 8; 432 rar->bytes_unconsumed += 6; 433 rar->bytes_remaining -= 6; 434 return (1); 435 } 436 break; 437 case 0: 438 /* We have enough compressed data in 439 * the cache buffer.*/ 440 return (1); 441 default: 442 break; 443 } 444 if (br->avail_in <= 0) { 445 446 if (rar->bytes_unconsumed > 0) { 447 /* Consume as much as the decompressor 448 * actually used. */ 449 __archive_read_consume(a, rar->bytes_unconsumed); 450 rar->bytes_unconsumed = 0; 451 } 452 br->next_in = __archive_read_ahead(a, 1, &(br->avail_in)); 453 if (br->next_in == NULL) 454 return (0); 455 if (br->avail_in > rar->bytes_remaining) 456 br->avail_in = rar->bytes_remaining; 457 if (br->avail_in == 0) 458 return (0); 459 } 460 br->cache_buffer = 461 (br->cache_buffer << 8) | *br->next_in++; 462 br->avail_in--; 463 br->cache_avail += 8; 464 n -= 8; 465 rar->bytes_unconsumed++; 466 rar->bytes_remaining--; 467 } 468 } 469 470 static int 471 rar_br_preparation(struct archive_read *a, struct rar_br *br) 472 { 473 struct rar *rar = (struct rar *)(a->format->data); 474 475 if (rar->bytes_remaining > 0) { 476 br->next_in = __archive_read_ahead(a, 1, &(br->avail_in)); 477 if (br->next_in == NULL) { 478 archive_set_error(&a->archive, 479 ARCHIVE_ERRNO_FILE_FORMAT, 480 "Truncated RAR file data"); 481 return (ARCHIVE_FATAL); 482 } 483 if (br->avail_in > rar->bytes_remaining) 484 br->avail_in = rar->bytes_remaining; 485 if (br->cache_avail == 0) 486 (void)rar_br_fillup(a, br); 487 } 488 return (ARCHIVE_OK); 489 } 490 491 /* Find last bit set */ 492 static inline int 493 rar_fls(unsigned int word) 494 { 495 word |= (word >> 1); 496 word |= (word >> 2); 497 word |= (word >> 4); 498 word |= (word >> 8); 499 word |= (word >> 16); 500 return word - (word >> 1); 501 } 502 503 /* LZSS functions */ 504 static inline int64_t 505 lzss_position(struct lzss *lzss) 506 { 507 return lzss->position; 508 } 509 510 static inline int 511 lzss_mask(struct lzss *lzss) 512 { 513 return lzss->mask; 514 } 515 516 static inline int 517 lzss_size(struct lzss *lzss) 518 { 519 return lzss->mask + 1; 520 } 521 522 static inline int 523 lzss_offset_for_position(struct lzss *lzss, int64_t pos) 524 { 525 return pos & lzss->mask; 526 } 527 528 static inline unsigned char * 529 lzss_pointer_for_position(struct lzss *lzss, int64_t pos) 530 { 531 return &lzss->window[lzss_offset_for_position(lzss, pos)]; 532 } 533 534 static inline int 535 lzss_current_offset(struct lzss *lzss) 536 { 537 return lzss_offset_for_position(lzss, lzss->position); 538 } 539 540 static inline uint8_t * 541 lzss_current_pointer(struct lzss *lzss) 542 { 543 return lzss_pointer_for_position(lzss, lzss->position); 544 } 545 546 static inline void 547 lzss_emit_literal(struct rar *rar, uint8_t literal) 548 { 549 *lzss_current_pointer(&rar->lzss) = literal; 550 rar->lzss.position++; 551 } 552 553 static inline void 554 lzss_emit_match(struct rar *rar, int offset, int length) 555 { 556 int dstoffs = lzss_current_offset(&rar->lzss); 557 int srcoffs = (dstoffs - offset) & lzss_mask(&rar->lzss); 558 int l, li, remaining; 559 unsigned char *d, *s; 560 561 remaining = length; 562 while (remaining > 0) { 563 l = remaining; 564 if (dstoffs > srcoffs) { 565 if (l > lzss_size(&rar->lzss) - dstoffs) 566 l = lzss_size(&rar->lzss) - dstoffs; 567 } else { 568 if (l > lzss_size(&rar->lzss) - srcoffs) 569 l = lzss_size(&rar->lzss) - srcoffs; 570 } 571 d = &(rar->lzss.window[dstoffs]); 572 s = &(rar->lzss.window[srcoffs]); 573 if ((dstoffs + l < srcoffs) || (srcoffs + l < dstoffs)) 574 memcpy(d, s, l); 575 else { 576 for (li = 0; li < l; li++) 577 d[li] = s[li]; 578 } 579 remaining -= l; 580 dstoffs = (dstoffs + l) & lzss_mask(&(rar->lzss)); 581 srcoffs = (srcoffs + l) & lzss_mask(&(rar->lzss)); 582 } 583 rar->lzss.position += length; 584 } 585 586 static void * 587 ppmd_alloc(void *p, size_t size) 588 { 589 (void)p; 590 return malloc(size); 591 } 592 static void 593 ppmd_free(void *p, void *address) 594 { 595 (void)p; 596 free(address); 597 } 598 static ISzAlloc g_szalloc = { ppmd_alloc, ppmd_free }; 599 600 static Byte 601 ppmd_read(void *p) 602 { 603 struct archive_read *a = ((IByteIn*)p)->a; 604 struct rar *rar = (struct rar *)(a->format->data); 605 struct rar_br *br = &(rar->br); 606 Byte b; 607 if (!rar_br_read_ahead(a, br, 8)) 608 { 609 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 610 "Truncated RAR file data"); 611 rar->valid = 0; 612 return 0; 613 } 614 b = rar_br_bits(br, 8); 615 rar_br_consume(br, 8); 616 return b; 617 } 618 619 int 620 archive_read_support_format_rar(struct archive *_a) 621 { 622 struct archive_read *a = (struct archive_read *)_a; 623 struct rar *rar; 624 int r; 625 626 archive_check_magic(_a, ARCHIVE_READ_MAGIC, ARCHIVE_STATE_NEW, 627 "archive_read_support_format_rar"); 628 629 rar = (struct rar *)malloc(sizeof(*rar)); 630 if (rar == NULL) 631 { 632 archive_set_error(&a->archive, ENOMEM, "Can't allocate rar data"); 633 return (ARCHIVE_FATAL); 634 } 635 memset(rar, 0, sizeof(*rar)); 636 637 r = __archive_read_register_format(a, 638 rar, 639 "rar", 640 archive_read_format_rar_bid, 641 archive_read_format_rar_options, 642 archive_read_format_rar_read_header, 643 archive_read_format_rar_read_data, 644 archive_read_format_rar_read_data_skip, 645 archive_read_format_rar_cleanup); 646 647 if (r != ARCHIVE_OK) 648 free(rar); 649 return (r); 650 } 651 652 static int 653 archive_read_format_rar_bid(struct archive_read *a, int best_bid) 654 { 655 const char *p; 656 657 /* If there's already a bid > 30, we'll never win. */ 658 if (best_bid > 30) 659 return (-1); 660 661 if ((p = __archive_read_ahead(a, 7, NULL)) == NULL) 662 return (-1); 663 664 if (memcmp(p, RAR_SIGNATURE, 7) == 0) 665 return (30); 666 667 if ((p[0] == 'M' && p[1] == 'Z') || memcmp(p, "\x7F\x45LF", 4) == 0) { 668 /* This is a PE file */ 669 ssize_t offset = 0x10000; 670 ssize_t window = 4096; 671 ssize_t bytes_avail; 672 while (offset + window <= (1024 * 128)) { 673 const char *buff = __archive_read_ahead(a, offset + window, &bytes_avail); 674 if (buff == NULL) { 675 /* Remaining bytes are less than window. */ 676 window >>= 1; 677 if (window < 0x40) 678 return (0); 679 continue; 680 } 681 p = buff + offset; 682 while (p + 7 < buff + bytes_avail) { 683 if (memcmp(p, RAR_SIGNATURE, 7) == 0) 684 return (30); 685 p += 0x10; 686 } 687 offset = p - buff; 688 } 689 } 690 return (0); 691 } 692 693 static int 694 skip_sfx(struct archive_read *a) 695 { 696 const void *h; 697 const char *p, *q; 698 size_t skip, total; 699 ssize_t bytes, window; 700 701 total = 0; 702 window = 4096; 703 while (total + window <= (1024 * 128)) { 704 h = __archive_read_ahead(a, window, &bytes); 705 if (h == NULL) { 706 /* Remaining bytes are less than window. */ 707 window >>= 1; 708 if (window < 0x40) 709 goto fatal; 710 continue; 711 } 712 if (bytes < 0x40) 713 goto fatal; 714 p = h; 715 q = p + bytes; 716 717 /* 718 * Scan ahead until we find something that looks 719 * like the RAR header. 720 */ 721 while (p + 7 < q) { 722 if (memcmp(p, RAR_SIGNATURE, 7) == 0) { 723 skip = p - (const char *)h; 724 __archive_read_consume(a, skip); 725 return (ARCHIVE_OK); 726 } 727 p += 0x10; 728 } 729 skip = p - (const char *)h; 730 __archive_read_consume(a, skip); 731 total += skip; 732 } 733 fatal: 734 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 735 "Couldn't find out RAR header"); 736 return (ARCHIVE_FATAL); 737 } 738 739 static int 740 archive_read_format_rar_options(struct archive_read *a, 741 const char *key, const char *val) 742 { 743 struct rar *rar; 744 int ret = ARCHIVE_FAILED; 745 746 rar = (struct rar *)(a->format->data); 747 if (strcmp(key, "hdrcharset") == 0) { 748 if (val == NULL || val[0] == 0) 749 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 750 "rar: hdrcharset option needs a character-set name"); 751 else { 752 rar->opt_sconv = 753 archive_string_conversion_from_charset( 754 &a->archive, val, 0); 755 if (rar->opt_sconv != NULL) 756 ret = ARCHIVE_OK; 757 else 758 ret = ARCHIVE_FATAL; 759 } 760 } else 761 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 762 "rar: unknown keyword ``%s''", key); 763 764 return (ret); 765 } 766 767 static int 768 archive_read_format_rar_read_header(struct archive_read *a, 769 struct archive_entry *entry) 770 { 771 const void *h; 772 const char *p; 773 struct rar *rar; 774 size_t skip; 775 char head_type; 776 int ret; 777 unsigned flags; 778 779 a->archive.archive_format = ARCHIVE_FORMAT_RAR; 780 if (a->archive.archive_format_name == NULL) 781 a->archive.archive_format_name = "RAR"; 782 783 rar = (struct rar *)(a->format->data); 784 785 /* RAR files can be generated without EOF headers, so return ARCHIVE_EOF if 786 * this fails. 787 */ 788 if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) 789 return (ARCHIVE_EOF); 790 791 p = h; 792 if (rar->found_first_header == 0 && 793 ((p[0] == 'M' && p[1] == 'Z') || memcmp(p, "\x7F\x45LF", 4) == 0)) { 794 /* This is an executable ? Must be self-extracting... */ 795 ret = skip_sfx(a); 796 if (ret < ARCHIVE_WARN) 797 return (ret); 798 } 799 rar->found_first_header = 1; 800 801 while (1) 802 { 803 unsigned long crc32_val; 804 805 if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) 806 return (ARCHIVE_FATAL); 807 p = h; 808 809 head_type = p[2]; 810 switch(head_type) 811 { 812 case MARK_HEAD: 813 if (memcmp(p, RAR_SIGNATURE, 7) != 0) { 814 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 815 "Invalid marker header"); 816 return (ARCHIVE_FATAL); 817 } 818 __archive_read_consume(a, 7); 819 break; 820 821 case MAIN_HEAD: 822 rar->main_flags = archive_le16dec(p + 3); 823 skip = archive_le16dec(p + 5); 824 if (skip < 7 + sizeof(rar->reserved1) + sizeof(rar->reserved2)) { 825 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 826 "Invalid header size"); 827 return (ARCHIVE_FATAL); 828 } 829 if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) 830 return (ARCHIVE_FATAL); 831 p = h; 832 memcpy(rar->reserved1, p + 7, sizeof(rar->reserved1)); 833 memcpy(rar->reserved2, p + 7 + sizeof(rar->reserved1), 834 sizeof(rar->reserved2)); 835 if (rar->main_flags & MHD_ENCRYPTVER) { 836 if (skip < 7 + sizeof(rar->reserved1) + sizeof(rar->reserved2)+1) { 837 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 838 "Invalid header size"); 839 return (ARCHIVE_FATAL); 840 } 841 rar->encryptver = *(p + 7 + sizeof(rar->reserved1) + 842 sizeof(rar->reserved2)); 843 } 844 845 if (rar->main_flags & MHD_VOLUME || 846 rar->main_flags & MHD_FIRSTVOLUME) 847 { 848 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 849 "RAR volume support unavailable."); 850 return (ARCHIVE_FATAL); 851 } 852 if (rar->main_flags & MHD_PASSWORD) 853 { 854 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 855 "RAR encryption support unavailable."); 856 return (ARCHIVE_FATAL); 857 } 858 859 crc32_val = crc32(0, (const unsigned char *)p + 2, skip - 2); 860 if ((crc32_val & 0xffff) != archive_le16dec(p)) { 861 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 862 "Header CRC error"); 863 return (ARCHIVE_FATAL); 864 } 865 __archive_read_consume(a, skip); 866 break; 867 868 case FILE_HEAD: 869 return read_header(a, entry, head_type); 870 871 case COMM_HEAD: 872 case AV_HEAD: 873 case SUB_HEAD: 874 case PROTECT_HEAD: 875 case SIGN_HEAD: 876 flags = archive_le16dec(p + 3); 877 skip = archive_le16dec(p + 5); 878 if (skip < 7) { 879 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 880 "Invalid header size"); 881 return (ARCHIVE_FATAL); 882 } 883 if (skip > 7) { 884 if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) 885 return (ARCHIVE_FATAL); 886 p = h; 887 } 888 if (flags & HD_ADD_SIZE_PRESENT) 889 { 890 if (skip < 7 + 4) { 891 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 892 "Invalid header size"); 893 return (ARCHIVE_FATAL); 894 } 895 skip += archive_le32dec(p + 7); 896 if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) 897 return (ARCHIVE_FATAL); 898 p = h; 899 } 900 901 crc32_val = crc32(0, (const unsigned char *)p + 2, skip - 2); 902 if ((crc32_val & 0xffff) != archive_le16dec(p)) { 903 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 904 "Header CRC error"); 905 return (ARCHIVE_FATAL); 906 } 907 __archive_read_consume(a, skip); 908 break; 909 910 case NEWSUB_HEAD: 911 if ((ret = read_header(a, entry, head_type)) < ARCHIVE_WARN) 912 return ret; 913 break; 914 915 case ENDARC_HEAD: 916 return (ARCHIVE_EOF); 917 918 default: 919 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 920 "Bad RAR file"); 921 return (ARCHIVE_FATAL); 922 } 923 } 924 } 925 926 static int 927 archive_read_format_rar_read_data(struct archive_read *a, const void **buff, 928 size_t *size, int64_t *offset) 929 { 930 struct rar *rar = (struct rar *)(a->format->data); 931 int ret; 932 933 if (rar->bytes_unconsumed > 0) { 934 /* Consume as much as the decompressor actually used. */ 935 __archive_read_consume(a, rar->bytes_unconsumed); 936 rar->bytes_unconsumed = 0; 937 } 938 939 if (rar->entry_eof) { 940 *buff = NULL; 941 *size = 0; 942 *offset = rar->offset; 943 return (ARCHIVE_EOF); 944 } 945 946 switch (rar->compression_method) 947 { 948 case COMPRESS_METHOD_STORE: 949 ret = read_data_stored(a, buff, size, offset); 950 break; 951 952 case COMPRESS_METHOD_FASTEST: 953 case COMPRESS_METHOD_FAST: 954 case COMPRESS_METHOD_NORMAL: 955 case COMPRESS_METHOD_GOOD: 956 case COMPRESS_METHOD_BEST: 957 ret = read_data_compressed(a, buff, size, offset); 958 if (ret != ARCHIVE_OK && ret != ARCHIVE_WARN) 959 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 960 break; 961 962 default: 963 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 964 "Unsupported compression method for RAR file."); 965 ret = ARCHIVE_FATAL; 966 break; 967 } 968 return (ret); 969 } 970 971 static int 972 archive_read_format_rar_read_data_skip(struct archive_read *a) 973 { 974 struct rar *rar; 975 int64_t bytes_skipped; 976 977 rar = (struct rar *)(a->format->data); 978 979 if (rar->bytes_unconsumed > 0) { 980 /* Consume as much as the decompressor actually used. */ 981 __archive_read_consume(a, rar->bytes_unconsumed); 982 rar->bytes_unconsumed = 0; 983 } 984 985 if (rar->bytes_remaining > 0) { 986 bytes_skipped = __archive_read_consume(a, rar->bytes_remaining); 987 if (bytes_skipped < 0) 988 return (ARCHIVE_FATAL); 989 } 990 return (ARCHIVE_OK); 991 } 992 993 static int 994 archive_read_format_rar_cleanup(struct archive_read *a) 995 { 996 struct rar *rar; 997 998 rar = (struct rar *)(a->format->data); 999 free_codes(a); 1000 free(rar->filename); 1001 free(rar->unp_buffer); 1002 free(rar->lzss.window); 1003 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 1004 free(rar); 1005 (a->format->data) = NULL; 1006 return (ARCHIVE_OK); 1007 } 1008 1009 static int 1010 read_header(struct archive_read *a, struct archive_entry *entry, 1011 char head_type) 1012 { 1013 const void *h; 1014 const char *p, *endp; 1015 struct rar *rar; 1016 struct rar_header rar_header; 1017 struct rar_file_header file_header; 1018 int64_t header_size; 1019 unsigned filename_size, end; 1020 char *filename; 1021 char *strp; 1022 char packed_size[8]; 1023 char unp_size[8]; 1024 int time; 1025 struct archive_string_conv *sconv, *fn_sconv; 1026 unsigned long crc32_val; 1027 int ret = (ARCHIVE_OK), ret2; 1028 1029 rar = (struct rar *)(a->format->data); 1030 1031 /* Setup a string conversion object for non-rar-unicode filenames. */ 1032 sconv = rar->opt_sconv; 1033 if (sconv == NULL) { 1034 if (!rar->init_default_conversion) { 1035 rar->sconv_default = 1036 archive_string_default_conversion_for_read( 1037 &(a->archive)); 1038 rar->init_default_conversion = 1; 1039 } 1040 sconv = rar->sconv_default; 1041 } 1042 1043 1044 if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) 1045 return (ARCHIVE_FATAL); 1046 p = h; 1047 memcpy(&rar_header, p, sizeof(rar_header)); 1048 rar->file_flags = archive_le16dec(rar_header.flags); 1049 header_size = archive_le16dec(rar_header.size); 1050 if (header_size < sizeof(file_header) + 7) { 1051 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1052 "Invalid header size"); 1053 return (ARCHIVE_FATAL); 1054 } 1055 crc32_val = crc32(0, (const unsigned char *)p + 2, 7 - 2); 1056 __archive_read_consume(a, 7); 1057 1058 if (!(rar->file_flags & FHD_SOLID)) 1059 { 1060 rar->compression_method = 0; 1061 rar->packed_size = 0; 1062 rar->unp_size = 0; 1063 rar->mtime = 0; 1064 rar->ctime = 0; 1065 rar->atime = 0; 1066 rar->arctime = 0; 1067 rar->mode = 0; 1068 memset(&rar->salt, 0, sizeof(rar->salt)); 1069 rar->atime = 0; 1070 rar->ansec = 0; 1071 rar->ctime = 0; 1072 rar->cnsec = 0; 1073 rar->mtime = 0; 1074 rar->mnsec = 0; 1075 rar->arctime = 0; 1076 rar->arcnsec = 0; 1077 } 1078 else 1079 { 1080 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1081 "RAR solid archive support unavailable."); 1082 return (ARCHIVE_FATAL); 1083 } 1084 1085 if ((h = __archive_read_ahead(a, header_size - 7, NULL)) == NULL) 1086 return (ARCHIVE_FATAL); 1087 1088 /* File Header CRC check. */ 1089 crc32_val = crc32(crc32_val, h, header_size - 7); 1090 if ((crc32_val & 0xffff) != archive_le16dec(rar_header.crc)) { 1091 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1092 "Header CRC error"); 1093 return (ARCHIVE_FATAL); 1094 } 1095 /* If no CRC error, Go on parsing File Header. */ 1096 p = h; 1097 endp = p + header_size - 7; 1098 memcpy(&file_header, p, sizeof(file_header)); 1099 p += sizeof(file_header); 1100 1101 rar->compression_method = file_header.method; 1102 1103 time = archive_le32dec(file_header.file_time); 1104 rar->mtime = get_time(time); 1105 1106 rar->file_crc = archive_le32dec(file_header.file_crc); 1107 1108 if (rar->file_flags & FHD_PASSWORD) 1109 { 1110 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1111 "RAR encryption support unavailable."); 1112 return (ARCHIVE_FATAL); 1113 } 1114 1115 if (rar->file_flags & FHD_LARGE) 1116 { 1117 memcpy(packed_size, file_header.pack_size, 4); 1118 memcpy(packed_size + 4, p, 4); /* High pack size */ 1119 p += 4; 1120 memcpy(unp_size, file_header.unp_size, 4); 1121 memcpy(unp_size + 4, p, 4); /* High unpack size */ 1122 p += 4; 1123 rar->packed_size = archive_le64dec(&packed_size); 1124 rar->unp_size = archive_le64dec(&unp_size); 1125 } 1126 else 1127 { 1128 rar->packed_size = archive_le32dec(file_header.pack_size); 1129 rar->unp_size = archive_le32dec(file_header.unp_size); 1130 } 1131 1132 /* TODO: Need to use CRC check for these kind of cases. 1133 * For now, check if sizes are not < 0. 1134 */ 1135 if (rar->packed_size < 0 || rar->unp_size < 0) 1136 { 1137 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1138 "Invalid sizes specified."); 1139 return (ARCHIVE_FATAL); 1140 } 1141 1142 /* TODO: RARv3 subblocks contain comments. For now the complete block is 1143 * consumed at the end. 1144 */ 1145 if (head_type == NEWSUB_HEAD) { 1146 size_t distance = p - (const char *)h; 1147 header_size += rar->packed_size; 1148 /* Make sure we have the extended data. */ 1149 if ((h = __archive_read_ahead(a, header_size - 7, NULL)) == NULL) 1150 return (ARCHIVE_FATAL); 1151 p = h; 1152 endp = p + header_size - 7; 1153 p += distance; 1154 } 1155 1156 filename_size = archive_le16dec(file_header.name_size); 1157 if (p + filename_size > endp) { 1158 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1159 "Invalid filename size"); 1160 return (ARCHIVE_FATAL); 1161 } 1162 if (rar->filename_allocated < filename_size+2) { 1163 rar->filename = realloc(rar->filename, filename_size+2); 1164 if (rar->filename == NULL) { 1165 archive_set_error(&a->archive, ENOMEM, 1166 "Couldn't allocate memory."); 1167 return (ARCHIVE_FATAL); 1168 } 1169 } 1170 filename = rar->filename; 1171 memcpy(filename, p, filename_size); 1172 filename[filename_size] = '\0'; 1173 if (rar->file_flags & FHD_UNICODE) 1174 { 1175 if (filename_size != strlen(filename)) 1176 { 1177 unsigned char highbyte, flagbits, flagbyte, length, offset; 1178 1179 end = filename_size; 1180 filename_size = 0; 1181 offset = strlen(filename) + 1; 1182 highbyte = *(p + offset++); 1183 flagbits = 0; 1184 flagbyte = 0; 1185 while (offset < end && filename_size < end) 1186 { 1187 if (!flagbits) 1188 { 1189 flagbyte = *(p + offset++); 1190 flagbits = 8; 1191 } 1192 1193 flagbits -= 2; 1194 switch((flagbyte >> flagbits) & 3) 1195 { 1196 case 0: 1197 filename[filename_size++] = '\0'; 1198 filename[filename_size++] = *(p + offset++); 1199 break; 1200 case 1: 1201 filename[filename_size++] = highbyte; 1202 filename[filename_size++] = *(p + offset++); 1203 break; 1204 case 2: 1205 filename[filename_size++] = *(p + offset + 1); 1206 filename[filename_size++] = *(p + offset); 1207 offset += 2; 1208 break; 1209 case 3: 1210 { 1211 length = *(p + offset++); 1212 while (length) 1213 { 1214 if (filename_size >= end) 1215 break; 1216 filename[filename_size++] = *(p + offset); 1217 length--; 1218 } 1219 } 1220 break; 1221 } 1222 } 1223 if (filename_size >= end) { 1224 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1225 "Invalid filename"); 1226 return (ARCHIVE_FATAL); 1227 } 1228 filename[filename_size++] = '\0'; 1229 filename[filename_size++] = '\0'; 1230 1231 /* Decoded unicode form is UTF-16BE, so we have to update a string 1232 * conversion object for it. */ 1233 if (rar->sconv_utf16be == NULL) { 1234 rar->sconv_utf16be = archive_string_conversion_from_charset( 1235 &a->archive, "UTF-16BE", 1); 1236 if (rar->sconv_utf16be == NULL) 1237 return (ARCHIVE_FATAL); 1238 } 1239 fn_sconv = rar->sconv_utf16be; 1240 1241 strp = filename; 1242 while (memcmp(strp, "\x00\x00", 2)) 1243 { 1244 if (!memcmp(strp, "\x00\\", 2)) 1245 *(strp + 1) = '/'; 1246 strp += 2; 1247 } 1248 p += offset; 1249 } else { 1250 /* 1251 * If FHD_UNICODE is set but no unicode data, this file name form 1252 * is UTF-8, so we have to update a string conversion object for 1253 * it accordingly. 1254 */ 1255 if (rar->sconv_utf8 == NULL) { 1256 rar->sconv_utf8 = archive_string_conversion_from_charset( 1257 &a->archive, "UTF-8", 1); 1258 if (rar->sconv_utf8 == NULL) 1259 return (ARCHIVE_FATAL); 1260 } 1261 fn_sconv = rar->sconv_utf8; 1262 while ((strp = strchr(filename, '\\')) != NULL) 1263 *strp = '/'; 1264 p += filename_size; 1265 } 1266 } 1267 else 1268 { 1269 fn_sconv = sconv; 1270 while ((strp = strchr(filename, '\\')) != NULL) 1271 *strp = '/'; 1272 p += filename_size; 1273 } 1274 1275 if (rar->file_flags & FHD_SALT) 1276 { 1277 if (p + 8 > endp) { 1278 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1279 "Invalid header size"); 1280 return (ARCHIVE_FATAL); 1281 } 1282 memcpy(rar->salt, p, 8); 1283 p += 8; 1284 } 1285 1286 if (rar->file_flags & FHD_EXTTIME) { 1287 if (read_exttime(p, rar, endp) < 0) { 1288 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1289 "Invalid header size"); 1290 return (ARCHIVE_FATAL); 1291 } 1292 } 1293 1294 __archive_read_consume(a, header_size - 7); 1295 1296 switch(file_header.host_os) 1297 { 1298 case OS_MSDOS: 1299 case OS_OS2: 1300 case OS_WIN32: 1301 rar->mode = archive_le32dec(file_header.file_attr); 1302 if (rar->mode & FILE_ATTRIBUTE_DIRECTORY) 1303 rar->mode = AE_IFDIR | S_IXUSR | S_IXGRP | S_IXOTH; 1304 else 1305 rar->mode = AE_IFREG; 1306 rar->mode |= S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH; 1307 break; 1308 1309 case OS_UNIX: 1310 case OS_MAC_OS: 1311 case OS_BEOS: 1312 rar->mode = archive_le32dec(file_header.file_attr); 1313 break; 1314 1315 default: 1316 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1317 "Unknown file attributes from RAR file's host OS"); 1318 return (ARCHIVE_FATAL); 1319 } 1320 1321 rar->bytes_remaining = rar->packed_size; 1322 rar->bytes_uncopied = rar->bytes_unconsumed = 0; 1323 rar->lzss.position = rar->dictionary_size = rar->offset = 0; 1324 rar->offset_outgoing = 0; 1325 rar->br.cache_avail = 0; 1326 rar->br.avail_in = 0; 1327 rar->crc_calculated = 0; 1328 rar->entry_eof = 0; 1329 rar->valid = 1; 1330 rar->is_ppmd_block = 0; 1331 rar->start_new_table = 1; 1332 free(rar->unp_buffer); 1333 rar->unp_buffer = NULL; 1334 rar->unp_offset = 0; 1335 rar->unp_buffer_size = UNP_BUFFER_SIZE; 1336 memset(rar->lengthtable, 0, sizeof(rar->lengthtable)); 1337 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 1338 rar->ppmd_valid = rar->ppmd_eod = 0; 1339 1340 /* Don't set any archive entries for non-file header types */ 1341 if (head_type == NEWSUB_HEAD) 1342 return ret; 1343 1344 archive_entry_set_mtime(entry, rar->mtime, rar->mnsec); 1345 archive_entry_set_ctime(entry, rar->ctime, rar->cnsec); 1346 archive_entry_set_atime(entry, rar->atime, rar->ansec); 1347 archive_entry_set_size(entry, rar->unp_size); 1348 archive_entry_set_mode(entry, rar->mode); 1349 1350 if (archive_entry_copy_pathname_l(entry, filename, filename_size, fn_sconv)) 1351 { 1352 if (errno == ENOMEM) 1353 { 1354 archive_set_error(&a->archive, ENOMEM, 1355 "Can't allocate memory for Pathname"); 1356 return (ARCHIVE_FATAL); 1357 } 1358 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1359 "Pathname cannot be converted from %s to current locale.", 1360 archive_string_conversion_charset_name(fn_sconv)); 1361 ret = (ARCHIVE_WARN); 1362 } 1363 1364 if (((rar->mode) & AE_IFMT) == AE_IFLNK) 1365 { 1366 /* Make sure a symbolic-link file does not have its body. */ 1367 rar->bytes_remaining = 0; 1368 archive_entry_set_size(entry, 0); 1369 1370 /* Read a symbolic-link name. */ 1371 if ((ret2 = read_symlink_stored(a, entry, sconv)) < (ARCHIVE_WARN)) 1372 return ret2; 1373 if (ret > ret2) 1374 ret = ret2; 1375 } 1376 1377 if (rar->bytes_remaining == 0) 1378 rar->entry_eof = 1; 1379 1380 return ret; 1381 } 1382 1383 static time_t 1384 get_time(int time) 1385 { 1386 struct tm tm; 1387 tm.tm_sec = 2 * (time & 0x1f); 1388 tm.tm_min = (time >> 5) & 0x3f; 1389 tm.tm_hour = (time >> 11) & 0x1f; 1390 tm.tm_mday = (time >> 16) & 0x1f; 1391 tm.tm_mon = ((time >> 21) & 0x0f) - 1; 1392 tm.tm_year = ((time >> 25) & 0x7f) + 80; 1393 tm.tm_isdst = -1; 1394 return mktime(&tm); 1395 } 1396 1397 static int 1398 read_exttime(const char *p, struct rar *rar, const char *endp) 1399 { 1400 unsigned rmode, flags, rem, j, count; 1401 int time, i; 1402 struct tm *tm; 1403 time_t t; 1404 long nsec; 1405 1406 if (p + 2 > endp) 1407 return (-1); 1408 flags = archive_le16dec(p); 1409 p += 2; 1410 1411 for (i = 3; i >= 0; i--) 1412 { 1413 t = 0; 1414 if (i == 3) 1415 t = rar->mtime; 1416 rmode = flags >> i * 4; 1417 if (rmode & 8) 1418 { 1419 if (!t) 1420 { 1421 if (p + 4 > endp) 1422 return (-1); 1423 time = archive_le32dec(p); 1424 t = get_time(time); 1425 p += 4; 1426 } 1427 rem = 0; 1428 count = rmode & 3; 1429 if (p + count > endp) 1430 return (-1); 1431 for (j = 0; j < count; j++) 1432 { 1433 rem = ((*p) << 16) | (rem >> 8); 1434 p++; 1435 } 1436 tm = localtime(&t); 1437 nsec = tm->tm_sec + rem / NS_UNIT; 1438 if (rmode & 4) 1439 { 1440 tm->tm_sec++; 1441 t = mktime(tm); 1442 } 1443 if (i == 3) 1444 { 1445 rar->mtime = t; 1446 rar->mnsec = nsec; 1447 } 1448 else if (i == 2) 1449 { 1450 rar->ctime = t; 1451 rar->cnsec = nsec; 1452 } 1453 else if (i == 1) 1454 { 1455 rar->atime = t; 1456 rar->ansec = nsec; 1457 } 1458 else 1459 { 1460 rar->arctime = t; 1461 rar->arcnsec = nsec; 1462 } 1463 } 1464 } 1465 return (0); 1466 } 1467 1468 static int 1469 read_symlink_stored(struct archive_read *a, struct archive_entry *entry, 1470 struct archive_string_conv *sconv) 1471 { 1472 const void *h; 1473 const char *p; 1474 struct rar *rar; 1475 int ret = (ARCHIVE_OK); 1476 1477 rar = (struct rar *)(a->format->data); 1478 if ((h = __archive_read_ahead(a, rar->packed_size, NULL)) == NULL) 1479 return (ARCHIVE_FATAL); 1480 p = h; 1481 1482 if (archive_entry_copy_symlink_l(entry, p, rar->packed_size, sconv)) 1483 { 1484 if (errno == ENOMEM) 1485 { 1486 archive_set_error(&a->archive, ENOMEM, 1487 "Can't allocate memory for link"); 1488 return (ARCHIVE_FATAL); 1489 } 1490 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1491 "link cannot be converted from %s to current locale.", 1492 archive_string_conversion_charset_name(sconv)); 1493 ret = (ARCHIVE_WARN); 1494 } 1495 __archive_read_consume(a, rar->packed_size); 1496 return ret; 1497 } 1498 1499 static int 1500 read_data_stored(struct archive_read *a, const void **buff, size_t *size, 1501 int64_t *offset) 1502 { 1503 struct rar *rar; 1504 ssize_t bytes_avail; 1505 1506 rar = (struct rar *)(a->format->data); 1507 if (rar->bytes_remaining == 0) 1508 { 1509 *buff = NULL; 1510 *size = 0; 1511 *offset = rar->offset; 1512 if (rar->file_crc != rar->crc_calculated) { 1513 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1514 "File CRC error"); 1515 return (ARCHIVE_FATAL); 1516 } 1517 rar->entry_eof = 1; 1518 return (ARCHIVE_EOF); 1519 } 1520 1521 *buff = __archive_read_ahead(a, 1, &bytes_avail); 1522 if (bytes_avail <= 0) 1523 { 1524 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1525 "Truncated RAR file data"); 1526 return (ARCHIVE_FATAL); 1527 } 1528 if (bytes_avail > rar->bytes_remaining) 1529 bytes_avail = rar->bytes_remaining; 1530 1531 *size = bytes_avail; 1532 *offset = rar->offset; 1533 rar->offset += bytes_avail; 1534 rar->bytes_remaining -= bytes_avail; 1535 rar->bytes_unconsumed = bytes_avail; 1536 /* Calculate File CRC. */ 1537 rar->crc_calculated = crc32(rar->crc_calculated, *buff, bytes_avail); 1538 return (ARCHIVE_OK); 1539 } 1540 1541 static int 1542 read_data_compressed(struct archive_read *a, const void **buff, size_t *size, 1543 int64_t *offset) 1544 { 1545 struct rar *rar; 1546 int64_t start, end, actualend; 1547 size_t bs; 1548 int ret = (ARCHIVE_OK), sym, code, lzss_offset, length, i; 1549 1550 rar = (struct rar *)(a->format->data); 1551 1552 do { 1553 if (!rar->valid) 1554 return (ARCHIVE_FATAL); 1555 if (rar->ppmd_eod || 1556 (rar->dictionary_size && rar->offset >= rar->unp_size)) 1557 { 1558 if (rar->unp_offset > 0) { 1559 /* 1560 * We have unprocessed extracted data. write it out. 1561 */ 1562 *buff = rar->unp_buffer; 1563 *size = rar->unp_offset; 1564 *offset = rar->offset_outgoing; 1565 rar->offset_outgoing += *size; 1566 /* Calculate File CRC. */ 1567 rar->crc_calculated = crc32(rar->crc_calculated, *buff, *size); 1568 rar->unp_offset = 0; 1569 return (ARCHIVE_OK); 1570 } 1571 *buff = NULL; 1572 *size = 0; 1573 *offset = rar->offset; 1574 if (rar->file_crc != rar->crc_calculated) { 1575 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1576 "File CRC error"); 1577 return (ARCHIVE_FATAL); 1578 } 1579 rar->entry_eof = 1; 1580 return (ARCHIVE_EOF); 1581 } 1582 1583 if (!rar->is_ppmd_block && rar->dictionary_size && rar->bytes_uncopied > 0) 1584 { 1585 if (rar->bytes_uncopied > (rar->unp_buffer_size - rar->unp_offset)) 1586 bs = rar->unp_buffer_size - rar->unp_offset; 1587 else 1588 bs = rar->bytes_uncopied; 1589 ret = copy_from_lzss_window(a, buff, rar->offset, bs); 1590 if (ret != ARCHIVE_OK) 1591 return (ret); 1592 rar->offset += bs; 1593 rar->bytes_uncopied -= bs; 1594 if (*buff != NULL) { 1595 rar->unp_offset = 0; 1596 *size = rar->unp_buffer_size; 1597 *offset = rar->offset_outgoing; 1598 rar->offset_outgoing += *size; 1599 /* Calculate File CRC. */ 1600 rar->crc_calculated = crc32(rar->crc_calculated, *buff, *size); 1601 return (ret); 1602 } 1603 continue; 1604 } 1605 1606 if (!rar->br.next_in && 1607 (ret = rar_br_preparation(a, &(rar->br))) < ARCHIVE_WARN) 1608 return (ret); 1609 if (rar->start_new_table && ((ret = parse_codes(a)) < (ARCHIVE_WARN))) 1610 return (ret); 1611 1612 if (rar->is_ppmd_block) 1613 { 1614 if ((sym = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1615 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1616 { 1617 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1618 "Invalid symbol"); 1619 return (ARCHIVE_FATAL); 1620 } 1621 if(sym != rar->ppmd_escape) 1622 { 1623 lzss_emit_literal(rar, sym); 1624 rar->bytes_uncopied++; 1625 } 1626 else 1627 { 1628 if ((code = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1629 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1630 { 1631 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1632 "Invalid symbol"); 1633 return (ARCHIVE_FATAL); 1634 } 1635 1636 switch(code) 1637 { 1638 case 0: 1639 rar->start_new_table = 1; 1640 return read_data_compressed(a, buff, size, offset); 1641 1642 case 2: 1643 rar->ppmd_eod = 1;/* End Of ppmd Data. */ 1644 continue; 1645 1646 case 3: 1647 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1648 "Parsing filters is unsupported."); 1649 return (ARCHIVE_FAILED); 1650 1651 case 4: 1652 lzss_offset = 0; 1653 for (i = 2; i >= 0; i--) 1654 { 1655 if ((code = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1656 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1657 { 1658 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1659 "Invalid symbol"); 1660 return (ARCHIVE_FATAL); 1661 } 1662 lzss_offset |= code << (i * 8); 1663 } 1664 if ((length = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1665 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1666 { 1667 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1668 "Invalid symbol"); 1669 return (ARCHIVE_FATAL); 1670 } 1671 lzss_emit_match(rar, lzss_offset + 2, length + 32); 1672 rar->bytes_uncopied += length + 32; 1673 break; 1674 1675 case 5: 1676 if ((length = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1677 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1678 { 1679 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1680 "Invalid symbol"); 1681 return (ARCHIVE_FATAL); 1682 } 1683 lzss_emit_match(rar, 1, length + 4); 1684 rar->bytes_uncopied += length + 4; 1685 break; 1686 1687 default: 1688 lzss_emit_literal(rar, sym); 1689 rar->bytes_uncopied++; 1690 } 1691 } 1692 } 1693 else 1694 { 1695 start = rar->offset; 1696 end = start + rar->dictionary_size; 1697 rar->filterstart = INT64_MAX; 1698 1699 if ((actualend = expand(a, end)) < 0) 1700 return ((int)actualend); 1701 1702 rar->bytes_uncopied = actualend - start; 1703 if (rar->bytes_uncopied == 0) { 1704 /* Broken RAR files cause this case. 1705 * NOTE: If this case were possible on a normal RAR file 1706 * we would find out where it was actually bad and 1707 * what we would do to solve it. */ 1708 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1709 "Internal error extracting RAR file"); 1710 return (ARCHIVE_FATAL); 1711 } 1712 } 1713 if (rar->bytes_uncopied > (rar->unp_buffer_size - rar->unp_offset)) 1714 bs = rar->unp_buffer_size - rar->unp_offset; 1715 else 1716 bs = rar->bytes_uncopied; 1717 ret = copy_from_lzss_window(a, buff, rar->offset, bs); 1718 if (ret != ARCHIVE_OK) 1719 return (ret); 1720 rar->offset += bs; 1721 rar->bytes_uncopied -= bs; 1722 /* 1723 * If *buff is NULL, it means unp_buffer is not full. 1724 * So we have to continue extracting a RAR file. 1725 */ 1726 } while (*buff == NULL); 1727 1728 rar->unp_offset = 0; 1729 *size = rar->unp_buffer_size; 1730 *offset = rar->offset_outgoing; 1731 rar->offset_outgoing += *size; 1732 /* Calculate File CRC. */ 1733 rar->crc_calculated = crc32(rar->crc_calculated, *buff, *size); 1734 return ret; 1735 } 1736 1737 static int 1738 parse_codes(struct archive_read *a) 1739 { 1740 int i, j, val, n, r; 1741 unsigned char bitlengths[MAX_SYMBOLS], zerocount, ppmd_flags; 1742 unsigned int maxorder; 1743 struct huffman_code precode; 1744 struct rar *rar = (struct rar *)(a->format->data); 1745 struct rar_br *br = &(rar->br); 1746 1747 free_codes(a); 1748 1749 /* Skip to the next byte */ 1750 rar_br_consume_unalined_bits(br); 1751 1752 /* PPMd block flag */ 1753 if (!rar_br_read_ahead(a, br, 1)) 1754 goto truncated_data; 1755 if ((rar->is_ppmd_block = rar_br_bits(br, 1)) != 0) 1756 { 1757 rar_br_consume(br, 1); 1758 if (!rar_br_read_ahead(a, br, 7)) 1759 goto truncated_data; 1760 ppmd_flags = rar_br_bits(br, 7); 1761 rar_br_consume(br, 7); 1762 1763 /* Memory is allocated in MB */ 1764 if (ppmd_flags & 0x20) 1765 { 1766 if (!rar_br_read_ahead(a, br, 8)) 1767 goto truncated_data; 1768 rar->dictionary_size = (rar_br_bits(br, 8) + 1) << 20; 1769 rar_br_consume(br, 8); 1770 } 1771 1772 if (ppmd_flags & 0x40) 1773 { 1774 if (!rar_br_read_ahead(a, br, 8)) 1775 goto truncated_data; 1776 rar->ppmd_escape = rar->ppmd7_context.InitEsc = rar_br_bits(br, 8); 1777 rar_br_consume(br, 8); 1778 } 1779 else 1780 rar->ppmd_escape = 2; 1781 1782 if (ppmd_flags & 0x20) 1783 { 1784 maxorder = (ppmd_flags & 0x1F) + 1; 1785 if(maxorder > 16) 1786 maxorder = 16 + (maxorder - 16) * 3; 1787 1788 if (maxorder == 1) 1789 { 1790 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1791 "Truncated RAR file data"); 1792 return (ARCHIVE_FATAL); 1793 } 1794 1795 /* Make sure ppmd7_contest is freed before Ppmd7_Construct 1796 * because reading a broken file cause this abnormal sequence. */ 1797 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 1798 1799 rar->bytein.a = a; 1800 rar->bytein.Read = &ppmd_read; 1801 __archive_ppmd7_functions.PpmdRAR_RangeDec_CreateVTable(&rar->range_dec); 1802 rar->range_dec.Stream = &rar->bytein; 1803 __archive_ppmd7_functions.Ppmd7_Construct(&rar->ppmd7_context); 1804 1805 if (!__archive_ppmd7_functions.Ppmd7_Alloc(&rar->ppmd7_context, 1806 rar->dictionary_size, &g_szalloc)) 1807 { 1808 archive_set_error(&a->archive, ENOMEM, 1809 "Out of memory"); 1810 return (ARCHIVE_FATAL); 1811 } 1812 if (!__archive_ppmd7_functions.PpmdRAR_RangeDec_Init(&rar->range_dec)) 1813 { 1814 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1815 "Unable to initialize PPMd range decoder"); 1816 return (ARCHIVE_FATAL); 1817 } 1818 __archive_ppmd7_functions.Ppmd7_Init(&rar->ppmd7_context, maxorder); 1819 rar->ppmd_valid = 1; 1820 } 1821 else 1822 { 1823 if (!rar->ppmd_valid) { 1824 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1825 "Invalid PPMd sequence"); 1826 return (ARCHIVE_FATAL); 1827 } 1828 if (!__archive_ppmd7_functions.PpmdRAR_RangeDec_Init(&rar->range_dec)) 1829 { 1830 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1831 "Unable to initialize PPMd range decoder"); 1832 return (ARCHIVE_FATAL); 1833 } 1834 } 1835 } 1836 else 1837 { 1838 rar_br_consume(br, 1); 1839 1840 /* Keep existing table flag */ 1841 if (!rar_br_read_ahead(a, br, 1)) 1842 goto truncated_data; 1843 if (!rar_br_bits(br, 1)) 1844 memset(rar->lengthtable, 0, sizeof(rar->lengthtable)); 1845 rar_br_consume(br, 1); 1846 1847 memset(&bitlengths, 0, sizeof(bitlengths)); 1848 for (i = 0; i < MAX_SYMBOLS;) 1849 { 1850 if (!rar_br_read_ahead(a, br, 4)) 1851 goto truncated_data; 1852 bitlengths[i++] = rar_br_bits(br, 4); 1853 rar_br_consume(br, 4); 1854 if (bitlengths[i-1] == 0xF) 1855 { 1856 if (!rar_br_read_ahead(a, br, 4)) 1857 goto truncated_data; 1858 zerocount = rar_br_bits(br, 4); 1859 rar_br_consume(br, 4); 1860 if (zerocount) 1861 { 1862 i--; 1863 for (j = 0; j < zerocount + 2 && i < MAX_SYMBOLS; j++) 1864 bitlengths[i++] = 0; 1865 } 1866 } 1867 } 1868 1869 memset(&precode, 0, sizeof(precode)); 1870 r = create_code(a, &precode, bitlengths, MAX_SYMBOLS, MAX_SYMBOL_LENGTH); 1871 if (r != ARCHIVE_OK) { 1872 free(precode.tree); 1873 free(precode.table); 1874 return (r); 1875 } 1876 1877 for (i = 0; i < HUFFMAN_TABLE_SIZE;) 1878 { 1879 if ((val = read_next_symbol(a, &precode)) < 0) { 1880 free(precode.tree); 1881 free(precode.table); 1882 return (ARCHIVE_FATAL); 1883 } 1884 if (val < 16) 1885 { 1886 rar->lengthtable[i] = (rar->lengthtable[i] + val) & 0xF; 1887 i++; 1888 } 1889 else if (val < 18) 1890 { 1891 if (i == 0) 1892 { 1893 free(precode.tree); 1894 free(precode.table); 1895 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1896 "Internal error extracting RAR file."); 1897 return (ARCHIVE_FATAL); 1898 } 1899 1900 if(val == 16) { 1901 if (!rar_br_read_ahead(a, br, 3)) { 1902 free(precode.tree); 1903 free(precode.table); 1904 goto truncated_data; 1905 } 1906 n = rar_br_bits(br, 3) + 3; 1907 rar_br_consume(br, 3); 1908 } else { 1909 if (!rar_br_read_ahead(a, br, 7)) { 1910 free(precode.tree); 1911 free(precode.table); 1912 goto truncated_data; 1913 } 1914 n = rar_br_bits(br, 7) + 11; 1915 rar_br_consume(br, 7); 1916 } 1917 1918 for (j = 0; j < n && i < HUFFMAN_TABLE_SIZE; j++) 1919 { 1920 rar->lengthtable[i] = rar->lengthtable[i-1]; 1921 i++; 1922 } 1923 } 1924 else 1925 { 1926 if(val == 18) { 1927 if (!rar_br_read_ahead(a, br, 3)) { 1928 free(precode.tree); 1929 free(precode.table); 1930 goto truncated_data; 1931 } 1932 n = rar_br_bits(br, 3) + 3; 1933 rar_br_consume(br, 3); 1934 } else { 1935 if (!rar_br_read_ahead(a, br, 7)) { 1936 free(precode.tree); 1937 free(precode.table); 1938 goto truncated_data; 1939 } 1940 n = rar_br_bits(br, 7) + 11; 1941 rar_br_consume(br, 7); 1942 } 1943 1944 for(j = 0; j < n && i < HUFFMAN_TABLE_SIZE; j++) 1945 rar->lengthtable[i++] = 0; 1946 } 1947 } 1948 free(precode.tree); 1949 free(precode.table); 1950 1951 r = create_code(a, &rar->maincode, &rar->lengthtable[0], MAINCODE_SIZE, 1952 MAX_SYMBOL_LENGTH); 1953 if (r != ARCHIVE_OK) 1954 return (r); 1955 r = create_code(a, &rar->offsetcode, &rar->lengthtable[MAINCODE_SIZE], 1956 OFFSETCODE_SIZE, MAX_SYMBOL_LENGTH); 1957 if (r != ARCHIVE_OK) 1958 return (r); 1959 r = create_code(a, &rar->lowoffsetcode, 1960 &rar->lengthtable[MAINCODE_SIZE + OFFSETCODE_SIZE], 1961 LOWOFFSETCODE_SIZE, MAX_SYMBOL_LENGTH); 1962 if (r != ARCHIVE_OK) 1963 return (r); 1964 r = create_code(a, &rar->lengthcode, 1965 &rar->lengthtable[MAINCODE_SIZE + OFFSETCODE_SIZE + 1966 LOWOFFSETCODE_SIZE], LENGTHCODE_SIZE, MAX_SYMBOL_LENGTH); 1967 if (r != ARCHIVE_OK) 1968 return (r); 1969 } 1970 1971 if (!rar->dictionary_size || !rar->lzss.window) 1972 { 1973 /* Seems as though dictionary sizes are not used. Even so, minimize 1974 * memory usage as much as possible. 1975 */ 1976 if (rar->unp_size >= DICTIONARY_MAX_SIZE) 1977 rar->dictionary_size = DICTIONARY_MAX_SIZE; 1978 else 1979 rar->dictionary_size = rar_fls(rar->unp_size) << 1; 1980 rar->lzss.window = (unsigned char *)realloc(rar->lzss.window, 1981 rar->dictionary_size); 1982 if (rar->lzss.window == NULL) { 1983 archive_set_error(&a->archive, ENOMEM, 1984 "Unable to allocate memory for uncompressed data."); 1985 return (ARCHIVE_FATAL); 1986 } 1987 memset(rar->lzss.window, 0, rar->dictionary_size); 1988 rar->lzss.mask = rar->dictionary_size - 1; 1989 } 1990 1991 rar->start_new_table = 0; 1992 return (ARCHIVE_OK); 1993 truncated_data: 1994 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1995 "Truncated RAR file data"); 1996 rar->valid = 0; 1997 return (ARCHIVE_FATAL); 1998 } 1999 2000 static void 2001 free_codes(struct archive_read *a) 2002 { 2003 struct rar *rar = (struct rar *)(a->format->data); 2004 free(rar->maincode.tree); 2005 free(rar->offsetcode.tree); 2006 free(rar->lowoffsetcode.tree); 2007 free(rar->lengthcode.tree); 2008 free(rar->maincode.table); 2009 free(rar->offsetcode.table); 2010 free(rar->lowoffsetcode.table); 2011 free(rar->lengthcode.table); 2012 memset(&rar->maincode, 0, sizeof(rar->maincode)); 2013 memset(&rar->offsetcode, 0, sizeof(rar->offsetcode)); 2014 memset(&rar->lowoffsetcode, 0, sizeof(rar->lowoffsetcode)); 2015 memset(&rar->lengthcode, 0, sizeof(rar->lengthcode)); 2016 } 2017 2018 2019 static int 2020 read_next_symbol(struct archive_read *a, struct huffman_code *code) 2021 { 2022 unsigned char bit; 2023 unsigned int bits; 2024 int length, value, node; 2025 struct rar *rar; 2026 struct rar_br *br; 2027 2028 if (!code->table) 2029 { 2030 if (make_table(a, code) != (ARCHIVE_OK)) 2031 return -1; 2032 } 2033 2034 rar = (struct rar *)(a->format->data); 2035 br = &(rar->br); 2036 2037 /* Look ahead (peek) at bits */ 2038 if (!rar_br_read_ahead(a, br, code->tablesize)) { 2039 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2040 "Truncated RAR file data"); 2041 rar->valid = 0; 2042 return -1; 2043 } 2044 bits = rar_br_bits(br, code->tablesize); 2045 2046 length = code->table[bits].length; 2047 value = code->table[bits].value; 2048 2049 if (length < 0) 2050 { 2051 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2052 "Invalid prefix code in bitstream"); 2053 return -1; 2054 } 2055 2056 if (length <= code->tablesize) 2057 { 2058 /* Skip length bits */ 2059 rar_br_consume(br, length); 2060 return value; 2061 } 2062 2063 /* Skip tablesize bits */ 2064 rar_br_consume(br, code->tablesize); 2065 2066 node = value; 2067 while (!(code->tree[node].branches[0] == 2068 code->tree[node].branches[1])) 2069 { 2070 if (!rar_br_read_ahead(a, br, 1)) { 2071 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2072 "Truncated RAR file data"); 2073 rar->valid = 0; 2074 return -1; 2075 } 2076 bit = rar_br_bits(br, 1); 2077 rar_br_consume(br, 1); 2078 2079 if (code->tree[node].branches[bit] < 0) 2080 { 2081 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2082 "Invalid prefix code in bitstream"); 2083 return -1; 2084 } 2085 node = code->tree[node].branches[bit]; 2086 } 2087 2088 return code->tree[node].branches[0]; 2089 } 2090 2091 static int 2092 create_code(struct archive_read *a, struct huffman_code *code, 2093 unsigned char *lengths, int numsymbols, char maxlength) 2094 { 2095 int i, j, codebits = 0, symbolsleft = numsymbols; 2096 2097 if (new_node(code) < 0) { 2098 archive_set_error(&a->archive, ENOMEM, 2099 "Unable to allocate memory for node data."); 2100 return (ARCHIVE_FATAL); 2101 } 2102 code->numentries = 1; 2103 code->minlength = INT_MAX; 2104 code->maxlength = INT_MIN; 2105 codebits = 0; 2106 for(i = 1; i <= maxlength; i++) 2107 { 2108 for(j = 0; j < numsymbols; j++) 2109 { 2110 if (lengths[j] != i) continue; 2111 if (add_value(a, code, j, codebits, i) != ARCHIVE_OK) 2112 return (ARCHIVE_FATAL); 2113 codebits++; 2114 if (--symbolsleft <= 0) { break; break; } 2115 } 2116 codebits <<= 1; 2117 } 2118 return (ARCHIVE_OK); 2119 } 2120 2121 static int 2122 add_value(struct archive_read *a, struct huffman_code *code, int value, 2123 int codebits, int length) 2124 { 2125 int repeatpos, lastnode, bitpos, bit, repeatnode, nextnode; 2126 2127 free(code->table); 2128 code->table = NULL; 2129 2130 if(length > code->maxlength) 2131 code->maxlength = length; 2132 if(length < code->minlength) 2133 code->minlength = length; 2134 2135 repeatpos = -1; 2136 if (repeatpos == 0 || (repeatpos >= 0 2137 && (((codebits >> (repeatpos - 1)) & 3) == 0 2138 || ((codebits >> (repeatpos - 1)) & 3) == 3))) 2139 { 2140 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2141 "Invalid repeat position"); 2142 return (ARCHIVE_FATAL); 2143 } 2144 2145 lastnode = 0; 2146 for (bitpos = length - 1; bitpos >= 0; bitpos--) 2147 { 2148 bit = (codebits >> bitpos) & 1; 2149 2150 /* Leaf node check */ 2151 if (code->tree[lastnode].branches[0] == 2152 code->tree[lastnode].branches[1]) 2153 { 2154 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2155 "Prefix found"); 2156 return (ARCHIVE_FATAL); 2157 } 2158 2159 if (bitpos == repeatpos) 2160 { 2161 /* Open branch check */ 2162 if (!(code->tree[lastnode].branches[bit] < 0)) 2163 { 2164 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2165 "Invalid repeating code"); 2166 return (ARCHIVE_FATAL); 2167 } 2168 2169 if ((repeatnode = new_node(code)) < 0) { 2170 archive_set_error(&a->archive, ENOMEM, 2171 "Unable to allocate memory for node data."); 2172 return (ARCHIVE_FATAL); 2173 } 2174 if ((nextnode = new_node(code)) < 0) { 2175 archive_set_error(&a->archive, ENOMEM, 2176 "Unable to allocate memory for node data."); 2177 return (ARCHIVE_FATAL); 2178 } 2179 2180 /* Set branches */ 2181 code->tree[lastnode].branches[bit] = repeatnode; 2182 code->tree[repeatnode].branches[bit] = repeatnode; 2183 code->tree[repeatnode].branches[bit^1] = nextnode; 2184 lastnode = nextnode; 2185 2186 bitpos++; /* terminating bit already handled, skip it */ 2187 } 2188 else 2189 { 2190 /* Open branch check */ 2191 if (code->tree[lastnode].branches[bit] < 0) 2192 { 2193 if (new_node(code) < 0) { 2194 archive_set_error(&a->archive, ENOMEM, 2195 "Unable to allocate memory for node data."); 2196 return (ARCHIVE_FATAL); 2197 } 2198 code->tree[lastnode].branches[bit] = code->numentries++; 2199 } 2200 2201 /* set to branch */ 2202 lastnode = code->tree[lastnode].branches[bit]; 2203 } 2204 } 2205 2206 if (!(code->tree[lastnode].branches[0] == -1 2207 && code->tree[lastnode].branches[1] == -2)) 2208 { 2209 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2210 "Prefix found"); 2211 return (ARCHIVE_FATAL); 2212 } 2213 2214 /* Set leaf value */ 2215 code->tree[lastnode].branches[0] = value; 2216 code->tree[lastnode].branches[1] = value; 2217 2218 return (ARCHIVE_OK); 2219 } 2220 2221 static int 2222 new_node(struct huffman_code *code) 2223 { 2224 code->tree = (struct huffman_tree_node *)realloc(code->tree, 2225 (code->numentries + 1) * sizeof(*code->tree)); 2226 if (code->tree == NULL) 2227 return (-1); 2228 code->tree[code->numentries].branches[0] = -1; 2229 code->tree[code->numentries].branches[1] = -2; 2230 return 1; 2231 } 2232 2233 static int 2234 make_table(struct archive_read *a, struct huffman_code *code) 2235 { 2236 if (code->maxlength < code->minlength || code->maxlength > 10) 2237 code->tablesize = 10; 2238 else 2239 code->tablesize = code->maxlength; 2240 2241 code->table = 2242 (struct huffman_table_entry *)malloc(sizeof(*code->table) 2243 * (1 << code->tablesize)); 2244 2245 return make_table_recurse(a, code, 0, code->table, 0, code->tablesize); 2246 } 2247 2248 static int 2249 make_table_recurse(struct archive_read *a, struct huffman_code *code, int node, 2250 struct huffman_table_entry *table, int depth, 2251 int maxdepth) 2252 { 2253 int currtablesize, i, ret = (ARCHIVE_OK); 2254 2255 if (!code->tree) 2256 { 2257 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2258 "Huffman tree was not created."); 2259 return (ARCHIVE_FATAL); 2260 } 2261 if (node < 0 || node >= code->numentries) 2262 { 2263 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2264 "Invalid location to Huffman tree specified."); 2265 return (ARCHIVE_FATAL); 2266 } 2267 2268 currtablesize = 1 << (maxdepth - depth); 2269 2270 if (code->tree[node].branches[0] == 2271 code->tree[node].branches[1]) 2272 { 2273 for(i = 0; i < currtablesize; i++) 2274 { 2275 table[i].length = depth; 2276 table[i].value = code->tree[node].branches[0]; 2277 } 2278 } 2279 else if (node < 0) 2280 { 2281 for(i = 0; i < currtablesize; i++) 2282 table[i].length = -1; 2283 } 2284 else 2285 { 2286 if(depth == maxdepth) 2287 { 2288 table[0].length = maxdepth + 1; 2289 table[0].value = node; 2290 } 2291 else 2292 { 2293 ret |= make_table_recurse(a, code, code->tree[node].branches[0], table, 2294 depth + 1, maxdepth); 2295 ret |= make_table_recurse(a, code, code->tree[node].branches[1], 2296 table + currtablesize / 2, depth + 1, maxdepth); 2297 } 2298 } 2299 return ret; 2300 } 2301 2302 static int64_t 2303 expand(struct archive_read *a, int64_t end) 2304 { 2305 static const unsigned char lengthbases[] = 2306 { 0, 1, 2, 3, 4, 5, 6, 2307 7, 8, 10, 12, 14, 16, 20, 2308 24, 28, 32, 40, 48, 56, 64, 2309 80, 96, 112, 128, 160, 192, 224 }; 2310 static const unsigned char lengthbits[] = 2311 { 0, 0, 0, 0, 0, 0, 0, 2312 0, 1, 1, 1, 1, 2, 2, 2313 2, 2, 3, 3, 3, 3, 4, 2314 4, 4, 4, 5, 5, 5, 5 }; 2315 static const unsigned int offsetbases[] = 2316 { 0, 1, 2, 3, 4, 6, 2317 8, 12, 16, 24, 32, 48, 2318 64, 96, 128, 192, 256, 384, 2319 512, 768, 1024, 1536, 2048, 3072, 2320 4096, 6144, 8192, 12288, 16384, 24576, 2321 32768, 49152, 65536, 98304, 131072, 196608, 2322 262144, 327680, 393216, 458752, 524288, 589824, 2323 655360, 720896, 786432, 851968, 917504, 983040, 2324 1048576, 1310720, 1572864, 1835008, 2097152, 2359296, 2325 2621440, 2883584, 3145728, 3407872, 3670016, 3932160 }; 2326 static const unsigned char offsetbits[] = 2327 { 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 2328 5, 5, 6, 6, 7, 7, 8, 8, 9, 9, 10, 10, 2329 11, 11, 12, 12, 13, 13, 14, 14, 15, 15, 16, 16, 2330 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 2331 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18 }; 2332 static const unsigned char shortbases[] = 2333 { 0, 4, 8, 16, 32, 64, 128, 192 }; 2334 static const unsigned char shortbits[] = 2335 { 2, 2, 3, 4, 5, 6, 6, 6 }; 2336 2337 int symbol, offs, len, offsindex, lensymbol, i, offssymbol, lowoffsetsymbol; 2338 unsigned char newfile; 2339 struct rar *rar = (struct rar *)(a->format->data); 2340 struct rar_br *br = &(rar->br); 2341 2342 if (rar->filterstart < end) 2343 end = rar->filterstart; 2344 2345 while (1) 2346 { 2347 if (rar->output_last_match && 2348 lzss_position(&rar->lzss) + rar->lastlength <= end) 2349 { 2350 lzss_emit_match(rar, rar->lastoffset, rar->lastlength); 2351 rar->output_last_match = 0; 2352 } 2353 2354 if(rar->is_ppmd_block || rar->output_last_match || 2355 lzss_position(&rar->lzss) >= end) 2356 return lzss_position(&rar->lzss); 2357 2358 if ((symbol = read_next_symbol(a, &rar->maincode)) < 0) 2359 return (ARCHIVE_FATAL); 2360 rar->output_last_match = 0; 2361 2362 if (symbol < 256) 2363 { 2364 lzss_emit_literal(rar, symbol); 2365 continue; 2366 } 2367 else if (symbol == 256) 2368 { 2369 if (!rar_br_read_ahead(a, br, 1)) 2370 goto truncated_data; 2371 newfile = !rar_br_bits(br, 1); 2372 rar_br_consume(br, 1); 2373 2374 if(newfile) 2375 { 2376 rar->start_new_block = 1; 2377 if (!rar_br_read_ahead(a, br, 1)) 2378 goto truncated_data; 2379 rar->start_new_table = rar_br_bits(br, 1); 2380 rar_br_consume(br, 1); 2381 return lzss_position(&rar->lzss); 2382 } 2383 else 2384 { 2385 if (parse_codes(a) != ARCHIVE_OK) 2386 return (ARCHIVE_FATAL); 2387 continue; 2388 } 2389 } 2390 else if(symbol==257) 2391 { 2392 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2393 "Parsing filters is unsupported."); 2394 return (ARCHIVE_FAILED); 2395 } 2396 else if(symbol==258) 2397 { 2398 if(rar->lastlength == 0) 2399 continue; 2400 2401 offs = rar->lastoffset; 2402 len = rar->lastlength; 2403 } 2404 else if (symbol <= 262) 2405 { 2406 offsindex = symbol - 259; 2407 offs = rar->oldoffset[offsindex]; 2408 2409 if ((lensymbol = read_next_symbol(a, &rar->lengthcode)) < 0) 2410 goto bad_data; 2411 if (lensymbol > sizeof(lengthbases)/sizeof(lengthbases[0])) 2412 goto bad_data; 2413 if (lensymbol > sizeof(lengthbits)/sizeof(lengthbits[0])) 2414 goto bad_data; 2415 len = lengthbases[lensymbol] + 2; 2416 if (lengthbits[lensymbol] > 0) { 2417 if (!rar_br_read_ahead(a, br, lengthbits[lensymbol])) 2418 goto truncated_data; 2419 len += rar_br_bits(br, lengthbits[lensymbol]); 2420 rar_br_consume(br, lengthbits[lensymbol]); 2421 } 2422 2423 for (i = offsindex; i > 0; i--) 2424 rar->oldoffset[i] = rar->oldoffset[i-1]; 2425 rar->oldoffset[0] = offs; 2426 } 2427 else if(symbol<=270) 2428 { 2429 offs = shortbases[symbol-263] + 1; 2430 if(shortbits[symbol-263] > 0) { 2431 if (!rar_br_read_ahead(a, br, shortbits[symbol-263])) 2432 goto truncated_data; 2433 offs += rar_br_bits(br, shortbits[symbol-263]); 2434 rar_br_consume(br, shortbits[symbol-263]); 2435 } 2436 2437 len = 2; 2438 2439 for(i = 3; i > 0; i--) 2440 rar->oldoffset[i] = rar->oldoffset[i-1]; 2441 rar->oldoffset[0] = offs; 2442 } 2443 else 2444 { 2445 if (symbol-271 > sizeof(lengthbases)/sizeof(lengthbases[0])) 2446 goto bad_data; 2447 if (symbol-271 > sizeof(lengthbits)/sizeof(lengthbits[0])) 2448 goto bad_data; 2449 len = lengthbases[symbol-271]+3; 2450 if(lengthbits[symbol-271] > 0) { 2451 if (!rar_br_read_ahead(a, br, lengthbits[symbol-271])) 2452 goto truncated_data; 2453 len += rar_br_bits(br, lengthbits[symbol-271]); 2454 rar_br_consume(br, lengthbits[symbol-271]); 2455 } 2456 2457 if ((offssymbol = read_next_symbol(a, &rar->offsetcode)) < 0) 2458 goto bad_data; 2459 if (offssymbol > sizeof(offsetbases)/sizeof(offsetbases[0])) 2460 goto bad_data; 2461 if (offssymbol > sizeof(offsetbits)/sizeof(offsetbits[0])) 2462 goto bad_data; 2463 offs = offsetbases[offssymbol]+1; 2464 if(offsetbits[offssymbol] > 0) 2465 { 2466 if(offssymbol > 9) 2467 { 2468 if(offsetbits[offssymbol] > 4) { 2469 if (!rar_br_read_ahead(a, br, offsetbits[offssymbol] - 4)) 2470 goto truncated_data; 2471 offs += rar_br_bits(br, offsetbits[offssymbol] - 4) << 4; 2472 rar_br_consume(br, offsetbits[offssymbol] - 4); 2473 } 2474 2475 if(rar->numlowoffsetrepeats > 0) 2476 { 2477 rar->numlowoffsetrepeats--; 2478 offs += rar->lastlowoffset; 2479 } 2480 else 2481 { 2482 if ((lowoffsetsymbol = 2483 read_next_symbol(a, &rar->lowoffsetcode)) < 0) 2484 return (ARCHIVE_FATAL); 2485 if(lowoffsetsymbol == 16) 2486 { 2487 rar->numlowoffsetrepeats = 15; 2488 offs += rar->lastlowoffset; 2489 } 2490 else 2491 { 2492 offs += lowoffsetsymbol; 2493 rar->lastlowoffset = lowoffsetsymbol; 2494 } 2495 } 2496 } 2497 else { 2498 if (!rar_br_read_ahead(a, br, offsetbits[offssymbol])) 2499 goto truncated_data; 2500 offs += rar_br_bits(br, offsetbits[offssymbol]); 2501 rar_br_consume(br, offsetbits[offssymbol]); 2502 } 2503 } 2504 2505 if (offs >= 0x40000) 2506 len++; 2507 if (offs >= 0x2000) 2508 len++; 2509 2510 for(i = 3; i > 0; i--) 2511 rar->oldoffset[i] = rar->oldoffset[i-1]; 2512 rar->oldoffset[0] = offs; 2513 } 2514 2515 rar->lastoffset = offs; 2516 rar->lastlength = len; 2517 rar->output_last_match = 1; 2518 } 2519 truncated_data: 2520 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2521 "Truncated RAR file data"); 2522 rar->valid = 0; 2523 return (ARCHIVE_FATAL); 2524 bad_data: 2525 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2526 "Bad RAR file data"); 2527 return (ARCHIVE_FATAL); 2528 } 2529 2530 static int 2531 copy_from_lzss_window(struct archive_read *a, const void **buffer, 2532 int64_t startpos, int length) 2533 { 2534 int windowoffs, firstpart; 2535 struct rar *rar = (struct rar *)(a->format->data); 2536 2537 if (!rar->unp_buffer) 2538 { 2539 if ((rar->unp_buffer = malloc(rar->unp_buffer_size)) == NULL) 2540 { 2541 archive_set_error(&a->archive, ENOMEM, 2542 "Unable to allocate memory for uncompressed data."); 2543 return (ARCHIVE_FATAL); 2544 } 2545 } 2546 2547 windowoffs = lzss_offset_for_position(&rar->lzss, startpos); 2548 if(windowoffs + length <= lzss_size(&rar->lzss)) 2549 memcpy(&rar->unp_buffer[rar->unp_offset], &rar->lzss.window[windowoffs], 2550 length); 2551 else 2552 { 2553 firstpart = lzss_size(&rar->lzss) - windowoffs; 2554 if (firstpart < 0) { 2555 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2556 "Bad RAR file data"); 2557 return (ARCHIVE_FATAL); 2558 } 2559 if (firstpart < length) { 2560 memcpy(&rar->unp_buffer[rar->unp_offset], 2561 &rar->lzss.window[windowoffs], firstpart); 2562 memcpy(&rar->unp_buffer[rar->unp_offset + firstpart], 2563 &rar->lzss.window[0], length - firstpart); 2564 } else 2565 memcpy(&rar->unp_buffer[rar->unp_offset], 2566 &rar->lzss.window[windowoffs], length); 2567 } 2568 rar->unp_offset += length; 2569 if (rar->unp_offset >= rar->unp_buffer_size) 2570 *buffer = rar->unp_buffer; 2571 else 2572 *buffer = NULL; 2573 return (ARCHIVE_OK); 2574 } 2575