1 /*-
2 * Copyright (c) 2007 Joerg Sonnenberger
3 * Copyright (c) 2012 Michihiro NAKAJIMA
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26
27 #include "archive_platform.h"
28
29 #ifdef HAVE_SYS_WAIT_H
30 # include <sys/wait.h>
31 #endif
32 #ifdef HAVE_ERRNO_H
33 # include <errno.h>
34 #endif
35 #ifdef HAVE_FCNTL_H
36 # include <fcntl.h>
37 #endif
38 #ifdef HAVE_LIMITS_H
39 # include <limits.h>
40 #endif
41 #ifdef HAVE_SIGNAL_H
42 # include <signal.h>
43 #endif
44 #ifdef HAVE_STDLIB_H
45 # include <stdlib.h>
46 #endif
47 #ifdef HAVE_STRING_H
48 # include <string.h>
49 #endif
50 #ifdef HAVE_UNISTD_H
51 # include <unistd.h>
52 #endif
53
54 #include "archive.h"
55 #include "archive_private.h"
56 #include "archive_string.h"
57 #include "archive_read_private.h"
58 #include "filter_fork.h"
59
60
61 #if ARCHIVE_VERSION_NUMBER < 4000000
62 /* Deprecated; remove in libarchive 4.0 */
63 int
archive_read_support_compression_program(struct archive * a,const char * cmd)64 archive_read_support_compression_program(struct archive *a, const char *cmd)
65 {
66 return archive_read_support_filter_program(a, cmd);
67 }
68
69 int
archive_read_support_compression_program_signature(struct archive * a,const char * cmd,const void * signature,size_t signature_len)70 archive_read_support_compression_program_signature(struct archive *a,
71 const char *cmd, const void *signature, size_t signature_len)
72 {
73 return archive_read_support_filter_program_signature(a,
74 cmd, signature, signature_len);
75 }
76 #endif
77
78 int
archive_read_support_filter_program(struct archive * a,const char * cmd)79 archive_read_support_filter_program(struct archive *a, const char *cmd)
80 {
81 return (archive_read_support_filter_program_signature(a, cmd, NULL, 0));
82 }
83
84 /*
85 * The bidder object stores the command and the signature to watch for.
86 * The 'inhibit' entry here is used to ensure that unchecked filters never
87 * bid twice in the same pipeline.
88 */
89 struct program_bidder {
90 char *description;
91 char *cmd;
92 void *signature;
93 size_t signature_len;
94 int inhibit;
95 };
96
97 static int program_bidder_bid(struct archive_read_filter_bidder *,
98 struct archive_read_filter *upstream);
99 static int program_bidder_init(struct archive_read_filter *);
100 static void program_bidder_free(struct archive_read_filter_bidder *);
101
102 /*
103 * The actual filter needs to track input and output data.
104 */
105 struct program_filter {
106 struct archive_string description;
107 #if defined(_WIN32) && !defined(__CYGWIN__)
108 HANDLE child;
109 #else
110 pid_t child;
111 #endif
112 int exit_status;
113 pid_t waitpid_return;
114 int child_stdin, child_stdout;
115
116 char *out_buf;
117 size_t out_buf_len;
118 };
119
120 static ssize_t program_filter_read(struct archive_read_filter *,
121 const void **);
122 static int program_filter_close(struct archive_read_filter *);
123 static void free_state(struct program_bidder *);
124
125 static const struct archive_read_filter_bidder_vtable
126 program_bidder_vtable = {
127 .bid = program_bidder_bid,
128 .init = program_bidder_init,
129 .free = program_bidder_free,
130 };
131
132 int
archive_read_support_filter_program_signature(struct archive * _a,const char * cmd,const void * signature,size_t signature_len)133 archive_read_support_filter_program_signature(struct archive *_a,
134 const char *cmd, const void *signature, size_t signature_len)
135 {
136 struct archive_read *a = (struct archive_read *)_a;
137 struct program_bidder *state;
138
139 /*
140 * Allocate our private state.
141 */
142 state = calloc(1, sizeof (*state));
143 if (state == NULL)
144 goto memerr;
145 state->cmd = strdup(cmd);
146 if (state->cmd == NULL)
147 goto memerr;
148
149 if (signature != NULL && signature_len > 0) {
150 state->signature_len = signature_len;
151 state->signature = malloc(signature_len);
152 if (state->signature == NULL)
153 goto memerr;
154 memcpy(state->signature, signature, signature_len);
155 }
156
157 if (__archive_read_register_bidder(a, state, NULL,
158 &program_bidder_vtable) != ARCHIVE_OK) {
159 free_state(state);
160 return (ARCHIVE_FATAL);
161 }
162 return (ARCHIVE_OK);
163
164 memerr:
165 free_state(state);
166 archive_set_error(_a, ENOMEM, "Can't allocate memory");
167 return (ARCHIVE_FATAL);
168 }
169
170 static void
program_bidder_free(struct archive_read_filter_bidder * self)171 program_bidder_free(struct archive_read_filter_bidder *self)
172 {
173 struct program_bidder *state = (struct program_bidder *)self->data;
174
175 free_state(state);
176 }
177
178 static void
free_state(struct program_bidder * state)179 free_state(struct program_bidder *state)
180 {
181
182 if (state) {
183 free(state->cmd);
184 free(state->signature);
185 free(state);
186 }
187 }
188
189 /*
190 * If we do have a signature, bid only if that matches.
191 *
192 * If there's no signature, we bid INT_MAX the first time
193 * we're called, then never bid again.
194 */
195 static int
program_bidder_bid(struct archive_read_filter_bidder * self,struct archive_read_filter * upstream)196 program_bidder_bid(struct archive_read_filter_bidder *self,
197 struct archive_read_filter *upstream)
198 {
199 struct program_bidder *state = self->data;
200 const char *p;
201
202 /* If we have a signature, use that to match. */
203 if (state->signature_len > 0) {
204 p = __archive_read_filter_ahead(upstream,
205 state->signature_len, NULL);
206 if (p == NULL)
207 return (0);
208 /* No match, so don't bid. */
209 if (memcmp(p, state->signature, state->signature_len) != 0)
210 return (0);
211 return ((int)state->signature_len * 8);
212 }
213
214 /* Otherwise, bid once and then never bid again. */
215 if (state->inhibit)
216 return (0);
217 state->inhibit = 1;
218 return (INT_MAX);
219 }
220
221 /*
222 * Shut down the child, return ARCHIVE_OK if it exited normally.
223 *
224 * Note that the return value is sticky; if we're called again,
225 * we won't reap the child again, but we will return the same status
226 * (including error message if the child came to a bad end).
227 */
228 static int
child_stop(struct archive_read_filter * self,struct program_filter * state)229 child_stop(struct archive_read_filter *self, struct program_filter *state)
230 {
231 /* Close our side of the I/O with the child. */
232 if (state->child_stdin != -1) {
233 close(state->child_stdin);
234 state->child_stdin = -1;
235 }
236 if (state->child_stdout != -1) {
237 close(state->child_stdout);
238 state->child_stdout = -1;
239 }
240
241 if (state->child != 0) {
242 /* Reap the child. */
243 do {
244 state->waitpid_return
245 = waitpid(state->child, &state->exit_status, 0);
246 } while (state->waitpid_return == -1 && errno == EINTR);
247 state->child = 0;
248 }
249
250 if (state->waitpid_return < 0) {
251 /* waitpid() failed? This is ugly. */
252 archive_set_error(&self->archive->archive, ARCHIVE_ERRNO_MISC,
253 "Error closing child process");
254 return (ARCHIVE_WARN);
255 }
256
257 #if !defined(_WIN32) || defined(__CYGWIN__)
258 if (WIFSIGNALED(state->exit_status)) {
259 #ifdef SIGPIPE
260 /* If the child died because we stopped reading before
261 * it was done, that's okay. Some archive formats
262 * have padding at the end that we routinely ignore. */
263 /* The alternative to this would be to add a step
264 * before close(child_stdout) above to read from the
265 * child until the child has no more to write. */
266 if (WTERMSIG(state->exit_status) == SIGPIPE)
267 return (ARCHIVE_OK);
268 #endif
269 archive_set_error(&self->archive->archive, ARCHIVE_ERRNO_MISC,
270 "Child process exited with signal %d",
271 WTERMSIG(state->exit_status));
272 return (ARCHIVE_WARN);
273 }
274 #endif /* !_WIN32 || __CYGWIN__ */
275
276 if (WIFEXITED(state->exit_status)) {
277 if (WEXITSTATUS(state->exit_status) == 0)
278 return (ARCHIVE_OK);
279
280 archive_set_error(&self->archive->archive,
281 ARCHIVE_ERRNO_MISC,
282 "Child process exited with status %d",
283 WEXITSTATUS(state->exit_status));
284 return (ARCHIVE_WARN);
285 }
286
287 return (ARCHIVE_WARN);
288 }
289
290 /*
291 * Use select() to decide whether the child is ready for read or write.
292 */
293 static ssize_t
child_read(struct archive_read_filter * self,char * buf,size_t buf_len)294 child_read(struct archive_read_filter *self, char *buf, size_t buf_len)
295 {
296 struct program_filter *state = self->data;
297 ssize_t ret, requested, avail;
298 const char *p;
299 #if defined(_WIN32) && !defined(__CYGWIN__)
300 HANDLE handle = (HANDLE)_get_osfhandle(state->child_stdout);
301 #endif
302
303 requested = buf_len > SSIZE_MAX ? SSIZE_MAX : buf_len;
304
305 for (;;) {
306 do {
307 #if defined(_WIN32) && !defined(__CYGWIN__)
308 /* Avoid infinity wait.
309 * Note: If there is no data in the pipe, ReadFile()
310 * called in read() never returns and so we won't
311 * write remaining encoded data to the pipe.
312 * Note: This way may cause performance problem.
313 * we are looking forward to great code to resolve
314 * this. */
315 DWORD pipe_avail = -1;
316 int cnt = 2;
317
318 while (PeekNamedPipe(handle, NULL, 0, NULL,
319 &pipe_avail, NULL) != 0 && pipe_avail == 0 &&
320 cnt--)
321 Sleep(5);
322 if (pipe_avail == 0) {
323 ret = -1;
324 errno = EAGAIN;
325 break;
326 }
327 #endif
328 ret = read(state->child_stdout, buf, requested);
329 } while (ret == -1 && errno == EINTR);
330
331 if (ret > 0)
332 return (ret);
333 if (ret == 0 || (ret == -1 && errno == EPIPE))
334 /* Child has closed its output; reap the child
335 * and return the status. */
336 return (child_stop(self, state));
337 if (ret == -1 && errno != EAGAIN)
338 return (-1);
339
340 if (state->child_stdin == -1) {
341 /* Block until child has some I/O ready. */
342 __archive_check_child(state->child_stdin,
343 state->child_stdout);
344 continue;
345 }
346
347 /* Get some more data from upstream. */
348 p = __archive_read_filter_ahead(self->upstream, 1, &avail);
349 if (p == NULL) {
350 close(state->child_stdin);
351 state->child_stdin = -1;
352 fcntl(state->child_stdout, F_SETFL, 0);
353 if (avail < 0)
354 return (avail);
355 continue;
356 }
357
358 do {
359 ret = write(state->child_stdin, p, avail);
360 } while (ret == -1 && errno == EINTR);
361
362 if (ret > 0) {
363 /* Consume whatever we managed to write. */
364 __archive_read_filter_consume(self->upstream, ret);
365 } else if (ret == -1 && errno == EAGAIN) {
366 /* Block until child has some I/O ready. */
367 __archive_check_child(state->child_stdin,
368 state->child_stdout);
369 } else {
370 /* Write failed. */
371 close(state->child_stdin);
372 state->child_stdin = -1;
373 fcntl(state->child_stdout, F_SETFL, 0);
374 /* If it was a bad error, we're done; otherwise
375 * it was EPIPE or EOF, and we can still read
376 * from the child. */
377 if (ret == -1 && errno != EPIPE)
378 return (-1);
379 }
380 }
381 }
382
383 static const struct archive_read_filter_vtable
384 program_reader_vtable = {
385 .read = program_filter_read,
386 .close = program_filter_close,
387 };
388
389 int
__archive_read_program(struct archive_read_filter * self,const char * cmd)390 __archive_read_program(struct archive_read_filter *self, const char *cmd)
391 {
392 struct program_filter *state;
393 static const size_t out_buf_len = 65536;
394 char *out_buf;
395 const char *prefix = "Program: ";
396 int ret;
397 size_t l;
398
399 l = strlen(prefix) + strlen(cmd) + 1;
400 state = calloc(1, sizeof(*state));
401 out_buf = malloc(out_buf_len);
402 if (state == NULL || out_buf == NULL ||
403 archive_string_ensure(&state->description, l) == NULL) {
404 archive_set_error(&self->archive->archive, ENOMEM,
405 "Can't allocate input data");
406 if (state != NULL) {
407 archive_string_free(&state->description);
408 free(state);
409 }
410 free(out_buf);
411 return (ARCHIVE_FATAL);
412 }
413 archive_strcpy(&state->description, prefix);
414 archive_strcat(&state->description, cmd);
415
416 self->code = ARCHIVE_FILTER_PROGRAM;
417 self->name = state->description.s;
418
419 state->out_buf = out_buf;
420 state->out_buf_len = out_buf_len;
421
422 ret = __archive_create_child(cmd, &state->child_stdin,
423 &state->child_stdout, &state->child);
424 if (ret != ARCHIVE_OK) {
425 free(state->out_buf);
426 archive_string_free(&state->description);
427 free(state);
428 archive_set_error(&self->archive->archive, EINVAL,
429 "Can't initialize filter; unable to run program \"%s\"",
430 cmd);
431 return (ARCHIVE_FATAL);
432 }
433
434 self->data = state;
435 self->vtable = &program_reader_vtable;
436
437 /* XXX Check that we can read at least one byte? */
438 return (ARCHIVE_OK);
439 }
440
441 static int
program_bidder_init(struct archive_read_filter * self)442 program_bidder_init(struct archive_read_filter *self)
443 {
444 struct program_bidder *bidder_state;
445
446 bidder_state = (struct program_bidder *)self->bidder->data;
447 return (__archive_read_program(self, bidder_state->cmd));
448 }
449
450 static ssize_t
program_filter_read(struct archive_read_filter * self,const void ** buff)451 program_filter_read(struct archive_read_filter *self, const void **buff)
452 {
453 struct program_filter *state;
454 ssize_t bytes;
455 size_t total;
456 char *p;
457
458 state = (struct program_filter *)self->data;
459
460 total = 0;
461 p = state->out_buf;
462 while (state->child_stdout != -1 && total < state->out_buf_len) {
463 bytes = child_read(self, p, state->out_buf_len - total);
464 if (bytes < 0)
465 /* No recovery is possible if we can no longer
466 * read from the child. */
467 return (ARCHIVE_FATAL);
468 if (bytes == 0)
469 /* We got EOF from the child. */
470 break;
471 total += bytes;
472 p += bytes;
473 }
474
475 *buff = state->out_buf;
476 return (total);
477 }
478
479 static int
program_filter_close(struct archive_read_filter * self)480 program_filter_close(struct archive_read_filter *self)
481 {
482 struct program_filter *state;
483 int e;
484
485 state = (struct program_filter *)self->data;
486 e = child_stop(self, state);
487
488 /* Release our private data. */
489 free(state->out_buf);
490 archive_string_free(&state->description);
491 free(state);
492
493 return (e);
494 }
495