1 /////////////////////////////////////////////////////////////////////////////// 2 // 3 /// \file stream_decoder.c 4 /// \brief Decodes .xz Streams 5 // 6 // Author: Lasse Collin 7 // 8 // This file has been put into the public domain. 9 // You can do whatever you want with this file. 10 // 11 /////////////////////////////////////////////////////////////////////////////// 12 13 #include "stream_decoder.h" 14 #include "block_decoder.h" 15 #include "index.h" 16 17 18 typedef struct { 19 enum { 20 SEQ_STREAM_HEADER, 21 SEQ_BLOCK_HEADER, 22 SEQ_BLOCK_INIT, 23 SEQ_BLOCK_RUN, 24 SEQ_INDEX, 25 SEQ_STREAM_FOOTER, 26 SEQ_STREAM_PADDING, 27 } sequence; 28 29 /// Block decoder 30 lzma_next_coder block_decoder; 31 32 /// Block options decoded by the Block Header decoder and used by 33 /// the Block decoder. 34 lzma_block block_options; 35 36 /// Stream Flags from Stream Header 37 lzma_stream_flags stream_flags; 38 39 /// Index is hashed so that it can be compared to the sizes of Blocks 40 /// with O(1) memory usage. 41 lzma_index_hash *index_hash; 42 43 /// Memory usage limit 44 uint64_t memlimit; 45 46 /// Amount of memory actually needed (only an estimate) 47 uint64_t memusage; 48 49 /// If true, LZMA_NO_CHECK is returned if the Stream has 50 /// no integrity check. 51 bool tell_no_check; 52 53 /// If true, LZMA_UNSUPPORTED_CHECK is returned if the Stream has 54 /// an integrity check that isn't supported by this liblzma build. 55 bool tell_unsupported_check; 56 57 /// If true, LZMA_GET_CHECK is returned after decoding Stream Header. 58 bool tell_any_check; 59 60 /// If true, we will tell the Block decoder to skip calculating 61 /// and verifying the integrity check. 62 bool ignore_check; 63 64 /// If true, we will decode concatenated Streams that possibly have 65 /// Stream Padding between or after them. LZMA_STREAM_END is returned 66 /// once the application isn't giving us any new input (LZMA_FINISH), 67 /// and we aren't in the middle of a Stream, and possible 68 /// Stream Padding is a multiple of four bytes. 69 bool concatenated; 70 71 /// When decoding concatenated Streams, this is true as long as we 72 /// are decoding the first Stream. This is needed to avoid misleading 73 /// LZMA_FORMAT_ERROR in case the later Streams don't have valid magic 74 /// bytes. 75 bool first_stream; 76 77 /// Write position in buffer[] and position in Stream Padding 78 size_t pos; 79 80 /// Buffer to hold Stream Header, Block Header, and Stream Footer. 81 /// Block Header has biggest maximum size. 82 uint8_t buffer[LZMA_BLOCK_HEADER_SIZE_MAX]; 83 } lzma_stream_coder; 84 85 86 static lzma_ret 87 stream_decoder_reset(lzma_stream_coder *coder, const lzma_allocator *allocator) 88 { 89 // Initialize the Index hash used to verify the Index. 90 coder->index_hash = lzma_index_hash_init(coder->index_hash, allocator); 91 if (coder->index_hash == NULL) 92 return LZMA_MEM_ERROR; 93 94 // Reset the rest of the variables. 95 coder->sequence = SEQ_STREAM_HEADER; 96 coder->pos = 0; 97 98 return LZMA_OK; 99 } 100 101 102 static lzma_ret 103 stream_decode(void *coder_ptr, const lzma_allocator *allocator, 104 const uint8_t *restrict in, size_t *restrict in_pos, 105 size_t in_size, uint8_t *restrict out, 106 size_t *restrict out_pos, size_t out_size, lzma_action action) 107 { 108 lzma_stream_coder *coder = coder_ptr; 109 110 // When decoding the actual Block, it may be able to produce more 111 // output even if we don't give it any new input. 112 while (true) 113 switch (coder->sequence) { 114 case SEQ_STREAM_HEADER: { 115 // Copy the Stream Header to the internal buffer. 116 lzma_bufcpy(in, in_pos, in_size, coder->buffer, &coder->pos, 117 LZMA_STREAM_HEADER_SIZE); 118 119 // Return if we didn't get the whole Stream Header yet. 120 if (coder->pos < LZMA_STREAM_HEADER_SIZE) 121 return LZMA_OK; 122 123 coder->pos = 0; 124 125 // Decode the Stream Header. 126 const lzma_ret ret = lzma_stream_header_decode( 127 &coder->stream_flags, coder->buffer); 128 if (ret != LZMA_OK) 129 return ret == LZMA_FORMAT_ERROR && !coder->first_stream 130 ? LZMA_DATA_ERROR : ret; 131 132 // If we are decoding concatenated Streams, and the later 133 // Streams have invalid Header Magic Bytes, we give 134 // LZMA_DATA_ERROR instead of LZMA_FORMAT_ERROR. 135 coder->first_stream = false; 136 137 // Copy the type of the Check so that Block Header and Block 138 // decoders see it. 139 coder->block_options.check = coder->stream_flags.check; 140 141 // Even if we return LZMA_*_CHECK below, we want 142 // to continue from Block Header decoding. 143 coder->sequence = SEQ_BLOCK_HEADER; 144 145 // Detect if there's no integrity check or if it is 146 // unsupported if those were requested by the application. 147 if (coder->tell_no_check && coder->stream_flags.check 148 == LZMA_CHECK_NONE) 149 return LZMA_NO_CHECK; 150 151 if (coder->tell_unsupported_check 152 && !lzma_check_is_supported( 153 coder->stream_flags.check)) 154 return LZMA_UNSUPPORTED_CHECK; 155 156 if (coder->tell_any_check) 157 return LZMA_GET_CHECK; 158 } 159 160 // Fall through 161 162 case SEQ_BLOCK_HEADER: { 163 if (*in_pos >= in_size) 164 return LZMA_OK; 165 166 if (coder->pos == 0) { 167 // Detect if it's Index. 168 if (in[*in_pos] == INDEX_INDICATOR) { 169 coder->sequence = SEQ_INDEX; 170 break; 171 } 172 173 // Calculate the size of the Block Header. Note that 174 // Block Header decoder wants to see this byte too 175 // so don't advance *in_pos. 176 coder->block_options.header_size 177 = lzma_block_header_size_decode( 178 in[*in_pos]); 179 } 180 181 // Copy the Block Header to the internal buffer. 182 lzma_bufcpy(in, in_pos, in_size, coder->buffer, &coder->pos, 183 coder->block_options.header_size); 184 185 // Return if we didn't get the whole Block Header yet. 186 if (coder->pos < coder->block_options.header_size) 187 return LZMA_OK; 188 189 coder->pos = 0; 190 coder->sequence = SEQ_BLOCK_INIT; 191 } 192 193 // Fall through 194 195 case SEQ_BLOCK_INIT: { 196 // Checking memusage and doing the initialization needs 197 // its own sequence point because we need to be able to 198 // retry if we return LZMA_MEMLIMIT_ERROR. 199 200 // Version 1 is needed to support the .ignore_check option. 201 coder->block_options.version = 1; 202 203 // Set up a buffer to hold the filter chain. Block Header 204 // decoder will initialize all members of this array so 205 // we don't need to do it here. 206 lzma_filter filters[LZMA_FILTERS_MAX + 1]; 207 coder->block_options.filters = filters; 208 209 // Decode the Block Header. 210 return_if_error(lzma_block_header_decode(&coder->block_options, 211 allocator, coder->buffer)); 212 213 // If LZMA_IGNORE_CHECK was used, this flag needs to be set. 214 // It has to be set after lzma_block_header_decode() because 215 // it always resets this to false. 216 coder->block_options.ignore_check = coder->ignore_check; 217 218 // Check the memory usage limit. 219 const uint64_t memusage = lzma_raw_decoder_memusage(filters); 220 lzma_ret ret; 221 222 if (memusage == UINT64_MAX) { 223 // One or more unknown Filter IDs. 224 ret = LZMA_OPTIONS_ERROR; 225 } else { 226 // Now we can set coder->memusage since we know that 227 // the filter chain is valid. We don't want 228 // lzma_memusage() to return UINT64_MAX in case of 229 // invalid filter chain. 230 coder->memusage = memusage; 231 232 if (memusage > coder->memlimit) { 233 // The chain would need too much memory. 234 ret = LZMA_MEMLIMIT_ERROR; 235 } else { 236 // Memory usage is OK. 237 // Initialize the Block decoder. 238 ret = lzma_block_decoder_init( 239 &coder->block_decoder, 240 allocator, 241 &coder->block_options); 242 } 243 } 244 245 // Free the allocated filter options since they are needed 246 // only to initialize the Block decoder. 247 lzma_filters_free(filters, allocator); 248 coder->block_options.filters = NULL; 249 250 // Check if memory usage calculation and Block decoder 251 // initialization succeeded. 252 if (ret != LZMA_OK) 253 return ret; 254 255 coder->sequence = SEQ_BLOCK_RUN; 256 } 257 258 // Fall through 259 260 case SEQ_BLOCK_RUN: { 261 const lzma_ret ret = coder->block_decoder.code( 262 coder->block_decoder.coder, allocator, 263 in, in_pos, in_size, out, out_pos, out_size, 264 action); 265 266 if (ret != LZMA_STREAM_END) 267 return ret; 268 269 // Block decoded successfully. Add the new size pair to 270 // the Index hash. 271 return_if_error(lzma_index_hash_append(coder->index_hash, 272 lzma_block_unpadded_size( 273 &coder->block_options), 274 coder->block_options.uncompressed_size)); 275 276 coder->sequence = SEQ_BLOCK_HEADER; 277 break; 278 } 279 280 case SEQ_INDEX: { 281 // If we don't have any input, don't call 282 // lzma_index_hash_decode() since it would return 283 // LZMA_BUF_ERROR, which we must not do here. 284 if (*in_pos >= in_size) 285 return LZMA_OK; 286 287 // Decode the Index and compare it to the hash calculated 288 // from the sizes of the Blocks (if any). 289 const lzma_ret ret = lzma_index_hash_decode(coder->index_hash, 290 in, in_pos, in_size); 291 if (ret != LZMA_STREAM_END) 292 return ret; 293 294 coder->sequence = SEQ_STREAM_FOOTER; 295 } 296 297 // Fall through 298 299 case SEQ_STREAM_FOOTER: { 300 // Copy the Stream Footer to the internal buffer. 301 lzma_bufcpy(in, in_pos, in_size, coder->buffer, &coder->pos, 302 LZMA_STREAM_HEADER_SIZE); 303 304 // Return if we didn't get the whole Stream Footer yet. 305 if (coder->pos < LZMA_STREAM_HEADER_SIZE) 306 return LZMA_OK; 307 308 coder->pos = 0; 309 310 // Decode the Stream Footer. The decoder gives 311 // LZMA_FORMAT_ERROR if the magic bytes don't match, 312 // so convert that return code to LZMA_DATA_ERROR. 313 lzma_stream_flags footer_flags; 314 const lzma_ret ret = lzma_stream_footer_decode( 315 &footer_flags, coder->buffer); 316 if (ret != LZMA_OK) 317 return ret == LZMA_FORMAT_ERROR 318 ? LZMA_DATA_ERROR : ret; 319 320 // Check that Index Size stored in the Stream Footer matches 321 // the real size of the Index field. 322 if (lzma_index_hash_size(coder->index_hash) 323 != footer_flags.backward_size) 324 return LZMA_DATA_ERROR; 325 326 // Compare that the Stream Flags fields are identical in 327 // both Stream Header and Stream Footer. 328 return_if_error(lzma_stream_flags_compare( 329 &coder->stream_flags, &footer_flags)); 330 331 if (!coder->concatenated) 332 return LZMA_STREAM_END; 333 334 coder->sequence = SEQ_STREAM_PADDING; 335 } 336 337 // Fall through 338 339 case SEQ_STREAM_PADDING: 340 assert(coder->concatenated); 341 342 // Skip over possible Stream Padding. 343 while (true) { 344 if (*in_pos >= in_size) { 345 // Unless LZMA_FINISH was used, we cannot 346 // know if there's more input coming later. 347 if (action != LZMA_FINISH) 348 return LZMA_OK; 349 350 // Stream Padding must be a multiple of 351 // four bytes. 352 return coder->pos == 0 353 ? LZMA_STREAM_END 354 : LZMA_DATA_ERROR; 355 } 356 357 // If the byte is not zero, it probably indicates 358 // beginning of a new Stream (or the file is corrupt). 359 if (in[*in_pos] != 0x00) 360 break; 361 362 ++*in_pos; 363 coder->pos = (coder->pos + 1) & 3; 364 } 365 366 // Stream Padding must be a multiple of four bytes (empty 367 // Stream Padding is OK). 368 if (coder->pos != 0) { 369 ++*in_pos; 370 return LZMA_DATA_ERROR; 371 } 372 373 // Prepare to decode the next Stream. 374 return_if_error(stream_decoder_reset(coder, allocator)); 375 break; 376 377 default: 378 assert(0); 379 return LZMA_PROG_ERROR; 380 } 381 382 // Never reached 383 } 384 385 386 static void 387 stream_decoder_end(void *coder_ptr, const lzma_allocator *allocator) 388 { 389 lzma_stream_coder *coder = coder_ptr; 390 lzma_next_end(&coder->block_decoder, allocator); 391 lzma_index_hash_end(coder->index_hash, allocator); 392 lzma_free(coder, allocator); 393 return; 394 } 395 396 397 static lzma_check 398 stream_decoder_get_check(const void *coder_ptr) 399 { 400 const lzma_stream_coder *coder = coder_ptr; 401 return coder->stream_flags.check; 402 } 403 404 405 static lzma_ret 406 stream_decoder_memconfig(void *coder_ptr, uint64_t *memusage, 407 uint64_t *old_memlimit, uint64_t new_memlimit) 408 { 409 lzma_stream_coder *coder = coder_ptr; 410 411 *memusage = coder->memusage; 412 *old_memlimit = coder->memlimit; 413 414 if (new_memlimit != 0) { 415 if (new_memlimit < coder->memusage) 416 return LZMA_MEMLIMIT_ERROR; 417 418 coder->memlimit = new_memlimit; 419 } 420 421 return LZMA_OK; 422 } 423 424 425 extern lzma_ret 426 lzma_stream_decoder_init( 427 lzma_next_coder *next, const lzma_allocator *allocator, 428 uint64_t memlimit, uint32_t flags) 429 { 430 lzma_next_coder_init(&lzma_stream_decoder_init, next, allocator); 431 432 if (flags & ~LZMA_SUPPORTED_FLAGS) 433 return LZMA_OPTIONS_ERROR; 434 435 lzma_stream_coder *coder = next->coder; 436 if (coder == NULL) { 437 coder = lzma_alloc(sizeof(lzma_stream_coder), allocator); 438 if (coder == NULL) 439 return LZMA_MEM_ERROR; 440 441 next->coder = coder; 442 next->code = &stream_decode; 443 next->end = &stream_decoder_end; 444 next->get_check = &stream_decoder_get_check; 445 next->memconfig = &stream_decoder_memconfig; 446 447 coder->block_decoder = LZMA_NEXT_CODER_INIT; 448 coder->index_hash = NULL; 449 } 450 451 coder->memlimit = my_max(1, memlimit); 452 coder->memusage = LZMA_MEMUSAGE_BASE; 453 coder->tell_no_check = (flags & LZMA_TELL_NO_CHECK) != 0; 454 coder->tell_unsupported_check 455 = (flags & LZMA_TELL_UNSUPPORTED_CHECK) != 0; 456 coder->tell_any_check = (flags & LZMA_TELL_ANY_CHECK) != 0; 457 coder->ignore_check = (flags & LZMA_IGNORE_CHECK) != 0; 458 coder->concatenated = (flags & LZMA_CONCATENATED) != 0; 459 coder->first_stream = true; 460 461 return stream_decoder_reset(coder, allocator); 462 } 463 464 465 extern LZMA_API(lzma_ret) 466 lzma_stream_decoder(lzma_stream *strm, uint64_t memlimit, uint32_t flags) 467 { 468 lzma_next_strm_init(lzma_stream_decoder_init, strm, memlimit, flags); 469 470 strm->internal->supported_actions[LZMA_RUN] = true; 471 strm->internal->supported_actions[LZMA_FINISH] = true; 472 473 return LZMA_OK; 474 } 475