1 /*- 2 * Copyright (c) 2008 Christos Zoulas 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 15 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 16 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 17 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 18 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 19 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 20 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 21 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 22 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 23 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 24 * POSSIBILITY OF SUCH DAMAGE. 25 */ 26 /* 27 * Parse Composite Document Files, the format used in Microsoft Office 28 * document files before they switched to zipped XML. 29 * Info from: http://sc.openoffice.org/compdocfileformat.pdf 30 * 31 * N.B. This is the "Composite Document File" format, and not the 32 * "Compound Document Format", nor the "Channel Definition Format". 33 */ 34 35 #include "file.h" 36 37 #ifndef lint 38 FILE_RCSID("@(#)$File: cdf.c,v 1.114 2019/02/20 02:35:27 christos Exp $") 39 #endif 40 41 #include <assert.h> 42 #ifdef CDF_DEBUG 43 #include <err.h> 44 #endif 45 #include <stdlib.h> 46 #include <unistd.h> 47 #include <string.h> 48 #include <time.h> 49 #include <ctype.h> 50 #include <limits.h> 51 52 #ifndef EFTYPE 53 #define EFTYPE EINVAL 54 #endif 55 56 #include "cdf.h" 57 58 #ifdef CDF_DEBUG 59 #define DPRINTF(a) printf a, fflush(stdout) 60 #else 61 #define DPRINTF(a) 62 #endif 63 64 static union { 65 char s[4]; 66 uint32_t u; 67 } cdf_bo; 68 69 #define NEED_SWAP (cdf_bo.u == CAST(uint32_t, 0x01020304)) 70 71 #define CDF_TOLE8(x) \ 72 (CAST(uint64_t, NEED_SWAP ? _cdf_tole8(x) : CAST(uint64_t, x))) 73 #define CDF_TOLE4(x) \ 74 (CAST(uint32_t, NEED_SWAP ? _cdf_tole4(x) : CAST(uint32_t, x))) 75 #define CDF_TOLE2(x) \ 76 (CAST(uint16_t, NEED_SWAP ? _cdf_tole2(x) : CAST(uint16_t, x))) 77 #define CDF_TOLE(x) (/*CONSTCOND*/sizeof(x) == 2 ? \ 78 CDF_TOLE2(CAST(uint16_t, x)) : \ 79 (/*CONSTCOND*/sizeof(x) == 4 ? \ 80 CDF_TOLE4(CAST(uint32_t, x)) : \ 81 CDF_TOLE8(CAST(uint64_t, x)))) 82 #define CDF_GETUINT32(x, y) cdf_getuint32(x, y) 83 84 #define CDF_MALLOC(n) cdf_malloc(__FILE__, __LINE__, (n)) 85 #define CDF_REALLOC(p, n) cdf_realloc(__FILE__, __LINE__, (p), (n)) 86 #define CDF_CALLOC(n, u) cdf_calloc(__FILE__, __LINE__, (n), (u)) 87 88 89 /*ARGSUSED*/ 90 static void * 91 cdf_malloc(const char *file __attribute__((__unused__)), 92 size_t line __attribute__((__unused__)), size_t n) 93 { 94 DPRINTF(("%s,%" SIZE_T_FORMAT "u: %s %" SIZE_T_FORMAT "u\n", 95 file, line, __func__, n)); 96 return malloc(n); 97 } 98 99 /*ARGSUSED*/ 100 static void * 101 cdf_realloc(const char *file __attribute__((__unused__)), 102 size_t line __attribute__((__unused__)), void *p, size_t n) 103 { 104 DPRINTF(("%s,%" SIZE_T_FORMAT "u: %s %" SIZE_T_FORMAT "u\n", 105 file, line, __func__, n)); 106 return realloc(p, n); 107 } 108 109 /*ARGSUSED*/ 110 static void * 111 cdf_calloc(const char *file __attribute__((__unused__)), 112 size_t line __attribute__((__unused__)), size_t n, size_t u) 113 { 114 DPRINTF(("%s,%" SIZE_T_FORMAT "u: %s %" SIZE_T_FORMAT "u %" 115 SIZE_T_FORMAT "u\n", file, line, __func__, n, u)); 116 return calloc(n, u); 117 } 118 119 /* 120 * swap a short 121 */ 122 static uint16_t 123 _cdf_tole2(uint16_t sv) 124 { 125 uint16_t rv; 126 uint8_t *s = RCAST(uint8_t *, RCAST(void *, &sv)); 127 uint8_t *d = RCAST(uint8_t *, RCAST(void *, &rv)); 128 d[0] = s[1]; 129 d[1] = s[0]; 130 return rv; 131 } 132 133 /* 134 * swap an int 135 */ 136 static uint32_t 137 _cdf_tole4(uint32_t sv) 138 { 139 uint32_t rv; 140 uint8_t *s = RCAST(uint8_t *, RCAST(void *, &sv)); 141 uint8_t *d = RCAST(uint8_t *, RCAST(void *, &rv)); 142 d[0] = s[3]; 143 d[1] = s[2]; 144 d[2] = s[1]; 145 d[3] = s[0]; 146 return rv; 147 } 148 149 /* 150 * swap a quad 151 */ 152 static uint64_t 153 _cdf_tole8(uint64_t sv) 154 { 155 uint64_t rv; 156 uint8_t *s = RCAST(uint8_t *, RCAST(void *, &sv)); 157 uint8_t *d = RCAST(uint8_t *, RCAST(void *, &rv)); 158 d[0] = s[7]; 159 d[1] = s[6]; 160 d[2] = s[5]; 161 d[3] = s[4]; 162 d[4] = s[3]; 163 d[5] = s[2]; 164 d[6] = s[1]; 165 d[7] = s[0]; 166 return rv; 167 } 168 169 /* 170 * grab a uint32_t from a possibly unaligned address, and return it in 171 * the native host order. 172 */ 173 static uint32_t 174 cdf_getuint32(const uint8_t *p, size_t offs) 175 { 176 uint32_t rv; 177 (void)memcpy(&rv, p + offs * sizeof(uint32_t), sizeof(rv)); 178 return CDF_TOLE4(rv); 179 } 180 181 #define CDF_UNPACK(a) \ 182 (void)memcpy(&(a), &buf[len], sizeof(a)), len += sizeof(a) 183 #define CDF_UNPACKA(a) \ 184 (void)memcpy((a), &buf[len], sizeof(a)), len += sizeof(a) 185 186 uint16_t 187 cdf_tole2(uint16_t sv) 188 { 189 return CDF_TOLE2(sv); 190 } 191 192 uint32_t 193 cdf_tole4(uint32_t sv) 194 { 195 return CDF_TOLE4(sv); 196 } 197 198 uint64_t 199 cdf_tole8(uint64_t sv) 200 { 201 return CDF_TOLE8(sv); 202 } 203 204 void 205 cdf_swap_header(cdf_header_t *h) 206 { 207 size_t i; 208 209 h->h_magic = CDF_TOLE8(h->h_magic); 210 h->h_uuid[0] = CDF_TOLE8(h->h_uuid[0]); 211 h->h_uuid[1] = CDF_TOLE8(h->h_uuid[1]); 212 h->h_revision = CDF_TOLE2(h->h_revision); 213 h->h_version = CDF_TOLE2(h->h_version); 214 h->h_byte_order = CDF_TOLE2(h->h_byte_order); 215 h->h_sec_size_p2 = CDF_TOLE2(h->h_sec_size_p2); 216 h->h_short_sec_size_p2 = CDF_TOLE2(h->h_short_sec_size_p2); 217 h->h_num_sectors_in_sat = CDF_TOLE4(h->h_num_sectors_in_sat); 218 h->h_secid_first_directory = CDF_TOLE4(h->h_secid_first_directory); 219 h->h_min_size_standard_stream = 220 CDF_TOLE4(h->h_min_size_standard_stream); 221 h->h_secid_first_sector_in_short_sat = 222 CDF_TOLE4(CAST(uint32_t, h->h_secid_first_sector_in_short_sat)); 223 h->h_num_sectors_in_short_sat = 224 CDF_TOLE4(h->h_num_sectors_in_short_sat); 225 h->h_secid_first_sector_in_master_sat = 226 CDF_TOLE4(CAST(uint32_t, h->h_secid_first_sector_in_master_sat)); 227 h->h_num_sectors_in_master_sat = 228 CDF_TOLE4(h->h_num_sectors_in_master_sat); 229 for (i = 0; i < __arraycount(h->h_master_sat); i++) { 230 h->h_master_sat[i] = 231 CDF_TOLE4(CAST(uint32_t, h->h_master_sat[i])); 232 } 233 } 234 235 void 236 cdf_unpack_header(cdf_header_t *h, char *buf) 237 { 238 size_t i; 239 size_t len = 0; 240 241 CDF_UNPACK(h->h_magic); 242 CDF_UNPACKA(h->h_uuid); 243 CDF_UNPACK(h->h_revision); 244 CDF_UNPACK(h->h_version); 245 CDF_UNPACK(h->h_byte_order); 246 CDF_UNPACK(h->h_sec_size_p2); 247 CDF_UNPACK(h->h_short_sec_size_p2); 248 CDF_UNPACKA(h->h_unused0); 249 CDF_UNPACK(h->h_num_sectors_in_sat); 250 CDF_UNPACK(h->h_secid_first_directory); 251 CDF_UNPACKA(h->h_unused1); 252 CDF_UNPACK(h->h_min_size_standard_stream); 253 CDF_UNPACK(h->h_secid_first_sector_in_short_sat); 254 CDF_UNPACK(h->h_num_sectors_in_short_sat); 255 CDF_UNPACK(h->h_secid_first_sector_in_master_sat); 256 CDF_UNPACK(h->h_num_sectors_in_master_sat); 257 for (i = 0; i < __arraycount(h->h_master_sat); i++) 258 CDF_UNPACK(h->h_master_sat[i]); 259 } 260 261 void 262 cdf_swap_dir(cdf_directory_t *d) 263 { 264 d->d_namelen = CDF_TOLE2(d->d_namelen); 265 d->d_left_child = CDF_TOLE4(CAST(uint32_t, d->d_left_child)); 266 d->d_right_child = CDF_TOLE4(CAST(uint32_t, d->d_right_child)); 267 d->d_storage = CDF_TOLE4(CAST(uint32_t, d->d_storage)); 268 d->d_storage_uuid[0] = CDF_TOLE8(d->d_storage_uuid[0]); 269 d->d_storage_uuid[1] = CDF_TOLE8(d->d_storage_uuid[1]); 270 d->d_flags = CDF_TOLE4(d->d_flags); 271 d->d_created = CDF_TOLE8(CAST(uint64_t, d->d_created)); 272 d->d_modified = CDF_TOLE8(CAST(uint64_t, d->d_modified)); 273 d->d_stream_first_sector = CDF_TOLE4( 274 CAST(uint32_t, d->d_stream_first_sector)); 275 d->d_size = CDF_TOLE4(d->d_size); 276 } 277 278 void 279 cdf_swap_class(cdf_classid_t *d) 280 { 281 d->cl_dword = CDF_TOLE4(d->cl_dword); 282 d->cl_word[0] = CDF_TOLE2(d->cl_word[0]); 283 d->cl_word[1] = CDF_TOLE2(d->cl_word[1]); 284 } 285 286 void 287 cdf_unpack_dir(cdf_directory_t *d, char *buf) 288 { 289 size_t len = 0; 290 291 CDF_UNPACKA(d->d_name); 292 CDF_UNPACK(d->d_namelen); 293 CDF_UNPACK(d->d_type); 294 CDF_UNPACK(d->d_color); 295 CDF_UNPACK(d->d_left_child); 296 CDF_UNPACK(d->d_right_child); 297 CDF_UNPACK(d->d_storage); 298 CDF_UNPACKA(d->d_storage_uuid); 299 CDF_UNPACK(d->d_flags); 300 CDF_UNPACK(d->d_created); 301 CDF_UNPACK(d->d_modified); 302 CDF_UNPACK(d->d_stream_first_sector); 303 CDF_UNPACK(d->d_size); 304 CDF_UNPACK(d->d_unused0); 305 } 306 307 int 308 cdf_zero_stream(cdf_stream_t *scn) 309 { 310 scn->sst_len = 0; 311 scn->sst_dirlen = 0; 312 scn->sst_ss = 0; 313 free(scn->sst_tab); 314 scn->sst_tab = NULL; 315 return -1; 316 } 317 318 static size_t 319 cdf_check_stream(const cdf_stream_t *sst, const cdf_header_t *h) 320 { 321 size_t ss = sst->sst_dirlen < h->h_min_size_standard_stream ? 322 CDF_SHORT_SEC_SIZE(h) : CDF_SEC_SIZE(h); 323 assert(ss == sst->sst_ss); 324 return sst->sst_ss; 325 } 326 327 static int 328 cdf_check_stream_offset(const cdf_stream_t *sst, const cdf_header_t *h, 329 const void *p, size_t tail, int line) 330 { 331 const char *b = RCAST(const char *, sst->sst_tab); 332 const char *e = RCAST(const char *, p) + tail; 333 size_t ss = cdf_check_stream(sst, h); 334 /*LINTED*/(void)&line; 335 if (e >= b && CAST(size_t, e - b) <= ss * sst->sst_len) 336 return 0; 337 DPRINTF(("%d: offset begin %p < end %p || %" SIZE_T_FORMAT "u" 338 " > %" SIZE_T_FORMAT "u [%" SIZE_T_FORMAT "u %" 339 SIZE_T_FORMAT "u]\n", line, b, e, (size_t)(e - b), 340 ss * sst->sst_len, ss, sst->sst_len)); 341 errno = EFTYPE; 342 return -1; 343 } 344 345 static ssize_t 346 cdf_read(const cdf_info_t *info, off_t off, void *buf, size_t len) 347 { 348 size_t siz = CAST(size_t, off + len); 349 350 if (CAST(off_t, off + len) != CAST(off_t, siz)) 351 goto out; 352 353 if (info->i_buf != NULL && info->i_len >= siz) { 354 (void)memcpy(buf, &info->i_buf[off], len); 355 return CAST(ssize_t, len); 356 } 357 358 if (info->i_fd == -1) 359 goto out; 360 361 if (pread(info->i_fd, buf, len, off) != CAST(ssize_t, len)) 362 return -1; 363 364 return CAST(ssize_t, len); 365 out: 366 errno = EINVAL; 367 return -1; 368 } 369 370 int 371 cdf_read_header(const cdf_info_t *info, cdf_header_t *h) 372 { 373 char buf[512]; 374 375 (void)memcpy(cdf_bo.s, "\01\02\03\04", 4); 376 if (cdf_read(info, CAST(off_t, 0), buf, sizeof(buf)) == -1) 377 return -1; 378 cdf_unpack_header(h, buf); 379 cdf_swap_header(h); 380 if (h->h_magic != CDF_MAGIC) { 381 DPRINTF(("Bad magic %#" INT64_T_FORMAT "x != %#" 382 INT64_T_FORMAT "x\n", 383 (unsigned long long)h->h_magic, 384 (unsigned long long)CDF_MAGIC)); 385 goto out; 386 } 387 if (h->h_sec_size_p2 > 20) { 388 DPRINTF(("Bad sector size %hu\n", h->h_sec_size_p2)); 389 goto out; 390 } 391 if (h->h_short_sec_size_p2 > 20) { 392 DPRINTF(("Bad short sector size %hu\n", 393 h->h_short_sec_size_p2)); 394 goto out; 395 } 396 return 0; 397 out: 398 errno = EFTYPE; 399 return -1; 400 } 401 402 403 ssize_t 404 cdf_read_sector(const cdf_info_t *info, void *buf, size_t offs, size_t len, 405 const cdf_header_t *h, cdf_secid_t id) 406 { 407 size_t ss = CDF_SEC_SIZE(h); 408 size_t pos = CDF_SEC_POS(h, id); 409 assert(ss == len); 410 return cdf_read(info, CAST(off_t, pos), RCAST(char *, buf) + offs, len); 411 } 412 413 ssize_t 414 cdf_read_short_sector(const cdf_stream_t *sst, void *buf, size_t offs, 415 size_t len, const cdf_header_t *h, cdf_secid_t id) 416 { 417 size_t ss = CDF_SHORT_SEC_SIZE(h); 418 size_t pos = CDF_SHORT_SEC_POS(h, id); 419 assert(ss == len); 420 if (pos + len > CDF_SEC_SIZE(h) * sst->sst_len) { 421 DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %" 422 SIZE_T_FORMAT "u\n", 423 pos + len, CDF_SEC_SIZE(h) * sst->sst_len)); 424 goto out; 425 } 426 (void)memcpy(RCAST(char *, buf) + offs, 427 RCAST(const char *, sst->sst_tab) + pos, len); 428 return len; 429 out: 430 errno = EFTYPE; 431 return -1; 432 } 433 434 /* 435 * Read the sector allocation table. 436 */ 437 int 438 cdf_read_sat(const cdf_info_t *info, cdf_header_t *h, cdf_sat_t *sat) 439 { 440 size_t i, j, k; 441 size_t ss = CDF_SEC_SIZE(h); 442 cdf_secid_t *msa, mid, sec; 443 size_t nsatpersec = (ss / sizeof(mid)) - 1; 444 445 for (i = 0; i < __arraycount(h->h_master_sat); i++) 446 if (h->h_master_sat[i] == CDF_SECID_FREE) 447 break; 448 449 #define CDF_SEC_LIMIT (UINT32_MAX / (64 * ss)) 450 if ((nsatpersec > 0 && 451 h->h_num_sectors_in_master_sat > CDF_SEC_LIMIT / nsatpersec) || 452 i > CDF_SEC_LIMIT) { 453 DPRINTF(("Number of sectors in master SAT too big %u %" 454 SIZE_T_FORMAT "u\n", h->h_num_sectors_in_master_sat, i)); 455 errno = EFTYPE; 456 return -1; 457 } 458 459 sat->sat_len = h->h_num_sectors_in_master_sat * nsatpersec + i; 460 DPRINTF(("sat_len = %" SIZE_T_FORMAT "u ss = %" SIZE_T_FORMAT "u\n", 461 sat->sat_len, ss)); 462 if ((sat->sat_tab = CAST(cdf_secid_t *, CDF_CALLOC(sat->sat_len, ss))) 463 == NULL) 464 return -1; 465 466 for (i = 0; i < __arraycount(h->h_master_sat); i++) { 467 if (h->h_master_sat[i] < 0) 468 break; 469 if (cdf_read_sector(info, sat->sat_tab, ss * i, ss, h, 470 h->h_master_sat[i]) != CAST(ssize_t, ss)) { 471 DPRINTF(("Reading sector %d", h->h_master_sat[i])); 472 goto out1; 473 } 474 } 475 476 if ((msa = CAST(cdf_secid_t *, CDF_CALLOC(1, ss))) == NULL) 477 goto out1; 478 479 mid = h->h_secid_first_sector_in_master_sat; 480 for (j = 0; j < h->h_num_sectors_in_master_sat; j++) { 481 if (mid < 0) 482 goto out; 483 if (j >= CDF_LOOP_LIMIT) { 484 DPRINTF(("Reading master sector loop limit")); 485 goto out3; 486 } 487 if (cdf_read_sector(info, msa, 0, ss, h, mid) != 488 CAST(ssize_t, ss)) { 489 DPRINTF(("Reading master sector %d", mid)); 490 goto out2; 491 } 492 for (k = 0; k < nsatpersec; k++, i++) { 493 sec = CDF_TOLE4(CAST(uint32_t, msa[k])); 494 if (sec < 0) 495 goto out; 496 if (i >= sat->sat_len) { 497 DPRINTF(("Out of bounds reading MSA %" 498 SIZE_T_FORMAT "u >= %" SIZE_T_FORMAT "u", 499 i, sat->sat_len)); 500 goto out3; 501 } 502 if (cdf_read_sector(info, sat->sat_tab, ss * i, ss, h, 503 sec) != CAST(ssize_t, ss)) { 504 DPRINTF(("Reading sector %d", 505 CDF_TOLE4(msa[k]))); 506 goto out2; 507 } 508 } 509 mid = CDF_TOLE4(CAST(uint32_t, msa[nsatpersec])); 510 } 511 out: 512 sat->sat_len = i; 513 free(msa); 514 return 0; 515 out3: 516 errno = EFTYPE; 517 out2: 518 free(msa); 519 out1: 520 free(sat->sat_tab); 521 return -1; 522 } 523 524 size_t 525 cdf_count_chain(const cdf_sat_t *sat, cdf_secid_t sid, size_t size) 526 { 527 size_t i, j; 528 cdf_secid_t maxsector = CAST(cdf_secid_t, (sat->sat_len * size) 529 / sizeof(maxsector)); 530 531 DPRINTF(("Chain:")); 532 if (sid == CDF_SECID_END_OF_CHAIN) { 533 /* 0-length chain. */ 534 DPRINTF((" empty\n")); 535 return 0; 536 } 537 538 for (j = i = 0; sid >= 0; i++, j++) { 539 DPRINTF((" %d", sid)); 540 if (j >= CDF_LOOP_LIMIT) { 541 DPRINTF(("Counting chain loop limit")); 542 goto out; 543 } 544 if (sid >= maxsector) { 545 DPRINTF(("Sector %d >= %d\n", sid, maxsector)); 546 goto out; 547 } 548 sid = CDF_TOLE4(CAST(uint32_t, sat->sat_tab[sid])); 549 } 550 if (i == 0) { 551 DPRINTF((" none, sid: %d\n", sid)); 552 goto out; 553 554 } 555 DPRINTF(("\n")); 556 return i; 557 out: 558 errno = EFTYPE; 559 return CAST(size_t, -1); 560 } 561 562 int 563 cdf_read_long_sector_chain(const cdf_info_t *info, const cdf_header_t *h, 564 const cdf_sat_t *sat, cdf_secid_t sid, size_t len, cdf_stream_t *scn) 565 { 566 size_t ss = CDF_SEC_SIZE(h), i, j; 567 ssize_t nr; 568 scn->sst_tab = NULL; 569 scn->sst_len = cdf_count_chain(sat, sid, ss); 570 scn->sst_dirlen = MAX(h->h_min_size_standard_stream, len); 571 scn->sst_ss = ss; 572 573 if (sid == CDF_SECID_END_OF_CHAIN || len == 0) 574 return cdf_zero_stream(scn); 575 576 if (scn->sst_len == CAST(size_t, -1)) 577 goto out; 578 579 scn->sst_tab = CDF_CALLOC(scn->sst_len, ss); 580 if (scn->sst_tab == NULL) 581 return cdf_zero_stream(scn); 582 583 for (j = i = 0; sid >= 0; i++, j++) { 584 if (j >= CDF_LOOP_LIMIT) { 585 DPRINTF(("Read long sector chain loop limit")); 586 goto out; 587 } 588 if (i >= scn->sst_len) { 589 DPRINTF(("Out of bounds reading long sector chain " 590 "%" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n", i, 591 scn->sst_len)); 592 goto out; 593 } 594 if ((nr = cdf_read_sector(info, scn->sst_tab, i * ss, ss, h, 595 sid)) != CAST(ssize_t, ss)) { 596 if (i == scn->sst_len - 1 && nr > 0) { 597 /* Last sector might be truncated */ 598 return 0; 599 } 600 DPRINTF(("Reading long sector chain %d", sid)); 601 goto out; 602 } 603 sid = CDF_TOLE4(CAST(uint32_t, sat->sat_tab[sid])); 604 } 605 return 0; 606 out: 607 errno = EFTYPE; 608 return cdf_zero_stream(scn); 609 } 610 611 int 612 cdf_read_short_sector_chain(const cdf_header_t *h, 613 const cdf_sat_t *ssat, const cdf_stream_t *sst, 614 cdf_secid_t sid, size_t len, cdf_stream_t *scn) 615 { 616 size_t ss = CDF_SHORT_SEC_SIZE(h), i, j; 617 scn->sst_tab = NULL; 618 scn->sst_len = cdf_count_chain(ssat, sid, CDF_SEC_SIZE(h)); 619 scn->sst_dirlen = len; 620 scn->sst_ss = ss; 621 622 if (scn->sst_len == CAST(size_t, -1)) 623 goto out; 624 625 scn->sst_tab = CDF_CALLOC(scn->sst_len, ss); 626 if (scn->sst_tab == NULL) 627 return cdf_zero_stream(scn); 628 629 for (j = i = 0; sid >= 0; i++, j++) { 630 if (j >= CDF_LOOP_LIMIT) { 631 DPRINTF(("Read short sector chain loop limit")); 632 goto out; 633 } 634 if (i >= scn->sst_len) { 635 DPRINTF(("Out of bounds reading short sector chain " 636 "%" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n", 637 i, scn->sst_len)); 638 goto out; 639 } 640 if (cdf_read_short_sector(sst, scn->sst_tab, i * ss, ss, h, 641 sid) != CAST(ssize_t, ss)) { 642 DPRINTF(("Reading short sector chain %d", sid)); 643 goto out; 644 } 645 sid = CDF_TOLE4(CAST(uint32_t, ssat->sat_tab[sid])); 646 } 647 return 0; 648 out: 649 errno = EFTYPE; 650 return cdf_zero_stream(scn); 651 } 652 653 int 654 cdf_read_sector_chain(const cdf_info_t *info, const cdf_header_t *h, 655 const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, 656 cdf_secid_t sid, size_t len, cdf_stream_t *scn) 657 { 658 659 if (len < h->h_min_size_standard_stream && sst->sst_tab != NULL) 660 return cdf_read_short_sector_chain(h, ssat, sst, sid, len, 661 scn); 662 else 663 return cdf_read_long_sector_chain(info, h, sat, sid, len, scn); 664 } 665 666 int 667 cdf_read_dir(const cdf_info_t *info, const cdf_header_t *h, 668 const cdf_sat_t *sat, cdf_dir_t *dir) 669 { 670 size_t i, j; 671 size_t ss = CDF_SEC_SIZE(h), ns, nd; 672 char *buf; 673 cdf_secid_t sid = h->h_secid_first_directory; 674 675 ns = cdf_count_chain(sat, sid, ss); 676 if (ns == CAST(size_t, -1)) 677 return -1; 678 679 nd = ss / CDF_DIRECTORY_SIZE; 680 681 dir->dir_len = ns * nd; 682 dir->dir_tab = CAST(cdf_directory_t *, 683 CDF_CALLOC(dir->dir_len, sizeof(dir->dir_tab[0]))); 684 if (dir->dir_tab == NULL) 685 return -1; 686 687 if ((buf = CAST(char *, CDF_MALLOC(ss))) == NULL) { 688 free(dir->dir_tab); 689 return -1; 690 } 691 692 for (j = i = 0; i < ns; i++, j++) { 693 if (j >= CDF_LOOP_LIMIT) { 694 DPRINTF(("Read dir loop limit")); 695 goto out; 696 } 697 if (cdf_read_sector(info, buf, 0, ss, h, sid) != 698 CAST(ssize_t, ss)) { 699 DPRINTF(("Reading directory sector %d", sid)); 700 goto out; 701 } 702 for (j = 0; j < nd; j++) { 703 cdf_unpack_dir(&dir->dir_tab[i * nd + j], 704 &buf[j * CDF_DIRECTORY_SIZE]); 705 } 706 sid = CDF_TOLE4(CAST(uint32_t, sat->sat_tab[sid])); 707 } 708 if (NEED_SWAP) 709 for (i = 0; i < dir->dir_len; i++) 710 cdf_swap_dir(&dir->dir_tab[i]); 711 free(buf); 712 return 0; 713 out: 714 free(dir->dir_tab); 715 free(buf); 716 errno = EFTYPE; 717 return -1; 718 } 719 720 721 int 722 cdf_read_ssat(const cdf_info_t *info, const cdf_header_t *h, 723 const cdf_sat_t *sat, cdf_sat_t *ssat) 724 { 725 size_t i, j; 726 size_t ss = CDF_SEC_SIZE(h); 727 cdf_secid_t sid = h->h_secid_first_sector_in_short_sat; 728 729 ssat->sat_tab = NULL; 730 ssat->sat_len = cdf_count_chain(sat, sid, ss); 731 if (ssat->sat_len == CAST(size_t, -1)) 732 goto out; 733 734 ssat->sat_tab = CAST(cdf_secid_t *, CDF_CALLOC(ssat->sat_len, ss)); 735 if (ssat->sat_tab == NULL) 736 goto out1; 737 738 for (j = i = 0; sid >= 0; i++, j++) { 739 if (j >= CDF_LOOP_LIMIT) { 740 DPRINTF(("Read short sat sector loop limit")); 741 goto out; 742 } 743 if (i >= ssat->sat_len) { 744 DPRINTF(("Out of bounds reading short sector chain " 745 "%" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n", i, 746 ssat->sat_len)); 747 goto out; 748 } 749 if (cdf_read_sector(info, ssat->sat_tab, i * ss, ss, h, sid) != 750 CAST(ssize_t, ss)) { 751 DPRINTF(("Reading short sat sector %d", sid)); 752 goto out1; 753 } 754 sid = CDF_TOLE4(CAST(uint32_t, sat->sat_tab[sid])); 755 } 756 return 0; 757 out: 758 errno = EFTYPE; 759 out1: 760 free(ssat->sat_tab); 761 return -1; 762 } 763 764 int 765 cdf_read_short_stream(const cdf_info_t *info, const cdf_header_t *h, 766 const cdf_sat_t *sat, const cdf_dir_t *dir, cdf_stream_t *scn, 767 const cdf_directory_t **root) 768 { 769 size_t i; 770 const cdf_directory_t *d; 771 772 *root = NULL; 773 for (i = 0; i < dir->dir_len; i++) 774 if (dir->dir_tab[i].d_type == CDF_DIR_TYPE_ROOT_STORAGE) 775 break; 776 777 /* If the it is not there, just fake it; some docs don't have it */ 778 if (i == dir->dir_len) { 779 DPRINTF(("Cannot find root storage dir\n")); 780 goto out; 781 } 782 d = &dir->dir_tab[i]; 783 *root = d; 784 785 /* If the it is not there, just fake it; some docs don't have it */ 786 if (d->d_stream_first_sector < 0) { 787 DPRINTF(("No first secror in dir\n")); 788 goto out; 789 } 790 791 return cdf_read_long_sector_chain(info, h, sat, 792 d->d_stream_first_sector, d->d_size, scn); 793 out: 794 scn->sst_tab = NULL; 795 (void)cdf_zero_stream(scn); 796 return 0; 797 } 798 799 static int 800 cdf_namecmp(const char *d, const uint16_t *s, size_t l) 801 { 802 for (; l--; d++, s++) 803 if (*d != CDF_TOLE2(*s)) 804 return CAST(unsigned char, *d) - CDF_TOLE2(*s); 805 return 0; 806 } 807 808 int 809 cdf_read_doc_summary_info(const cdf_info_t *info, const cdf_header_t *h, 810 const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, 811 const cdf_dir_t *dir, cdf_stream_t *scn) 812 { 813 return cdf_read_user_stream(info, h, sat, ssat, sst, dir, 814 "\05DocumentSummaryInformation", scn); 815 } 816 817 int 818 cdf_read_summary_info(const cdf_info_t *info, const cdf_header_t *h, 819 const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, 820 const cdf_dir_t *dir, cdf_stream_t *scn) 821 { 822 return cdf_read_user_stream(info, h, sat, ssat, sst, dir, 823 "\05SummaryInformation", scn); 824 } 825 826 int 827 cdf_read_user_stream(const cdf_info_t *info, const cdf_header_t *h, 828 const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, 829 const cdf_dir_t *dir, const char *name, cdf_stream_t *scn) 830 { 831 const cdf_directory_t *d; 832 int i = cdf_find_stream(dir, name, CDF_DIR_TYPE_USER_STREAM); 833 834 if (i <= 0) { 835 memset(scn, 0, sizeof(*scn)); 836 return -1; 837 } 838 839 d = &dir->dir_tab[i - 1]; 840 return cdf_read_sector_chain(info, h, sat, ssat, sst, 841 d->d_stream_first_sector, d->d_size, scn); 842 } 843 844 int 845 cdf_find_stream(const cdf_dir_t *dir, const char *name, int type) 846 { 847 size_t i, name_len = strlen(name) + 1; 848 849 for (i = dir->dir_len; i > 0; i--) 850 if (dir->dir_tab[i - 1].d_type == type && 851 cdf_namecmp(name, dir->dir_tab[i - 1].d_name, name_len) 852 == 0) 853 break; 854 if (i > 0) 855 return CAST(int, i); 856 857 DPRINTF(("Cannot find type %d `%s'\n", type, name)); 858 errno = ESRCH; 859 return 0; 860 } 861 862 #define CDF_SHLEN_LIMIT (UINT32_MAX / 64) 863 #define CDF_PROP_LIMIT (UINT32_MAX / (64 * sizeof(cdf_property_info_t))) 864 865 static const void * 866 cdf_offset(const void *p, size_t l) 867 { 868 return CAST(const void *, CAST(const uint8_t *, p) + l); 869 } 870 871 static const uint8_t * 872 cdf_get_property_info_pos(const cdf_stream_t *sst, const cdf_header_t *h, 873 const uint8_t *p, const uint8_t *e, size_t i) 874 { 875 size_t tail = (i << 1) + 1; 876 size_t ofs; 877 const uint8_t *q; 878 879 if (p >= e) { 880 DPRINTF(("Past end %p < %p\n", e, p)); 881 return NULL; 882 } 883 if (cdf_check_stream_offset(sst, h, p, (tail + 1) * sizeof(uint32_t), 884 __LINE__) == -1) 885 return NULL; 886 ofs = CDF_GETUINT32(p, tail); 887 q = CAST(const uint8_t *, cdf_offset(CAST(const void *, p), 888 ofs - 2 * sizeof(uint32_t))); 889 890 if (q < p) { 891 DPRINTF(("Wrapped around %p < %p\n", q, p)); 892 return NULL; 893 } 894 895 if (q >= e) { 896 DPRINTF(("Ran off the end %p >= %p\n", q, e)); 897 return NULL; 898 } 899 return q; 900 } 901 902 static cdf_property_info_t * 903 cdf_grow_info(cdf_property_info_t **info, size_t *maxcount, size_t incr) 904 { 905 cdf_property_info_t *inp; 906 size_t newcount = *maxcount + incr; 907 908 if (newcount > CDF_PROP_LIMIT) { 909 DPRINTF(("exceeded property limit %" SIZE_T_FORMAT "u > %" 910 SIZE_T_FORMAT "u\n", newcount, CDF_PROP_LIMIT)); 911 goto out; 912 } 913 inp = CAST(cdf_property_info_t *, 914 CDF_REALLOC(*info, newcount * sizeof(*inp))); 915 if (inp == NULL) 916 goto out; 917 918 *info = inp; 919 *maxcount = newcount; 920 return inp; 921 out: 922 free(*info); 923 *maxcount = 0; 924 *info = NULL; 925 return NULL; 926 } 927 928 static int 929 cdf_copy_info(cdf_property_info_t *inp, const void *p, const void *e, 930 size_t len) 931 { 932 if (inp->pi_type & CDF_VECTOR) 933 return 0; 934 935 if (CAST(size_t, CAST(const char *, e) - CAST(const char *, p)) < len) 936 return 0; 937 938 (void)memcpy(&inp->pi_val, p, len); 939 940 switch (len) { 941 case 2: 942 inp->pi_u16 = CDF_TOLE2(inp->pi_u16); 943 break; 944 case 4: 945 inp->pi_u32 = CDF_TOLE4(inp->pi_u32); 946 break; 947 case 8: 948 inp->pi_u64 = CDF_TOLE8(inp->pi_u64); 949 break; 950 default: 951 abort(); 952 } 953 return 1; 954 } 955 956 int 957 cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, 958 uint32_t offs, cdf_property_info_t **info, size_t *count, size_t *maxcount) 959 { 960 const cdf_section_header_t *shp; 961 cdf_section_header_t sh; 962 const uint8_t *p, *q, *e; 963 size_t i, o4, nelements, j, slen, left; 964 cdf_property_info_t *inp; 965 966 if (offs > UINT32_MAX / 4) { 967 errno = EFTYPE; 968 goto out; 969 } 970 shp = CAST(const cdf_section_header_t *, 971 cdf_offset(sst->sst_tab, offs)); 972 if (cdf_check_stream_offset(sst, h, shp, sizeof(*shp), __LINE__) == -1) 973 goto out; 974 sh.sh_len = CDF_TOLE4(shp->sh_len); 975 if (sh.sh_len > CDF_SHLEN_LIMIT) { 976 errno = EFTYPE; 977 goto out; 978 } 979 980 if (cdf_check_stream_offset(sst, h, shp, sh.sh_len, __LINE__) == -1) 981 goto out; 982 983 sh.sh_properties = CDF_TOLE4(shp->sh_properties); 984 DPRINTF(("section len: %u properties %u\n", sh.sh_len, 985 sh.sh_properties)); 986 if (sh.sh_properties > CDF_PROP_LIMIT) 987 goto out; 988 inp = cdf_grow_info(info, maxcount, sh.sh_properties); 989 if (inp == NULL) 990 goto out; 991 inp += *count; 992 *count += sh.sh_properties; 993 p = CAST(const uint8_t *, cdf_offset(sst->sst_tab, offs + sizeof(sh))); 994 e = CAST(const uint8_t *, cdf_offset(shp, sh.sh_len)); 995 if (p >= e || cdf_check_stream_offset(sst, h, e, 0, __LINE__) == -1) 996 goto out; 997 998 for (i = 0; i < sh.sh_properties; i++) { 999 if ((q = cdf_get_property_info_pos(sst, h, p, e, i)) == NULL) 1000 goto out; 1001 inp[i].pi_id = CDF_GETUINT32(p, i << 1); 1002 left = CAST(size_t, e - q); 1003 if (left < sizeof(uint32_t)) { 1004 DPRINTF(("short info (no type)_\n")); 1005 goto out; 1006 } 1007 inp[i].pi_type = CDF_GETUINT32(q, 0); 1008 DPRINTF(("%" SIZE_T_FORMAT "u) id=%#x type=%#x offs=%#tx,%#x\n", 1009 i, inp[i].pi_id, inp[i].pi_type, q - p, offs)); 1010 if (inp[i].pi_type & CDF_VECTOR) { 1011 if (left < sizeof(uint32_t) * 2) { 1012 DPRINTF(("missing CDF_VECTOR length\n")); 1013 goto out; 1014 } 1015 nelements = CDF_GETUINT32(q, 1); 1016 if (nelements == 0) { 1017 DPRINTF(("CDF_VECTOR with nelements == 0\n")); 1018 goto out; 1019 } 1020 slen = 2; 1021 } else { 1022 nelements = 1; 1023 slen = 1; 1024 } 1025 o4 = slen * sizeof(uint32_t); 1026 if (inp[i].pi_type & (CDF_ARRAY|CDF_BYREF|CDF_RESERVED)) 1027 goto unknown; 1028 switch (inp[i].pi_type & CDF_TYPEMASK) { 1029 case CDF_NULL: 1030 case CDF_EMPTY: 1031 break; 1032 case CDF_SIGNED16: 1033 if (!cdf_copy_info(&inp[i], &q[o4], e, sizeof(int16_t))) 1034 goto unknown; 1035 break; 1036 case CDF_SIGNED32: 1037 case CDF_BOOL: 1038 case CDF_UNSIGNED32: 1039 case CDF_FLOAT: 1040 if (!cdf_copy_info(&inp[i], &q[o4], e, sizeof(int32_t))) 1041 goto unknown; 1042 break; 1043 case CDF_SIGNED64: 1044 case CDF_UNSIGNED64: 1045 case CDF_DOUBLE: 1046 case CDF_FILETIME: 1047 if (!cdf_copy_info(&inp[i], &q[o4], e, sizeof(int64_t))) 1048 goto unknown; 1049 break; 1050 case CDF_LENGTH32_STRING: 1051 case CDF_LENGTH32_WSTRING: 1052 if (nelements > 1) { 1053 size_t nelem = inp - *info; 1054 inp = cdf_grow_info(info, maxcount, nelements); 1055 if (inp == NULL) 1056 goto out; 1057 inp += nelem; 1058 } 1059 DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n", 1060 nelements)); 1061 for (j = 0; j < nelements && i < sh.sh_properties; 1062 j++, i++) 1063 { 1064 uint32_t l; 1065 1066 if (o4 + sizeof(uint32_t) > left) 1067 goto out; 1068 1069 l = CDF_GETUINT32(q, slen); 1070 o4 += sizeof(uint32_t); 1071 if (o4 + l > left) 1072 goto out; 1073 1074 inp[i].pi_str.s_len = l; 1075 inp[i].pi_str.s_buf = CAST(const char *, 1076 CAST(const void *, &q[o4])); 1077 1078 DPRINTF(("o=%" SIZE_T_FORMAT "u l=%d(%" 1079 SIZE_T_FORMAT "u), t=%" SIZE_T_FORMAT 1080 "u s=%s\n", o4, l, CDF_ROUND(l, sizeof(l)), 1081 left, inp[i].pi_str.s_buf)); 1082 1083 if (l & 1) 1084 l++; 1085 1086 slen += l >> 1; 1087 o4 = slen * sizeof(uint32_t); 1088 } 1089 i--; 1090 break; 1091 case CDF_CLIPBOARD: 1092 if (inp[i].pi_type & CDF_VECTOR) 1093 goto unknown; 1094 break; 1095 default: 1096 unknown: 1097 memset(&inp[i].pi_val, 0, sizeof(inp[i].pi_val)); 1098 DPRINTF(("Don't know how to deal with %#x\n", 1099 inp[i].pi_type)); 1100 break; 1101 } 1102 } 1103 return 0; 1104 out: 1105 free(*info); 1106 *info = NULL; 1107 *count = 0; 1108 *maxcount = 0; 1109 errno = EFTYPE; 1110 return -1; 1111 } 1112 1113 int 1114 cdf_unpack_summary_info(const cdf_stream_t *sst, const cdf_header_t *h, 1115 cdf_summary_info_header_t *ssi, cdf_property_info_t **info, size_t *count) 1116 { 1117 size_t maxcount; 1118 const cdf_summary_info_header_t *si = 1119 CAST(const cdf_summary_info_header_t *, sst->sst_tab); 1120 const cdf_section_declaration_t *sd = 1121 CAST(const cdf_section_declaration_t *, RCAST(const void *, 1122 RCAST(const char *, sst->sst_tab) 1123 + CDF_SECTION_DECLARATION_OFFSET)); 1124 1125 if (cdf_check_stream_offset(sst, h, si, sizeof(*si), __LINE__) == -1 || 1126 cdf_check_stream_offset(sst, h, sd, sizeof(*sd), __LINE__) == -1) 1127 return -1; 1128 ssi->si_byte_order = CDF_TOLE2(si->si_byte_order); 1129 ssi->si_os_version = CDF_TOLE2(si->si_os_version); 1130 ssi->si_os = CDF_TOLE2(si->si_os); 1131 ssi->si_class = si->si_class; 1132 cdf_swap_class(&ssi->si_class); 1133 ssi->si_count = CDF_TOLE4(si->si_count); 1134 *count = 0; 1135 maxcount = 0; 1136 *info = NULL; 1137 if (cdf_read_property_info(sst, h, CDF_TOLE4(sd->sd_offset), info, 1138 count, &maxcount) == -1) 1139 return -1; 1140 return 0; 1141 } 1142 1143 1144 #define extract_catalog_field(t, f, l) \ 1145 if (b + l + sizeof(cep->f) > eb) { \ 1146 cep->ce_namlen = 0; \ 1147 break; \ 1148 } \ 1149 memcpy(&cep->f, b + (l), sizeof(cep->f)); \ 1150 ce[i].f = CAST(t, CDF_TOLE(cep->f)) 1151 1152 int 1153 cdf_unpack_catalog(const cdf_header_t *h, const cdf_stream_t *sst, 1154 cdf_catalog_t **cat) 1155 { 1156 size_t ss = cdf_check_stream(sst, h); 1157 const char *b = CAST(const char *, sst->sst_tab); 1158 const char *nb, *eb = b + ss * sst->sst_len; 1159 size_t nr, i, j, k; 1160 cdf_catalog_entry_t *ce; 1161 uint16_t reclen; 1162 const uint16_t *np; 1163 1164 for (nr = 0;; nr++) { 1165 memcpy(&reclen, b, sizeof(reclen)); 1166 reclen = CDF_TOLE2(reclen); 1167 if (reclen == 0) 1168 break; 1169 b += reclen; 1170 if (b > eb) 1171 break; 1172 } 1173 if (nr == 0) 1174 return -1; 1175 nr--; 1176 *cat = CAST(cdf_catalog_t *, 1177 CDF_MALLOC(sizeof(cdf_catalog_t) + nr * sizeof(*ce))); 1178 if (*cat == NULL) 1179 return -1; 1180 ce = (*cat)->cat_e; 1181 memset(ce, 0, nr * sizeof(*ce)); 1182 b = CAST(const char *, sst->sst_tab); 1183 for (j = i = 0; i < nr; b += reclen) { 1184 cdf_catalog_entry_t *cep = &ce[j]; 1185 uint16_t rlen; 1186 1187 extract_catalog_field(uint16_t, ce_namlen, 0); 1188 extract_catalog_field(uint16_t, ce_num, 4); 1189 extract_catalog_field(uint64_t, ce_timestamp, 8); 1190 reclen = cep->ce_namlen; 1191 1192 if (reclen < 14) { 1193 cep->ce_namlen = 0; 1194 continue; 1195 } 1196 1197 cep->ce_namlen = __arraycount(cep->ce_name) - 1; 1198 rlen = reclen - 14; 1199 if (cep->ce_namlen > rlen) 1200 cep->ce_namlen = rlen; 1201 1202 np = CAST(const uint16_t *, CAST(const void *, (b + 16))); 1203 nb = CAST(const char *, CAST(const void *, 1204 (np + cep->ce_namlen))); 1205 if (nb > eb) { 1206 cep->ce_namlen = 0; 1207 break; 1208 } 1209 1210 for (k = 0; k < cep->ce_namlen; k++) 1211 cep->ce_name[k] = np[k]; /* XXX: CDF_TOLE2? */ 1212 cep->ce_name[cep->ce_namlen] = 0; 1213 j = i; 1214 i++; 1215 } 1216 (*cat)->cat_num = j; 1217 return 0; 1218 } 1219 1220 int 1221 cdf_print_classid(char *buf, size_t buflen, const cdf_classid_t *id) 1222 { 1223 return snprintf(buf, buflen, "%.8x-%.4x-%.4x-%.2x%.2x-" 1224 "%.2x%.2x%.2x%.2x%.2x%.2x", id->cl_dword, id->cl_word[0], 1225 id->cl_word[1], id->cl_two[0], id->cl_two[1], id->cl_six[0], 1226 id->cl_six[1], id->cl_six[2], id->cl_six[3], id->cl_six[4], 1227 id->cl_six[5]); 1228 } 1229 1230 static const struct { 1231 uint32_t v; 1232 const char *n; 1233 } vn[] = { 1234 { CDF_PROPERTY_CODE_PAGE, "Code page" }, 1235 { CDF_PROPERTY_TITLE, "Title" }, 1236 { CDF_PROPERTY_SUBJECT, "Subject" }, 1237 { CDF_PROPERTY_AUTHOR, "Author" }, 1238 { CDF_PROPERTY_KEYWORDS, "Keywords" }, 1239 { CDF_PROPERTY_COMMENTS, "Comments" }, 1240 { CDF_PROPERTY_TEMPLATE, "Template" }, 1241 { CDF_PROPERTY_LAST_SAVED_BY, "Last Saved By" }, 1242 { CDF_PROPERTY_REVISION_NUMBER, "Revision Number" }, 1243 { CDF_PROPERTY_TOTAL_EDITING_TIME, "Total Editing Time" }, 1244 { CDF_PROPERTY_LAST_PRINTED, "Last Printed" }, 1245 { CDF_PROPERTY_CREATE_TIME, "Create Time/Date" }, 1246 { CDF_PROPERTY_LAST_SAVED_TIME, "Last Saved Time/Date" }, 1247 { CDF_PROPERTY_NUMBER_OF_PAGES, "Number of Pages" }, 1248 { CDF_PROPERTY_NUMBER_OF_WORDS, "Number of Words" }, 1249 { CDF_PROPERTY_NUMBER_OF_CHARACTERS, "Number of Characters" }, 1250 { CDF_PROPERTY_THUMBNAIL, "Thumbnail" }, 1251 { CDF_PROPERTY_NAME_OF_APPLICATION, "Name of Creating Application" }, 1252 { CDF_PROPERTY_SECURITY, "Security" }, 1253 { CDF_PROPERTY_LOCALE_ID, "Locale ID" }, 1254 }; 1255 1256 int 1257 cdf_print_property_name(char *buf, size_t bufsiz, uint32_t p) 1258 { 1259 size_t i; 1260 1261 for (i = 0; i < __arraycount(vn); i++) 1262 if (vn[i].v == p) 1263 return snprintf(buf, bufsiz, "%s", vn[i].n); 1264 return snprintf(buf, bufsiz, "%#x", p); 1265 } 1266 1267 int 1268 cdf_print_elapsed_time(char *buf, size_t bufsiz, cdf_timestamp_t ts) 1269 { 1270 int len = 0; 1271 int days, hours, mins, secs; 1272 1273 ts /= CDF_TIME_PREC; 1274 secs = CAST(int, ts % 60); 1275 ts /= 60; 1276 mins = CAST(int, ts % 60); 1277 ts /= 60; 1278 hours = CAST(int, ts % 24); 1279 ts /= 24; 1280 days = CAST(int, ts); 1281 1282 if (days) { 1283 len += snprintf(buf + len, bufsiz - len, "%dd+", days); 1284 if (CAST(size_t, len) >= bufsiz) 1285 return len; 1286 } 1287 1288 if (days || hours) { 1289 len += snprintf(buf + len, bufsiz - len, "%.2d:", hours); 1290 if (CAST(size_t, len) >= bufsiz) 1291 return len; 1292 } 1293 1294 len += snprintf(buf + len, bufsiz - len, "%.2d:", mins); 1295 if (CAST(size_t, len) >= bufsiz) 1296 return len; 1297 1298 len += snprintf(buf + len, bufsiz - len, "%.2d", secs); 1299 return len; 1300 } 1301 1302 char * 1303 cdf_u16tos8(char *buf, size_t len, const uint16_t *p) 1304 { 1305 size_t i; 1306 for (i = 0; i < len && p[i]; i++) 1307 buf[i] = CAST(char, p[i]); 1308 buf[i] = '\0'; 1309 return buf; 1310 } 1311 1312 #ifdef CDF_DEBUG 1313 void 1314 cdf_dump_header(const cdf_header_t *h) 1315 { 1316 size_t i; 1317 1318 #define DUMP(a, b) (void)fprintf(stderr, "%40.40s = " a "\n", # b, h->h_ ## b) 1319 #define DUMP2(a, b) (void)fprintf(stderr, "%40.40s = " a " (" a ")\n", # b, \ 1320 h->h_ ## b, 1 << h->h_ ## b) 1321 DUMP("%d", revision); 1322 DUMP("%d", version); 1323 DUMP("%#x", byte_order); 1324 DUMP2("%d", sec_size_p2); 1325 DUMP2("%d", short_sec_size_p2); 1326 DUMP("%d", num_sectors_in_sat); 1327 DUMP("%d", secid_first_directory); 1328 DUMP("%d", min_size_standard_stream); 1329 DUMP("%d", secid_first_sector_in_short_sat); 1330 DUMP("%d", num_sectors_in_short_sat); 1331 DUMP("%d", secid_first_sector_in_master_sat); 1332 DUMP("%d", num_sectors_in_master_sat); 1333 for (i = 0; i < __arraycount(h->h_master_sat); i++) { 1334 if (h->h_master_sat[i] == CDF_SECID_FREE) 1335 break; 1336 (void)fprintf(stderr, "%35.35s[%.3" SIZE_T_FORMAT "u] = %d\n", 1337 "master_sat", i, h->h_master_sat[i]); 1338 } 1339 } 1340 1341 void 1342 cdf_dump_sat(const char *prefix, const cdf_sat_t *sat, size_t size) 1343 { 1344 size_t i, j, s = size / sizeof(cdf_secid_t); 1345 1346 for (i = 0; i < sat->sat_len; i++) { 1347 (void)fprintf(stderr, "%s[%" SIZE_T_FORMAT "u]:\n%.6" 1348 SIZE_T_FORMAT "u: ", prefix, i, i * s); 1349 for (j = 0; j < s; j++) { 1350 (void)fprintf(stderr, "%5d, ", 1351 CDF_TOLE4(sat->sat_tab[s * i + j])); 1352 if ((j + 1) % 10 == 0) 1353 (void)fprintf(stderr, "\n%.6" SIZE_T_FORMAT 1354 "u: ", i * s + j + 1); 1355 } 1356 (void)fprintf(stderr, "\n"); 1357 } 1358 } 1359 1360 void 1361 cdf_dump(const void *v, size_t len) 1362 { 1363 size_t i, j; 1364 const unsigned char *p = v; 1365 char abuf[16]; 1366 1367 (void)fprintf(stderr, "%.4x: ", 0); 1368 for (i = 0, j = 0; i < len; i++, p++) { 1369 (void)fprintf(stderr, "%.2x ", *p); 1370 abuf[j++] = isprint(*p) ? *p : '.'; 1371 if (j == 16) { 1372 j = 0; 1373 abuf[15] = '\0'; 1374 (void)fprintf(stderr, "%s\n%.4" SIZE_T_FORMAT "x: ", 1375 abuf, i + 1); 1376 } 1377 } 1378 (void)fprintf(stderr, "\n"); 1379 } 1380 1381 void 1382 cdf_dump_stream(const cdf_stream_t *sst) 1383 { 1384 size_t ss = sst->sst_ss; 1385 cdf_dump(sst->sst_tab, ss * sst->sst_len); 1386 } 1387 1388 void 1389 cdf_dump_dir(const cdf_info_t *info, const cdf_header_t *h, 1390 const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, 1391 const cdf_dir_t *dir) 1392 { 1393 size_t i, j; 1394 cdf_directory_t *d; 1395 char name[__arraycount(d->d_name)]; 1396 cdf_stream_t scn; 1397 struct timespec ts; 1398 1399 static const char *types[] = { "empty", "user storage", 1400 "user stream", "lockbytes", "property", "root storage" }; 1401 1402 for (i = 0; i < dir->dir_len; i++) { 1403 char buf[26]; 1404 d = &dir->dir_tab[i]; 1405 for (j = 0; j < sizeof(name); j++) 1406 name[j] = (char)CDF_TOLE2(d->d_name[j]); 1407 (void)fprintf(stderr, "Directory %" SIZE_T_FORMAT "u: %s\n", 1408 i, name); 1409 if (d->d_type < __arraycount(types)) 1410 (void)fprintf(stderr, "Type: %s\n", types[d->d_type]); 1411 else 1412 (void)fprintf(stderr, "Type: %d\n", d->d_type); 1413 (void)fprintf(stderr, "Color: %s\n", 1414 d->d_color ? "black" : "red"); 1415 (void)fprintf(stderr, "Left child: %d\n", d->d_left_child); 1416 (void)fprintf(stderr, "Right child: %d\n", d->d_right_child); 1417 (void)fprintf(stderr, "Flags: %#x\n", d->d_flags); 1418 cdf_timestamp_to_timespec(&ts, d->d_created); 1419 (void)fprintf(stderr, "Created %s", cdf_ctime(&ts.tv_sec, buf)); 1420 cdf_timestamp_to_timespec(&ts, d->d_modified); 1421 (void)fprintf(stderr, "Modified %s", 1422 cdf_ctime(&ts.tv_sec, buf)); 1423 (void)fprintf(stderr, "Stream %d\n", d->d_stream_first_sector); 1424 (void)fprintf(stderr, "Size %d\n", d->d_size); 1425 switch (d->d_type) { 1426 case CDF_DIR_TYPE_USER_STORAGE: 1427 (void)fprintf(stderr, "Storage: %d\n", d->d_storage); 1428 break; 1429 case CDF_DIR_TYPE_USER_STREAM: 1430 if (sst == NULL) 1431 break; 1432 if (cdf_read_sector_chain(info, h, sat, ssat, sst, 1433 d->d_stream_first_sector, d->d_size, &scn) == -1) { 1434 warn("Can't read stream for %s at %d len %d", 1435 name, d->d_stream_first_sector, d->d_size); 1436 break; 1437 } 1438 cdf_dump_stream(&scn); 1439 free(scn.sst_tab); 1440 break; 1441 default: 1442 break; 1443 } 1444 1445 } 1446 } 1447 1448 void 1449 cdf_dump_property_info(const cdf_property_info_t *info, size_t count) 1450 { 1451 cdf_timestamp_t tp; 1452 struct timespec ts; 1453 char buf[64]; 1454 size_t i, j; 1455 1456 for (i = 0; i < count; i++) { 1457 cdf_print_property_name(buf, sizeof(buf), info[i].pi_id); 1458 (void)fprintf(stderr, "%" SIZE_T_FORMAT "u) %s: ", i, buf); 1459 switch (info[i].pi_type) { 1460 case CDF_NULL: 1461 break; 1462 case CDF_SIGNED16: 1463 (void)fprintf(stderr, "signed 16 [%hd]\n", 1464 info[i].pi_s16); 1465 break; 1466 case CDF_SIGNED32: 1467 (void)fprintf(stderr, "signed 32 [%d]\n", 1468 info[i].pi_s32); 1469 break; 1470 case CDF_UNSIGNED32: 1471 (void)fprintf(stderr, "unsigned 32 [%u]\n", 1472 info[i].pi_u32); 1473 break; 1474 case CDF_FLOAT: 1475 (void)fprintf(stderr, "float [%g]\n", 1476 info[i].pi_f); 1477 break; 1478 case CDF_DOUBLE: 1479 (void)fprintf(stderr, "double [%g]\n", 1480 info[i].pi_d); 1481 break; 1482 case CDF_LENGTH32_STRING: 1483 (void)fprintf(stderr, "string %u [%.*s]\n", 1484 info[i].pi_str.s_len, 1485 info[i].pi_str.s_len, info[i].pi_str.s_buf); 1486 break; 1487 case CDF_LENGTH32_WSTRING: 1488 (void)fprintf(stderr, "string %u [", 1489 info[i].pi_str.s_len); 1490 for (j = 0; j < info[i].pi_str.s_len - 1; j++) 1491 (void)fputc(info[i].pi_str.s_buf[j << 1], stderr); 1492 (void)fprintf(stderr, "]\n"); 1493 break; 1494 case CDF_FILETIME: 1495 tp = info[i].pi_tp; 1496 if (tp < 1000000000000000LL) { 1497 cdf_print_elapsed_time(buf, sizeof(buf), tp); 1498 (void)fprintf(stderr, "timestamp %s\n", buf); 1499 } else { 1500 char tbuf[26]; 1501 cdf_timestamp_to_timespec(&ts, tp); 1502 (void)fprintf(stderr, "timestamp %s", 1503 cdf_ctime(&ts.tv_sec, tbuf)); 1504 } 1505 break; 1506 case CDF_CLIPBOARD: 1507 (void)fprintf(stderr, "CLIPBOARD %u\n", info[i].pi_u32); 1508 break; 1509 default: 1510 DPRINTF(("Don't know how to deal with %#x\n", 1511 info[i].pi_type)); 1512 break; 1513 } 1514 } 1515 } 1516 1517 1518 void 1519 cdf_dump_summary_info(const cdf_header_t *h, const cdf_stream_t *sst) 1520 { 1521 char buf[128]; 1522 cdf_summary_info_header_t ssi; 1523 cdf_property_info_t *info; 1524 size_t count; 1525 1526 (void)&h; 1527 if (cdf_unpack_summary_info(sst, h, &ssi, &info, &count) == -1) 1528 return; 1529 (void)fprintf(stderr, "Endian: %#x\n", ssi.si_byte_order); 1530 (void)fprintf(stderr, "Os Version %d.%d\n", ssi.si_os_version & 0xff, 1531 ssi.si_os_version >> 8); 1532 (void)fprintf(stderr, "Os %d\n", ssi.si_os); 1533 cdf_print_classid(buf, sizeof(buf), &ssi.si_class); 1534 (void)fprintf(stderr, "Class %s\n", buf); 1535 (void)fprintf(stderr, "Count %d\n", ssi.si_count); 1536 cdf_dump_property_info(info, count); 1537 free(info); 1538 } 1539 1540 1541 void 1542 cdf_dump_catalog(const cdf_header_t *h, const cdf_stream_t *sst) 1543 { 1544 cdf_catalog_t *cat; 1545 cdf_unpack_catalog(h, sst, &cat); 1546 const cdf_catalog_entry_t *ce = cat->cat_e; 1547 struct timespec ts; 1548 char tbuf[64], sbuf[256]; 1549 size_t i; 1550 1551 printf("Catalog:\n"); 1552 for (i = 0; i < cat->cat_num; i++) { 1553 cdf_timestamp_to_timespec(&ts, ce[i].ce_timestamp); 1554 printf("\t%d %s %s", ce[i].ce_num, 1555 cdf_u16tos8(sbuf, ce[i].ce_namlen, ce[i].ce_name), 1556 cdf_ctime(&ts.tv_sec, tbuf)); 1557 } 1558 free(cat); 1559 } 1560 1561 #endif 1562 1563 #ifdef TEST 1564 int 1565 main(int argc, char *argv[]) 1566 { 1567 int i; 1568 cdf_header_t h; 1569 cdf_sat_t sat, ssat; 1570 cdf_stream_t sst, scn; 1571 cdf_dir_t dir; 1572 cdf_info_t info; 1573 const cdf_directory_t *root; 1574 #ifdef __linux__ 1575 #define getprogname() __progname 1576 extern char *__progname; 1577 #endif 1578 if (argc < 2) { 1579 (void)fprintf(stderr, "Usage: %s <filename>\n", getprogname()); 1580 return -1; 1581 } 1582 1583 info.i_buf = NULL; 1584 info.i_len = 0; 1585 for (i = 1; i < argc; i++) { 1586 if ((info.i_fd = open(argv[1], O_RDONLY)) == -1) 1587 err(EXIT_FAILURE, "Cannot open `%s'", argv[1]); 1588 1589 if (cdf_read_header(&info, &h) == -1) 1590 err(EXIT_FAILURE, "Cannot read header"); 1591 #ifdef CDF_DEBUG 1592 cdf_dump_header(&h); 1593 #endif 1594 1595 if (cdf_read_sat(&info, &h, &sat) == -1) 1596 err(EXIT_FAILURE, "Cannot read sat"); 1597 #ifdef CDF_DEBUG 1598 cdf_dump_sat("SAT", &sat, CDF_SEC_SIZE(&h)); 1599 #endif 1600 1601 if (cdf_read_ssat(&info, &h, &sat, &ssat) == -1) 1602 err(EXIT_FAILURE, "Cannot read ssat"); 1603 #ifdef CDF_DEBUG 1604 cdf_dump_sat("SSAT", &ssat, CDF_SHORT_SEC_SIZE(&h)); 1605 #endif 1606 1607 if (cdf_read_dir(&info, &h, &sat, &dir) == -1) 1608 err(EXIT_FAILURE, "Cannot read dir"); 1609 1610 if (cdf_read_short_stream(&info, &h, &sat, &dir, &sst, &root) 1611 == -1) 1612 err(EXIT_FAILURE, "Cannot read short stream"); 1613 #ifdef CDF_DEBUG 1614 cdf_dump_stream(&sst); 1615 #endif 1616 1617 #ifdef CDF_DEBUG 1618 cdf_dump_dir(&info, &h, &sat, &ssat, &sst, &dir); 1619 #endif 1620 1621 1622 if (cdf_read_summary_info(&info, &h, &sat, &ssat, &sst, &dir, 1623 &scn) == -1) 1624 warn("Cannot read summary info"); 1625 #ifdef CDF_DEBUG 1626 else 1627 cdf_dump_summary_info(&h, &scn); 1628 #endif 1629 if (cdf_read_user_stream(&info, &h, &sat, &ssat, &sst, 1630 &dir, "Catalog", &scn) == -1) 1631 warn("Cannot read catalog"); 1632 #ifdef CDF_DEBUG 1633 else 1634 cdf_dump_catalog(&h, &scn); 1635 #endif 1636 1637 (void)close(info.i_fd); 1638 } 1639 1640 return 0; 1641 } 1642 #endif 1643