archive_read_support_format_rar.c revision 238856
1/*- 2* Copyright (c) 2003-2007 Tim Kientzle 3* Copyright (c) 2011 Andres Mejia 4* All rights reserved. 5* 6* Redistribution and use in source and binary forms, with or without 7* modification, are permitted provided that the following conditions 8* are met: 9* 1. Redistributions of source code must retain the above copyright 10* notice, this list of conditions and the following disclaimer. 11* 2. Redistributions in binary form must reproduce the above copyright 12* notice, this list of conditions and the following disclaimer in the 13* documentation and/or other materials provided with the distribution. 14* 15* THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 16* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18* IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 19* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25*/ 26 27#include "archive_platform.h" 28 29#ifdef HAVE_ERRNO_H 30#include <errno.h> 31#endif 32#include <time.h> 33#include <limits.h> 34#ifdef HAVE_ZLIB_H 35#include <zlib.h> /* crc32 */ 36#endif 37 38#include "archive.h" 39#ifndef HAVE_ZLIB_H 40#include "archive_crc32.h" 41#endif 42#include "archive_endian.h" 43#include "archive_entry.h" 44#include "archive_entry_locale.h" 45#include "archive_ppmd7_private.h" 46#include "archive_private.h" 47#include "archive_read_private.h" 48 49/* RAR signature, also known as the mark header */ 50#define RAR_SIGNATURE "\x52\x61\x72\x21\x1A\x07\x00" 51 52/* Header types */ 53#define MARK_HEAD 0x72 54#define MAIN_HEAD 0x73 55#define FILE_HEAD 0x74 56#define COMM_HEAD 0x75 57#define AV_HEAD 0x76 58#define SUB_HEAD 0x77 59#define PROTECT_HEAD 0x78 60#define SIGN_HEAD 0x79 61#define NEWSUB_HEAD 0x7a 62#define ENDARC_HEAD 0x7b 63 64/* Main Header Flags */ 65#define MHD_VOLUME 0x0001 66#define MHD_COMMENT 0x0002 67#define MHD_LOCK 0x0004 68#define MHD_SOLID 0x0008 69#define MHD_NEWNUMBERING 0x0010 70#define MHD_AV 0x0020 71#define MHD_PROTECT 0x0040 72#define MHD_PASSWORD 0x0080 73#define MHD_FIRSTVOLUME 0x0100 74#define MHD_ENCRYPTVER 0x0200 75 76/* Flags common to all headers */ 77#define HD_MARKDELETION 0x4000 78#define HD_ADD_SIZE_PRESENT 0x8000 79 80/* File Header Flags */ 81#define FHD_SPLIT_BEFORE 0x0001 82#define FHD_SPLIT_AFTER 0x0002 83#define FHD_PASSWORD 0x0004 84#define FHD_COMMENT 0x0008 85#define FHD_SOLID 0x0010 86#define FHD_LARGE 0x0100 87#define FHD_UNICODE 0x0200 88#define FHD_SALT 0x0400 89#define FHD_VERSION 0x0800 90#define FHD_EXTTIME 0x1000 91#define FHD_EXTFLAGS 0x2000 92 93/* File dictionary sizes */ 94#define DICTIONARY_SIZE_64 0x00 95#define DICTIONARY_SIZE_128 0x20 96#define DICTIONARY_SIZE_256 0x40 97#define DICTIONARY_SIZE_512 0x60 98#define DICTIONARY_SIZE_1024 0x80 99#define DICTIONARY_SIZE_2048 0xA0 100#define DICTIONARY_SIZE_4096 0xC0 101#define FILE_IS_DIRECTORY 0xE0 102#define DICTIONARY_MASK FILE_IS_DIRECTORY 103 104/* OS Flags */ 105#define OS_MSDOS 0 106#define OS_OS2 1 107#define OS_WIN32 2 108#define OS_UNIX 3 109#define OS_MAC_OS 4 110#define OS_BEOS 5 111 112/* Compression Methods */ 113#define COMPRESS_METHOD_STORE 0x30 114/* LZSS */ 115#define COMPRESS_METHOD_FASTEST 0x31 116#define COMPRESS_METHOD_FAST 0x32 117#define COMPRESS_METHOD_NORMAL 0x33 118/* PPMd Variant H */ 119#define COMPRESS_METHOD_GOOD 0x34 120#define COMPRESS_METHOD_BEST 0x35 121 122#define CRC_POLYNOMIAL 0xEDB88320 123 124#define NS_UNIT 10000000 125 126#define DICTIONARY_MAX_SIZE 0x400000 127 128#define MAINCODE_SIZE 299 129#define OFFSETCODE_SIZE 60 130#define LOWOFFSETCODE_SIZE 17 131#define LENGTHCODE_SIZE 28 132#define HUFFMAN_TABLE_SIZE \ 133 MAINCODE_SIZE + OFFSETCODE_SIZE + LOWOFFSETCODE_SIZE + LENGTHCODE_SIZE 134 135#define MAX_SYMBOL_LENGTH 0xF 136#define MAX_SYMBOLS 20 137 138/* 139 * Considering L1,L2 cache miss and a calling of write system-call, 140 * the best size of the output buffer(uncompressed buffer) is 128K. 141 * If the structure of extracting process is changed, this value 142 * might be researched again. 143 */ 144#define UNP_BUFFER_SIZE (128 * 1024) 145 146/* Define this here for non-Windows platforms */ 147#if !((defined(__WIN32__) || defined(_WIN32) || defined(__WIN32)) && !defined(__CYGWIN__)) 148#define FILE_ATTRIBUTE_DIRECTORY 0x10 149#endif 150 151/* Fields common to all headers */ 152struct rar_header 153{ 154 char crc[2]; 155 char type; 156 char flags[2]; 157 char size[2]; 158}; 159 160/* Fields common to all file headers */ 161struct rar_file_header 162{ 163 char pack_size[4]; 164 char unp_size[4]; 165 char host_os; 166 char file_crc[4]; 167 char file_time[4]; 168 char unp_ver; 169 char method; 170 char name_size[2]; 171 char file_attr[4]; 172}; 173 174struct huffman_tree_node 175{ 176 int branches[2]; 177}; 178 179struct huffman_table_entry 180{ 181 unsigned int length; 182 int value; 183}; 184 185struct huffman_code 186{ 187 struct huffman_tree_node *tree; 188 int numentries; 189 int minlength; 190 int maxlength; 191 int tablesize; 192 struct huffman_table_entry *table; 193}; 194 195struct lzss 196{ 197 unsigned char *window; 198 int mask; 199 int64_t position; 200}; 201 202struct rar 203{ 204 /* Entries from main RAR header */ 205 unsigned main_flags; 206 unsigned long file_crc; 207 char reserved1[2]; 208 char reserved2[4]; 209 char encryptver; 210 211 /* File header entries */ 212 char compression_method; 213 unsigned file_flags; 214 int64_t packed_size; 215 int64_t unp_size; 216 time_t mtime; 217 long mnsec; 218 mode_t mode; 219 char *filename; 220 size_t filename_allocated; 221 222 /* File header optional entries */ 223 char salt[8]; 224 time_t atime; 225 long ansec; 226 time_t ctime; 227 long cnsec; 228 time_t arctime; 229 long arcnsec; 230 231 /* Fields to help with tracking decompression of files. */ 232 int64_t bytes_unconsumed; 233 int64_t bytes_remaining; 234 int64_t bytes_uncopied; 235 int64_t offset; 236 int64_t offset_outgoing; 237 char valid; 238 unsigned int unp_offset; 239 unsigned int unp_buffer_size; 240 unsigned char *unp_buffer; 241 unsigned int dictionary_size; 242 char start_new_block; 243 char entry_eof; 244 unsigned long crc_calculated; 245 int found_first_header; 246 247 /* LZSS members */ 248 struct huffman_code maincode; 249 struct huffman_code offsetcode; 250 struct huffman_code lowoffsetcode; 251 struct huffman_code lengthcode; 252 unsigned char lengthtable[HUFFMAN_TABLE_SIZE]; 253 struct lzss lzss; 254 char output_last_match; 255 unsigned int lastlength; 256 unsigned int lastoffset; 257 unsigned int oldoffset[4]; 258 unsigned int lastlowoffset; 259 unsigned int numlowoffsetrepeats; 260 int64_t filterstart; 261 char start_new_table; 262 263 /* PPMd Variant H members */ 264 char ppmd_valid; 265 char ppmd_eod; 266 char is_ppmd_block; 267 int ppmd_escape; 268 CPpmd7 ppmd7_context; 269 CPpmd7z_RangeDec range_dec; 270 IByteIn bytein; 271 272 /* 273 * String conversion object. 274 */ 275 int init_default_conversion; 276 struct archive_string_conv *sconv_default; 277 struct archive_string_conv *opt_sconv; 278 struct archive_string_conv *sconv_utf8; 279 struct archive_string_conv *sconv_utf16be; 280 281 /* 282 * Bit stream reader. 283 */ 284 struct rar_br { 285#define CACHE_TYPE uint64_t 286#define CACHE_BITS (8 * sizeof(CACHE_TYPE)) 287 /* Cache buffer. */ 288 CACHE_TYPE cache_buffer; 289 /* Indicates how many bits avail in cache_buffer. */ 290 int cache_avail; 291 ssize_t avail_in; 292 const unsigned char *next_in; 293 } br; 294}; 295 296static int archive_read_format_rar_bid(struct archive_read *, int); 297static int archive_read_format_rar_options(struct archive_read *, 298 const char *, const char *); 299static int archive_read_format_rar_read_header(struct archive_read *, 300 struct archive_entry *); 301static int archive_read_format_rar_read_data(struct archive_read *, 302 const void **, size_t *, int64_t *); 303static int archive_read_format_rar_read_data_skip(struct archive_read *a); 304static int archive_read_format_rar_cleanup(struct archive_read *); 305 306/* Support functions */ 307static int read_header(struct archive_read *, struct archive_entry *, char); 308static time_t get_time(int); 309static int read_exttime(const char *, struct rar *, const char *); 310static int read_symlink_stored(struct archive_read *, struct archive_entry *, 311 struct archive_string_conv *); 312static int read_data_stored(struct archive_read *, const void **, size_t *, 313 int64_t *); 314static int read_data_compressed(struct archive_read *, const void **, size_t *, 315 int64_t *); 316static int rar_br_preparation(struct archive_read *, struct rar_br *); 317static int parse_codes(struct archive_read *); 318static void free_codes(struct archive_read *); 319static int read_next_symbol(struct archive_read *, struct huffman_code *); 320static int create_code(struct archive_read *, struct huffman_code *, 321 unsigned char *, int, char); 322static int add_value(struct archive_read *, struct huffman_code *, int, int, 323 int); 324static int new_node(struct huffman_code *); 325static int make_table(struct archive_read *, struct huffman_code *); 326static int make_table_recurse(struct archive_read *, struct huffman_code *, int, 327 struct huffman_table_entry *, int, int); 328static int64_t expand(struct archive_read *, int64_t); 329static int copy_from_lzss_window(struct archive_read *, const void **, 330 int64_t, int); 331 332/* 333 * Bit stream reader. 334 */ 335/* Check that the cache buffer has enough bits. */ 336#define rar_br_has(br, n) ((br)->cache_avail >= n) 337/* Get compressed data by bit. */ 338#define rar_br_bits(br, n) \ 339 (((uint32_t)((br)->cache_buffer >> \ 340 ((br)->cache_avail - (n)))) & cache_masks[n]) 341#define rar_br_bits_forced(br, n) \ 342 (((uint32_t)((br)->cache_buffer << \ 343 ((n) - (br)->cache_avail))) & cache_masks[n]) 344/* Read ahead to make sure the cache buffer has enough compressed data we 345 * will use. 346 * True : completed, there is enough data in the cache buffer. 347 * False : there is no data in the stream. */ 348#define rar_br_read_ahead(a, br, n) \ 349 ((rar_br_has(br, (n)) || rar_br_fillup(a, br)) || rar_br_has(br, (n))) 350/* Notify how many bits we consumed. */ 351#define rar_br_consume(br, n) ((br)->cache_avail -= (n)) 352#define rar_br_consume_unalined_bits(br) ((br)->cache_avail &= ~7) 353 354static const uint32_t cache_masks[] = { 355 0x00000000, 0x00000001, 0x00000003, 0x00000007, 356 0x0000000F, 0x0000001F, 0x0000003F, 0x0000007F, 357 0x000000FF, 0x000001FF, 0x000003FF, 0x000007FF, 358 0x00000FFF, 0x00001FFF, 0x00003FFF, 0x00007FFF, 359 0x0000FFFF, 0x0001FFFF, 0x0003FFFF, 0x0007FFFF, 360 0x000FFFFF, 0x001FFFFF, 0x003FFFFF, 0x007FFFFF, 361 0x00FFFFFF, 0x01FFFFFF, 0x03FFFFFF, 0x07FFFFFF, 362 0x0FFFFFFF, 0x1FFFFFFF, 0x3FFFFFFF, 0x7FFFFFFF, 363 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF 364}; 365 366/* 367 * Shift away used bits in the cache data and fill it up with following bits. 368 * Call this when cache buffer does not have enough bits you need. 369 * 370 * Returns 1 if the cache buffer is full. 371 * Returns 0 if the cache buffer is not full; input buffer is empty. 372 */ 373static int 374rar_br_fillup(struct archive_read *a, struct rar_br *br) 375{ 376 struct rar *rar = (struct rar *)(a->format->data); 377 int n = CACHE_BITS - br->cache_avail; 378 379 for (;;) { 380 switch (n >> 3) { 381 case 8: 382 if (br->avail_in >= 8) { 383 br->cache_buffer = 384 ((uint64_t)br->next_in[0]) << 56 | 385 ((uint64_t)br->next_in[1]) << 48 | 386 ((uint64_t)br->next_in[2]) << 40 | 387 ((uint64_t)br->next_in[3]) << 32 | 388 ((uint32_t)br->next_in[4]) << 24 | 389 ((uint32_t)br->next_in[5]) << 16 | 390 ((uint32_t)br->next_in[6]) << 8 | 391 (uint32_t)br->next_in[7]; 392 br->next_in += 8; 393 br->avail_in -= 8; 394 br->cache_avail += 8 * 8; 395 rar->bytes_unconsumed += 8; 396 rar->bytes_remaining -= 8; 397 return (1); 398 } 399 break; 400 case 7: 401 if (br->avail_in >= 7) { 402 br->cache_buffer = 403 (br->cache_buffer << 56) | 404 ((uint64_t)br->next_in[0]) << 48 | 405 ((uint64_t)br->next_in[1]) << 40 | 406 ((uint64_t)br->next_in[2]) << 32 | 407 ((uint32_t)br->next_in[3]) << 24 | 408 ((uint32_t)br->next_in[4]) << 16 | 409 ((uint32_t)br->next_in[5]) << 8 | 410 (uint32_t)br->next_in[6]; 411 br->next_in += 7; 412 br->avail_in -= 7; 413 br->cache_avail += 7 * 8; 414 rar->bytes_unconsumed += 7; 415 rar->bytes_remaining -= 7; 416 return (1); 417 } 418 break; 419 case 6: 420 if (br->avail_in >= 6) { 421 br->cache_buffer = 422 (br->cache_buffer << 48) | 423 ((uint64_t)br->next_in[0]) << 40 | 424 ((uint64_t)br->next_in[1]) << 32 | 425 ((uint32_t)br->next_in[2]) << 24 | 426 ((uint32_t)br->next_in[3]) << 16 | 427 ((uint32_t)br->next_in[4]) << 8 | 428 (uint32_t)br->next_in[5]; 429 br->next_in += 6; 430 br->avail_in -= 6; 431 br->cache_avail += 6 * 8; 432 rar->bytes_unconsumed += 6; 433 rar->bytes_remaining -= 6; 434 return (1); 435 } 436 break; 437 case 0: 438 /* We have enough compressed data in 439 * the cache buffer.*/ 440 return (1); 441 default: 442 break; 443 } 444 if (br->avail_in <= 0) { 445 446 if (rar->bytes_unconsumed > 0) { 447 /* Consume as much as the decompressor 448 * actually used. */ 449 __archive_read_consume(a, rar->bytes_unconsumed); 450 rar->bytes_unconsumed = 0; 451 } 452 br->next_in = __archive_read_ahead(a, 1, &(br->avail_in)); 453 if (br->next_in == NULL) 454 return (0); 455 if (br->avail_in > rar->bytes_remaining) 456 br->avail_in = (ssize_t)rar->bytes_remaining; 457 if (br->avail_in == 0) 458 return (0); 459 } 460 br->cache_buffer = 461 (br->cache_buffer << 8) | *br->next_in++; 462 br->avail_in--; 463 br->cache_avail += 8; 464 n -= 8; 465 rar->bytes_unconsumed++; 466 rar->bytes_remaining--; 467 } 468} 469 470static int 471rar_br_preparation(struct archive_read *a, struct rar_br *br) 472{ 473 struct rar *rar = (struct rar *)(a->format->data); 474 475 if (rar->bytes_remaining > 0) { 476 br->next_in = __archive_read_ahead(a, 1, &(br->avail_in)); 477 if (br->next_in == NULL) { 478 archive_set_error(&a->archive, 479 ARCHIVE_ERRNO_FILE_FORMAT, 480 "Truncated RAR file data"); 481 return (ARCHIVE_FATAL); 482 } 483 if (br->avail_in > rar->bytes_remaining) 484 br->avail_in = (ssize_t)rar->bytes_remaining; 485 if (br->cache_avail == 0) 486 (void)rar_br_fillup(a, br); 487 } 488 return (ARCHIVE_OK); 489} 490 491/* Find last bit set */ 492static inline int 493rar_fls(unsigned int word) 494{ 495 word |= (word >> 1); 496 word |= (word >> 2); 497 word |= (word >> 4); 498 word |= (word >> 8); 499 word |= (word >> 16); 500 return word - (word >> 1); 501} 502 503/* LZSS functions */ 504static inline int64_t 505lzss_position(struct lzss *lzss) 506{ 507 return lzss->position; 508} 509 510static inline int 511lzss_mask(struct lzss *lzss) 512{ 513 return lzss->mask; 514} 515 516static inline int 517lzss_size(struct lzss *lzss) 518{ 519 return lzss->mask + 1; 520} 521 522static inline int 523lzss_offset_for_position(struct lzss *lzss, int64_t pos) 524{ 525 return (int)(pos & lzss->mask); 526} 527 528static inline unsigned char * 529lzss_pointer_for_position(struct lzss *lzss, int64_t pos) 530{ 531 return &lzss->window[lzss_offset_for_position(lzss, pos)]; 532} 533 534static inline int 535lzss_current_offset(struct lzss *lzss) 536{ 537 return lzss_offset_for_position(lzss, lzss->position); 538} 539 540static inline uint8_t * 541lzss_current_pointer(struct lzss *lzss) 542{ 543 return lzss_pointer_for_position(lzss, lzss->position); 544} 545 546static inline void 547lzss_emit_literal(struct rar *rar, uint8_t literal) 548{ 549 *lzss_current_pointer(&rar->lzss) = literal; 550 rar->lzss.position++; 551} 552 553static inline void 554lzss_emit_match(struct rar *rar, int offset, int length) 555{ 556 int dstoffs = lzss_current_offset(&rar->lzss); 557 int srcoffs = (dstoffs - offset) & lzss_mask(&rar->lzss); 558 int l, li, remaining; 559 unsigned char *d, *s; 560 561 remaining = length; 562 while (remaining > 0) { 563 l = remaining; 564 if (dstoffs > srcoffs) { 565 if (l > lzss_size(&rar->lzss) - dstoffs) 566 l = lzss_size(&rar->lzss) - dstoffs; 567 } else { 568 if (l > lzss_size(&rar->lzss) - srcoffs) 569 l = lzss_size(&rar->lzss) - srcoffs; 570 } 571 d = &(rar->lzss.window[dstoffs]); 572 s = &(rar->lzss.window[srcoffs]); 573 if ((dstoffs + l < srcoffs) || (srcoffs + l < dstoffs)) 574 memcpy(d, s, l); 575 else { 576 for (li = 0; li < l; li++) 577 d[li] = s[li]; 578 } 579 remaining -= l; 580 dstoffs = (dstoffs + l) & lzss_mask(&(rar->lzss)); 581 srcoffs = (srcoffs + l) & lzss_mask(&(rar->lzss)); 582 } 583 rar->lzss.position += length; 584} 585 586static void * 587ppmd_alloc(void *p, size_t size) 588{ 589 (void)p; 590 return malloc(size); 591} 592static void 593ppmd_free(void *p, void *address) 594{ 595 (void)p; 596 free(address); 597} 598static ISzAlloc g_szalloc = { ppmd_alloc, ppmd_free }; 599 600static Byte 601ppmd_read(void *p) 602{ 603 struct archive_read *a = ((IByteIn*)p)->a; 604 struct rar *rar = (struct rar *)(a->format->data); 605 struct rar_br *br = &(rar->br); 606 Byte b; 607 if (!rar_br_read_ahead(a, br, 8)) 608 { 609 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 610 "Truncated RAR file data"); 611 rar->valid = 0; 612 return 0; 613 } 614 b = rar_br_bits(br, 8); 615 rar_br_consume(br, 8); 616 return b; 617} 618 619int 620archive_read_support_format_rar(struct archive *_a) 621{ 622 struct archive_read *a = (struct archive_read *)_a; 623 struct rar *rar; 624 int r; 625 626 archive_check_magic(_a, ARCHIVE_READ_MAGIC, ARCHIVE_STATE_NEW, 627 "archive_read_support_format_rar"); 628 629 rar = (struct rar *)malloc(sizeof(*rar)); 630 if (rar == NULL) 631 { 632 archive_set_error(&a->archive, ENOMEM, "Can't allocate rar data"); 633 return (ARCHIVE_FATAL); 634 } 635 memset(rar, 0, sizeof(*rar)); 636 637 r = __archive_read_register_format(a, 638 rar, 639 "rar", 640 archive_read_format_rar_bid, 641 archive_read_format_rar_options, 642 archive_read_format_rar_read_header, 643 archive_read_format_rar_read_data, 644 archive_read_format_rar_read_data_skip, 645 archive_read_format_rar_cleanup); 646 647 if (r != ARCHIVE_OK) 648 free(rar); 649 return (r); 650} 651 652static int 653archive_read_format_rar_bid(struct archive_read *a, int best_bid) 654{ 655 const char *p; 656 657 /* If there's already a bid > 30, we'll never win. */ 658 if (best_bid > 30) 659 return (-1); 660 661 if ((p = __archive_read_ahead(a, 7, NULL)) == NULL) 662 return (-1); 663 664 if (memcmp(p, RAR_SIGNATURE, 7) == 0) 665 return (30); 666 667 if ((p[0] == 'M' && p[1] == 'Z') || memcmp(p, "\x7F\x45LF", 4) == 0) { 668 /* This is a PE file */ 669 ssize_t offset = 0x10000; 670 ssize_t window = 4096; 671 ssize_t bytes_avail; 672 while (offset + window <= (1024 * 128)) { 673 const char *buff = __archive_read_ahead(a, offset + window, &bytes_avail); 674 if (buff == NULL) { 675 /* Remaining bytes are less than window. */ 676 window >>= 1; 677 if (window < 0x40) 678 return (0); 679 continue; 680 } 681 p = buff + offset; 682 while (p + 7 < buff + bytes_avail) { 683 if (memcmp(p, RAR_SIGNATURE, 7) == 0) 684 return (30); 685 p += 0x10; 686 } 687 offset = p - buff; 688 } 689 } 690 return (0); 691} 692 693static int 694skip_sfx(struct archive_read *a) 695{ 696 const void *h; 697 const char *p, *q; 698 size_t skip, total; 699 ssize_t bytes, window; 700 701 total = 0; 702 window = 4096; 703 while (total + window <= (1024 * 128)) { 704 h = __archive_read_ahead(a, window, &bytes); 705 if (h == NULL) { 706 /* Remaining bytes are less than window. */ 707 window >>= 1; 708 if (window < 0x40) 709 goto fatal; 710 continue; 711 } 712 if (bytes < 0x40) 713 goto fatal; 714 p = h; 715 q = p + bytes; 716 717 /* 718 * Scan ahead until we find something that looks 719 * like the RAR header. 720 */ 721 while (p + 7 < q) { 722 if (memcmp(p, RAR_SIGNATURE, 7) == 0) { 723 skip = p - (const char *)h; 724 __archive_read_consume(a, skip); 725 return (ARCHIVE_OK); 726 } 727 p += 0x10; 728 } 729 skip = p - (const char *)h; 730 __archive_read_consume(a, skip); 731 total += skip; 732 } 733fatal: 734 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 735 "Couldn't find out RAR header"); 736 return (ARCHIVE_FATAL); 737} 738 739static int 740archive_read_format_rar_options(struct archive_read *a, 741 const char *key, const char *val) 742{ 743 struct rar *rar; 744 int ret = ARCHIVE_FAILED; 745 746 rar = (struct rar *)(a->format->data); 747 if (strcmp(key, "hdrcharset") == 0) { 748 if (val == NULL || val[0] == 0) 749 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 750 "rar: hdrcharset option needs a character-set name"); 751 else { 752 rar->opt_sconv = 753 archive_string_conversion_from_charset( 754 &a->archive, val, 0); 755 if (rar->opt_sconv != NULL) 756 ret = ARCHIVE_OK; 757 else 758 ret = ARCHIVE_FATAL; 759 } 760 return (ret); 761 } 762 763 /* Note: The "warn" return is just to inform the options 764 * supervisor that we didn't handle it. It will generate 765 * a suitable error if no one used this option. */ 766 return (ARCHIVE_WARN); 767} 768 769static int 770archive_read_format_rar_read_header(struct archive_read *a, 771 struct archive_entry *entry) 772{ 773 const void *h; 774 const char *p; 775 struct rar *rar; 776 size_t skip; 777 char head_type; 778 int ret; 779 unsigned flags; 780 781 a->archive.archive_format = ARCHIVE_FORMAT_RAR; 782 if (a->archive.archive_format_name == NULL) 783 a->archive.archive_format_name = "RAR"; 784 785 rar = (struct rar *)(a->format->data); 786 787 /* RAR files can be generated without EOF headers, so return ARCHIVE_EOF if 788 * this fails. 789 */ 790 if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) 791 return (ARCHIVE_EOF); 792 793 p = h; 794 if (rar->found_first_header == 0 && 795 ((p[0] == 'M' && p[1] == 'Z') || memcmp(p, "\x7F\x45LF", 4) == 0)) { 796 /* This is an executable ? Must be self-extracting... */ 797 ret = skip_sfx(a); 798 if (ret < ARCHIVE_WARN) 799 return (ret); 800 } 801 rar->found_first_header = 1; 802 803 while (1) 804 { 805 unsigned long crc32_val; 806 807 if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) 808 return (ARCHIVE_FATAL); 809 p = h; 810 811 head_type = p[2]; 812 switch(head_type) 813 { 814 case MARK_HEAD: 815 if (memcmp(p, RAR_SIGNATURE, 7) != 0) { 816 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 817 "Invalid marker header"); 818 return (ARCHIVE_FATAL); 819 } 820 __archive_read_consume(a, 7); 821 break; 822 823 case MAIN_HEAD: 824 rar->main_flags = archive_le16dec(p + 3); 825 skip = archive_le16dec(p + 5); 826 if (skip < 7 + sizeof(rar->reserved1) + sizeof(rar->reserved2)) { 827 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 828 "Invalid header size"); 829 return (ARCHIVE_FATAL); 830 } 831 if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) 832 return (ARCHIVE_FATAL); 833 p = h; 834 memcpy(rar->reserved1, p + 7, sizeof(rar->reserved1)); 835 memcpy(rar->reserved2, p + 7 + sizeof(rar->reserved1), 836 sizeof(rar->reserved2)); 837 if (rar->main_flags & MHD_ENCRYPTVER) { 838 if (skip < 7 + sizeof(rar->reserved1) + sizeof(rar->reserved2)+1) { 839 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 840 "Invalid header size"); 841 return (ARCHIVE_FATAL); 842 } 843 rar->encryptver = *(p + 7 + sizeof(rar->reserved1) + 844 sizeof(rar->reserved2)); 845 } 846 847 if (rar->main_flags & MHD_VOLUME || 848 rar->main_flags & MHD_FIRSTVOLUME) 849 { 850 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 851 "RAR volume support unavailable."); 852 return (ARCHIVE_FATAL); 853 } 854 if (rar->main_flags & MHD_PASSWORD) 855 { 856 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 857 "RAR encryption support unavailable."); 858 return (ARCHIVE_FATAL); 859 } 860 861 crc32_val = crc32(0, (const unsigned char *)p + 2, skip - 2); 862 if ((crc32_val & 0xffff) != archive_le16dec(p)) { 863 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 864 "Header CRC error"); 865 return (ARCHIVE_FATAL); 866 } 867 __archive_read_consume(a, skip); 868 break; 869 870 case FILE_HEAD: 871 return read_header(a, entry, head_type); 872 873 case COMM_HEAD: 874 case AV_HEAD: 875 case SUB_HEAD: 876 case PROTECT_HEAD: 877 case SIGN_HEAD: 878 flags = archive_le16dec(p + 3); 879 skip = archive_le16dec(p + 5); 880 if (skip < 7) { 881 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 882 "Invalid header size"); 883 return (ARCHIVE_FATAL); 884 } 885 if (skip > 7) { 886 if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) 887 return (ARCHIVE_FATAL); 888 p = h; 889 } 890 if (flags & HD_ADD_SIZE_PRESENT) 891 { 892 if (skip < 7 + 4) { 893 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 894 "Invalid header size"); 895 return (ARCHIVE_FATAL); 896 } 897 skip += archive_le32dec(p + 7); 898 if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) 899 return (ARCHIVE_FATAL); 900 p = h; 901 } 902 903 crc32_val = crc32(0, (const unsigned char *)p + 2, skip - 2); 904 if ((crc32_val & 0xffff) != archive_le16dec(p)) { 905 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 906 "Header CRC error"); 907 return (ARCHIVE_FATAL); 908 } 909 __archive_read_consume(a, skip); 910 break; 911 912 case NEWSUB_HEAD: 913 if ((ret = read_header(a, entry, head_type)) < ARCHIVE_WARN) 914 return ret; 915 break; 916 917 case ENDARC_HEAD: 918 return (ARCHIVE_EOF); 919 920 default: 921 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 922 "Bad RAR file"); 923 return (ARCHIVE_FATAL); 924 } 925 } 926} 927 928static int 929archive_read_format_rar_read_data(struct archive_read *a, const void **buff, 930 size_t *size, int64_t *offset) 931{ 932 struct rar *rar = (struct rar *)(a->format->data); 933 int ret; 934 935 if (rar->bytes_unconsumed > 0) { 936 /* Consume as much as the decompressor actually used. */ 937 __archive_read_consume(a, rar->bytes_unconsumed); 938 rar->bytes_unconsumed = 0; 939 } 940 941 if (rar->entry_eof) { 942 *buff = NULL; 943 *size = 0; 944 *offset = rar->offset; 945 return (ARCHIVE_EOF); 946 } 947 948 switch (rar->compression_method) 949 { 950 case COMPRESS_METHOD_STORE: 951 ret = read_data_stored(a, buff, size, offset); 952 break; 953 954 case COMPRESS_METHOD_FASTEST: 955 case COMPRESS_METHOD_FAST: 956 case COMPRESS_METHOD_NORMAL: 957 case COMPRESS_METHOD_GOOD: 958 case COMPRESS_METHOD_BEST: 959 ret = read_data_compressed(a, buff, size, offset); 960 if (ret != ARCHIVE_OK && ret != ARCHIVE_WARN) 961 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 962 break; 963 964 default: 965 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 966 "Unsupported compression method for RAR file."); 967 ret = ARCHIVE_FATAL; 968 break; 969 } 970 return (ret); 971} 972 973static int 974archive_read_format_rar_read_data_skip(struct archive_read *a) 975{ 976 struct rar *rar; 977 int64_t bytes_skipped; 978 979 rar = (struct rar *)(a->format->data); 980 981 if (rar->bytes_unconsumed > 0) { 982 /* Consume as much as the decompressor actually used. */ 983 __archive_read_consume(a, rar->bytes_unconsumed); 984 rar->bytes_unconsumed = 0; 985 } 986 987 if (rar->bytes_remaining > 0) { 988 bytes_skipped = __archive_read_consume(a, rar->bytes_remaining); 989 if (bytes_skipped < 0) 990 return (ARCHIVE_FATAL); 991 } 992 return (ARCHIVE_OK); 993} 994 995static int 996archive_read_format_rar_cleanup(struct archive_read *a) 997{ 998 struct rar *rar; 999 1000 rar = (struct rar *)(a->format->data); 1001 free_codes(a); 1002 free(rar->filename); 1003 free(rar->unp_buffer); 1004 free(rar->lzss.window); 1005 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 1006 free(rar); 1007 (a->format->data) = NULL; 1008 return (ARCHIVE_OK); 1009} 1010 1011static int 1012read_header(struct archive_read *a, struct archive_entry *entry, 1013 char head_type) 1014{ 1015 const void *h; 1016 const char *p, *endp; 1017 struct rar *rar; 1018 struct rar_header rar_header; 1019 struct rar_file_header file_header; 1020 int64_t header_size; 1021 unsigned filename_size, end; 1022 char *filename; 1023 char *strp; 1024 char packed_size[8]; 1025 char unp_size[8]; 1026 int ttime; 1027 struct archive_string_conv *sconv, *fn_sconv; 1028 unsigned long crc32_val; 1029 int ret = (ARCHIVE_OK), ret2; 1030 1031 rar = (struct rar *)(a->format->data); 1032 1033 /* Setup a string conversion object for non-rar-unicode filenames. */ 1034 sconv = rar->opt_sconv; 1035 if (sconv == NULL) { 1036 if (!rar->init_default_conversion) { 1037 rar->sconv_default = 1038 archive_string_default_conversion_for_read( 1039 &(a->archive)); 1040 rar->init_default_conversion = 1; 1041 } 1042 sconv = rar->sconv_default; 1043 } 1044 1045 1046 if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) 1047 return (ARCHIVE_FATAL); 1048 p = h; 1049 memcpy(&rar_header, p, sizeof(rar_header)); 1050 rar->file_flags = archive_le16dec(rar_header.flags); 1051 header_size = archive_le16dec(rar_header.size); 1052 if (header_size < (int64_t)sizeof(file_header) + 7) { 1053 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1054 "Invalid header size"); 1055 return (ARCHIVE_FATAL); 1056 } 1057 crc32_val = crc32(0, (const unsigned char *)p + 2, 7 - 2); 1058 __archive_read_consume(a, 7); 1059 1060 if (!(rar->file_flags & FHD_SOLID)) 1061 { 1062 rar->compression_method = 0; 1063 rar->packed_size = 0; 1064 rar->unp_size = 0; 1065 rar->mtime = 0; 1066 rar->ctime = 0; 1067 rar->atime = 0; 1068 rar->arctime = 0; 1069 rar->mode = 0; 1070 memset(&rar->salt, 0, sizeof(rar->salt)); 1071 rar->atime = 0; 1072 rar->ansec = 0; 1073 rar->ctime = 0; 1074 rar->cnsec = 0; 1075 rar->mtime = 0; 1076 rar->mnsec = 0; 1077 rar->arctime = 0; 1078 rar->arcnsec = 0; 1079 } 1080 else 1081 { 1082 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1083 "RAR solid archive support unavailable."); 1084 return (ARCHIVE_FATAL); 1085 } 1086 1087 if ((h = __archive_read_ahead(a, (size_t)header_size - 7, NULL)) == NULL) 1088 return (ARCHIVE_FATAL); 1089 1090 /* File Header CRC check. */ 1091 crc32_val = crc32(crc32_val, h, (unsigned)(header_size - 7)); 1092 if ((crc32_val & 0xffff) != archive_le16dec(rar_header.crc)) { 1093 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1094 "Header CRC error"); 1095 return (ARCHIVE_FATAL); 1096 } 1097 /* If no CRC error, Go on parsing File Header. */ 1098 p = h; 1099 endp = p + header_size - 7; 1100 memcpy(&file_header, p, sizeof(file_header)); 1101 p += sizeof(file_header); 1102 1103 rar->compression_method = file_header.method; 1104 1105 ttime = archive_le32dec(file_header.file_time); 1106 rar->mtime = get_time(ttime); 1107 1108 rar->file_crc = archive_le32dec(file_header.file_crc); 1109 1110 if (rar->file_flags & FHD_PASSWORD) 1111 { 1112 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1113 "RAR encryption support unavailable."); 1114 return (ARCHIVE_FATAL); 1115 } 1116 1117 if (rar->file_flags & FHD_LARGE) 1118 { 1119 memcpy(packed_size, file_header.pack_size, 4); 1120 memcpy(packed_size + 4, p, 4); /* High pack size */ 1121 p += 4; 1122 memcpy(unp_size, file_header.unp_size, 4); 1123 memcpy(unp_size + 4, p, 4); /* High unpack size */ 1124 p += 4; 1125 rar->packed_size = archive_le64dec(&packed_size); 1126 rar->unp_size = archive_le64dec(&unp_size); 1127 } 1128 else 1129 { 1130 rar->packed_size = archive_le32dec(file_header.pack_size); 1131 rar->unp_size = archive_le32dec(file_header.unp_size); 1132 } 1133 1134 if (rar->packed_size < 0 || rar->unp_size < 0) 1135 { 1136 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1137 "Invalid sizes specified."); 1138 return (ARCHIVE_FATAL); 1139 } 1140 1141 /* TODO: RARv3 subblocks contain comments. For now the complete block is 1142 * consumed at the end. 1143 */ 1144 if (head_type == NEWSUB_HEAD) { 1145 size_t distance = p - (const char *)h; 1146 header_size += rar->packed_size; 1147 /* Make sure we have the extended data. */ 1148 if ((h = __archive_read_ahead(a, (size_t)header_size - 7, NULL)) == NULL) 1149 return (ARCHIVE_FATAL); 1150 p = h; 1151 endp = p + header_size - 7; 1152 p += distance; 1153 } 1154 1155 filename_size = archive_le16dec(file_header.name_size); 1156 if (p + filename_size > endp) { 1157 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1158 "Invalid filename size"); 1159 return (ARCHIVE_FATAL); 1160 } 1161 if (rar->filename_allocated < filename_size * 2 + 2) { 1162 char *newptr; 1163 size_t newsize = filename_size * 2 + 2; 1164 newptr = realloc(rar->filename, newsize); 1165 if (newptr == NULL) { 1166 archive_set_error(&a->archive, ENOMEM, 1167 "Couldn't allocate memory."); 1168 return (ARCHIVE_FATAL); 1169 } 1170 rar->filename = newptr; 1171 rar->filename_allocated = newsize; 1172 } 1173 filename = rar->filename; 1174 memcpy(filename, p, filename_size); 1175 filename[filename_size] = '\0'; 1176 if (rar->file_flags & FHD_UNICODE) 1177 { 1178 if (filename_size != strlen(filename)) 1179 { 1180 unsigned char highbyte, flagbits, flagbyte, offset; 1181 unsigned fn_end; 1182 1183 end = filename_size; 1184 fn_end = filename_size * 2; 1185 filename_size = 0; 1186 offset = strlen(filename) + 1; 1187 highbyte = *(p + offset++); 1188 flagbits = 0; 1189 flagbyte = 0; 1190 while (offset < end && filename_size < fn_end) 1191 { 1192 if (!flagbits) 1193 { 1194 flagbyte = *(p + offset++); 1195 flagbits = 8; 1196 } 1197 1198 flagbits -= 2; 1199 switch((flagbyte >> flagbits) & 3) 1200 { 1201 case 0: 1202 filename[filename_size++] = '\0'; 1203 filename[filename_size++] = *(p + offset++); 1204 break; 1205 case 1: 1206 filename[filename_size++] = highbyte; 1207 filename[filename_size++] = *(p + offset++); 1208 break; 1209 case 2: 1210 filename[filename_size++] = *(p + offset + 1); 1211 filename[filename_size++] = *(p + offset); 1212 offset += 2; 1213 break; 1214 case 3: 1215 { 1216 char extra, high; 1217 uint8_t length = *(p + offset++); 1218 1219 if (length & 0x80) { 1220 extra = *(p + offset++); 1221 high = (char)highbyte; 1222 } else 1223 extra = high = 0; 1224 length = (length & 0x7f) + 2; 1225 while (length && filename_size < fn_end) { 1226 unsigned cp = filename_size >> 1; 1227 filename[filename_size++] = high; 1228 filename[filename_size++] = p[cp] + extra; 1229 length--; 1230 } 1231 } 1232 break; 1233 } 1234 } 1235 if (filename_size > fn_end) { 1236 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1237 "Invalid filename"); 1238 return (ARCHIVE_FATAL); 1239 } 1240 filename[filename_size++] = '\0'; 1241 filename[filename_size++] = '\0'; 1242 1243 /* Decoded unicode form is UTF-16BE, so we have to update a string 1244 * conversion object for it. */ 1245 if (rar->sconv_utf16be == NULL) { 1246 rar->sconv_utf16be = archive_string_conversion_from_charset( 1247 &a->archive, "UTF-16BE", 1); 1248 if (rar->sconv_utf16be == NULL) 1249 return (ARCHIVE_FATAL); 1250 } 1251 fn_sconv = rar->sconv_utf16be; 1252 1253 strp = filename; 1254 while (memcmp(strp, "\x00\x00", 2)) 1255 { 1256 if (!memcmp(strp, "\x00\\", 2)) 1257 *(strp + 1) = '/'; 1258 strp += 2; 1259 } 1260 p += offset; 1261 } else { 1262 /* 1263 * If FHD_UNICODE is set but no unicode data, this file name form 1264 * is UTF-8, so we have to update a string conversion object for 1265 * it accordingly. 1266 */ 1267 if (rar->sconv_utf8 == NULL) { 1268 rar->sconv_utf8 = archive_string_conversion_from_charset( 1269 &a->archive, "UTF-8", 1); 1270 if (rar->sconv_utf8 == NULL) 1271 return (ARCHIVE_FATAL); 1272 } 1273 fn_sconv = rar->sconv_utf8; 1274 while ((strp = strchr(filename, '\\')) != NULL) 1275 *strp = '/'; 1276 p += filename_size; 1277 } 1278 } 1279 else 1280 { 1281 fn_sconv = sconv; 1282 while ((strp = strchr(filename, '\\')) != NULL) 1283 *strp = '/'; 1284 p += filename_size; 1285 } 1286 1287 if (rar->file_flags & FHD_SALT) 1288 { 1289 if (p + 8 > endp) { 1290 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1291 "Invalid header size"); 1292 return (ARCHIVE_FATAL); 1293 } 1294 memcpy(rar->salt, p, 8); 1295 p += 8; 1296 } 1297 1298 if (rar->file_flags & FHD_EXTTIME) { 1299 if (read_exttime(p, rar, endp) < 0) { 1300 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1301 "Invalid header size"); 1302 return (ARCHIVE_FATAL); 1303 } 1304 } 1305 1306 __archive_read_consume(a, header_size - 7); 1307 1308 switch(file_header.host_os) 1309 { 1310 case OS_MSDOS: 1311 case OS_OS2: 1312 case OS_WIN32: 1313 rar->mode = archive_le32dec(file_header.file_attr); 1314 if (rar->mode & FILE_ATTRIBUTE_DIRECTORY) 1315 rar->mode = AE_IFDIR | S_IXUSR | S_IXGRP | S_IXOTH; 1316 else 1317 rar->mode = AE_IFREG; 1318 rar->mode |= S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH; 1319 break; 1320 1321 case OS_UNIX: 1322 case OS_MAC_OS: 1323 case OS_BEOS: 1324 rar->mode = archive_le32dec(file_header.file_attr); 1325 break; 1326 1327 default: 1328 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1329 "Unknown file attributes from RAR file's host OS"); 1330 return (ARCHIVE_FATAL); 1331 } 1332 1333 rar->bytes_remaining = rar->packed_size; 1334 rar->bytes_uncopied = rar->bytes_unconsumed = 0; 1335 rar->lzss.position = rar->offset = 0; 1336 rar->dictionary_size = 0; 1337 rar->offset_outgoing = 0; 1338 rar->br.cache_avail = 0; 1339 rar->br.avail_in = 0; 1340 rar->crc_calculated = 0; 1341 rar->entry_eof = 0; 1342 rar->valid = 1; 1343 rar->is_ppmd_block = 0; 1344 rar->start_new_table = 1; 1345 free(rar->unp_buffer); 1346 rar->unp_buffer = NULL; 1347 rar->unp_offset = 0; 1348 rar->unp_buffer_size = UNP_BUFFER_SIZE; 1349 memset(rar->lengthtable, 0, sizeof(rar->lengthtable)); 1350 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 1351 rar->ppmd_valid = rar->ppmd_eod = 0; 1352 1353 /* Don't set any archive entries for non-file header types */ 1354 if (head_type == NEWSUB_HEAD) 1355 return ret; 1356 1357 archive_entry_set_mtime(entry, rar->mtime, rar->mnsec); 1358 archive_entry_set_ctime(entry, rar->ctime, rar->cnsec); 1359 archive_entry_set_atime(entry, rar->atime, rar->ansec); 1360 archive_entry_set_size(entry, rar->unp_size); 1361 archive_entry_set_mode(entry, rar->mode); 1362 1363 if (archive_entry_copy_pathname_l(entry, filename, filename_size, fn_sconv)) 1364 { 1365 if (errno == ENOMEM) 1366 { 1367 archive_set_error(&a->archive, ENOMEM, 1368 "Can't allocate memory for Pathname"); 1369 return (ARCHIVE_FATAL); 1370 } 1371 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1372 "Pathname cannot be converted from %s to current locale.", 1373 archive_string_conversion_charset_name(fn_sconv)); 1374 ret = (ARCHIVE_WARN); 1375 } 1376 1377 if (((rar->mode) & AE_IFMT) == AE_IFLNK) 1378 { 1379 /* Make sure a symbolic-link file does not have its body. */ 1380 rar->bytes_remaining = 0; 1381 archive_entry_set_size(entry, 0); 1382 1383 /* Read a symbolic-link name. */ 1384 if ((ret2 = read_symlink_stored(a, entry, sconv)) < (ARCHIVE_WARN)) 1385 return ret2; 1386 if (ret > ret2) 1387 ret = ret2; 1388 } 1389 1390 if (rar->bytes_remaining == 0) 1391 rar->entry_eof = 1; 1392 1393 return ret; 1394} 1395 1396static time_t 1397get_time(int ttime) 1398{ 1399 struct tm tm; 1400 tm.tm_sec = 2 * (ttime & 0x1f); 1401 tm.tm_min = (ttime >> 5) & 0x3f; 1402 tm.tm_hour = (ttime >> 11) & 0x1f; 1403 tm.tm_mday = (ttime >> 16) & 0x1f; 1404 tm.tm_mon = ((ttime >> 21) & 0x0f) - 1; 1405 tm.tm_year = ((ttime >> 25) & 0x7f) + 80; 1406 tm.tm_isdst = -1; 1407 return mktime(&tm); 1408} 1409 1410static int 1411read_exttime(const char *p, struct rar *rar, const char *endp) 1412{ 1413 unsigned rmode, flags, rem, j, count; 1414 int ttime, i; 1415 struct tm *tm; 1416 time_t t; 1417 long nsec; 1418 1419 if (p + 2 > endp) 1420 return (-1); 1421 flags = archive_le16dec(p); 1422 p += 2; 1423 1424 for (i = 3; i >= 0; i--) 1425 { 1426 t = 0; 1427 if (i == 3) 1428 t = rar->mtime; 1429 rmode = flags >> i * 4; 1430 if (rmode & 8) 1431 { 1432 if (!t) 1433 { 1434 if (p + 4 > endp) 1435 return (-1); 1436 ttime = archive_le32dec(p); 1437 t = get_time(ttime); 1438 p += 4; 1439 } 1440 rem = 0; 1441 count = rmode & 3; 1442 if (p + count > endp) 1443 return (-1); 1444 for (j = 0; j < count; j++) 1445 { 1446 rem = ((*p) << 16) | (rem >> 8); 1447 p++; 1448 } 1449 tm = localtime(&t); 1450 nsec = tm->tm_sec + rem / NS_UNIT; 1451 if (rmode & 4) 1452 { 1453 tm->tm_sec++; 1454 t = mktime(tm); 1455 } 1456 if (i == 3) 1457 { 1458 rar->mtime = t; 1459 rar->mnsec = nsec; 1460 } 1461 else if (i == 2) 1462 { 1463 rar->ctime = t; 1464 rar->cnsec = nsec; 1465 } 1466 else if (i == 1) 1467 { 1468 rar->atime = t; 1469 rar->ansec = nsec; 1470 } 1471 else 1472 { 1473 rar->arctime = t; 1474 rar->arcnsec = nsec; 1475 } 1476 } 1477 } 1478 return (0); 1479} 1480 1481static int 1482read_symlink_stored(struct archive_read *a, struct archive_entry *entry, 1483 struct archive_string_conv *sconv) 1484{ 1485 const void *h; 1486 const char *p; 1487 struct rar *rar; 1488 int ret = (ARCHIVE_OK); 1489 1490 rar = (struct rar *)(a->format->data); 1491 if ((h = __archive_read_ahead(a, (size_t)rar->packed_size, NULL)) == NULL) 1492 return (ARCHIVE_FATAL); 1493 p = h; 1494 1495 if (archive_entry_copy_symlink_l(entry, 1496 p, (size_t)rar->packed_size, sconv)) 1497 { 1498 if (errno == ENOMEM) 1499 { 1500 archive_set_error(&a->archive, ENOMEM, 1501 "Can't allocate memory for link"); 1502 return (ARCHIVE_FATAL); 1503 } 1504 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1505 "link cannot be converted from %s to current locale.", 1506 archive_string_conversion_charset_name(sconv)); 1507 ret = (ARCHIVE_WARN); 1508 } 1509 __archive_read_consume(a, rar->packed_size); 1510 return ret; 1511} 1512 1513static int 1514read_data_stored(struct archive_read *a, const void **buff, size_t *size, 1515 int64_t *offset) 1516{ 1517 struct rar *rar; 1518 ssize_t bytes_avail; 1519 1520 rar = (struct rar *)(a->format->data); 1521 if (rar->bytes_remaining == 0) 1522 { 1523 *buff = NULL; 1524 *size = 0; 1525 *offset = rar->offset; 1526 if (rar->file_crc != rar->crc_calculated) { 1527 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1528 "File CRC error"); 1529 return (ARCHIVE_FATAL); 1530 } 1531 rar->entry_eof = 1; 1532 return (ARCHIVE_EOF); 1533 } 1534 1535 *buff = __archive_read_ahead(a, 1, &bytes_avail); 1536 if (bytes_avail <= 0) 1537 { 1538 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1539 "Truncated RAR file data"); 1540 return (ARCHIVE_FATAL); 1541 } 1542 if (bytes_avail > rar->bytes_remaining) 1543 bytes_avail = (ssize_t)rar->bytes_remaining; 1544 1545 *size = bytes_avail; 1546 *offset = rar->offset; 1547 rar->offset += bytes_avail; 1548 rar->bytes_remaining -= bytes_avail; 1549 rar->bytes_unconsumed = bytes_avail; 1550 /* Calculate File CRC. */ 1551 rar->crc_calculated = crc32(rar->crc_calculated, *buff, bytes_avail); 1552 return (ARCHIVE_OK); 1553} 1554 1555static int 1556read_data_compressed(struct archive_read *a, const void **buff, size_t *size, 1557 int64_t *offset) 1558{ 1559 struct rar *rar; 1560 int64_t start, end, actualend; 1561 size_t bs; 1562 int ret = (ARCHIVE_OK), sym, code, lzss_offset, length, i; 1563 1564 rar = (struct rar *)(a->format->data); 1565 1566 do { 1567 if (!rar->valid) 1568 return (ARCHIVE_FATAL); 1569 if (rar->ppmd_eod || 1570 (rar->dictionary_size && rar->offset >= rar->unp_size)) 1571 { 1572 if (rar->unp_offset > 0) { 1573 /* 1574 * We have unprocessed extracted data. write it out. 1575 */ 1576 *buff = rar->unp_buffer; 1577 *size = rar->unp_offset; 1578 *offset = rar->offset_outgoing; 1579 rar->offset_outgoing += *size; 1580 /* Calculate File CRC. */ 1581 rar->crc_calculated = crc32(rar->crc_calculated, *buff, *size); 1582 rar->unp_offset = 0; 1583 return (ARCHIVE_OK); 1584 } 1585 *buff = NULL; 1586 *size = 0; 1587 *offset = rar->offset; 1588 if (rar->file_crc != rar->crc_calculated) { 1589 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1590 "File CRC error"); 1591 return (ARCHIVE_FATAL); 1592 } 1593 rar->entry_eof = 1; 1594 return (ARCHIVE_EOF); 1595 } 1596 1597 if (!rar->is_ppmd_block && rar->dictionary_size && rar->bytes_uncopied > 0) 1598 { 1599 if (rar->bytes_uncopied > (rar->unp_buffer_size - rar->unp_offset)) 1600 bs = rar->unp_buffer_size - rar->unp_offset; 1601 else 1602 bs = (size_t)rar->bytes_uncopied; 1603 ret = copy_from_lzss_window(a, buff, rar->offset, bs); 1604 if (ret != ARCHIVE_OK) 1605 return (ret); 1606 rar->offset += bs; 1607 rar->bytes_uncopied -= bs; 1608 if (*buff != NULL) { 1609 rar->unp_offset = 0; 1610 *size = rar->unp_buffer_size; 1611 *offset = rar->offset_outgoing; 1612 rar->offset_outgoing += *size; 1613 /* Calculate File CRC. */ 1614 rar->crc_calculated = crc32(rar->crc_calculated, *buff, *size); 1615 return (ret); 1616 } 1617 continue; 1618 } 1619 1620 if (!rar->br.next_in && 1621 (ret = rar_br_preparation(a, &(rar->br))) < ARCHIVE_WARN) 1622 return (ret); 1623 if (rar->start_new_table && ((ret = parse_codes(a)) < (ARCHIVE_WARN))) 1624 return (ret); 1625 1626 if (rar->is_ppmd_block) 1627 { 1628 if ((sym = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1629 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1630 { 1631 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1632 "Invalid symbol"); 1633 return (ARCHIVE_FATAL); 1634 } 1635 if(sym != rar->ppmd_escape) 1636 { 1637 lzss_emit_literal(rar, sym); 1638 rar->bytes_uncopied++; 1639 } 1640 else 1641 { 1642 if ((code = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1643 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1644 { 1645 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1646 "Invalid symbol"); 1647 return (ARCHIVE_FATAL); 1648 } 1649 1650 switch(code) 1651 { 1652 case 0: 1653 rar->start_new_table = 1; 1654 return read_data_compressed(a, buff, size, offset); 1655 1656 case 2: 1657 rar->ppmd_eod = 1;/* End Of ppmd Data. */ 1658 continue; 1659 1660 case 3: 1661 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1662 "Parsing filters is unsupported."); 1663 return (ARCHIVE_FAILED); 1664 1665 case 4: 1666 lzss_offset = 0; 1667 for (i = 2; i >= 0; i--) 1668 { 1669 if ((code = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1670 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1671 { 1672 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1673 "Invalid symbol"); 1674 return (ARCHIVE_FATAL); 1675 } 1676 lzss_offset |= code << (i * 8); 1677 } 1678 if ((length = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1679 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1680 { 1681 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1682 "Invalid symbol"); 1683 return (ARCHIVE_FATAL); 1684 } 1685 lzss_emit_match(rar, lzss_offset + 2, length + 32); 1686 rar->bytes_uncopied += length + 32; 1687 break; 1688 1689 case 5: 1690 if ((length = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1691 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1692 { 1693 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1694 "Invalid symbol"); 1695 return (ARCHIVE_FATAL); 1696 } 1697 lzss_emit_match(rar, 1, length + 4); 1698 rar->bytes_uncopied += length + 4; 1699 break; 1700 1701 default: 1702 lzss_emit_literal(rar, sym); 1703 rar->bytes_uncopied++; 1704 } 1705 } 1706 } 1707 else 1708 { 1709 start = rar->offset; 1710 end = start + rar->dictionary_size; 1711 rar->filterstart = INT64_MAX; 1712 1713 if ((actualend = expand(a, end)) < 0) 1714 return ((int)actualend); 1715 1716 rar->bytes_uncopied = actualend - start; 1717 if (rar->bytes_uncopied == 0) { 1718 /* Broken RAR files cause this case. 1719 * NOTE: If this case were possible on a normal RAR file 1720 * we would find out where it was actually bad and 1721 * what we would do to solve it. */ 1722 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1723 "Internal error extracting RAR file"); 1724 return (ARCHIVE_FATAL); 1725 } 1726 } 1727 if (rar->bytes_uncopied > (rar->unp_buffer_size - rar->unp_offset)) 1728 bs = rar->unp_buffer_size - rar->unp_offset; 1729 else 1730 bs = (size_t)rar->bytes_uncopied; 1731 ret = copy_from_lzss_window(a, buff, rar->offset, bs); 1732 if (ret != ARCHIVE_OK) 1733 return (ret); 1734 rar->offset += bs; 1735 rar->bytes_uncopied -= bs; 1736 /* 1737 * If *buff is NULL, it means unp_buffer is not full. 1738 * So we have to continue extracting a RAR file. 1739 */ 1740 } while (*buff == NULL); 1741 1742 rar->unp_offset = 0; 1743 *size = rar->unp_buffer_size; 1744 *offset = rar->offset_outgoing; 1745 rar->offset_outgoing += *size; 1746 /* Calculate File CRC. */ 1747 rar->crc_calculated = crc32(rar->crc_calculated, *buff, *size); 1748 return ret; 1749} 1750 1751static int 1752parse_codes(struct archive_read *a) 1753{ 1754 int i, j, val, n, r; 1755 unsigned char bitlengths[MAX_SYMBOLS], zerocount, ppmd_flags; 1756 unsigned int maxorder; 1757 struct huffman_code precode; 1758 struct rar *rar = (struct rar *)(a->format->data); 1759 struct rar_br *br = &(rar->br); 1760 1761 free_codes(a); 1762 1763 /* Skip to the next byte */ 1764 rar_br_consume_unalined_bits(br); 1765 1766 /* PPMd block flag */ 1767 if (!rar_br_read_ahead(a, br, 1)) 1768 goto truncated_data; 1769 if ((rar->is_ppmd_block = rar_br_bits(br, 1)) != 0) 1770 { 1771 rar_br_consume(br, 1); 1772 if (!rar_br_read_ahead(a, br, 7)) 1773 goto truncated_data; 1774 ppmd_flags = rar_br_bits(br, 7); 1775 rar_br_consume(br, 7); 1776 1777 /* Memory is allocated in MB */ 1778 if (ppmd_flags & 0x20) 1779 { 1780 if (!rar_br_read_ahead(a, br, 8)) 1781 goto truncated_data; 1782 rar->dictionary_size = (rar_br_bits(br, 8) + 1) << 20; 1783 rar_br_consume(br, 8); 1784 } 1785 1786 if (ppmd_flags & 0x40) 1787 { 1788 if (!rar_br_read_ahead(a, br, 8)) 1789 goto truncated_data; 1790 rar->ppmd_escape = rar->ppmd7_context.InitEsc = rar_br_bits(br, 8); 1791 rar_br_consume(br, 8); 1792 } 1793 else 1794 rar->ppmd_escape = 2; 1795 1796 if (ppmd_flags & 0x20) 1797 { 1798 maxorder = (ppmd_flags & 0x1F) + 1; 1799 if(maxorder > 16) 1800 maxorder = 16 + (maxorder - 16) * 3; 1801 1802 if (maxorder == 1) 1803 { 1804 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1805 "Truncated RAR file data"); 1806 return (ARCHIVE_FATAL); 1807 } 1808 1809 /* Make sure ppmd7_contest is freed before Ppmd7_Construct 1810 * because reading a broken file cause this abnormal sequence. */ 1811 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 1812 1813 rar->bytein.a = a; 1814 rar->bytein.Read = &ppmd_read; 1815 __archive_ppmd7_functions.PpmdRAR_RangeDec_CreateVTable(&rar->range_dec); 1816 rar->range_dec.Stream = &rar->bytein; 1817 __archive_ppmd7_functions.Ppmd7_Construct(&rar->ppmd7_context); 1818 1819 if (!__archive_ppmd7_functions.Ppmd7_Alloc(&rar->ppmd7_context, 1820 rar->dictionary_size, &g_szalloc)) 1821 { 1822 archive_set_error(&a->archive, ENOMEM, 1823 "Out of memory"); 1824 return (ARCHIVE_FATAL); 1825 } 1826 if (!__archive_ppmd7_functions.PpmdRAR_RangeDec_Init(&rar->range_dec)) 1827 { 1828 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1829 "Unable to initialize PPMd range decoder"); 1830 return (ARCHIVE_FATAL); 1831 } 1832 __archive_ppmd7_functions.Ppmd7_Init(&rar->ppmd7_context, maxorder); 1833 rar->ppmd_valid = 1; 1834 } 1835 else 1836 { 1837 if (!rar->ppmd_valid) { 1838 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1839 "Invalid PPMd sequence"); 1840 return (ARCHIVE_FATAL); 1841 } 1842 if (!__archive_ppmd7_functions.PpmdRAR_RangeDec_Init(&rar->range_dec)) 1843 { 1844 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1845 "Unable to initialize PPMd range decoder"); 1846 return (ARCHIVE_FATAL); 1847 } 1848 } 1849 } 1850 else 1851 { 1852 rar_br_consume(br, 1); 1853 1854 /* Keep existing table flag */ 1855 if (!rar_br_read_ahead(a, br, 1)) 1856 goto truncated_data; 1857 if (!rar_br_bits(br, 1)) 1858 memset(rar->lengthtable, 0, sizeof(rar->lengthtable)); 1859 rar_br_consume(br, 1); 1860 1861 memset(&bitlengths, 0, sizeof(bitlengths)); 1862 for (i = 0; i < MAX_SYMBOLS;) 1863 { 1864 if (!rar_br_read_ahead(a, br, 4)) 1865 goto truncated_data; 1866 bitlengths[i++] = rar_br_bits(br, 4); 1867 rar_br_consume(br, 4); 1868 if (bitlengths[i-1] == 0xF) 1869 { 1870 if (!rar_br_read_ahead(a, br, 4)) 1871 goto truncated_data; 1872 zerocount = rar_br_bits(br, 4); 1873 rar_br_consume(br, 4); 1874 if (zerocount) 1875 { 1876 i--; 1877 for (j = 0; j < zerocount + 2 && i < MAX_SYMBOLS; j++) 1878 bitlengths[i++] = 0; 1879 } 1880 } 1881 } 1882 1883 memset(&precode, 0, sizeof(precode)); 1884 r = create_code(a, &precode, bitlengths, MAX_SYMBOLS, MAX_SYMBOL_LENGTH); 1885 if (r != ARCHIVE_OK) { 1886 free(precode.tree); 1887 free(precode.table); 1888 return (r); 1889 } 1890 1891 for (i = 0; i < HUFFMAN_TABLE_SIZE;) 1892 { 1893 if ((val = read_next_symbol(a, &precode)) < 0) { 1894 free(precode.tree); 1895 free(precode.table); 1896 return (ARCHIVE_FATAL); 1897 } 1898 if (val < 16) 1899 { 1900 rar->lengthtable[i] = (rar->lengthtable[i] + val) & 0xF; 1901 i++; 1902 } 1903 else if (val < 18) 1904 { 1905 if (i == 0) 1906 { 1907 free(precode.tree); 1908 free(precode.table); 1909 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1910 "Internal error extracting RAR file."); 1911 return (ARCHIVE_FATAL); 1912 } 1913 1914 if(val == 16) { 1915 if (!rar_br_read_ahead(a, br, 3)) { 1916 free(precode.tree); 1917 free(precode.table); 1918 goto truncated_data; 1919 } 1920 n = rar_br_bits(br, 3) + 3; 1921 rar_br_consume(br, 3); 1922 } else { 1923 if (!rar_br_read_ahead(a, br, 7)) { 1924 free(precode.tree); 1925 free(precode.table); 1926 goto truncated_data; 1927 } 1928 n = rar_br_bits(br, 7) + 11; 1929 rar_br_consume(br, 7); 1930 } 1931 1932 for (j = 0; j < n && i < HUFFMAN_TABLE_SIZE; j++) 1933 { 1934 rar->lengthtable[i] = rar->lengthtable[i-1]; 1935 i++; 1936 } 1937 } 1938 else 1939 { 1940 if(val == 18) { 1941 if (!rar_br_read_ahead(a, br, 3)) { 1942 free(precode.tree); 1943 free(precode.table); 1944 goto truncated_data; 1945 } 1946 n = rar_br_bits(br, 3) + 3; 1947 rar_br_consume(br, 3); 1948 } else { 1949 if (!rar_br_read_ahead(a, br, 7)) { 1950 free(precode.tree); 1951 free(precode.table); 1952 goto truncated_data; 1953 } 1954 n = rar_br_bits(br, 7) + 11; 1955 rar_br_consume(br, 7); 1956 } 1957 1958 for(j = 0; j < n && i < HUFFMAN_TABLE_SIZE; j++) 1959 rar->lengthtable[i++] = 0; 1960 } 1961 } 1962 free(precode.tree); 1963 free(precode.table); 1964 1965 r = create_code(a, &rar->maincode, &rar->lengthtable[0], MAINCODE_SIZE, 1966 MAX_SYMBOL_LENGTH); 1967 if (r != ARCHIVE_OK) 1968 return (r); 1969 r = create_code(a, &rar->offsetcode, &rar->lengthtable[MAINCODE_SIZE], 1970 OFFSETCODE_SIZE, MAX_SYMBOL_LENGTH); 1971 if (r != ARCHIVE_OK) 1972 return (r); 1973 r = create_code(a, &rar->lowoffsetcode, 1974 &rar->lengthtable[MAINCODE_SIZE + OFFSETCODE_SIZE], 1975 LOWOFFSETCODE_SIZE, MAX_SYMBOL_LENGTH); 1976 if (r != ARCHIVE_OK) 1977 return (r); 1978 r = create_code(a, &rar->lengthcode, 1979 &rar->lengthtable[MAINCODE_SIZE + OFFSETCODE_SIZE + 1980 LOWOFFSETCODE_SIZE], LENGTHCODE_SIZE, MAX_SYMBOL_LENGTH); 1981 if (r != ARCHIVE_OK) 1982 return (r); 1983 } 1984 1985 if (!rar->dictionary_size || !rar->lzss.window) 1986 { 1987 /* Seems as though dictionary sizes are not used. Even so, minimize 1988 * memory usage as much as possible. 1989 */ 1990 if (rar->unp_size >= DICTIONARY_MAX_SIZE) 1991 rar->dictionary_size = DICTIONARY_MAX_SIZE; 1992 else 1993 rar->dictionary_size = rar_fls((unsigned int)rar->unp_size) << 1; 1994 rar->lzss.window = (unsigned char *)realloc(rar->lzss.window, 1995 rar->dictionary_size); 1996 if (rar->lzss.window == NULL) { 1997 archive_set_error(&a->archive, ENOMEM, 1998 "Unable to allocate memory for uncompressed data."); 1999 return (ARCHIVE_FATAL); 2000 } 2001 memset(rar->lzss.window, 0, rar->dictionary_size); 2002 rar->lzss.mask = rar->dictionary_size - 1; 2003 } 2004 2005 rar->start_new_table = 0; 2006 return (ARCHIVE_OK); 2007truncated_data: 2008 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2009 "Truncated RAR file data"); 2010 rar->valid = 0; 2011 return (ARCHIVE_FATAL); 2012} 2013 2014static void 2015free_codes(struct archive_read *a) 2016{ 2017 struct rar *rar = (struct rar *)(a->format->data); 2018 free(rar->maincode.tree); 2019 free(rar->offsetcode.tree); 2020 free(rar->lowoffsetcode.tree); 2021 free(rar->lengthcode.tree); 2022 free(rar->maincode.table); 2023 free(rar->offsetcode.table); 2024 free(rar->lowoffsetcode.table); 2025 free(rar->lengthcode.table); 2026 memset(&rar->maincode, 0, sizeof(rar->maincode)); 2027 memset(&rar->offsetcode, 0, sizeof(rar->offsetcode)); 2028 memset(&rar->lowoffsetcode, 0, sizeof(rar->lowoffsetcode)); 2029 memset(&rar->lengthcode, 0, sizeof(rar->lengthcode)); 2030} 2031 2032 2033static int 2034read_next_symbol(struct archive_read *a, struct huffman_code *code) 2035{ 2036 unsigned char bit; 2037 unsigned int bits; 2038 int length, value, node; 2039 struct rar *rar; 2040 struct rar_br *br; 2041 2042 if (!code->table) 2043 { 2044 if (make_table(a, code) != (ARCHIVE_OK)) 2045 return -1; 2046 } 2047 2048 rar = (struct rar *)(a->format->data); 2049 br = &(rar->br); 2050 2051 /* Look ahead (peek) at bits */ 2052 if (!rar_br_read_ahead(a, br, code->tablesize)) { 2053 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2054 "Truncated RAR file data"); 2055 rar->valid = 0; 2056 return -1; 2057 } 2058 bits = rar_br_bits(br, code->tablesize); 2059 2060 length = code->table[bits].length; 2061 value = code->table[bits].value; 2062 2063 if (length < 0) 2064 { 2065 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2066 "Invalid prefix code in bitstream"); 2067 return -1; 2068 } 2069 2070 if (length <= code->tablesize) 2071 { 2072 /* Skip length bits */ 2073 rar_br_consume(br, length); 2074 return value; 2075 } 2076 2077 /* Skip tablesize bits */ 2078 rar_br_consume(br, code->tablesize); 2079 2080 node = value; 2081 while (!(code->tree[node].branches[0] == 2082 code->tree[node].branches[1])) 2083 { 2084 if (!rar_br_read_ahead(a, br, 1)) { 2085 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2086 "Truncated RAR file data"); 2087 rar->valid = 0; 2088 return -1; 2089 } 2090 bit = rar_br_bits(br, 1); 2091 rar_br_consume(br, 1); 2092 2093 if (code->tree[node].branches[bit] < 0) 2094 { 2095 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2096 "Invalid prefix code in bitstream"); 2097 return -1; 2098 } 2099 node = code->tree[node].branches[bit]; 2100 } 2101 2102 return code->tree[node].branches[0]; 2103} 2104 2105static int 2106create_code(struct archive_read *a, struct huffman_code *code, 2107 unsigned char *lengths, int numsymbols, char maxlength) 2108{ 2109 int i, j, codebits = 0, symbolsleft = numsymbols; 2110 2111 if (new_node(code) < 0) { 2112 archive_set_error(&a->archive, ENOMEM, 2113 "Unable to allocate memory for node data."); 2114 return (ARCHIVE_FATAL); 2115 } 2116 code->numentries = 1; 2117 code->minlength = INT_MAX; 2118 code->maxlength = INT_MIN; 2119 codebits = 0; 2120 for(i = 1; i <= maxlength; i++) 2121 { 2122 for(j = 0; j < numsymbols; j++) 2123 { 2124 if (lengths[j] != i) continue; 2125 if (add_value(a, code, j, codebits, i) != ARCHIVE_OK) 2126 return (ARCHIVE_FATAL); 2127 codebits++; 2128 if (--symbolsleft <= 0) { break; break; } 2129 } 2130 codebits <<= 1; 2131 } 2132 return (ARCHIVE_OK); 2133} 2134 2135static int 2136add_value(struct archive_read *a, struct huffman_code *code, int value, 2137 int codebits, int length) 2138{ 2139 int repeatpos, lastnode, bitpos, bit, repeatnode, nextnode; 2140 2141 free(code->table); 2142 code->table = NULL; 2143 2144 if(length > code->maxlength) 2145 code->maxlength = length; 2146 if(length < code->minlength) 2147 code->minlength = length; 2148 2149 repeatpos = -1; 2150 if (repeatpos == 0 || (repeatpos >= 0 2151 && (((codebits >> (repeatpos - 1)) & 3) == 0 2152 || ((codebits >> (repeatpos - 1)) & 3) == 3))) 2153 { 2154 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2155 "Invalid repeat position"); 2156 return (ARCHIVE_FATAL); 2157 } 2158 2159 lastnode = 0; 2160 for (bitpos = length - 1; bitpos >= 0; bitpos--) 2161 { 2162 bit = (codebits >> bitpos) & 1; 2163 2164 /* Leaf node check */ 2165 if (code->tree[lastnode].branches[0] == 2166 code->tree[lastnode].branches[1]) 2167 { 2168 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2169 "Prefix found"); 2170 return (ARCHIVE_FATAL); 2171 } 2172 2173 if (bitpos == repeatpos) 2174 { 2175 /* Open branch check */ 2176 if (!(code->tree[lastnode].branches[bit] < 0)) 2177 { 2178 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2179 "Invalid repeating code"); 2180 return (ARCHIVE_FATAL); 2181 } 2182 2183 if ((repeatnode = new_node(code)) < 0) { 2184 archive_set_error(&a->archive, ENOMEM, 2185 "Unable to allocate memory for node data."); 2186 return (ARCHIVE_FATAL); 2187 } 2188 if ((nextnode = new_node(code)) < 0) { 2189 archive_set_error(&a->archive, ENOMEM, 2190 "Unable to allocate memory for node data."); 2191 return (ARCHIVE_FATAL); 2192 } 2193 2194 /* Set branches */ 2195 code->tree[lastnode].branches[bit] = repeatnode; 2196 code->tree[repeatnode].branches[bit] = repeatnode; 2197 code->tree[repeatnode].branches[bit^1] = nextnode; 2198 lastnode = nextnode; 2199 2200 bitpos++; /* terminating bit already handled, skip it */ 2201 } 2202 else 2203 { 2204 /* Open branch check */ 2205 if (code->tree[lastnode].branches[bit] < 0) 2206 { 2207 if (new_node(code) < 0) { 2208 archive_set_error(&a->archive, ENOMEM, 2209 "Unable to allocate memory for node data."); 2210 return (ARCHIVE_FATAL); 2211 } 2212 code->tree[lastnode].branches[bit] = code->numentries++; 2213 } 2214 2215 /* set to branch */ 2216 lastnode = code->tree[lastnode].branches[bit]; 2217 } 2218 } 2219 2220 if (!(code->tree[lastnode].branches[0] == -1 2221 && code->tree[lastnode].branches[1] == -2)) 2222 { 2223 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2224 "Prefix found"); 2225 return (ARCHIVE_FATAL); 2226 } 2227 2228 /* Set leaf value */ 2229 code->tree[lastnode].branches[0] = value; 2230 code->tree[lastnode].branches[1] = value; 2231 2232 return (ARCHIVE_OK); 2233} 2234 2235static int 2236new_node(struct huffman_code *code) 2237{ 2238 code->tree = (struct huffman_tree_node *)realloc(code->tree, 2239 (code->numentries + 1) * sizeof(*code->tree)); 2240 if (code->tree == NULL) 2241 return (-1); 2242 code->tree[code->numentries].branches[0] = -1; 2243 code->tree[code->numentries].branches[1] = -2; 2244 return 1; 2245} 2246 2247static int 2248make_table(struct archive_read *a, struct huffman_code *code) 2249{ 2250 if (code->maxlength < code->minlength || code->maxlength > 10) 2251 code->tablesize = 10; 2252 else 2253 code->tablesize = code->maxlength; 2254 2255 code->table = 2256 (struct huffman_table_entry *)malloc(sizeof(*code->table) 2257 * (1 << code->tablesize)); 2258 2259 return make_table_recurse(a, code, 0, code->table, 0, code->tablesize); 2260} 2261 2262static int 2263make_table_recurse(struct archive_read *a, struct huffman_code *code, int node, 2264 struct huffman_table_entry *table, int depth, 2265 int maxdepth) 2266{ 2267 int currtablesize, i, ret = (ARCHIVE_OK); 2268 2269 if (!code->tree) 2270 { 2271 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2272 "Huffman tree was not created."); 2273 return (ARCHIVE_FATAL); 2274 } 2275 if (node < 0 || node >= code->numentries) 2276 { 2277 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2278 "Invalid location to Huffman tree specified."); 2279 return (ARCHIVE_FATAL); 2280 } 2281 2282 currtablesize = 1 << (maxdepth - depth); 2283 2284 if (code->tree[node].branches[0] == 2285 code->tree[node].branches[1]) 2286 { 2287 for(i = 0; i < currtablesize; i++) 2288 { 2289 table[i].length = depth; 2290 table[i].value = code->tree[node].branches[0]; 2291 } 2292 } 2293 else if (node < 0) 2294 { 2295 for(i = 0; i < currtablesize; i++) 2296 table[i].length = -1; 2297 } 2298 else 2299 { 2300 if(depth == maxdepth) 2301 { 2302 table[0].length = maxdepth + 1; 2303 table[0].value = node; 2304 } 2305 else 2306 { 2307 ret |= make_table_recurse(a, code, code->tree[node].branches[0], table, 2308 depth + 1, maxdepth); 2309 ret |= make_table_recurse(a, code, code->tree[node].branches[1], 2310 table + currtablesize / 2, depth + 1, maxdepth); 2311 } 2312 } 2313 return ret; 2314} 2315 2316static int64_t 2317expand(struct archive_read *a, int64_t end) 2318{ 2319 static const unsigned char lengthbases[] = 2320 { 0, 1, 2, 3, 4, 5, 6, 2321 7, 8, 10, 12, 14, 16, 20, 2322 24, 28, 32, 40, 48, 56, 64, 2323 80, 96, 112, 128, 160, 192, 224 }; 2324 static const unsigned char lengthbits[] = 2325 { 0, 0, 0, 0, 0, 0, 0, 2326 0, 1, 1, 1, 1, 2, 2, 2327 2, 2, 3, 3, 3, 3, 4, 2328 4, 4, 4, 5, 5, 5, 5 }; 2329 static const unsigned int offsetbases[] = 2330 { 0, 1, 2, 3, 4, 6, 2331 8, 12, 16, 24, 32, 48, 2332 64, 96, 128, 192, 256, 384, 2333 512, 768, 1024, 1536, 2048, 3072, 2334 4096, 6144, 8192, 12288, 16384, 24576, 2335 32768, 49152, 65536, 98304, 131072, 196608, 2336 262144, 327680, 393216, 458752, 524288, 589824, 2337 655360, 720896, 786432, 851968, 917504, 983040, 2338 1048576, 1310720, 1572864, 1835008, 2097152, 2359296, 2339 2621440, 2883584, 3145728, 3407872, 3670016, 3932160 }; 2340 static const unsigned char offsetbits[] = 2341 { 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 2342 5, 5, 6, 6, 7, 7, 8, 8, 9, 9, 10, 10, 2343 11, 11, 12, 12, 13, 13, 14, 14, 15, 15, 16, 16, 2344 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 2345 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18 }; 2346 static const unsigned char shortbases[] = 2347 { 0, 4, 8, 16, 32, 64, 128, 192 }; 2348 static const unsigned char shortbits[] = 2349 { 2, 2, 3, 4, 5, 6, 6, 6 }; 2350 2351 int symbol, offs, len, offsindex, lensymbol, i, offssymbol, lowoffsetsymbol; 2352 unsigned char newfile; 2353 struct rar *rar = (struct rar *)(a->format->data); 2354 struct rar_br *br = &(rar->br); 2355 2356 if (rar->filterstart < end) 2357 end = rar->filterstart; 2358 2359 while (1) 2360 { 2361 if (rar->output_last_match && 2362 lzss_position(&rar->lzss) + rar->lastlength <= end) 2363 { 2364 lzss_emit_match(rar, rar->lastoffset, rar->lastlength); 2365 rar->output_last_match = 0; 2366 } 2367 2368 if(rar->is_ppmd_block || rar->output_last_match || 2369 lzss_position(&rar->lzss) >= end) 2370 return lzss_position(&rar->lzss); 2371 2372 if ((symbol = read_next_symbol(a, &rar->maincode)) < 0) 2373 return (ARCHIVE_FATAL); 2374 rar->output_last_match = 0; 2375 2376 if (symbol < 256) 2377 { 2378 lzss_emit_literal(rar, symbol); 2379 continue; 2380 } 2381 else if (symbol == 256) 2382 { 2383 if (!rar_br_read_ahead(a, br, 1)) 2384 goto truncated_data; 2385 newfile = !rar_br_bits(br, 1); 2386 rar_br_consume(br, 1); 2387 2388 if(newfile) 2389 { 2390 rar->start_new_block = 1; 2391 if (!rar_br_read_ahead(a, br, 1)) 2392 goto truncated_data; 2393 rar->start_new_table = rar_br_bits(br, 1); 2394 rar_br_consume(br, 1); 2395 return lzss_position(&rar->lzss); 2396 } 2397 else 2398 { 2399 if (parse_codes(a) != ARCHIVE_OK) 2400 return (ARCHIVE_FATAL); 2401 continue; 2402 } 2403 } 2404 else if(symbol==257) 2405 { 2406 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2407 "Parsing filters is unsupported."); 2408 return (ARCHIVE_FAILED); 2409 } 2410 else if(symbol==258) 2411 { 2412 if(rar->lastlength == 0) 2413 continue; 2414 2415 offs = rar->lastoffset; 2416 len = rar->lastlength; 2417 } 2418 else if (symbol <= 262) 2419 { 2420 offsindex = symbol - 259; 2421 offs = rar->oldoffset[offsindex]; 2422 2423 if ((lensymbol = read_next_symbol(a, &rar->lengthcode)) < 0) 2424 goto bad_data; 2425 if (lensymbol > (int)(sizeof(lengthbases)/sizeof(lengthbases[0]))) 2426 goto bad_data; 2427 if (lensymbol > (int)(sizeof(lengthbits)/sizeof(lengthbits[0]))) 2428 goto bad_data; 2429 len = lengthbases[lensymbol] + 2; 2430 if (lengthbits[lensymbol] > 0) { 2431 if (!rar_br_read_ahead(a, br, lengthbits[lensymbol])) 2432 goto truncated_data; 2433 len += rar_br_bits(br, lengthbits[lensymbol]); 2434 rar_br_consume(br, lengthbits[lensymbol]); 2435 } 2436 2437 for (i = offsindex; i > 0; i--) 2438 rar->oldoffset[i] = rar->oldoffset[i-1]; 2439 rar->oldoffset[0] = offs; 2440 } 2441 else if(symbol<=270) 2442 { 2443 offs = shortbases[symbol-263] + 1; 2444 if(shortbits[symbol-263] > 0) { 2445 if (!rar_br_read_ahead(a, br, shortbits[symbol-263])) 2446 goto truncated_data; 2447 offs += rar_br_bits(br, shortbits[symbol-263]); 2448 rar_br_consume(br, shortbits[symbol-263]); 2449 } 2450 2451 len = 2; 2452 2453 for(i = 3; i > 0; i--) 2454 rar->oldoffset[i] = rar->oldoffset[i-1]; 2455 rar->oldoffset[0] = offs; 2456 } 2457 else 2458 { 2459 if (symbol-271 > (int)(sizeof(lengthbases)/sizeof(lengthbases[0]))) 2460 goto bad_data; 2461 if (symbol-271 > (int)(sizeof(lengthbits)/sizeof(lengthbits[0]))) 2462 goto bad_data; 2463 len = lengthbases[symbol-271]+3; 2464 if(lengthbits[symbol-271] > 0) { 2465 if (!rar_br_read_ahead(a, br, lengthbits[symbol-271])) 2466 goto truncated_data; 2467 len += rar_br_bits(br, lengthbits[symbol-271]); 2468 rar_br_consume(br, lengthbits[symbol-271]); 2469 } 2470 2471 if ((offssymbol = read_next_symbol(a, &rar->offsetcode)) < 0) 2472 goto bad_data; 2473 if (offssymbol > (int)(sizeof(offsetbases)/sizeof(offsetbases[0]))) 2474 goto bad_data; 2475 if (offssymbol > (int)(sizeof(offsetbits)/sizeof(offsetbits[0]))) 2476 goto bad_data; 2477 offs = offsetbases[offssymbol]+1; 2478 if(offsetbits[offssymbol] > 0) 2479 { 2480 if(offssymbol > 9) 2481 { 2482 if(offsetbits[offssymbol] > 4) { 2483 if (!rar_br_read_ahead(a, br, offsetbits[offssymbol] - 4)) 2484 goto truncated_data; 2485 offs += rar_br_bits(br, offsetbits[offssymbol] - 4) << 4; 2486 rar_br_consume(br, offsetbits[offssymbol] - 4); 2487 } 2488 2489 if(rar->numlowoffsetrepeats > 0) 2490 { 2491 rar->numlowoffsetrepeats--; 2492 offs += rar->lastlowoffset; 2493 } 2494 else 2495 { 2496 if ((lowoffsetsymbol = 2497 read_next_symbol(a, &rar->lowoffsetcode)) < 0) 2498 return (ARCHIVE_FATAL); 2499 if(lowoffsetsymbol == 16) 2500 { 2501 rar->numlowoffsetrepeats = 15; 2502 offs += rar->lastlowoffset; 2503 } 2504 else 2505 { 2506 offs += lowoffsetsymbol; 2507 rar->lastlowoffset = lowoffsetsymbol; 2508 } 2509 } 2510 } 2511 else { 2512 if (!rar_br_read_ahead(a, br, offsetbits[offssymbol])) 2513 goto truncated_data; 2514 offs += rar_br_bits(br, offsetbits[offssymbol]); 2515 rar_br_consume(br, offsetbits[offssymbol]); 2516 } 2517 } 2518 2519 if (offs >= 0x40000) 2520 len++; 2521 if (offs >= 0x2000) 2522 len++; 2523 2524 for(i = 3; i > 0; i--) 2525 rar->oldoffset[i] = rar->oldoffset[i-1]; 2526 rar->oldoffset[0] = offs; 2527 } 2528 2529 rar->lastoffset = offs; 2530 rar->lastlength = len; 2531 rar->output_last_match = 1; 2532 } 2533truncated_data: 2534 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2535 "Truncated RAR file data"); 2536 rar->valid = 0; 2537 return (ARCHIVE_FATAL); 2538bad_data: 2539 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2540 "Bad RAR file data"); 2541 return (ARCHIVE_FATAL); 2542} 2543 2544static int 2545copy_from_lzss_window(struct archive_read *a, const void **buffer, 2546 int64_t startpos, int length) 2547{ 2548 int windowoffs, firstpart; 2549 struct rar *rar = (struct rar *)(a->format->data); 2550 2551 if (!rar->unp_buffer) 2552 { 2553 if ((rar->unp_buffer = malloc(rar->unp_buffer_size)) == NULL) 2554 { 2555 archive_set_error(&a->archive, ENOMEM, 2556 "Unable to allocate memory for uncompressed data."); 2557 return (ARCHIVE_FATAL); 2558 } 2559 } 2560 2561 windowoffs = lzss_offset_for_position(&rar->lzss, startpos); 2562 if(windowoffs + length <= lzss_size(&rar->lzss)) 2563 memcpy(&rar->unp_buffer[rar->unp_offset], &rar->lzss.window[windowoffs], 2564 length); 2565 else 2566 { 2567 firstpart = lzss_size(&rar->lzss) - windowoffs; 2568 if (firstpart < 0) { 2569 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2570 "Bad RAR file data"); 2571 return (ARCHIVE_FATAL); 2572 } 2573 if (firstpart < length) { 2574 memcpy(&rar->unp_buffer[rar->unp_offset], 2575 &rar->lzss.window[windowoffs], firstpart); 2576 memcpy(&rar->unp_buffer[rar->unp_offset + firstpart], 2577 &rar->lzss.window[0], length - firstpart); 2578 } else 2579 memcpy(&rar->unp_buffer[rar->unp_offset], 2580 &rar->lzss.window[windowoffs], length); 2581 } 2582 rar->unp_offset += length; 2583 if (rar->unp_offset >= rar->unp_buffer_size) 2584 *buffer = rar->unp_buffer; 2585 else 2586 *buffer = NULL; 2587 return (ARCHIVE_OK); 2588} 2589