xref: /freebsd/contrib/xz/src/liblzma/common/block_header_decoder.c (revision b37f6c9805edb4b89f0a8c2b78f78a3dcfc0647b)
1 ///////////////////////////////////////////////////////////////////////////////
2 //
3 /// \file       block_header_decoder.c
4 /// \brief      Decodes Block Header from .xz files
5 //
6 //  Author:     Lasse Collin
7 //
8 //  This file has been put into the public domain.
9 //  You can do whatever you want with this file.
10 //
11 ///////////////////////////////////////////////////////////////////////////////
12 
13 #include "common.h"
14 #include "check.h"
15 
16 
17 static void
18 free_properties(lzma_block *block, const lzma_allocator *allocator)
19 {
20 	// Free allocated filter options. The last array member is not
21 	// touched after the initialization in the beginning of
22 	// lzma_block_header_decode(), so we don't need to touch that here.
23 	for (size_t i = 0; i < LZMA_FILTERS_MAX; ++i) {
24 		lzma_free(block->filters[i].options, allocator);
25 		block->filters[i].id = LZMA_VLI_UNKNOWN;
26 		block->filters[i].options = NULL;
27 	}
28 
29 	return;
30 }
31 
32 
33 extern LZMA_API(lzma_ret)
34 lzma_block_header_decode(lzma_block *block,
35 		const lzma_allocator *allocator, const uint8_t *in)
36 {
37 	// NOTE: We consider the header to be corrupt not only when the
38 	// CRC32 doesn't match, but also when variable-length integers
39 	// are invalid or over 63 bits, or if the header is too small
40 	// to contain the claimed information.
41 
42 	// Initialize the filter options array. This way the caller can
43 	// safely free() the options even if an error occurs in this function.
44 	for (size_t i = 0; i <= LZMA_FILTERS_MAX; ++i) {
45 		block->filters[i].id = LZMA_VLI_UNKNOWN;
46 		block->filters[i].options = NULL;
47 	}
48 
49 	// Versions 0 and 1 are supported. If a newer version was specified,
50 	// we need to downgrade it.
51 	if (block->version > 1)
52 		block->version = 1;
53 
54 	// This isn't a Block Header option, but since the decompressor will
55 	// read it if version >= 1, it's better to initialize it here than
56 	// to expect the caller to do it since in almost all cases this
57 	// should be false.
58 	block->ignore_check = false;
59 
60 	// Validate Block Header Size and Check type. The caller must have
61 	// already set these, so it is a programming error if this test fails.
62 	if (lzma_block_header_size_decode(in[0]) != block->header_size
63 			|| (unsigned int)(block->check) > LZMA_CHECK_ID_MAX)
64 		return LZMA_PROG_ERROR;
65 
66 	// Exclude the CRC32 field.
67 	const size_t in_size = block->header_size - 4;
68 
69 	// Verify CRC32
70 	if (lzma_crc32(in, in_size, 0) != unaligned_read32le(in + in_size))
71 		return LZMA_DATA_ERROR;
72 
73 	// Check for unsupported flags.
74 	if (in[1] & 0x3C)
75 		return LZMA_OPTIONS_ERROR;
76 
77 	// Start after the Block Header Size and Block Flags fields.
78 	size_t in_pos = 2;
79 
80 	// Compressed Size
81 	if (in[1] & 0x40) {
82 		return_if_error(lzma_vli_decode(&block->compressed_size,
83 				NULL, in, &in_pos, in_size));
84 
85 		// Validate Compressed Size. This checks that it isn't zero
86 		// and that the total size of the Block is a valid VLI.
87 		if (lzma_block_unpadded_size(block) == 0)
88 			return LZMA_DATA_ERROR;
89 	} else {
90 		block->compressed_size = LZMA_VLI_UNKNOWN;
91 	}
92 
93 	// Uncompressed Size
94 	if (in[1] & 0x80)
95 		return_if_error(lzma_vli_decode(&block->uncompressed_size,
96 				NULL, in, &in_pos, in_size));
97 	else
98 		block->uncompressed_size = LZMA_VLI_UNKNOWN;
99 
100 	// Filter Flags
101 	const size_t filter_count = (in[1] & 3) + 1;
102 	for (size_t i = 0; i < filter_count; ++i) {
103 		const lzma_ret ret = lzma_filter_flags_decode(
104 				&block->filters[i], allocator,
105 				in, &in_pos, in_size);
106 		if (ret != LZMA_OK) {
107 			free_properties(block, allocator);
108 			return ret;
109 		}
110 	}
111 
112 	// Padding
113 	while (in_pos < in_size) {
114 		if (in[in_pos++] != 0x00) {
115 			free_properties(block, allocator);
116 
117 			// Possibly some new field present so use
118 			// LZMA_OPTIONS_ERROR instead of LZMA_DATA_ERROR.
119 			return LZMA_OPTIONS_ERROR;
120 		}
121 	}
122 
123 	return LZMA_OK;
124 }
125