blob: 8c2c559b104dc084797554923f58b737959ce4cb [file] [log] [blame]
Narayan Kamath7462f022013-11-21 13:05:04 +00001/*
2 * Copyright (C) 2008 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17/*
18 * Read-only access to Zip archives, with minimal heap allocation.
19 */
Narayan Kamath7462f022013-11-21 13:05:04 +000020
21#include <assert.h>
22#include <errno.h>
Mark Salyzyn99ef9912014-03-14 14:26:22 -070023#include <fcntl.h>
24#include <inttypes.h>
Narayan Kamath7462f022013-11-21 13:05:04 +000025#include <limits.h>
Narayan Kamath7462f022013-11-21 13:05:04 +000026#include <stdlib.h>
27#include <string.h>
Narayan Kamath7462f022013-11-21 13:05:04 +000028#include <unistd.h>
29
Dan Albert1ae07642015-04-09 14:11:18 -070030#include <memory>
31#include <vector>
32
Narayan Kamath67ab5d92015-04-27 16:25:53 +010033#include "base/file.h"
Dan Albert1ae07642015-04-09 14:11:18 -070034#include "base/macros.h" // TEMP_FAILURE_RETRY may or may not be in unistd
35#include "base/memory.h"
36#include "log/log.h"
37#include "utils/Compat.h"
38#include "utils/FileMap.h"
39#include "zlib.h"
Narayan Kamath7462f022013-11-21 13:05:04 +000040
Narayan Kamath044bc8e2014-12-03 18:22:53 +000041#include "entry_name_utils-inl.h"
Mark Salyzyn99ef9912014-03-14 14:26:22 -070042#include "ziparchive/zip_archive.h"
43
Dan Albert1ae07642015-04-09 14:11:18 -070044using android::base::get_unaligned;
Narayan Kamath044bc8e2014-12-03 18:22:53 +000045
Narayan Kamath926973e2014-06-09 14:18:14 +010046// This is for windows. If we don't open a file in binary mode, weird
Narayan Kamath7462f022013-11-21 13:05:04 +000047// things will happen.
48#ifndef O_BINARY
49#define O_BINARY 0
50#endif
51
Narayan Kamath926973e2014-06-09 14:18:14 +010052// The "end of central directory" (EOCD) record. Each archive
53// contains exactly once such record which appears at the end of
54// the archive. It contains archive wide information like the
55// number of entries in the archive and the offset to the central
56// directory of the offset.
57struct EocdRecord {
58 static const uint32_t kSignature = 0x06054b50;
Narayan Kamath7462f022013-11-21 13:05:04 +000059
Narayan Kamath926973e2014-06-09 14:18:14 +010060 // End of central directory signature, should always be
61 // |kSignature|.
62 uint32_t eocd_signature;
63 // The number of the current "disk", i.e, the "disk" that this
64 // central directory is on.
65 //
66 // This implementation assumes that each archive spans a single
67 // disk only. i.e, that disk_num == 1.
68 uint16_t disk_num;
69 // The disk where the central directory starts.
70 //
71 // This implementation assumes that each archive spans a single
72 // disk only. i.e, that cd_start_disk == 1.
73 uint16_t cd_start_disk;
74 // The number of central directory records on this disk.
75 //
76 // This implementation assumes that each archive spans a single
77 // disk only. i.e, that num_records_on_disk == num_records.
78 uint16_t num_records_on_disk;
79 // The total number of central directory records.
80 uint16_t num_records;
81 // The size of the central directory (in bytes).
82 uint32_t cd_size;
83 // The offset of the start of the central directory, relative
84 // to the start of the file.
85 uint32_t cd_start_offset;
86 // Length of the central directory comment.
87 uint16_t comment_length;
88 private:
Narayan Kamath785a1282015-04-17 11:53:14 +010089 EocdRecord() = default;
90 DISALLOW_COPY_AND_ASSIGN(EocdRecord);
Narayan Kamath926973e2014-06-09 14:18:14 +010091} __attribute__((packed));
Narayan Kamath7462f022013-11-21 13:05:04 +000092
Narayan Kamath926973e2014-06-09 14:18:14 +010093// A structure representing the fixed length fields for a single
94// record in the central directory of the archive. In addition to
95// the fixed length fields listed here, each central directory
96// record contains a variable length "file_name" and "extra_field"
97// whose lengths are given by |file_name_length| and |extra_field_length|
98// respectively.
99struct CentralDirectoryRecord {
100 static const uint32_t kSignature = 0x02014b50;
Narayan Kamath7462f022013-11-21 13:05:04 +0000101
Narayan Kamath926973e2014-06-09 14:18:14 +0100102 // The start of record signature. Must be |kSignature|.
103 uint32_t record_signature;
104 // Tool version. Ignored by this implementation.
105 uint16_t version_made_by;
106 // Tool version. Ignored by this implementation.
107 uint16_t version_needed;
108 // The "general purpose bit flags" for this entry. The only
109 // flag value that we currently check for is the "data descriptor"
110 // flag.
111 uint16_t gpb_flags;
112 // The compression method for this entry, one of |kCompressStored|
113 // and |kCompressDeflated|.
114 uint16_t compression_method;
115 // The file modification time and date for this entry.
116 uint16_t last_mod_time;
117 uint16_t last_mod_date;
118 // The CRC-32 checksum for this entry.
119 uint32_t crc32;
120 // The compressed size (in bytes) of this entry.
121 uint32_t compressed_size;
122 // The uncompressed size (in bytes) of this entry.
123 uint32_t uncompressed_size;
124 // The length of the entry file name in bytes. The file name
125 // will appear immediately after this record.
126 uint16_t file_name_length;
127 // The length of the extra field info (in bytes). This data
128 // will appear immediately after the entry file name.
129 uint16_t extra_field_length;
130 // The length of the entry comment (in bytes). This data will
131 // appear immediately after the extra field.
132 uint16_t comment_length;
133 // The start disk for this entry. Ignored by this implementation).
134 uint16_t file_start_disk;
135 // File attributes. Ignored by this implementation.
136 uint16_t internal_file_attributes;
137 // File attributes. Ignored by this implementation.
138 uint32_t external_file_attributes;
139 // The offset to the local file header for this entry, from the
140 // beginning of this archive.
141 uint32_t local_file_header_offset;
142 private:
Narayan Kamath785a1282015-04-17 11:53:14 +0100143 CentralDirectoryRecord() = default;
144 DISALLOW_COPY_AND_ASSIGN(CentralDirectoryRecord);
Narayan Kamath926973e2014-06-09 14:18:14 +0100145} __attribute__((packed));
Narayan Kamath7462f022013-11-21 13:05:04 +0000146
Narayan Kamath926973e2014-06-09 14:18:14 +0100147// The local file header for a given entry. This duplicates information
148// present in the central directory of the archive. It is an error for
149// the information here to be different from the central directory
150// information for a given entry.
151struct LocalFileHeader {
152 static const uint32_t kSignature = 0x04034b50;
Narayan Kamath7462f022013-11-21 13:05:04 +0000153
Narayan Kamath926973e2014-06-09 14:18:14 +0100154 // The local file header signature, must be |kSignature|.
155 uint32_t lfh_signature;
156 // Tool version. Ignored by this implementation.
157 uint16_t version_needed;
158 // The "general purpose bit flags" for this entry. The only
159 // flag value that we currently check for is the "data descriptor"
160 // flag.
161 uint16_t gpb_flags;
162 // The compression method for this entry, one of |kCompressStored|
163 // and |kCompressDeflated|.
164 uint16_t compression_method;
165 // The file modification time and date for this entry.
166 uint16_t last_mod_time;
167 uint16_t last_mod_date;
168 // The CRC-32 checksum for this entry.
169 uint32_t crc32;
170 // The compressed size (in bytes) of this entry.
171 uint32_t compressed_size;
172 // The uncompressed size (in bytes) of this entry.
173 uint32_t uncompressed_size;
174 // The length of the entry file name in bytes. The file name
175 // will appear immediately after this record.
176 uint16_t file_name_length;
177 // The length of the extra field info (in bytes). This data
178 // will appear immediately after the entry file name.
179 uint16_t extra_field_length;
180 private:
Narayan Kamath785a1282015-04-17 11:53:14 +0100181 LocalFileHeader() = default;
182 DISALLOW_COPY_AND_ASSIGN(LocalFileHeader);
Narayan Kamath926973e2014-06-09 14:18:14 +0100183} __attribute__((packed));
184
185struct DataDescriptor {
186 // The *optional* data descriptor start signature.
187 static const uint32_t kOptSignature = 0x08074b50;
188
189 // CRC-32 checksum of the entry.
190 uint32_t crc32;
191 // Compressed size of the entry.
192 uint32_t compressed_size;
193 // Uncompressed size of the entry.
194 uint32_t uncompressed_size;
195 private:
Narayan Kamath785a1282015-04-17 11:53:14 +0100196 DataDescriptor() = default;
197 DISALLOW_COPY_AND_ASSIGN(DataDescriptor);
Narayan Kamath926973e2014-06-09 14:18:14 +0100198} __attribute__((packed));
199
Narayan Kamath926973e2014-06-09 14:18:14 +0100200
Piotr Jastrzebskibd0a7482014-08-13 09:49:25 +0000201static const uint32_t kGPBDDFlagMask = 0x0008; // mask value that signifies that the entry has a DD
Narayan Kamath7462f022013-11-21 13:05:04 +0000202
Narayan Kamath926973e2014-06-09 14:18:14 +0100203// The maximum size of a central directory or a file
204// comment in bytes.
205static const uint32_t kMaxCommentLen = 65535;
206
207// The maximum number of bytes to scan backwards for the EOCD start.
208static const uint32_t kMaxEOCDSearch = kMaxCommentLen + sizeof(EocdRecord);
209
Narayan Kamath7462f022013-11-21 13:05:04 +0000210static const char* kErrorMessages[] = {
211 "Unknown return code.",
Narayan Kamatheb41ad22013-12-09 16:26:36 +0000212 "Iteration ended",
Narayan Kamath7462f022013-11-21 13:05:04 +0000213 "Zlib error",
214 "Invalid file",
215 "Invalid handle",
216 "Duplicate entries in archive",
217 "Empty archive",
218 "Entry not found",
219 "Invalid offset",
220 "Inconsistent information",
221 "Invalid entry name",
Narayan Kamatheb41ad22013-12-09 16:26:36 +0000222 "I/O Error",
Narayan Kamatheaf98852013-12-11 14:51:51 +0000223 "File mapping failed"
Narayan Kamath7462f022013-11-21 13:05:04 +0000224};
225
226static const int32_t kErrorMessageUpperBound = 0;
227
Narayan Kamatheb41ad22013-12-09 16:26:36 +0000228static const int32_t kIterationEnd = -1;
Narayan Kamath7462f022013-11-21 13:05:04 +0000229
230// We encountered a Zlib error when inflating a stream from this file.
231// Usually indicates file corruption.
232static const int32_t kZlibError = -2;
233
234// The input file cannot be processed as a zip archive. Usually because
235// it's too small, too large or does not have a valid signature.
236static const int32_t kInvalidFile = -3;
237
238// An invalid iteration / ziparchive handle was passed in as an input
239// argument.
240static const int32_t kInvalidHandle = -4;
241
242// The zip archive contained two (or possibly more) entries with the same
243// name.
244static const int32_t kDuplicateEntry = -5;
245
246// The zip archive contains no entries.
247static const int32_t kEmptyArchive = -6;
248
249// The specified entry was not found in the archive.
250static const int32_t kEntryNotFound = -7;
251
252// The zip archive contained an invalid local file header pointer.
253static const int32_t kInvalidOffset = -8;
254
255// The zip archive contained inconsistent entry information. This could
256// be because the central directory & local file header did not agree, or
257// if the actual uncompressed length or crc32 do not match their declared
258// values.
259static const int32_t kInconsistentInformation = -9;
260
261// An invalid entry name was encountered.
262static const int32_t kInvalidEntryName = -10;
263
Narayan Kamatheb41ad22013-12-09 16:26:36 +0000264// An I/O related system call (read, lseek, ftruncate, map) failed.
265static const int32_t kIoError = -11;
Narayan Kamath7462f022013-11-21 13:05:04 +0000266
Narayan Kamatheaf98852013-12-11 14:51:51 +0000267// We were not able to mmap the central directory or entry contents.
268static const int32_t kMmapFailed = -12;
Narayan Kamath7462f022013-11-21 13:05:04 +0000269
Narayan Kamatheaf98852013-12-11 14:51:51 +0000270static const int32_t kErrorMessageLowerBound = -13;
Narayan Kamath7462f022013-11-21 13:05:04 +0000271
Narayan Kamath7462f022013-11-21 13:05:04 +0000272/*
273 * A Read-only Zip archive.
274 *
275 * We want "open" and "find entry by name" to be fast operations, and
276 * we want to use as little memory as possible. We memory-map the zip
277 * central directory, and load a hash table with pointers to the filenames
278 * (which aren't null-terminated). The other fields are at a fixed offset
279 * from the filename, so we don't need to extract those (but we do need
280 * to byte-read and endian-swap them every time we want them).
281 *
282 * It's possible that somebody has handed us a massive (~1GB) zip archive,
283 * so we can't expect to mmap the entire file.
284 *
285 * To speed comparisons when doing a lookup by name, we could make the mapping
286 * "private" (copy-on-write) and null-terminate the filenames after verifying
287 * the record structure. However, this requires a private mapping of
288 * every page that the Central Directory touches. Easier to tuck a copy
289 * of the string length into the hash table entry.
290 */
291struct ZipArchive {
292 /* open Zip archive */
Neil Fullerb1a113f2014-07-25 14:43:04 +0100293 const int fd;
Dmitriy Ivanov40b52b22014-07-15 19:33:00 -0700294 const bool close_file;
Narayan Kamath7462f022013-11-21 13:05:04 +0000295
296 /* mapped central directory area */
297 off64_t directory_offset;
Dmitriy Ivanov4b67f832015-03-06 10:22:34 -0800298 android::FileMap directory_map;
Narayan Kamath7462f022013-11-21 13:05:04 +0000299
300 /* number of entries in the Zip archive */
301 uint16_t num_entries;
302
303 /*
304 * We know how many entries are in the Zip archive, so we can have a
305 * fixed-size hash table. We define a load factor of 0.75 and overallocat
306 * so the maximum number entries can never be higher than
307 * ((4 * UINT16_MAX) / 3 + 1) which can safely fit into a uint32_t.
308 */
309 uint32_t hash_table_size;
310 ZipEntryName* hash_table;
Neil Fullerb1a113f2014-07-25 14:43:04 +0100311
Dmitriy Ivanov40b52b22014-07-15 19:33:00 -0700312 ZipArchive(const int fd, bool assume_ownership) :
Neil Fullerb1a113f2014-07-25 14:43:04 +0100313 fd(fd),
Dmitriy Ivanov40b52b22014-07-15 19:33:00 -0700314 close_file(assume_ownership),
Neil Fullerb1a113f2014-07-25 14:43:04 +0100315 directory_offset(0),
Neil Fullerb1a113f2014-07-25 14:43:04 +0100316 num_entries(0),
317 hash_table_size(0),
318 hash_table(NULL) {}
319
320 ~ZipArchive() {
Dmitriy Ivanov40b52b22014-07-15 19:33:00 -0700321 if (close_file && fd >= 0) {
Neil Fullerb1a113f2014-07-25 14:43:04 +0100322 close(fd);
323 }
324
Neil Fullerb1a113f2014-07-25 14:43:04 +0100325 free(hash_table);
326 }
Narayan Kamath7462f022013-11-21 13:05:04 +0000327};
328
Narayan Kamath7462f022013-11-21 13:05:04 +0000329/*
330 * Round up to the next highest power of 2.
331 *
332 * Found on http://graphics.stanford.edu/~seander/bithacks.html.
333 */
334static uint32_t RoundUpPower2(uint32_t val) {
335 val--;
336 val |= val >> 1;
337 val |= val >> 2;
338 val |= val >> 4;
339 val |= val >> 8;
340 val |= val >> 16;
341 val++;
342
343 return val;
344}
345
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100346static uint32_t ComputeHash(const ZipEntryName& name) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000347 uint32_t hash = 0;
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100348 uint16_t len = name.name_length;
349 const uint8_t* str = name.name;
Narayan Kamath7462f022013-11-21 13:05:04 +0000350
351 while (len--) {
352 hash = hash * 31 + *str++;
353 }
354
355 return hash;
356}
357
358/*
359 * Convert a ZipEntry to a hash table index, verifying that it's in a
360 * valid range.
361 */
362static int64_t EntryToIndex(const ZipEntryName* hash_table,
363 const uint32_t hash_table_size,
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100364 const ZipEntryName& name) {
365 const uint32_t hash = ComputeHash(name);
Narayan Kamath7462f022013-11-21 13:05:04 +0000366
367 // NOTE: (hash_table_size - 1) is guaranteed to be non-negative.
368 uint32_t ent = hash & (hash_table_size - 1);
369 while (hash_table[ent].name != NULL) {
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100370 if (hash_table[ent].name_length == name.name_length &&
371 memcmp(hash_table[ent].name, name.name, name.name_length) == 0) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000372 return ent;
373 }
374
375 ent = (ent + 1) & (hash_table_size - 1);
376 }
377
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100378 ALOGV("Zip: Unable to find entry %.*s", name.name_length, name.name);
Narayan Kamath7462f022013-11-21 13:05:04 +0000379 return kEntryNotFound;
380}
381
382/*
383 * Add a new entry to the hash table.
384 */
385static int32_t AddToHash(ZipEntryName *hash_table, const uint64_t hash_table_size,
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100386 const ZipEntryName& name) {
387 const uint64_t hash = ComputeHash(name);
Narayan Kamath7462f022013-11-21 13:05:04 +0000388 uint32_t ent = hash & (hash_table_size - 1);
389
390 /*
391 * We over-allocated the table, so we're guaranteed to find an empty slot.
392 * Further, we guarantee that the hashtable size is not 0.
393 */
394 while (hash_table[ent].name != NULL) {
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100395 if (hash_table[ent].name_length == name.name_length &&
396 memcmp(hash_table[ent].name, name.name, name.name_length) == 0) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000397 // We've found a duplicate entry. We don't accept it
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100398 ALOGW("Zip: Found duplicate entry %.*s", name.name_length, name.name);
Narayan Kamath7462f022013-11-21 13:05:04 +0000399 return kDuplicateEntry;
400 }
401 ent = (ent + 1) & (hash_table_size - 1);
402 }
403
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100404 hash_table[ent].name = name.name;
405 hash_table[ent].name_length = name.name_length;
Narayan Kamath7462f022013-11-21 13:05:04 +0000406 return 0;
407}
408
Narayan Kamath7462f022013-11-21 13:05:04 +0000409static int32_t MapCentralDirectory0(int fd, const char* debug_file_name,
410 ZipArchive* archive, off64_t file_length,
Narayan Kamath926973e2014-06-09 14:18:14 +0100411 off64_t read_amount, uint8_t* scan_buffer) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000412 const off64_t search_start = file_length - read_amount;
413
414 if (lseek64(fd, search_start, SEEK_SET) != search_start) {
Narayan Kamath926973e2014-06-09 14:18:14 +0100415 ALOGW("Zip: seek %" PRId64 " failed: %s", static_cast<int64_t>(search_start),
416 strerror(errno));
Narayan Kamath7462f022013-11-21 13:05:04 +0000417 return kIoError;
418 }
Narayan Kamath926973e2014-06-09 14:18:14 +0100419 ssize_t actual = TEMP_FAILURE_RETRY(
420 read(fd, scan_buffer, static_cast<size_t>(read_amount)));
421 if (actual != static_cast<ssize_t>(read_amount)) {
422 ALOGW("Zip: read %" PRId64 " failed: %s", static_cast<int64_t>(read_amount),
423 strerror(errno));
Narayan Kamath7462f022013-11-21 13:05:04 +0000424 return kIoError;
425 }
426
427 /*
428 * Scan backward for the EOCD magic. In an archive without a trailing
429 * comment, we'll find it on the first try. (We may want to consider
430 * doing an initial minimal read; if we don't find it, retry with a
431 * second read as above.)
432 */
Narayan Kamath926973e2014-06-09 14:18:14 +0100433 int i = read_amount - sizeof(EocdRecord);
434 for (; i >= 0; i--) {
Dan Albert1ae07642015-04-09 14:11:18 -0700435 if (scan_buffer[i] == 0x50) {
436 uint32_t* sig_addr = reinterpret_cast<uint32_t*>(&scan_buffer[i]);
437 if (get_unaligned<uint32_t>(sig_addr) == EocdRecord::kSignature) {
438 ALOGV("+++ Found EOCD at buf+%d", i);
439 break;
440 }
Narayan Kamath7462f022013-11-21 13:05:04 +0000441 }
442 }
443 if (i < 0) {
444 ALOGD("Zip: EOCD not found, %s is not zip", debug_file_name);
445 return kInvalidFile;
446 }
447
448 const off64_t eocd_offset = search_start + i;
Narayan Kamath926973e2014-06-09 14:18:14 +0100449 const EocdRecord* eocd = reinterpret_cast<const EocdRecord*>(scan_buffer + i);
Narayan Kamath7462f022013-11-21 13:05:04 +0000450 /*
Narayan Kamath926973e2014-06-09 14:18:14 +0100451 * Verify that there's no trailing space at the end of the central directory
452 * and its comment.
Narayan Kamath7462f022013-11-21 13:05:04 +0000453 */
Narayan Kamath926973e2014-06-09 14:18:14 +0100454 const off64_t calculated_length = eocd_offset + sizeof(EocdRecord)
455 + eocd->comment_length;
456 if (calculated_length != file_length) {
Narayan Kamath4f6b4992014-06-03 13:59:23 +0100457 ALOGW("Zip: %" PRId64 " extraneous bytes at the end of the central directory",
Narayan Kamath926973e2014-06-09 14:18:14 +0100458 static_cast<int64_t>(file_length - calculated_length));
Narayan Kamath4f6b4992014-06-03 13:59:23 +0100459 return kInvalidFile;
460 }
Narayan Kamath7462f022013-11-21 13:05:04 +0000461
Narayan Kamath926973e2014-06-09 14:18:14 +0100462 /*
463 * Grab the CD offset and size, and the number of entries in the
464 * archive and verify that they look reasonable.
465 */
Tianjie Xu1ee48922016-09-21 14:58:11 -0700466 if (static_cast<off64_t>(eocd->cd_start_offset) + eocd->cd_size > eocd_offset) {
Narayan Kamath926973e2014-06-09 14:18:14 +0100467 ALOGW("Zip: bad offsets (dir %" PRIu32 ", size %" PRIu32 ", eocd %" PRId64 ")",
468 eocd->cd_start_offset, eocd->cd_size, static_cast<int64_t>(eocd_offset));
Tianjie Xu1ee48922016-09-21 14:58:11 -0700469#if defined(__ANDROID__)
470 if (eocd->cd_start_offset + eocd->cd_size <= eocd_offset) {
471 android_errorWriteLog(0x534e4554, "31251826");
472 }
473#endif
Narayan Kamath7462f022013-11-21 13:05:04 +0000474 return kInvalidOffset;
475 }
Narayan Kamath926973e2014-06-09 14:18:14 +0100476 if (eocd->num_records == 0) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000477 ALOGW("Zip: empty archive?");
478 return kEmptyArchive;
479 }
480
Narayan Kamath926973e2014-06-09 14:18:14 +0100481 ALOGV("+++ num_entries=%" PRIu32 "dir_size=%" PRIu32 " dir_offset=%" PRIu32,
482 eocd->num_records, eocd->cd_size, eocd->cd_start_offset);
Narayan Kamath7462f022013-11-21 13:05:04 +0000483
484 /*
485 * It all looks good. Create a mapping for the CD, and set the fields
486 * in archive.
487 */
Dmitriy Ivanov4b67f832015-03-06 10:22:34 -0800488 if (!archive->directory_map.create(debug_file_name, fd,
489 static_cast<off64_t>(eocd->cd_start_offset),
490 static_cast<size_t>(eocd->cd_size), true /* read only */) ) {
Narayan Kamatheaf98852013-12-11 14:51:51 +0000491 return kMmapFailed;
Narayan Kamath7462f022013-11-21 13:05:04 +0000492 }
493
Narayan Kamath926973e2014-06-09 14:18:14 +0100494 archive->num_entries = eocd->num_records;
495 archive->directory_offset = eocd->cd_start_offset;
Narayan Kamath7462f022013-11-21 13:05:04 +0000496
497 return 0;
498}
499
500/*
501 * Find the zip Central Directory and memory-map it.
502 *
503 * On success, returns 0 after populating fields from the EOCD area:
504 * directory_offset
505 * directory_map
506 * num_entries
507 */
508static int32_t MapCentralDirectory(int fd, const char* debug_file_name,
509 ZipArchive* archive) {
510
511 // Test file length. We use lseek64 to make sure the file
512 // is small enough to be a zip file (Its size must be less than
513 // 0xffffffff bytes).
514 off64_t file_length = lseek64(fd, 0, SEEK_END);
515 if (file_length == -1) {
516 ALOGV("Zip: lseek on fd %d failed", fd);
517 return kInvalidFile;
518 }
519
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800520 if (file_length > static_cast<off64_t>(0xffffffff)) {
Narayan Kamath926973e2014-06-09 14:18:14 +0100521 ALOGV("Zip: zip file too long %" PRId64, static_cast<int64_t>(file_length));
Narayan Kamath7462f022013-11-21 13:05:04 +0000522 return kInvalidFile;
523 }
524
Narayan Kamath926973e2014-06-09 14:18:14 +0100525 if (file_length < static_cast<off64_t>(sizeof(EocdRecord))) {
526 ALOGV("Zip: length %" PRId64 " is too small to be zip", static_cast<int64_t>(file_length));
Narayan Kamath7462f022013-11-21 13:05:04 +0000527 return kInvalidFile;
528 }
529
530 /*
531 * Perform the traditional EOCD snipe hunt.
532 *
533 * We're searching for the End of Central Directory magic number,
534 * which appears at the start of the EOCD block. It's followed by
535 * 18 bytes of EOCD stuff and up to 64KB of archive comment. We
536 * need to read the last part of the file into a buffer, dig through
537 * it to find the magic number, parse some values out, and use those
538 * to determine the extent of the CD.
539 *
540 * We start by pulling in the last part of the file.
541 */
Narayan Kamath926973e2014-06-09 14:18:14 +0100542 off64_t read_amount = kMaxEOCDSearch;
543 if (file_length < read_amount) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000544 read_amount = file_length;
545 }
546
Narayan Kamath926973e2014-06-09 14:18:14 +0100547 uint8_t* scan_buffer = reinterpret_cast<uint8_t*>(malloc(read_amount));
Narayan Kamath7462f022013-11-21 13:05:04 +0000548 int32_t result = MapCentralDirectory0(fd, debug_file_name, archive,
549 file_length, read_amount, scan_buffer);
550
551 free(scan_buffer);
552 return result;
553}
554
555/*
556 * Parses the Zip archive's Central Directory. Allocates and populates the
557 * hash table.
558 *
559 * Returns 0 on success.
560 */
561static int32_t ParseZipArchive(ZipArchive* archive) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800562 const uint8_t* const cd_ptr =
563 reinterpret_cast<const uint8_t*>(archive->directory_map.getDataPtr());
Dmitriy Ivanov4b67f832015-03-06 10:22:34 -0800564 const size_t cd_length = archive->directory_map.getDataLength();
Narayan Kamath926973e2014-06-09 14:18:14 +0100565 const uint16_t num_entries = archive->num_entries;
Narayan Kamath7462f022013-11-21 13:05:04 +0000566
567 /*
568 * Create hash table. We have a minimum 75% load factor, possibly as
569 * low as 50% after we round off to a power of 2. There must be at
570 * least one unused entry to avoid an infinite loop during creation.
571 */
572 archive->hash_table_size = RoundUpPower2(1 + (num_entries * 4) / 3);
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800573 archive->hash_table = reinterpret_cast<ZipEntryName*>(calloc(archive->hash_table_size,
574 sizeof(ZipEntryName)));
Narayan Kamath7462f022013-11-21 13:05:04 +0000575
576 /*
577 * Walk through the central directory, adding entries to the hash
578 * table and verifying values.
579 */
Narayan Kamath926973e2014-06-09 14:18:14 +0100580 const uint8_t* const cd_end = cd_ptr + cd_length;
Narayan Kamath7462f022013-11-21 13:05:04 +0000581 const uint8_t* ptr = cd_ptr;
582 for (uint16_t i = 0; i < num_entries; i++) {
Tianjie Xud9fd1862017-04-05 14:46:27 -0700583 if (ptr > cd_end - sizeof(CentralDirectoryRecord)) {
584 ALOGW("Zip: ran off the end (at %" PRIu16 ")", i);
585#if defined(__ANDROID__)
586 android_errorWriteLog(0x534e4554, "36392138");
587#endif
588 return -1;
589 }
590
Narayan Kamath926973e2014-06-09 14:18:14 +0100591 const CentralDirectoryRecord* cdr =
592 reinterpret_cast<const CentralDirectoryRecord*>(ptr);
593 if (cdr->record_signature != CentralDirectoryRecord::kSignature) {
Mark Salyzyn088bf902014-05-08 16:02:20 -0700594 ALOGW("Zip: missed a central dir sig (at %" PRIu16 ")", i);
Dmitriy Ivanov3ea93da2015-03-06 11:48:47 -0800595 return -1;
Narayan Kamath7462f022013-11-21 13:05:04 +0000596 }
597
Narayan Kamath926973e2014-06-09 14:18:14 +0100598 const off64_t local_header_offset = cdr->local_file_header_offset;
Narayan Kamath7462f022013-11-21 13:05:04 +0000599 if (local_header_offset >= archive->directory_offset) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800600 ALOGW("Zip: bad LFH offset %" PRId64 " at entry %" PRIu16,
601 static_cast<int64_t>(local_header_offset), i);
Dmitriy Ivanov3ea93da2015-03-06 11:48:47 -0800602 return -1;
Narayan Kamath7462f022013-11-21 13:05:04 +0000603 }
604
Narayan Kamath926973e2014-06-09 14:18:14 +0100605 const uint16_t file_name_length = cdr->file_name_length;
606 const uint16_t extra_length = cdr->extra_field_length;
607 const uint16_t comment_length = cdr->comment_length;
Piotr Jastrzebski78271ba2014-08-15 12:53:00 +0100608 const uint8_t* file_name = ptr + sizeof(CentralDirectoryRecord);
609
Narayan Kamath044bc8e2014-12-03 18:22:53 +0000610 /* check that file name is valid UTF-8 and doesn't contain NUL (U+0000) characters */
611 if (!IsValidEntryName(file_name, file_name_length)) {
Dmitriy Ivanov3ea93da2015-03-06 11:48:47 -0800612 return -1;
Piotr Jastrzebski78271ba2014-08-15 12:53:00 +0100613 }
Narayan Kamath7462f022013-11-21 13:05:04 +0000614
615 /* add the CDE filename to the hash table */
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100616 ZipEntryName entry_name;
617 entry_name.name = file_name;
618 entry_name.name_length = file_name_length;
Narayan Kamath7462f022013-11-21 13:05:04 +0000619 const int add_result = AddToHash(archive->hash_table,
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100620 archive->hash_table_size, entry_name);
Dmitriy Ivanov3ea93da2015-03-06 11:48:47 -0800621 if (add_result != 0) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000622 ALOGW("Zip: Error adding entry to hash table %d", add_result);
Dmitriy Ivanov3ea93da2015-03-06 11:48:47 -0800623 return add_result;
Narayan Kamath7462f022013-11-21 13:05:04 +0000624 }
625
Narayan Kamath926973e2014-06-09 14:18:14 +0100626 ptr += sizeof(CentralDirectoryRecord) + file_name_length + extra_length + comment_length;
627 if ((ptr - cd_ptr) > static_cast<int64_t>(cd_length)) {
Mark Salyzyn088bf902014-05-08 16:02:20 -0700628 ALOGW("Zip: bad CD advance (%tu vs %zu) at entry %" PRIu16,
629 ptr - cd_ptr, cd_length, i);
Dmitriy Ivanov3ea93da2015-03-06 11:48:47 -0800630 return -1;
Narayan Kamath7462f022013-11-21 13:05:04 +0000631 }
632 }
Mark Salyzyn088bf902014-05-08 16:02:20 -0700633 ALOGV("+++ zip good scan %" PRIu16 " entries", num_entries);
Narayan Kamath7462f022013-11-21 13:05:04 +0000634
Dmitriy Ivanov3ea93da2015-03-06 11:48:47 -0800635 return 0;
Narayan Kamath7462f022013-11-21 13:05:04 +0000636}
637
638static int32_t OpenArchiveInternal(ZipArchive* archive,
639 const char* debug_file_name) {
640 int32_t result = -1;
641 if ((result = MapCentralDirectory(archive->fd, debug_file_name, archive))) {
642 return result;
643 }
644
645 if ((result = ParseZipArchive(archive))) {
646 return result;
647 }
648
649 return 0;
650}
651
652int32_t OpenArchiveFd(int fd, const char* debug_file_name,
Dmitriy Ivanov40b52b22014-07-15 19:33:00 -0700653 ZipArchiveHandle* handle, bool assume_ownership) {
654 ZipArchive* archive = new ZipArchive(fd, assume_ownership);
Narayan Kamath7462f022013-11-21 13:05:04 +0000655 *handle = archive;
Narayan Kamath7462f022013-11-21 13:05:04 +0000656 return OpenArchiveInternal(archive, debug_file_name);
657}
658
659int32_t OpenArchive(const char* fileName, ZipArchiveHandle* handle) {
Neil Fullerb1a113f2014-07-25 14:43:04 +0100660 const int fd = open(fileName, O_RDONLY | O_BINARY, 0);
Dmitriy Ivanov40b52b22014-07-15 19:33:00 -0700661 ZipArchive* archive = new ZipArchive(fd, true);
Narayan Kamath7462f022013-11-21 13:05:04 +0000662 *handle = archive;
663
Narayan Kamath7462f022013-11-21 13:05:04 +0000664 if (fd < 0) {
665 ALOGW("Unable to open '%s': %s", fileName, strerror(errno));
666 return kIoError;
Narayan Kamath7462f022013-11-21 13:05:04 +0000667 }
Dmitriy Ivanov40b52b22014-07-15 19:33:00 -0700668
Narayan Kamath7462f022013-11-21 13:05:04 +0000669 return OpenArchiveInternal(archive, fileName);
670}
671
672/*
673 * Close a ZipArchive, closing the file and freeing the contents.
674 */
675void CloseArchive(ZipArchiveHandle handle) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800676 ZipArchive* archive = reinterpret_cast<ZipArchive*>(handle);
Narayan Kamath7462f022013-11-21 13:05:04 +0000677 ALOGV("Closing archive %p", archive);
Neil Fullerb1a113f2014-07-25 14:43:04 +0100678 delete archive;
Narayan Kamath7462f022013-11-21 13:05:04 +0000679}
680
681static int32_t UpdateEntryFromDataDescriptor(int fd,
682 ZipEntry *entry) {
Narayan Kamath926973e2014-06-09 14:18:14 +0100683 uint8_t ddBuf[sizeof(DataDescriptor) + sizeof(DataDescriptor::kOptSignature)];
Narayan Kamath7462f022013-11-21 13:05:04 +0000684 ssize_t actual = TEMP_FAILURE_RETRY(read(fd, ddBuf, sizeof(ddBuf)));
685 if (actual != sizeof(ddBuf)) {
686 return kIoError;
687 }
688
Narayan Kamath926973e2014-06-09 14:18:14 +0100689 const uint32_t ddSignature = *(reinterpret_cast<const uint32_t*>(ddBuf));
690 const uint16_t offset = (ddSignature == DataDescriptor::kOptSignature) ? 4 : 0;
691 const DataDescriptor* descriptor = reinterpret_cast<const DataDescriptor*>(ddBuf + offset);
Narayan Kamath7462f022013-11-21 13:05:04 +0000692
Narayan Kamath926973e2014-06-09 14:18:14 +0100693 entry->crc32 = descriptor->crc32;
694 entry->compressed_length = descriptor->compressed_size;
695 entry->uncompressed_length = descriptor->uncompressed_size;
Narayan Kamath7462f022013-11-21 13:05:04 +0000696
697 return 0;
698}
699
700// Attempts to read |len| bytes into |buf| at offset |off|.
701//
702// This method uses pread64 on platforms that support it and
703// lseek64 + read on platforms that don't. This implies that
704// callers should not rely on the |fd| offset being incremented
705// as a side effect of this call.
706static inline ssize_t ReadAtOffset(int fd, uint8_t* buf, size_t len,
707 off64_t off) {
Yabin Cui70160f42014-11-19 20:47:18 -0800708#if !defined(_WIN32)
Narayan Kamath7462f022013-11-21 13:05:04 +0000709 return TEMP_FAILURE_RETRY(pread64(fd, buf, len, off));
710#else
711 // The only supported platform that doesn't support pread at the moment
712 // is Windows. Only recent versions of windows support unix like forks,
713 // and even there the semantics are quite different.
714 if (lseek64(fd, off, SEEK_SET) != off) {
Mark Salyzyn99ef9912014-03-14 14:26:22 -0700715 ALOGW("Zip: failed seek to offset %" PRId64, off);
Narayan Kamath7462f022013-11-21 13:05:04 +0000716 return kIoError;
717 }
718
719 return TEMP_FAILURE_RETRY(read(fd, buf, len));
Yabin Cui70160f42014-11-19 20:47:18 -0800720#endif
Narayan Kamath7462f022013-11-21 13:05:04 +0000721}
722
723static int32_t FindEntry(const ZipArchive* archive, const int ent,
724 ZipEntry* data) {
725 const uint16_t nameLen = archive->hash_table[ent].name_length;
Narayan Kamath7462f022013-11-21 13:05:04 +0000726
727 // Recover the start of the central directory entry from the filename
728 // pointer. The filename is the first entry past the fixed-size data,
729 // so we can just subtract back from that.
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100730 const uint8_t* ptr = archive->hash_table[ent].name;
Narayan Kamath926973e2014-06-09 14:18:14 +0100731 ptr -= sizeof(CentralDirectoryRecord);
Narayan Kamath7462f022013-11-21 13:05:04 +0000732
733 // This is the base of our mmapped region, we have to sanity check that
734 // the name that's in the hash table is a pointer to a location within
735 // this mapped region.
Narayan Kamath926973e2014-06-09 14:18:14 +0100736 const uint8_t* base_ptr = reinterpret_cast<const uint8_t*>(
Dmitriy Ivanov4b67f832015-03-06 10:22:34 -0800737 archive->directory_map.getDataPtr());
738 if (ptr < base_ptr || ptr > base_ptr + archive->directory_map.getDataLength()) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000739 ALOGW("Zip: Invalid entry pointer");
740 return kInvalidOffset;
741 }
742
Narayan Kamath926973e2014-06-09 14:18:14 +0100743 const CentralDirectoryRecord *cdr =
744 reinterpret_cast<const CentralDirectoryRecord*>(ptr);
745
Narayan Kamath7462f022013-11-21 13:05:04 +0000746 // The offset of the start of the central directory in the zipfile.
747 // We keep this lying around so that we can sanity check all our lengths
748 // and our per-file structures.
749 const off64_t cd_offset = archive->directory_offset;
750
751 // Fill out the compression method, modification time, crc32
752 // and other interesting attributes from the central directory. These
753 // will later be compared against values from the local file header.
Narayan Kamath926973e2014-06-09 14:18:14 +0100754 data->method = cdr->compression_method;
755 data->mod_time = cdr->last_mod_time;
756 data->crc32 = cdr->crc32;
757 data->compressed_length = cdr->compressed_size;
758 data->uncompressed_length = cdr->uncompressed_size;
Narayan Kamath7462f022013-11-21 13:05:04 +0000759
760 // Figure out the local header offset from the central directory. The
761 // actual file data will begin after the local header and the name /
762 // extra comments.
Narayan Kamath926973e2014-06-09 14:18:14 +0100763 const off64_t local_header_offset = cdr->local_file_header_offset;
764 if (local_header_offset + static_cast<off64_t>(sizeof(LocalFileHeader)) >= cd_offset) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000765 ALOGW("Zip: bad local hdr offset in zip");
766 return kInvalidOffset;
767 }
768
Narayan Kamath926973e2014-06-09 14:18:14 +0100769 uint8_t lfh_buf[sizeof(LocalFileHeader)];
Narayan Kamath7462f022013-11-21 13:05:04 +0000770 ssize_t actual = ReadAtOffset(archive->fd, lfh_buf, sizeof(lfh_buf),
771 local_header_offset);
772 if (actual != sizeof(lfh_buf)) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800773 ALOGW("Zip: failed reading lfh name from offset %" PRId64,
774 static_cast<int64_t>(local_header_offset));
Narayan Kamath7462f022013-11-21 13:05:04 +0000775 return kIoError;
776 }
777
Narayan Kamath926973e2014-06-09 14:18:14 +0100778 const LocalFileHeader *lfh = reinterpret_cast<const LocalFileHeader*>(lfh_buf);
779
780 if (lfh->lfh_signature != LocalFileHeader::kSignature) {
Mark Salyzyn99ef9912014-03-14 14:26:22 -0700781 ALOGW("Zip: didn't find signature at start of lfh, offset=%" PRId64,
Narayan Kamath926973e2014-06-09 14:18:14 +0100782 static_cast<int64_t>(local_header_offset));
Narayan Kamath7462f022013-11-21 13:05:04 +0000783 return kInvalidOffset;
784 }
785
786 // Paranoia: Match the values specified in the local file header
787 // to those specified in the central directory.
Narayan Kamath926973e2014-06-09 14:18:14 +0100788 if ((lfh->gpb_flags & kGPBDDFlagMask) == 0) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000789 data->has_data_descriptor = 0;
Narayan Kamath926973e2014-06-09 14:18:14 +0100790 if (data->compressed_length != lfh->compressed_size
791 || data->uncompressed_length != lfh->uncompressed_size
792 || data->crc32 != lfh->crc32) {
Mark Salyzyn088bf902014-05-08 16:02:20 -0700793 ALOGW("Zip: size/crc32 mismatch. expected {%" PRIu32 ", %" PRIu32
794 ", %" PRIx32 "}, was {%" PRIu32 ", %" PRIu32 ", %" PRIx32 "}",
Narayan Kamath7462f022013-11-21 13:05:04 +0000795 data->compressed_length, data->uncompressed_length, data->crc32,
Narayan Kamath926973e2014-06-09 14:18:14 +0100796 lfh->compressed_size, lfh->uncompressed_size, lfh->crc32);
Narayan Kamath7462f022013-11-21 13:05:04 +0000797 return kInconsistentInformation;
798 }
799 } else {
800 data->has_data_descriptor = 1;
801 }
802
803 // Check that the local file header name matches the declared
804 // name in the central directory.
Narayan Kamath926973e2014-06-09 14:18:14 +0100805 if (lfh->file_name_length == nameLen) {
806 const off64_t name_offset = local_header_offset + sizeof(LocalFileHeader);
Mykola Kondratenko50afc152014-09-08 12:46:37 +0200807 if (name_offset + lfh->file_name_length > cd_offset) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000808 ALOGW("Zip: Invalid declared length");
809 return kInvalidOffset;
810 }
811
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800812 uint8_t* name_buf = reinterpret_cast<uint8_t*>(malloc(nameLen));
Narayan Kamath7462f022013-11-21 13:05:04 +0000813 ssize_t actual = ReadAtOffset(archive->fd, name_buf, nameLen,
814 name_offset);
815
816 if (actual != nameLen) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800817 ALOGW("Zip: failed reading lfh name from offset %" PRId64, static_cast<int64_t>(name_offset));
Narayan Kamath7462f022013-11-21 13:05:04 +0000818 free(name_buf);
819 return kIoError;
820 }
821
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100822 if (memcmp(archive->hash_table[ent].name, name_buf, nameLen)) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000823 free(name_buf);
824 return kInconsistentInformation;
825 }
826
827 free(name_buf);
828 } else {
829 ALOGW("Zip: lfh name did not match central directory.");
830 return kInconsistentInformation;
831 }
832
Narayan Kamath926973e2014-06-09 14:18:14 +0100833 const off64_t data_offset = local_header_offset + sizeof(LocalFileHeader)
834 + lfh->file_name_length + lfh->extra_field_length;
Narayan Kamath48953a12014-01-24 12:32:39 +0000835 if (data_offset > cd_offset) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800836 ALOGW("Zip: bad data offset %" PRId64 " in zip", static_cast<int64_t>(data_offset));
Narayan Kamath7462f022013-11-21 13:05:04 +0000837 return kInvalidOffset;
838 }
839
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800840 if (static_cast<off64_t>(data_offset + data->compressed_length) > cd_offset) {
Mark Salyzyn088bf902014-05-08 16:02:20 -0700841 ALOGW("Zip: bad compressed length in zip (%" PRId64 " + %" PRIu32 " > %" PRId64 ")",
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800842 static_cast<int64_t>(data_offset), data->compressed_length, static_cast<int64_t>(cd_offset));
Narayan Kamath7462f022013-11-21 13:05:04 +0000843 return kInvalidOffset;
844 }
845
846 if (data->method == kCompressStored &&
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800847 static_cast<off64_t>(data_offset + data->uncompressed_length) > cd_offset) {
Mark Salyzyn088bf902014-05-08 16:02:20 -0700848 ALOGW("Zip: bad uncompressed length in zip (%" PRId64 " + %" PRIu32 " > %" PRId64 ")",
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800849 static_cast<int64_t>(data_offset), data->uncompressed_length,
850 static_cast<int64_t>(cd_offset));
Narayan Kamath7462f022013-11-21 13:05:04 +0000851 return kInvalidOffset;
852 }
853
854 data->offset = data_offset;
855 return 0;
856}
857
858struct IterationHandle {
859 uint32_t position;
Piotr Jastrzebski10aa9a02014-08-19 09:01:20 +0100860 // We're not using vector here because this code is used in the Windows SDK
861 // where the STL is not available.
Piotr Jastrzebski8e085362014-08-18 11:37:45 +0100862 const uint8_t* prefix;
Yusuke Satoa4a80692015-06-19 17:04:15 -0700863 const uint16_t prefix_len;
864 const uint8_t* suffix;
865 const uint16_t suffix_len;
Narayan Kamath7462f022013-11-21 13:05:04 +0000866 ZipArchive* archive;
Piotr Jastrzebski8e085362014-08-18 11:37:45 +0100867
Yusuke Satoa4a80692015-06-19 17:04:15 -0700868 IterationHandle(const ZipEntryName* prefix_name,
869 const ZipEntryName* suffix_name)
870 : prefix(NULL),
871 prefix_len(prefix_name ? prefix_name->name_length : 0),
872 suffix(NULL),
873 suffix_len(suffix_name ? suffix_name->name_length : 0) {
874 if (prefix_name) {
875 uint8_t* prefix_copy = new uint8_t[prefix_len];
876 memcpy(prefix_copy, prefix_name->name, prefix_len);
877 prefix = prefix_copy;
878 }
879 if (suffix_name) {
880 uint8_t* suffix_copy = new uint8_t[suffix_len];
881 memcpy(suffix_copy, suffix_name->name, suffix_len);
882 suffix = suffix_copy;
883 }
Piotr Jastrzebski8e085362014-08-18 11:37:45 +0100884 }
885
886 ~IterationHandle() {
Piotr Jastrzebski10aa9a02014-08-19 09:01:20 +0100887 delete[] prefix;
Yusuke Satoa4a80692015-06-19 17:04:15 -0700888 delete[] suffix;
Piotr Jastrzebski8e085362014-08-18 11:37:45 +0100889 }
Narayan Kamath7462f022013-11-21 13:05:04 +0000890};
891
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100892int32_t StartIteration(ZipArchiveHandle handle, void** cookie_ptr,
Yusuke Satoa4a80692015-06-19 17:04:15 -0700893 const ZipEntryName* optional_prefix,
894 const ZipEntryName* optional_suffix) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800895 ZipArchive* archive = reinterpret_cast<ZipArchive*>(handle);
Narayan Kamath7462f022013-11-21 13:05:04 +0000896
897 if (archive == NULL || archive->hash_table == NULL) {
898 ALOGW("Zip: Invalid ZipArchiveHandle");
899 return kInvalidHandle;
900 }
901
Yusuke Satoa4a80692015-06-19 17:04:15 -0700902 IterationHandle* cookie = new IterationHandle(optional_prefix, optional_suffix);
Narayan Kamath7462f022013-11-21 13:05:04 +0000903 cookie->position = 0;
Narayan Kamath7462f022013-11-21 13:05:04 +0000904 cookie->archive = archive;
Narayan Kamath7462f022013-11-21 13:05:04 +0000905
906 *cookie_ptr = cookie ;
907 return 0;
908}
909
Piotr Jastrzebski79c8b342014-08-08 14:02:17 +0100910void EndIteration(void* cookie) {
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100911 delete reinterpret_cast<IterationHandle*>(cookie);
Piotr Jastrzebski79c8b342014-08-08 14:02:17 +0100912}
913
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100914int32_t FindEntry(const ZipArchiveHandle handle, const ZipEntryName& entryName,
Narayan Kamath7462f022013-11-21 13:05:04 +0000915 ZipEntry* data) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800916 const ZipArchive* archive = reinterpret_cast<ZipArchive*>(handle);
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100917 if (entryName.name_length == 0) {
918 ALOGW("Zip: Invalid filename %.*s", entryName.name_length, entryName.name);
Narayan Kamath7462f022013-11-21 13:05:04 +0000919 return kInvalidEntryName;
920 }
921
922 const int64_t ent = EntryToIndex(archive->hash_table,
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100923 archive->hash_table_size, entryName);
Narayan Kamath7462f022013-11-21 13:05:04 +0000924
925 if (ent < 0) {
Piotr Jastrzebskiecccc5a2014-08-11 16:35:11 +0100926 ALOGV("Zip: Could not find entry %.*s", entryName.name_length, entryName.name);
Narayan Kamath7462f022013-11-21 13:05:04 +0000927 return ent;
928 }
929
930 return FindEntry(archive, ent, data);
931}
932
933int32_t Next(void* cookie, ZipEntry* data, ZipEntryName* name) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -0800934 IterationHandle* handle = reinterpret_cast<IterationHandle*>(cookie);
Narayan Kamath7462f022013-11-21 13:05:04 +0000935 if (handle == NULL) {
936 return kInvalidHandle;
937 }
938
939 ZipArchive* archive = handle->archive;
940 if (archive == NULL || archive->hash_table == NULL) {
941 ALOGW("Zip: Invalid ZipArchiveHandle");
942 return kInvalidHandle;
943 }
944
945 const uint32_t currentOffset = handle->position;
946 const uint32_t hash_table_length = archive->hash_table_size;
947 const ZipEntryName *hash_table = archive->hash_table;
948
949 for (uint32_t i = currentOffset; i < hash_table_length; ++i) {
950 if (hash_table[i].name != NULL &&
Piotr Jastrzebski8e085362014-08-18 11:37:45 +0100951 (handle->prefix_len == 0 ||
Yusuke Satoa4a80692015-06-19 17:04:15 -0700952 (hash_table[i].name_length >= handle->prefix_len &&
953 memcmp(handle->prefix, hash_table[i].name, handle->prefix_len) == 0)) &&
954 (handle->suffix_len == 0 ||
955 (hash_table[i].name_length >= handle->suffix_len &&
956 memcmp(handle->suffix,
957 hash_table[i].name + hash_table[i].name_length - handle->suffix_len,
958 handle->suffix_len) == 0))) {
Narayan Kamath7462f022013-11-21 13:05:04 +0000959 handle->position = (i + 1);
960 const int error = FindEntry(archive, i, data);
961 if (!error) {
962 name->name = hash_table[i].name;
963 name->name_length = hash_table[i].name_length;
964 }
965
966 return error;
967 }
968 }
969
970 handle->position = 0;
971 return kIterationEnd;
972}
973
Narayan Kamath785a1282015-04-17 11:53:14 +0100974class Writer {
975 public:
976 virtual bool Append(uint8_t* buf, size_t buf_size) = 0;
977 virtual ~Writer() {}
978 protected:
979 Writer() = default;
980 private:
981 DISALLOW_COPY_AND_ASSIGN(Writer);
982};
983
984// A Writer that writes data to a fixed size memory region.
985// The size of the memory region must be equal to the total size of
986// the data appended to it.
987class MemoryWriter : public Writer {
988 public:
989 MemoryWriter(uint8_t* buf, size_t size) : Writer(),
990 buf_(buf), size_(size), bytes_written_(0) {
991 }
992
993 virtual bool Append(uint8_t* buf, size_t buf_size) override {
994 if (bytes_written_ + buf_size > size_) {
995 ALOGW("Zip: Unexpected size " ZD " (declared) vs " ZD " (actual)",
996 size_, bytes_written_ + buf_size);
997 return false;
998 }
999
1000 memcpy(buf_ + bytes_written_, buf, buf_size);
1001 bytes_written_ += buf_size;
1002 return true;
1003 }
1004
1005 private:
1006 uint8_t* const buf_;
1007 const size_t size_;
1008 size_t bytes_written_;
1009};
1010
1011// A Writer that appends data to a file |fd| at its current position.
1012// The file will be truncated to the end of the written data.
1013class FileWriter : public Writer {
1014 public:
1015
1016 // Creates a FileWriter for |fd| and prepare to write |entry| to it,
1017 // guaranteeing that the file descriptor is valid and that there's enough
1018 // space on the volume to write out the entry completely and that the file
1019 // is truncated to the correct length.
1020 //
1021 // Returns a valid FileWriter on success, |nullptr| if an error occurred.
1022 static std::unique_ptr<FileWriter> Create(int fd, const ZipEntry* entry) {
1023 const uint32_t declared_length = entry->uncompressed_length;
1024 const off64_t current_offset = lseek64(fd, 0, SEEK_CUR);
1025 if (current_offset == -1) {
1026 ALOGW("Zip: unable to seek to current location on fd %d: %s", fd, strerror(errno));
1027 return nullptr;
1028 }
1029
1030 int result = 0;
1031#if defined(__linux__)
1032 if (declared_length > 0) {
1033 // Make sure we have enough space on the volume to extract the compressed
1034 // entry. Note that the call to ftruncate below will change the file size but
1035 // will not allocate space on disk and this call to fallocate will not
1036 // change the file size.
Badhri Jagan Sridharan71aebef2015-06-02 14:47:57 -07001037 // Note: fallocate is only supported by the following filesystems -
1038 // btrfs, ext4, ocfs2, and xfs. Therefore fallocate might fail with
1039 // EOPNOTSUPP error when issued in other filesystems.
1040 // Hence, check for the return error code before concluding that the
1041 // disk does not have enough space.
Narayan Kamath785a1282015-04-17 11:53:14 +01001042 result = TEMP_FAILURE_RETRY(fallocate(fd, 0, current_offset, declared_length));
Badhri Jagan Sridharan71aebef2015-06-02 14:47:57 -07001043 if (result == -1 && errno == ENOSPC) {
Narayan Kamath785a1282015-04-17 11:53:14 +01001044 ALOGW("Zip: unable to allocate space for file to %" PRId64 ": %s",
1045 static_cast<int64_t>(declared_length + current_offset), strerror(errno));
1046 return std::unique_ptr<FileWriter>(nullptr);
1047 }
1048 }
1049#endif // __linux__
1050
1051 result = TEMP_FAILURE_RETRY(ftruncate(fd, declared_length + current_offset));
1052 if (result == -1) {
1053 ALOGW("Zip: unable to truncate file to %" PRId64 ": %s",
1054 static_cast<int64_t>(declared_length + current_offset), strerror(errno));
1055 return std::unique_ptr<FileWriter>(nullptr);
1056 }
1057
1058 return std::unique_ptr<FileWriter>(new FileWriter(fd, declared_length));
1059 }
1060
1061 virtual bool Append(uint8_t* buf, size_t buf_size) override {
1062 if (total_bytes_written_ + buf_size > declared_length_) {
1063 ALOGW("Zip: Unexpected size " ZD " (declared) vs " ZD " (actual)",
1064 declared_length_, total_bytes_written_ + buf_size);
1065 return false;
1066 }
1067
Narayan Kamath67ab5d92015-04-27 16:25:53 +01001068 const bool result = android::base::WriteFully(fd_, buf, buf_size);
1069 if (result) {
1070 total_bytes_written_ += buf_size;
1071 } else {
1072 ALOGW("Zip: unable to write " ZD " bytes to file; %s", buf_size, strerror(errno));
Narayan Kamath785a1282015-04-17 11:53:14 +01001073 }
1074
Narayan Kamath67ab5d92015-04-27 16:25:53 +01001075 return result;
Narayan Kamath785a1282015-04-17 11:53:14 +01001076 }
1077 private:
1078 FileWriter(const int fd, const size_t declared_length) :
1079 Writer(),
1080 fd_(fd),
1081 declared_length_(declared_length),
1082 total_bytes_written_(0) {
1083 }
1084
1085 const int fd_;
1086 const size_t declared_length_;
1087 size_t total_bytes_written_;
1088};
1089
Dmitriy Ivanovf94e1592015-03-06 13:27:59 -08001090// This method is using libz macros with old-style-casts
1091#pragma GCC diagnostic push
1092#pragma GCC diagnostic ignored "-Wold-style-cast"
1093static inline int zlib_inflateInit2(z_stream* stream, int window_bits) {
1094 return inflateInit2(stream, window_bits);
1095}
1096#pragma GCC diagnostic pop
1097
Narayan Kamath785a1282015-04-17 11:53:14 +01001098static int32_t InflateEntryToWriter(int fd, const ZipEntry* entry,
1099 Writer* writer, uint64_t* crc_out) {
Dmitriy Ivanovedbabfe2015-03-12 09:58:15 -07001100 const size_t kBufSize = 32768;
1101 std::vector<uint8_t> read_buf(kBufSize);
1102 std::vector<uint8_t> write_buf(kBufSize);
Narayan Kamath7462f022013-11-21 13:05:04 +00001103 z_stream zstream;
1104 int zerr;
1105
1106 /*
1107 * Initialize the zlib stream struct.
1108 */
1109 memset(&zstream, 0, sizeof(zstream));
1110 zstream.zalloc = Z_NULL;
1111 zstream.zfree = Z_NULL;
1112 zstream.opaque = Z_NULL;
1113 zstream.next_in = NULL;
1114 zstream.avail_in = 0;
Dmitriy Ivanovedbabfe2015-03-12 09:58:15 -07001115 zstream.next_out = &write_buf[0];
Narayan Kamath7462f022013-11-21 13:05:04 +00001116 zstream.avail_out = kBufSize;
1117 zstream.data_type = Z_UNKNOWN;
1118
1119 /*
1120 * Use the undocumented "negative window bits" feature to tell zlib
1121 * that there's no zlib header waiting for it.
1122 */
Dmitriy Ivanovf94e1592015-03-06 13:27:59 -08001123 zerr = zlib_inflateInit2(&zstream, -MAX_WBITS);
Narayan Kamath7462f022013-11-21 13:05:04 +00001124 if (zerr != Z_OK) {
1125 if (zerr == Z_VERSION_ERROR) {
1126 ALOGE("Installed zlib is not compatible with linked version (%s)",
1127 ZLIB_VERSION);
1128 } else {
1129 ALOGW("Call to inflateInit2 failed (zerr=%d)", zerr);
1130 }
1131
1132 return kZlibError;
1133 }
1134
Dmitriy Ivanov1f741e52015-03-06 14:26:37 -08001135 auto zstream_deleter = [](z_stream* stream) {
1136 inflateEnd(stream); /* free up any allocated structures */
1137 };
1138
1139 std::unique_ptr<z_stream, decltype(zstream_deleter)> zstream_guard(&zstream, zstream_deleter);
1140
Narayan Kamath7462f022013-11-21 13:05:04 +00001141 const uint32_t uncompressed_length = entry->uncompressed_length;
1142
1143 uint32_t compressed_length = entry->compressed_length;
Narayan Kamath7462f022013-11-21 13:05:04 +00001144 do {
1145 /* read as much as we can */
1146 if (zstream.avail_in == 0) {
Mark Salyzyn51d562d2014-05-05 14:38:05 -07001147 const ZD_TYPE getSize = (compressed_length > kBufSize) ? kBufSize : compressed_length;
Dmitriy Ivanovedbabfe2015-03-12 09:58:15 -07001148 const ZD_TYPE actual = TEMP_FAILURE_RETRY(read(fd, &read_buf[0], getSize));
Narayan Kamath7462f022013-11-21 13:05:04 +00001149 if (actual != getSize) {
Mark Salyzyn51d562d2014-05-05 14:38:05 -07001150 ALOGW("Zip: inflate read failed (" ZD " vs " ZD ")", actual, getSize);
Dmitriy Ivanov1f741e52015-03-06 14:26:37 -08001151 return kIoError;
Narayan Kamath7462f022013-11-21 13:05:04 +00001152 }
1153
1154 compressed_length -= getSize;
1155
Dmitriy Ivanovedbabfe2015-03-12 09:58:15 -07001156 zstream.next_in = &read_buf[0];
Narayan Kamath7462f022013-11-21 13:05:04 +00001157 zstream.avail_in = getSize;
1158 }
1159
1160 /* uncompress the data */
1161 zerr = inflate(&zstream, Z_NO_FLUSH);
1162 if (zerr != Z_OK && zerr != Z_STREAM_END) {
1163 ALOGW("Zip: inflate zerr=%d (nIn=%p aIn=%u nOut=%p aOut=%u)",
1164 zerr, zstream.next_in, zstream.avail_in,
1165 zstream.next_out, zstream.avail_out);
Dmitriy Ivanov1f741e52015-03-06 14:26:37 -08001166 return kZlibError;
Narayan Kamath7462f022013-11-21 13:05:04 +00001167 }
1168
1169 /* write when we're full or when we're done */
1170 if (zstream.avail_out == 0 ||
1171 (zerr == Z_STREAM_END && zstream.avail_out != kBufSize)) {
Dmitriy Ivanovedbabfe2015-03-12 09:58:15 -07001172 const size_t write_size = zstream.next_out - &write_buf[0];
Narayan Kamath785a1282015-04-17 11:53:14 +01001173 if (!writer->Append(&write_buf[0], write_size)) {
1174 // The file might have declared a bogus length.
1175 return kInconsistentInformation;
Narayan Kamath7462f022013-11-21 13:05:04 +00001176 }
Narayan Kamath7462f022013-11-21 13:05:04 +00001177
Dmitriy Ivanovedbabfe2015-03-12 09:58:15 -07001178 zstream.next_out = &write_buf[0];
Narayan Kamath7462f022013-11-21 13:05:04 +00001179 zstream.avail_out = kBufSize;
1180 }
1181 } while (zerr == Z_OK);
1182
1183 assert(zerr == Z_STREAM_END); /* other errors should've been caught */
1184
1185 // stream.adler holds the crc32 value for such streams.
1186 *crc_out = zstream.adler;
1187
1188 if (zstream.total_out != uncompressed_length || compressed_length != 0) {
Mark Salyzyn088bf902014-05-08 16:02:20 -07001189 ALOGW("Zip: size mismatch on inflated file (%lu vs %" PRIu32 ")",
Narayan Kamath7462f022013-11-21 13:05:04 +00001190 zstream.total_out, uncompressed_length);
Dmitriy Ivanov1f741e52015-03-06 14:26:37 -08001191 return kInconsistentInformation;
Narayan Kamath7462f022013-11-21 13:05:04 +00001192 }
1193
Dmitriy Ivanov1f741e52015-03-06 14:26:37 -08001194 return 0;
Narayan Kamath7462f022013-11-21 13:05:04 +00001195}
1196
Narayan Kamath785a1282015-04-17 11:53:14 +01001197static int32_t CopyEntryToWriter(int fd, const ZipEntry* entry, Writer* writer,
1198 uint64_t *crc_out) {
1199 static const uint32_t kBufSize = 32768;
1200 std::vector<uint8_t> buf(kBufSize);
1201
1202 const uint32_t length = entry->uncompressed_length;
1203 uint32_t count = 0;
1204 uint64_t crc = 0;
1205 while (count < length) {
1206 uint32_t remaining = length - count;
1207
1208 // Safe conversion because kBufSize is narrow enough for a 32 bit signed
1209 // value.
1210 const ssize_t block_size = (remaining > kBufSize) ? kBufSize : remaining;
1211 const ssize_t actual = TEMP_FAILURE_RETRY(read(fd, &buf[0], block_size));
1212
1213 if (actual != block_size) {
1214 ALOGW("CopyFileToFile: copy read failed (" ZD " vs " ZD ")", actual, block_size);
1215 return kIoError;
1216 }
1217
1218 if (!writer->Append(&buf[0], block_size)) {
1219 return kIoError;
1220 }
1221 crc = crc32(crc, &buf[0], block_size);
1222 count += block_size;
1223 }
1224
1225 *crc_out = crc;
1226
1227 return 0;
1228}
1229
1230int32_t ExtractToWriter(ZipArchiveHandle handle,
1231 ZipEntry* entry, Writer* writer) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -08001232 ZipArchive* archive = reinterpret_cast<ZipArchive*>(handle);
Narayan Kamath7462f022013-11-21 13:05:04 +00001233 const uint16_t method = entry->method;
1234 off64_t data_offset = entry->offset;
1235
1236 if (lseek64(archive->fd, data_offset, SEEK_SET) != data_offset) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -08001237 ALOGW("Zip: lseek to data at %" PRId64 " failed", static_cast<int64_t>(data_offset));
Narayan Kamath7462f022013-11-21 13:05:04 +00001238 return kIoError;
1239 }
1240
1241 // this should default to kUnknownCompressionMethod.
1242 int32_t return_value = -1;
1243 uint64_t crc = 0;
1244 if (method == kCompressStored) {
Narayan Kamath785a1282015-04-17 11:53:14 +01001245 return_value = CopyEntryToWriter(archive->fd, entry, writer, &crc);
Narayan Kamath7462f022013-11-21 13:05:04 +00001246 } else if (method == kCompressDeflated) {
Narayan Kamath785a1282015-04-17 11:53:14 +01001247 return_value = InflateEntryToWriter(archive->fd, entry, writer, &crc);
Narayan Kamath7462f022013-11-21 13:05:04 +00001248 }
1249
1250 if (!return_value && entry->has_data_descriptor) {
1251 return_value = UpdateEntryFromDataDescriptor(archive->fd, entry);
1252 if (return_value) {
1253 return return_value;
1254 }
1255 }
1256
1257 // TODO: Fix this check by passing the right flags to inflate2 so that
1258 // it calculates the CRC for us.
1259 if (entry->crc32 != crc && false) {
Mark Salyzyn088bf902014-05-08 16:02:20 -07001260 ALOGW("Zip: crc mismatch: expected %" PRIu32 ", was %" PRIu64, entry->crc32, crc);
Narayan Kamath7462f022013-11-21 13:05:04 +00001261 return kInconsistentInformation;
1262 }
1263
1264 return return_value;
1265}
1266
Narayan Kamath785a1282015-04-17 11:53:14 +01001267int32_t ExtractToMemory(ZipArchiveHandle handle, ZipEntry* entry,
1268 uint8_t* begin, uint32_t size) {
1269 std::unique_ptr<Writer> writer(new MemoryWriter(begin, size));
1270 return ExtractToWriter(handle, entry, writer.get());
1271}
1272
Narayan Kamath7462f022013-11-21 13:05:04 +00001273int32_t ExtractEntryToFile(ZipArchiveHandle handle,
1274 ZipEntry* entry, int fd) {
Narayan Kamath785a1282015-04-17 11:53:14 +01001275 std::unique_ptr<Writer> writer(FileWriter::Create(fd, entry));
1276 if (writer.get() == nullptr) {
Narayan Kamath7462f022013-11-21 13:05:04 +00001277 return kIoError;
1278 }
1279
Narayan Kamath785a1282015-04-17 11:53:14 +01001280 return ExtractToWriter(handle, entry, writer.get());
Narayan Kamath7462f022013-11-21 13:05:04 +00001281}
1282
1283const char* ErrorCodeString(int32_t error_code) {
1284 if (error_code > kErrorMessageLowerBound && error_code < kErrorMessageUpperBound) {
1285 return kErrorMessages[error_code * -1];
1286 }
1287
1288 return kErrorMessages[0];
1289}
1290
1291int GetFileDescriptor(const ZipArchiveHandle handle) {
Dmitriy Ivanovf4cb8e22015-03-06 10:50:56 -08001292 return reinterpret_cast<ZipArchive*>(handle)->fd;
Narayan Kamath7462f022013-11-21 13:05:04 +00001293}