zip_archive.cc revision afa8ff6119e76251de68aed98fb24e8dc7352bed
1/* 2 * Copyright (C) 2008 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include "zip_archive.h" 18 19#include <vector> 20 21#include <fcntl.h> 22#include <sys/stat.h> 23#include <sys/types.h> 24#include <unistd.h> 25 26#include "base/unix_file/fd_file.h" 27#include "UniquePtr.h" 28 29namespace art { 30 31static const size_t kBufSize = 32 * KB; 32 33// Get 2 little-endian bytes. 34static uint32_t Le16ToHost(const byte* src) { 35 return ((src[0] << 0) | 36 (src[1] << 8)); 37} 38 39// Get 4 little-endian bytes. 40static uint32_t Le32ToHost(const byte* src) { 41 return ((src[0] << 0) | 42 (src[1] << 8) | 43 (src[2] << 16) | 44 (src[3] << 24)); 45} 46 47uint16_t ZipEntry::GetCompressionMethod() { 48 return Le16ToHost(ptr_ + ZipArchive::kCDEMethod); 49} 50 51uint32_t ZipEntry::GetCompressedLength() { 52 return Le32ToHost(ptr_ + ZipArchive::kCDECompLen); 53} 54 55uint32_t ZipEntry::GetUncompressedLength() { 56 return Le32ToHost(ptr_ + ZipArchive::kCDEUncompLen); 57} 58 59uint32_t ZipEntry::GetCrc32() { 60 return Le32ToHost(ptr_ + ZipArchive::kCDECRC); 61} 62 63off_t ZipEntry::GetDataOffset() { 64 // All we have is the offset to the Local File Header, which is 65 // variable size, so we have to read the contents of the struct to 66 // figure out where the actual data starts. 67 68 // We also need to make sure that the lengths are not so large that 69 // somebody trying to map the compressed or uncompressed data runs 70 // off the end of the mapped region. 71 72 off_t dir_offset = zip_archive_->dir_offset_; 73 int64_t lfh_offset = Le32ToHost(ptr_ + ZipArchive::kCDELocalOffset); 74 if (lfh_offset + ZipArchive::kLFHLen >= dir_offset) { 75 LOG(WARNING) << "Zip: bad LFH offset in zip"; 76 return -1; 77 } 78 79 if (lseek(zip_archive_->fd_, lfh_offset, SEEK_SET) != lfh_offset) { 80 PLOG(WARNING) << "Zip: failed seeking to LFH at offset " << lfh_offset; 81 return -1; 82 } 83 84 uint8_t lfh_buf[ZipArchive::kLFHLen]; 85 ssize_t actual = TEMP_FAILURE_RETRY(read(zip_archive_->fd_, lfh_buf, sizeof(lfh_buf))); 86 if (actual != sizeof(lfh_buf)) { 87 LOG(WARNING) << "Zip: failed reading LFH from offset " << lfh_offset; 88 return -1; 89 } 90 91 if (Le32ToHost(lfh_buf) != ZipArchive::kLFHSignature) { 92 LOG(WARNING) << "Zip: didn't find signature at start of LFH, offset " << lfh_offset; 93 return -1; 94 } 95 96 off_t data_offset = (lfh_offset + ZipArchive::kLFHLen 97 + Le16ToHost(lfh_buf + ZipArchive::kLFHNameLen) 98 + Le16ToHost(lfh_buf + ZipArchive::kLFHExtraLen)); 99 if (data_offset >= dir_offset) { 100 LOG(WARNING) << "Zip: bad data offset " << data_offset << " in zip"; 101 return -1; 102 } 103 104 // check lengths 105 106 if (static_cast<off_t>(data_offset + GetCompressedLength()) > dir_offset) { 107 LOG(WARNING) << "Zip: bad compressed length in zip " 108 << "(" << data_offset << " + " << GetCompressedLength() 109 << " > " << dir_offset << ")"; 110 return -1; 111 } 112 113 if (GetCompressionMethod() == kCompressStored 114 && static_cast<off_t>(data_offset + GetUncompressedLength()) > dir_offset) { 115 LOG(WARNING) << "Zip: bad uncompressed length in zip " 116 << "(" << data_offset << " + " << GetUncompressedLength() 117 << " > " << dir_offset << ")"; 118 return -1; 119 } 120 121 return data_offset; 122} 123 124static bool CopyFdToMemory(uint8_t* begin, size_t size, int in, size_t count) { 125 uint8_t* dst = begin; 126 std::vector<uint8_t> buf(kBufSize); 127 while (count != 0) { 128 size_t bytes_to_read = (count > kBufSize) ? kBufSize : count; 129 ssize_t actual = TEMP_FAILURE_RETRY(read(in, &buf[0], bytes_to_read)); 130 if (actual != static_cast<ssize_t>(bytes_to_read)) { 131 PLOG(WARNING) << "Zip: short read"; 132 return false; 133 } 134 memcpy(dst, &buf[0], bytes_to_read); 135 dst += bytes_to_read; 136 count -= bytes_to_read; 137 } 138 DCHECK_EQ(dst, begin + size); 139 return true; 140} 141 142class ZStream { 143 public: 144 ZStream(byte* write_buf, size_t write_buf_size) { 145 // Initialize the zlib stream struct. 146 memset(&zstream_, 0, sizeof(zstream_)); 147 zstream_.zalloc = Z_NULL; 148 zstream_.zfree = Z_NULL; 149 zstream_.opaque = Z_NULL; 150 zstream_.next_in = NULL; 151 zstream_.avail_in = 0; 152 zstream_.next_out = reinterpret_cast<Bytef*>(write_buf); 153 zstream_.avail_out = write_buf_size; 154 zstream_.data_type = Z_UNKNOWN; 155 } 156 157 z_stream& Get() { 158 return zstream_; 159 } 160 161 ~ZStream() { 162 inflateEnd(&zstream_); 163 } 164 private: 165 z_stream zstream_; 166}; 167 168static bool InflateToMemory(uint8_t* begin, size_t size, 169 int in, size_t uncompressed_length, size_t compressed_length) { 170 uint8_t* dst = begin; 171 UniquePtr<uint8_t[]> read_buf(new uint8_t[kBufSize]); 172 UniquePtr<uint8_t[]> write_buf(new uint8_t[kBufSize]); 173 if (read_buf.get() == NULL || write_buf.get() == NULL) { 174 LOG(WARNING) << "Zip: failed to allocate buffer to inflate"; 175 return false; 176 } 177 178 UniquePtr<ZStream> zstream(new ZStream(write_buf.get(), kBufSize)); 179 180 // Use the undocumented "negative window bits" feature to tell zlib 181 // that there's no zlib header waiting for it. 182 int zerr = inflateInit2(&zstream->Get(), -MAX_WBITS); 183 if (zerr != Z_OK) { 184 if (zerr == Z_VERSION_ERROR) { 185 LOG(ERROR) << "Installed zlib is not compatible with linked version (" << ZLIB_VERSION << ")"; 186 } else { 187 LOG(WARNING) << "Call to inflateInit2 failed (zerr=" << zerr << ")"; 188 } 189 return false; 190 } 191 192 size_t remaining = compressed_length; 193 do { 194 // read as much as we can 195 if (zstream->Get().avail_in == 0) { 196 size_t bytes_to_read = (remaining > kBufSize) ? kBufSize : remaining; 197 198 ssize_t actual = TEMP_FAILURE_RETRY(read(in, read_buf.get(), bytes_to_read)); 199 if (actual != static_cast<ssize_t>(bytes_to_read)) { 200 LOG(WARNING) << "Zip: inflate read failed (" << actual << " vs " << bytes_to_read << ")"; 201 return false; 202 } 203 remaining -= bytes_to_read; 204 zstream->Get().next_in = read_buf.get(); 205 zstream->Get().avail_in = bytes_to_read; 206 } 207 208 // uncompress the data 209 zerr = inflate(&zstream->Get(), Z_NO_FLUSH); 210 if (zerr != Z_OK && zerr != Z_STREAM_END) { 211 LOG(WARNING) << "Zip: inflate zerr=" << zerr 212 << " (next_in=" << zstream->Get().next_in 213 << " avail_in=" << zstream->Get().avail_in 214 << " next_out=" << zstream->Get().next_out 215 << " avail_out=" << zstream->Get().avail_out 216 << ")"; 217 return false; 218 } 219 220 // write when we're full or when we're done 221 if (zstream->Get().avail_out == 0 || 222 (zerr == Z_STREAM_END && zstream->Get().avail_out != kBufSize)) { 223 size_t bytes_to_write = zstream->Get().next_out - write_buf.get(); 224 memcpy(dst, write_buf.get(), bytes_to_write); 225 dst += bytes_to_write; 226 zstream->Get().next_out = write_buf.get(); 227 zstream->Get().avail_out = kBufSize; 228 } 229 } while (zerr == Z_OK); 230 231 DCHECK_EQ(zerr, Z_STREAM_END); // other errors should've been caught 232 233 // paranoia 234 if (zstream->Get().total_out != uncompressed_length) { 235 LOG(WARNING) << "Zip: size mismatch on inflated file (" 236 << zstream->Get().total_out << " vs " << uncompressed_length << ")"; 237 return false; 238 } 239 240 DCHECK_EQ(dst, begin + size); 241 return true; 242} 243 244bool ZipEntry::ExtractToFile(File& file) { 245 uint32_t length = GetUncompressedLength(); 246 int result = TEMP_FAILURE_RETRY(ftruncate(file.Fd(), length)); 247 if (result == -1) { 248 PLOG(WARNING) << "Zip: failed to ftruncate " << file.GetPath() << " to length " << length; 249 return false; 250 } 251 252 UniquePtr<MemMap> map(MemMap::MapFile(length, PROT_READ | PROT_WRITE, MAP_SHARED, file.Fd(), 0)); 253 if (map.get() == NULL) { 254 LOG(WARNING) << "Zip: failed to mmap space for " << file.GetPath(); 255 return false; 256 } 257 258 return ExtractToMemory(map->Begin(), map->Size()); 259} 260 261bool ZipEntry::ExtractToMemory(uint8_t* begin, size_t size) { 262 // If size is zero, data offset will be meaningless, so bail out early. 263 if (size == 0) { 264 return true; 265 } 266 off_t data_offset = GetDataOffset(); 267 if (data_offset == -1) { 268 LOG(WARNING) << "Zip: data_offset=" << data_offset; 269 return false; 270 } 271 if (lseek(zip_archive_->fd_, data_offset, SEEK_SET) != data_offset) { 272 PLOG(WARNING) << "Zip: lseek to data at " << data_offset << " failed"; 273 return false; 274 } 275 276 // TODO: this doesn't verify the data's CRC, but probably should (especially 277 // for uncompressed data). 278 switch (GetCompressionMethod()) { 279 case kCompressStored: 280 return CopyFdToMemory(begin, size, zip_archive_->fd_, GetUncompressedLength()); 281 case kCompressDeflated: 282 return InflateToMemory(begin, size, zip_archive_->fd_, 283 GetUncompressedLength(), GetCompressedLength()); 284 default: 285 LOG(WARNING) << "Zip: unknown compression method " << std::hex << GetCompressionMethod(); 286 return false; 287 } 288} 289 290MemMap* ZipEntry::ExtractToMemMap(const char* entry_filename) { 291 std::string name(entry_filename); 292 name += " extracted in memory from "; 293 name += entry_filename; 294 UniquePtr<MemMap> map(MemMap::MapAnonymous(name.c_str(), 295 NULL, 296 GetUncompressedLength(), 297 PROT_READ | PROT_WRITE)); 298 if (map.get() == NULL) { 299 LOG(ERROR) << "Zip: mmap for '" << entry_filename << "' failed"; 300 return NULL; 301 } 302 303 bool success = ExtractToMemory(map->Begin(), map->Size()); 304 if (!success) { 305 LOG(ERROR) << "Zip: Failed to extract '" << entry_filename << "' to memory"; 306 return NULL; 307 } 308 309 return map.release(); 310} 311 312static void SetCloseOnExec(int fd) { 313 // This dance is more portable than Linux's O_CLOEXEC open(2) flag. 314 int flags = fcntl(fd, F_GETFD); 315 if (flags == -1) { 316 PLOG(WARNING) << "fcntl(" << fd << ", F_GETFD) failed"; 317 return; 318 } 319 int rc = fcntl(fd, F_SETFD, flags | FD_CLOEXEC); 320 if (rc == -1) { 321 PLOG(WARNING) << "fcntl(" << fd << ", F_SETFD, " << flags << ") failed"; 322 return; 323 } 324} 325 326ZipArchive* ZipArchive::Open(const std::string& filename) { 327 DCHECK(!filename.empty()); 328 int fd = open(filename.c_str(), O_RDONLY, 0); 329 if (fd == -1) { 330 PLOG(WARNING) << "Unable to open '" << filename << "'"; 331 return NULL; 332 } 333 SetCloseOnExec(fd); 334 return OpenFromFd(fd); 335} 336 337ZipArchive* ZipArchive::OpenFromFd(int fd) { 338 UniquePtr<ZipArchive> zip_archive(new ZipArchive(fd)); 339 if (zip_archive.get() == NULL) { 340 return NULL; 341 } 342 if (!zip_archive->MapCentralDirectory()) { 343 zip_archive->Close(); 344 return NULL; 345 } 346 if (!zip_archive->Parse()) { 347 zip_archive->Close(); 348 return NULL; 349 } 350 return zip_archive.release(); 351} 352 353ZipEntry* ZipArchive::Find(const char* name) const { 354 DCHECK(name != NULL); 355 DirEntries::const_iterator it = dir_entries_.find(name); 356 if (it == dir_entries_.end()) { 357 return NULL; 358 } 359 return new ZipEntry(this, (*it).second); 360} 361 362void ZipArchive::Close() { 363 if (fd_ != -1) { 364 close(fd_); 365 } 366 fd_ = -1; 367 num_entries_ = 0; 368 dir_offset_ = 0; 369} 370 371// Find the zip Central Directory and memory-map it. 372// 373// On success, returns true after populating fields from the EOCD area: 374// num_entries_ 375// dir_offset_ 376// dir_map_ 377bool ZipArchive::MapCentralDirectory() { 378 /* 379 * Get and test file length. 380 */ 381 off_t file_length = lseek(fd_, 0, SEEK_END); 382 if (file_length < kEOCDLen) { 383 LOG(WARNING) << "Zip: length " << file_length << " is too small to be zip"; 384 return false; 385 } 386 387 // Perform the traditional EOCD snipe hunt. 388 // 389 // We're searching for the End of Central Directory magic number, 390 // which appears at the start of the EOCD block. It's followed by 391 // 18 bytes of EOCD stuff and up to 64KB of archive comment. We 392 // need to read the last part of the file into a buffer, dig through 393 // it to find the magic number, parse some values out, and use those 394 // to determine the extent of the CD. 395 // 396 // We start by pulling in the last part of the file. 397 size_t read_amount = kMaxEOCDSearch; 398 if (file_length < off_t(read_amount)) { 399 read_amount = file_length; 400 } 401 402 UniquePtr<uint8_t[]> scan_buf(new uint8_t[read_amount]); 403 if (scan_buf.get() == NULL) { 404 return false; 405 } 406 407 off_t search_start = file_length - read_amount; 408 409 if (lseek(fd_, search_start, SEEK_SET) != search_start) { 410 PLOG(WARNING) << "Zip: seek " << search_start << " failed"; 411 return false; 412 } 413 ssize_t actual = TEMP_FAILURE_RETRY(read(fd_, scan_buf.get(), read_amount)); 414 if (actual == -1) { 415 PLOG(WARNING) << "Zip: read " << read_amount << " failed"; 416 return false; 417 } 418 419 420 // Scan backward for the EOCD magic. In an archive without a trailing 421 // comment, we'll find it on the first try. (We may want to consider 422 // doing an initial minimal read; if we don't find it, retry with a 423 // second read as above.) 424 int i; 425 for (i = read_amount - kEOCDLen; i >= 0; i--) { 426 if (scan_buf.get()[i] == 0x50 && Le32ToHost(&(scan_buf.get())[i]) == kEOCDSignature) { 427 break; 428 } 429 } 430 if (i < 0) { 431 LOG(WARNING) << "Zip: EOCD not found, not a zip file"; 432 return false; 433 } 434 435 off_t eocd_offset = search_start + i; 436 const byte* eocd_ptr = scan_buf.get() + i; 437 438 DCHECK(eocd_offset < file_length); 439 440 // Grab the CD offset and size, and the number of entries in the 441 // archive. Verify that they look reasonable. 442 uint16_t num_entries = Le16ToHost(eocd_ptr + kEOCDNumEntries); 443 uint32_t dir_size = Le32ToHost(eocd_ptr + kEOCDSize); 444 uint32_t dir_offset = Le32ToHost(eocd_ptr + kEOCDFileOffset); 445 446 if ((uint64_t) dir_offset + (uint64_t) dir_size > (uint64_t) eocd_offset) { 447 LOG(WARNING) << "Zip: bad offsets (" 448 << "dir=" << dir_offset << ", " 449 << "size=" << dir_size << ", " 450 << "eocd=" << eocd_offset << ")"; 451 return false; 452 } 453 if (num_entries == 0) { 454 LOG(WARNING) << "Zip: empty archive?"; 455 return false; 456 } 457 458 // It all looks good. Create a mapping for the CD. 459 dir_map_.reset(MemMap::MapFile(dir_size, PROT_READ, MAP_SHARED, fd_, dir_offset)); 460 if (dir_map_.get() == NULL) { 461 return false; 462 } 463 464 num_entries_ = num_entries; 465 dir_offset_ = dir_offset; 466 return true; 467} 468 469bool ZipArchive::Parse() { 470 const byte* cd_ptr = dir_map_->Begin(); 471 size_t cd_length = dir_map_->Size(); 472 473 // Walk through the central directory, adding entries to the hash 474 // table and verifying values. 475 const byte* ptr = cd_ptr; 476 for (int i = 0; i < num_entries_; i++) { 477 if (Le32ToHost(ptr) != kCDESignature) { 478 LOG(WARNING) << "Zip: missed a central dir sig (at " << i << ")"; 479 return false; 480 } 481 if (ptr + kCDELen > cd_ptr + cd_length) { 482 LOG(WARNING) << "Zip: ran off the end (at " << i << ")"; 483 return false; 484 } 485 486 int64_t local_hdr_offset = Le32ToHost(ptr + kCDELocalOffset); 487 if (local_hdr_offset >= dir_offset_) { 488 LOG(WARNING) << "Zip: bad LFH offset " << local_hdr_offset << " at entry " << i; 489 return false; 490 } 491 492 uint16_t filename_len = Le16ToHost(ptr + kCDENameLen); 493 uint16_t extra_len = Le16ToHost(ptr + kCDEExtraLen); 494 uint16_t comment_len = Le16ToHost(ptr + kCDECommentLen); 495 496 // add the CDE filename to the hash table 497 const char* name = reinterpret_cast<const char*>(ptr + kCDELen); 498 dir_entries_.Put(StringPiece(name, filename_len), ptr); 499 ptr += kCDELen + filename_len + extra_len + comment_len; 500 if (ptr > cd_ptr + cd_length) { 501 LOG(WARNING) << "Zip: bad CD advance " 502 << "(" << ptr << " vs " << (cd_ptr + cd_length) << ") " 503 << "at entry " << i; 504 return false; 505 } 506 } 507 return true; 508} 509 510} // namespace art 511