1 /////////////////////////////////////////////////////////////////////////////// 2 // 3 /// \file block_decoder.c 4 /// \brief Decodes .xz Blocks 5 // 6 // Author: Lasse Collin 7 // 8 // This file has been put into the public domain. 9 // You can do whatever you want with this file. 10 // 11 /////////////////////////////////////////////////////////////////////////////// 12 13 #include "block_decoder.h" 14 #include "filter_decoder.h" 15 #include "check.h" 16 17 18 typedef struct { 19 enum { 20 SEQ_CODE, 21 SEQ_PADDING, 22 SEQ_CHECK, 23 } sequence; 24 25 /// The filters in the chain; initialized with lzma_raw_decoder_init(). 26 lzma_next_coder next; 27 28 /// Decoding options; we also write Compressed Size and Uncompressed 29 /// Size back to this structure when the decoding has been finished. 30 lzma_block *block; 31 32 /// Compressed Size calculated while decoding 33 lzma_vli compressed_size; 34 35 /// Uncompressed Size calculated while decoding 36 lzma_vli uncompressed_size; 37 38 /// Maximum allowed Compressed Size; this takes into account the 39 /// size of the Block Header and Check fields when Compressed Size 40 /// is unknown. 41 lzma_vli compressed_limit; 42 43 /// Maximum allowed Uncompressed Size. 44 lzma_vli uncompressed_limit; 45 46 /// Position when reading the Check field 47 size_t check_pos; 48 49 /// Check of the uncompressed data 50 lzma_check_state check; 51 52 /// True if the integrity check won't be calculated and verified. 53 bool ignore_check; 54 } lzma_block_coder; 55 56 57 static inline bool 58 is_size_valid(lzma_vli size, lzma_vli reference) 59 { 60 return reference == LZMA_VLI_UNKNOWN || reference == size; 61 } 62 63 64 static lzma_ret 65 block_decode(void *coder_ptr, const lzma_allocator *allocator, 66 const uint8_t *restrict in, size_t *restrict in_pos, 67 size_t in_size, uint8_t *restrict out, 68 size_t *restrict out_pos, size_t out_size, lzma_action action) 69 { 70 lzma_block_coder *coder = coder_ptr; 71 72 switch (coder->sequence) { 73 case SEQ_CODE: { 74 const size_t in_start = *in_pos; 75 const size_t out_start = *out_pos; 76 77 // Limit the amount of input and output space that we give 78 // to the raw decoder based on the information we have 79 // (or don't have) from Block Header. 80 const size_t in_stop = *in_pos + (size_t)my_min( 81 in_size - *in_pos, 82 coder->compressed_limit - coder->compressed_size); 83 const size_t out_stop = *out_pos + (size_t)my_min( 84 out_size - *out_pos, 85 coder->uncompressed_limit - coder->uncompressed_size); 86 87 const lzma_ret ret = coder->next.code(coder->next.coder, 88 allocator, in, in_pos, in_stop, 89 out, out_pos, out_stop, action); 90 91 const size_t in_used = *in_pos - in_start; 92 const size_t out_used = *out_pos - out_start; 93 94 // Because we have limited the input and output sizes, 95 // we know that these cannot grow too big or overflow. 96 coder->compressed_size += in_used; 97 coder->uncompressed_size += out_used; 98 99 if (ret == LZMA_OK) { 100 const bool comp_done = coder->compressed_size 101 == coder->block->compressed_size; 102 const bool uncomp_done = coder->uncompressed_size 103 == coder->block->uncompressed_size; 104 105 // If both input and output amounts match the sizes 106 // in Block Header but we still got LZMA_OK instead 107 // of LZMA_STREAM_END, the file is broken. 108 if (comp_done && uncomp_done) 109 return LZMA_DATA_ERROR; 110 111 // If the decoder has consumed all the input that it 112 // needs but it still couldn't fill the output buffer 113 // or return LZMA_STREAM_END, the file is broken. 114 if (comp_done && *out_pos < out_size) 115 return LZMA_DATA_ERROR; 116 117 // If the decoder has produced all the output but 118 // it still didn't return LZMA_STREAM_END or consume 119 // more input (for example, detecting an end of 120 // payload marker may need more input but produce 121 // no output) the file is broken. 122 if (uncomp_done && *in_pos < in_size) 123 return LZMA_DATA_ERROR; 124 } 125 126 if (!coder->ignore_check) 127 lzma_check_update(&coder->check, coder->block->check, 128 out + out_start, out_used); 129 130 if (ret != LZMA_STREAM_END) 131 return ret; 132 133 // Compressed and Uncompressed Sizes are now at their final 134 // values. Verify that they match the values given to us. 135 if (!is_size_valid(coder->compressed_size, 136 coder->block->compressed_size) 137 || !is_size_valid(coder->uncompressed_size, 138 coder->block->uncompressed_size)) 139 return LZMA_DATA_ERROR; 140 141 // Copy the values into coder->block. The caller 142 // may use this information to construct Index. 143 coder->block->compressed_size = coder->compressed_size; 144 coder->block->uncompressed_size = coder->uncompressed_size; 145 146 coder->sequence = SEQ_PADDING; 147 } 148 149 // Fall through 150 151 case SEQ_PADDING: 152 // Compressed Data is padded to a multiple of four bytes. 153 while (coder->compressed_size & 3) { 154 if (*in_pos >= in_size) 155 return LZMA_OK; 156 157 // We use compressed_size here just get the Padding 158 // right. The actual Compressed Size was stored to 159 // coder->block already, and won't be modified by 160 // us anymore. 161 ++coder->compressed_size; 162 163 if (in[(*in_pos)++] != 0x00) 164 return LZMA_DATA_ERROR; 165 } 166 167 if (coder->block->check == LZMA_CHECK_NONE) 168 return LZMA_STREAM_END; 169 170 if (!coder->ignore_check) 171 lzma_check_finish(&coder->check, coder->block->check); 172 173 coder->sequence = SEQ_CHECK; 174 175 // Fall through 176 177 case SEQ_CHECK: { 178 const size_t check_size = lzma_check_size(coder->block->check); 179 lzma_bufcpy(in, in_pos, in_size, coder->block->raw_check, 180 &coder->check_pos, check_size); 181 if (coder->check_pos < check_size) 182 return LZMA_OK; 183 184 // Validate the Check only if we support it. 185 // coder->check.buffer may be uninitialized 186 // when the Check ID is not supported. 187 if (!coder->ignore_check 188 && lzma_check_is_supported(coder->block->check) 189 && memcmp(coder->block->raw_check, 190 coder->check.buffer.u8, 191 check_size) != 0) 192 return LZMA_DATA_ERROR; 193 194 return LZMA_STREAM_END; 195 } 196 } 197 198 return LZMA_PROG_ERROR; 199 } 200 201 202 static void 203 block_decoder_end(void *coder_ptr, const lzma_allocator *allocator) 204 { 205 lzma_block_coder *coder = coder_ptr; 206 lzma_next_end(&coder->next, allocator); 207 lzma_free(coder, allocator); 208 return; 209 } 210 211 212 extern lzma_ret 213 lzma_block_decoder_init(lzma_next_coder *next, const lzma_allocator *allocator, 214 lzma_block *block) 215 { 216 lzma_next_coder_init(&lzma_block_decoder_init, next, allocator); 217 218 // Validate the options. lzma_block_unpadded_size() does that for us 219 // except for Uncompressed Size and filters. Filters are validated 220 // by the raw decoder. 221 if (lzma_block_unpadded_size(block) == 0 222 || !lzma_vli_is_valid(block->uncompressed_size)) 223 return LZMA_PROG_ERROR; 224 225 // Allocate *next->coder if needed. 226 lzma_block_coder *coder = next->coder; 227 if (coder == NULL) { 228 coder = lzma_alloc(sizeof(lzma_block_coder), allocator); 229 if (coder == NULL) 230 return LZMA_MEM_ERROR; 231 232 next->coder = coder; 233 next->code = &block_decode; 234 next->end = &block_decoder_end; 235 coder->next = LZMA_NEXT_CODER_INIT; 236 } 237 238 // Basic initializations 239 coder->sequence = SEQ_CODE; 240 coder->block = block; 241 coder->compressed_size = 0; 242 coder->uncompressed_size = 0; 243 244 // If Compressed Size is not known, we calculate the maximum allowed 245 // value so that encoded size of the Block (including Block Padding) 246 // is still a valid VLI and a multiple of four. 247 coder->compressed_limit 248 = block->compressed_size == LZMA_VLI_UNKNOWN 249 ? (LZMA_VLI_MAX & ~LZMA_VLI_C(3)) 250 - block->header_size 251 - lzma_check_size(block->check) 252 : block->compressed_size; 253 254 // With Uncompressed Size this is simpler. If Block Header lacks 255 // the size info, then LZMA_VLI_MAX is the maximum possible 256 // Uncompressed Size. 257 coder->uncompressed_limit 258 = block->uncompressed_size == LZMA_VLI_UNKNOWN 259 ? LZMA_VLI_MAX 260 : block->uncompressed_size; 261 262 // Initialize the check. It's caller's problem if the Check ID is not 263 // supported, and the Block decoder cannot verify the Check field. 264 // Caller can test lzma_check_is_supported(block->check). 265 coder->check_pos = 0; 266 lzma_check_init(&coder->check, block->check); 267 268 coder->ignore_check = block->version >= 1 269 ? block->ignore_check : false; 270 271 // Initialize the filter chain. 272 return lzma_raw_decoder_init(&coder->next, allocator, 273 block->filters); 274 } 275 276 277 extern LZMA_API(lzma_ret) 278 lzma_block_decoder(lzma_stream *strm, lzma_block *block) 279 { 280 lzma_next_strm_init(lzma_block_decoder_init, strm, block); 281 282 strm->internal->supported_actions[LZMA_RUN] = true; 283 strm->internal->supported_actions[LZMA_FINISH] = true; 284 285 return LZMA_OK; 286 } 287