1272343Sngie/////////////////////////////////////////////////////////////////////////////// 2272343Sngie// 3272343Sngie/// \file vli_decoder.c 4272343Sngie/// \brief Decodes variable-length integers 5272343Sngie// 6272343Sngie// Author: Lasse Collin 7272343Sngie// 8272343Sngie// This file has been put into the public domain. 9272343Sngie// You can do whatever you want with this file. 10272343Sngie// 11272343Sngie/////////////////////////////////////////////////////////////////////////////// 12272343Sngie 13272343Sngie#include "common.h" 14272343Sngie 15272343Sngie 16272343Sngieextern LZMA_API(lzma_ret) 17272343Sngielzma_vli_decode(lzma_vli *restrict vli, size_t *vli_pos, 18272343Sngie const uint8_t *restrict in, size_t *restrict in_pos, 19272343Sngie size_t in_size) 20272343Sngie{ 21272343Sngie // If we haven't been given vli_pos, work in single-call mode. 22272343Sngie size_t vli_pos_internal = 0; 23272343Sngie if (vli_pos == NULL) { 24272343Sngie vli_pos = &vli_pos_internal; 25272343Sngie *vli = 0; 26272343Sngie 27272343Sngie // If there's no input, use LZMA_DATA_ERROR. This way it is 28272343Sngie // easy to decode VLIs from buffers that have known size, 29272343Sngie // and get the correct error code in case the buffer is 30272343Sngie // too short. 31272343Sngie if (*in_pos >= in_size) 32272343Sngie return LZMA_DATA_ERROR; 33272343Sngie 34272343Sngie } else { 35272343Sngie // Initialize *vli when starting to decode a new integer. 36272343Sngie if (*vli_pos == 0) 37272343Sngie *vli = 0; 38272343Sngie 39272343Sngie // Validate the arguments. 40272343Sngie if (*vli_pos >= LZMA_VLI_BYTES_MAX 41272343Sngie || (*vli >> (*vli_pos * 7)) != 0) 42 return LZMA_PROG_ERROR;; 43 44 if (*in_pos >= in_size) 45 return LZMA_BUF_ERROR; 46 } 47 48 do { 49 // Read the next byte. Use a temporary variable so that we 50 // can update *in_pos immediately. 51 const uint8_t byte = in[*in_pos]; 52 ++*in_pos; 53 54 // Add the newly read byte to *vli. 55 *vli += (lzma_vli)(byte & 0x7F) << (*vli_pos * 7); 56 ++*vli_pos; 57 58 // Check if this is the last byte of a multibyte integer. 59 if ((byte & 0x80) == 0) { 60 // We don't allow using variable-length integers as 61 // padding i.e. the encoding must use the most the 62 // compact form. 63 if (byte == 0x00 && *vli_pos > 1) 64 return LZMA_DATA_ERROR; 65 66 return vli_pos == &vli_pos_internal 67 ? LZMA_OK : LZMA_STREAM_END; 68 } 69 70 // There is at least one more byte coming. If we have already 71 // read maximum number of bytes, the integer is considered 72 // corrupt. 73 // 74 // If we need bigger integers in future, old versions liblzma 75 // will confusingly indicate the file being corrupt istead of 76 // unsupported. I suppose it's still better this way, because 77 // in the foreseeable future (writing this in 2008) the only 78 // reason why files would appear having over 63-bit integers 79 // is that the files are simply corrupt. 80 if (*vli_pos == LZMA_VLI_BYTES_MAX) 81 return LZMA_DATA_ERROR; 82 83 } while (*in_pos < in_size); 84 85 return vli_pos == &vli_pos_internal ? LZMA_DATA_ERROR : LZMA_OK; 86} 87