1
From 62a5659db47a36c0ad3826c534fea2b243265fb9 Mon Sep 17 00:00:00 2001
2
From: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
3
Date: Wed, 30 Jul 2014 08:35:16 +0200
4
Subject: libclamav: use libmspack
6
This patch provides support for upstream / external libmspack version
7
libmspack 0.4 (current). The old in-tree version of libmspack is removed
11
clamav: https://bugzilla.clamav.net/show_bug.cgi?id=11062
13
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
16
libclamav/Makefile.am | 11 +-
17
libclamav/cab.c | 684 -----------------
18
libclamav/cab.h | 81 --
19
libclamav/chmunpack.h | 122 ---
20
libclamav/libmspack.c | 525 +++++++++++++
21
libclamav/libmspack.h | 7 +
22
libclamav/mspack.c | 2026 -------------------------------------------------
23
libclamav/mspack.h | 294 -------
24
libclamav/scanners.c | 146 +---
25
10 files changed, 541 insertions(+), 3358 deletions(-)
26
delete mode 100644 libclamav/cab.c
27
delete mode 100644 libclamav/cab.h
28
delete mode 100644 libclamav/chmunpack.h
29
create mode 100644 libclamav/libmspack.c
30
create mode 100644 libclamav/libmspack.h
31
delete mode 100644 libclamav/mspack.c
32
delete mode 100644 libclamav/mspack.h
34
diff --git a/configure.ac b/configure.ac
35
index 8e199cb..92a98ec 100644
38
@@ -174,6 +174,9 @@ if test "$enable_llvm" = "yes" && test "$subdirfailed" != "no"; then
40
AM_CONDITIONAL([ENABLE_LLVM],
41
[test "$subdirfailed" != "yes" && test "$enable_llvm" != "no"])
43
+PKG_CHECK_MODULES([LIBMSPACK], [libmspack])
46
AC_OUTPUT([libclamav/Makefile])
48
diff --git a/libclamav/Makefile.am b/libclamav/Makefile.am
49
index 1aab51b..538e83d 100644
50
--- a/libclamav/Makefile.am
51
+++ b/libclamav/Makefile.am
52
@@ -147,6 +147,9 @@ if VERSIONSCRIPT
53
libclamav_la_LDFLAGS += -Wl,@VERSIONSCRIPTFLAG@,@top_srcdir@/libclamav/libclamav.map
56
+libclamav_la_CFLAGS += $(LIBMSPACK_CFLAGS)
57
+libclamav_la_LDFLAGS += $(LIBMSPACK_LIBS)
59
include_HEADERS = clamav.h
61
libclamav_la_SOURCES = \
62
@@ -204,8 +207,8 @@ libclamav_la_SOURCES = \
73
@@ -283,10 +286,6 @@ libclamav_la_SOURCES = \
84
diff --git a/libclamav/cab.c b/libclamav/cab.c
85
deleted file mode 100644
86
index 6d2eade..0000000
91
- * Copyright (C) 2007-2008 Sourcefire, Inc.
93
- * Authors: Tomasz Kojm
95
- * This program is free software; you can redistribute it and/or modify
96
- * it under the terms of the GNU General Public License version 2 as
97
- * published by the Free Software Foundation.
99
- * This program is distributed in the hope that it will be useful,
100
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
101
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
102
- * GNU General Public License for more details.
104
- * You should have received a copy of the GNU General Public License
105
- * along with this program; if not, write to the Free Software
106
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
107
- * MA 02110-1301, USA.
111
-#include "clamav-config.h"
117
-#include <sys/types.h>
118
-#include <sys/stat.h>
119
-#ifdef HAVE_UNISTD_H
125
-#include "cltypes.h"
130
-#define EC32(x) cli_readint32(&x) /* Convert little endian to host */
131
-#define EC16(x) cli_readint16(&x)
134
-#define CAB_FOLDER_LIMIT 5000
135
-#define CAB_FILE_LIMIT 5000
137
-/* Cabinet format data structures */
140
- uint32_t signature; /* file signature */
141
- uint32_t res1; /* reserved */
142
- uint32_t cbCabinet; /* size of cabinet file */
143
- uint32_t res2; /* reserved */
144
- uint32_t coffFiles; /* offset of the first file entry */
145
- uint32_t res3; /* reserved */
146
- uint8_t versionMinor; /* file format version, minor */
147
- uint8_t versionMajor; /* file format version, major */
148
- uint16_t cFolders; /* number of folder entries */
149
- uint16_t cFiles; /* number of file entries */
150
- uint16_t flags; /* option flags */
151
- uint16_t setID; /* multiple cabs related */
152
- uint16_t iCabinet; /* multiple cabs related */
155
-struct cab_hdr_opt {
156
- uint16_t cbCFHeader; /* size of reserved header area */
157
- uint8_t cbCFFolder; /* size of reserved folder area */
158
- uint8_t cbCFData; /* size of reserved block area */
161
-struct cab_folder_hdr
163
- uint32_t coffCabStart; /* offset of the first data block */
164
- uint16_t cCFData; /* number of data blocks */
165
- uint16_t typeCompress; /* compression type */
170
- uint32_t cbFile; /* uncompressed size */
171
- uint32_t uoffFolderStart; /* uncompressed offset of file in folder */
172
- uint16_t iFolder; /* folder index */
173
- uint16_t date; /* date stamp */
174
- uint16_t time; /* time stamp */
175
- uint16_t attribs; /* attribute flags */
178
-struct cab_block_hdr
180
- uint32_t csum; /* data block checksum */
181
- uint16_t cbData; /* number of compressed bytes */
182
- uint16_t cbUncomp; /* number of uncompressed bytes */
185
-static char *cab_readstr(fmap_t *map, off_t *offset, int *ret)
191
- if(!(str = fmap_need_offstr(map, *offset, 256))) {
196
- i = strlen(str) + 1;
198
- fmap_unneed_ptr(map, str, i);
204
- if((retstr = cli_malloc(i)))
205
- memcpy(retstr, str, i);
206
- fmap_unneed_ptr(map, str, i);
217
-static int cab_chkname(char *name, int san)
219
- size_t i, len = strlen(name);
222
- for(i = 0; i < len; i++) {
223
- if(!san && (strchr("%/*?|\\\"+=<>;:\t ", name[i]) || !isascii(name[i]))) {
224
- cli_dbgmsg("cab_chkname: File name contains disallowed characters\n");
226
- } else if(san && !isalnum(name[i])) {
234
-void cab_free(struct cab_archive *cab)
236
- struct cab_folder *folder;
237
- struct cab_file *file;
241
- if(cab->state->stream) {
242
- switch(cab->state->cmethod & 0x000f) {
244
- mszip_free(cab->state->stream);
247
- qtm_free(cab->state->stream);
250
- lzx_free(cab->state->stream);
256
- while(cab->folders) {
257
- folder = cab->folders;
258
- cab->folders = cab->folders->next;
262
- while(cab->files) {
264
- cab->files = cab->files->next;
270
-int cab_open(fmap_t *map, off_t offset, struct cab_archive *cab)
272
- unsigned int i, folders = 0;
273
- struct cab_file *file, *lfile = NULL;
274
- struct cab_folder *folder, *lfolder = NULL;
275
- const struct cab_hdr *hdr;
276
- const struct cab_hdr_opt *hdr_opt;
278
- uint32_t coffFiles;
281
- off_t resfold = 0, rsize, cur_offset = offset;
283
- if(!(hdr=fmap_need_off_once(map, cur_offset, sizeof(*hdr)))) {
284
- cli_dbgmsg("cab_open: Can't read cabinet header\n");
285
- return CL_EFORMAT; /* most likely a corrupted file */
287
- cur_offset += sizeof(*hdr);
289
- if(EC32(hdr->signature) != 0x4643534d) {
290
- cli_dbgmsg("cab_open: Incorrect CAB signature\n");
293
- cli_dbgmsg("CAB: -------------- Cabinet file ----------------\n");
298
- memset(cab, 0, sizeof(struct cab_archive));
300
- cab->length = EC32(hdr->cbCabinet);
301
- cli_dbgmsg("CAB: Cabinet length: %u\n", cab->length);
302
- if((off_t) cab->length > rsize) {
303
- cli_dbgmsg("CAB: Truncating file size from %lu to %lu\n", (unsigned long int) cab->length, (unsigned long int) rsize);
304
- cab->length = (uint32_t) rsize;
307
- cab->nfolders = EC16(hdr->cFolders);
308
- if(!cab->nfolders) {
309
- cli_dbgmsg("cab_open: No folders in cabinet (fake cab?)\n");
312
- cli_dbgmsg("CAB: Folders: %u\n", cab->nfolders);
313
- if(cab->nfolders > CAB_FOLDER_LIMIT) {
314
- cab->nfolders = CAB_FOLDER_LIMIT;
315
- cli_dbgmsg("CAB: *** Number of folders limited to %u ***\n", cab->nfolders);
319
- cab->nfiles = EC16(hdr->cFiles);
321
- cli_dbgmsg("cab_open: No files in cabinet (fake cab?)\n");
324
- cli_dbgmsg("CAB: Files: %u\n", cab->nfiles);
325
- if(cab->nfiles > CAB_FILE_LIMIT) {
326
- cab->nfiles = CAB_FILE_LIMIT;
327
- cli_dbgmsg("CAB: *** Number of files limited to %u ***\n", cab->nfiles);
331
- cli_dbgmsg("CAB: File format version: %u.%u\n", hdr->versionMajor, hdr->versionMinor);
333
- cab->flags = EC16(hdr->flags);
334
- coffFiles = EC16(hdr->coffFiles);
336
- if(cab->flags & 0x0004) {
337
- if(!(hdr_opt = fmap_need_off_once(map, cur_offset, sizeof(*hdr_opt)))) {
338
- cli_dbgmsg("cab_open: Can't read file header (fake cab?)\n");
339
- return CL_EFORMAT; /* most likely a corrupted file */
342
- cab->reshdr = EC16(hdr_opt->cbCFHeader);
343
- resfold = hdr_opt->cbCFFolder;
344
- cab->resdata = hdr_opt->cbCFData;
346
- cur_offset += sizeof(*hdr_opt) + cab->reshdr;
348
- if(cab->reshdr >= rsize) {
349
- cli_dbgmsg("cab_open: Can't lseek to %u (fake cab?)\n", cab->reshdr);
350
- return CL_EFORMAT; /* most likely a corrupted file */
355
- if(cab->flags & 0x0001) { /* preceding cabinet */
357
- pt = cab_readstr(map, &cur_offset, &ret);
360
- if(cab_chkname(pt, 0))
361
- cli_dbgmsg("CAB: Invalid name of preceding cabinet\n");
363
- cli_dbgmsg("CAB: Preceding cabinet name: %s\n", pt);
366
- pt = cab_readstr(map, &cur_offset, &ret);
369
- if(cab_chkname(pt, 0))
370
- cli_dbgmsg("CAB: Invalid info for preceding cabinet\n");
372
- cli_dbgmsg("CAB: Preceding cabinet info: %s\n", pt);
376
- if(cab->flags & 0x0002) { /* next cabinet */
378
- pt = cab_readstr(map, &cur_offset, &ret);
381
- if(cab_chkname(pt, 0))
382
- cli_dbgmsg("CAB: Invalid name of next cabinet\n");
384
- cli_dbgmsg("CAB: Next cabinet name: %s\n", pt);
387
- pt = cab_readstr(map, &cur_offset, &ret);
390
- if(cab_chkname(pt, 0))
391
- cli_dbgmsg("CAB: Invalid info for next cabinet\n");
393
- cli_dbgmsg("CAB: Next cabinet info: %s\n", pt);
398
- for(i = 0; i < cab->nfolders; i++) {
399
- const struct cab_folder_hdr *folder_hdr;
401
- if(!(folder_hdr = fmap_need_off_once(map, cur_offset, sizeof(*folder_hdr)))) {
402
- cli_dbgmsg("cab_open: Can't read header for folder %u\n", i);
406
- cur_offset += sizeof(*folder_hdr) + resfold;
408
- if(EC32(folder_hdr->coffCabStart) + offset > rsize) {
409
- cli_dbgmsg("CAB: Folder out of file\n");
413
- if((EC16(folder_hdr->typeCompress) & 0x000f) > 3) {
414
- cli_dbgmsg("CAB: Unknown compression method\n");
418
- folder = (struct cab_folder *) cli_calloc(1, sizeof(struct cab_folder));
420
- cli_errmsg("cab_open: Can't allocate memory for folder\n");
425
- folder->cab = (struct cab_archive *) cab;
426
- folder->offset = (off_t) EC32(folder_hdr->coffCabStart) + offset;
427
- folder->nblocks = EC16(folder_hdr->cCFData);
428
- folder->cmethod = EC16(folder_hdr->typeCompress);
430
- cli_dbgmsg("CAB: Folder record %u\n", i);
431
- cli_dbgmsg("CAB: Folder offset: %u\n", (unsigned int) folder->offset);
432
- cli_dbgmsg("CAB: Folder compression method: %d\n", folder->cmethod);
435
- cab->folders = folder;
437
- lfolder->next = folder;
442
- cli_dbgmsg("CAB: Recorded folders: %u\n", folders);
445
- if(cab->nfolders != folders) {
446
- if(coffFiles >= rsize) {
447
- cli_dbgmsg("cab_open: Can't lseek to hdr.coffFiles\n");
451
- cur_offset = coffFiles;
453
- for(i = 0; i < cab->nfiles; i++) {
454
- const struct cab_file_hdr *file_hdr;
456
- if(!(file_hdr = fmap_need_off_once(map, cur_offset, sizeof(*file_hdr)))) {
457
- cli_dbgmsg("cab_open: Can't read file %u header\n", i);
460
- cur_offset += sizeof(*file_hdr);
462
- file = (struct cab_file *) cli_calloc(1, sizeof(struct cab_file));
464
- cli_errmsg("cab_open: Can't allocate memory for file\n");
471
- file->offset = EC32(file_hdr->uoffFolderStart);
472
- file->length = EC32(file_hdr->cbFile);
473
- file->attribs = EC16(file_hdr->attribs);
474
- fidx = EC16(file_hdr->iFolder);
475
- file->error = CL_SUCCESS;
477
- file->name = cab_readstr(map, &cur_offset, &ret);
482
- cab_chkname(file->name, 1);
484
- cli_dbgmsg("CAB: File record %u\n", i);
485
- cli_dbgmsg("CAB: File name: %s\n", file->name);
486
- cli_dbgmsg("CAB: File offset: %u\n", (unsigned int) file->offset);
487
- cli_dbgmsg("CAB: File folder index: %u\n", fidx);
488
- cli_dbgmsg("CAB: File attribs: 0x%x\n", file->attribs);
489
- if(file->attribs & 0x01)
490
- cli_dbgmsg("CAB: * file is read-only\n");
491
- if(file->attribs & 0x02)
492
- cli_dbgmsg("CAB: * file is hidden\n");
493
- if(file->attribs & 0x04)
494
- cli_dbgmsg("CAB: * file is a system file\n");
495
- if(file->attribs & 0x20)
496
- cli_dbgmsg("CAB: * file modified since last backup\n");
497
- if(file->attribs & 0x40)
498
- cli_dbgmsg("CAB: * file to be run after extraction\n");
499
- if(file->attribs & 0x80)
500
- cli_dbgmsg("CAB: * file name contains UTF\n");
503
- if(fidx < 0xfffd) {
504
- if(fidx > cab->nfolders) {
505
- cli_dbgmsg("cab_open: File %s is not associated with any folder\n", file->name);
511
- file->folder = cab->folders;
512
- while(file->folder && fidx--)
513
- file->folder = file->folder->next;
515
- if(!file->folder) {
516
- cli_dbgmsg("cab_open: Folder not found for file %s\n", file->name);
523
- cli_dbgmsg("CAB: File is split *skipping*\n");
532
- lfile->next = file;
541
-static int cab_read_block(struct cab_file *file)
543
- const struct cab_block_hdr *block_hdr;
544
- struct cab_state *state = file->cab->state;
546
- if(!(block_hdr = fmap_need_off_once(file->cab->map, file->cab->cur_offset, sizeof(*block_hdr)))) {
547
- cli_dbgmsg("cab_read_block: Can't read block header\n");
548
- return CL_EFORMAT; /* most likely a corrupted file */
551
- file->cab->cur_offset += sizeof(*block_hdr) + file->cab->resdata;
552
- state->blklen = EC16(block_hdr->cbData);
553
- state->outlen = EC16(block_hdr->cbUncomp);
555
- if(fmap_readn(file->cab->map, state->block, file->cab->cur_offset, state->blklen) != state->blklen) {
556
- cli_dbgmsg("cab_read_block: Can't read block data\n");
557
- return CL_EFORMAT; /* most likely a corrupted file */
560
- file->cab->cur_offset += state->blklen;
561
- state->pt = state->end = state->block;
562
- state->end += state->blklen;
567
-static int cab_read(struct cab_file *file, unsigned char *buffer, int bytes)
569
- uint16_t todo, left;
572
- if((file->cab->state->blknum > file->folder->nblocks) && !file->lread) {
573
- file->error = CL_BREAK;
579
- left = file->cab->state->end - file->cab->state->pt;
585
- memcpy(buffer, file->cab->state->pt, left);
586
- file->cab->state->pt += left;
591
- if(file->cab->state->blknum++ >= file->folder->nblocks)
594
- file->error = cab_read_block(file);
598
- if((file->folder->cmethod & 0x000f) == 0x0002) /* Quantum hack */
599
- *file->cab->state->end++ = 0xff;
601
- if(file->cab->state->blknum >= file->folder->nblocks) {
602
- if((file->folder->cmethod & 0x000f) == 0x0003) { /* LZX hack */
603
- lzx_set_output_length(file->cab->state->stream, (off_t) ((file->cab->state->blknum - 1) * 32768 + file->cab->state->outlen));
606
- if(file->cab->state->outlen != 32768) {
607
- cli_dbgmsg("cab_read: WARNING: partial data block\n");
613
- return file->lread = bytes - todo;
616
-static int cab_unstore(struct cab_file *file)
618
- int todo, bread, bytes = file->length;
619
- unsigned char buff[4096];
623
- cli_dbgmsg("cab_unstore: bytes < 0\n");
627
- todo = MIN((unsigned int) bytes, file->max_size);
631
- if((unsigned int) todo <= sizeof(buff))
634
- bread = sizeof(buff);
636
- if((bread = cab_read(file, buff, bread)) == -1) {
637
- cli_dbgmsg("cab_unstore: cab_read failed\n");
638
- return file->error;
639
- } else if(cli_writen(file->ofd, buff, bread) != bread) {
640
- cli_warnmsg("cab_unstore: Can't write %d bytes to descriptor %d\n", bread, file->ofd);
646
- if(!bread || todo <= 0)
653
-#define CAB_CHGFOLDER \
654
- if(!file->cab->actfol || (file->folder != file->cab->actfol) \
655
- || (file->cab->state && file->cab->state->cmethod != file->folder->cmethod)) { \
656
- if(file->cab->state) { \
657
- if(file->cab->state->stream) { \
658
- switch(file->cab->state->cmethod & 0x000f) { \
660
- mszip_free(file->cab->state->stream); \
663
- qtm_free(file->cab->state->stream); \
666
- lzx_free(file->cab->state->stream); \
669
- free(file->cab->state); \
670
- file->cab->state = NULL; \
672
- file->cab->cur_offset = file->folder->offset; \
673
- file->cab->state = (struct cab_state *) cli_calloc(1, sizeof(struct cab_state)); \
674
- if(!file->cab->state) { \
675
- cli_errmsg("cab_extract: Can't allocate memory for internal state\n"); \
676
- close(file->ofd); \
679
- file->cab->state->cmethod = file->folder->cmethod; \
680
- switch(file->folder->cmethod & 0x000f) { \
682
- file->cab->state->stream = (struct mszip_stream *) mszip_init(file->ofd, 4096, 1, file, &cab_read); \
685
- file->cab->state->stream = (struct qtm_stream *) qtm_init(file->ofd, (int) (file->folder->cmethod >> 8) & 0x1f, 4096, file, &cab_read); \
688
- file->cab->state->stream = (struct lzx_stream *) lzx_init(file->ofd, (int) (file->folder->cmethod >> 8) & 0x1f, 0, 4096, 0, file, &cab_read); \
690
- if((file->folder->cmethod & 0x000f) && !file->cab->state->stream) { \
691
- close(file->ofd); \
692
- return CL_EUNPACK; \
694
- file->cab->actfol = file->folder; \
696
- if(file->cab->state && file->cab->state->stream) { \
697
- switch(file->cab->state->cmethod & 0x000f) { \
699
- ((struct mszip_stream *) file->cab->state->stream)->ofd = file->ofd; \
702
- ((struct qtm_stream *) file->cab->state->stream)->ofd = file->ofd; \
705
- ((struct lzx_stream *) file->cab->state->stream)->ofd = file->ofd; \
712
-int cab_extract(struct cab_file *file, const char *name)
717
- if(!file || !name) {
718
- cli_errmsg("cab_extract: !file || !name\n");
719
- return CL_ENULLARG;
722
- if(!file->folder) {
723
- cli_errmsg("cab_extract: file->folder == NULL\n");
724
- return CL_ENULLARG;
727
- file->ofd = open(name, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY, S_IRWXU);
728
- if(file->ofd == -1) {
729
- cli_errmsg("cab_extract: Can't open file %s in write mode\n", name);
733
- switch(file->folder->cmethod & 0x000f) {
734
- case 0x0000: /* STORE */
735
- cli_dbgmsg("CAB: Compression method: STORED\n");
737
- if(file->length > file->cab->length) {
738
- cli_dbgmsg("cab_extract: Stored file larger than archive itself, trimming down\n");
739
- file->length = file->cab->length;
741
- ret = cab_unstore(file);
744
- case 0x0001: /* MSZIP */
745
- cli_dbgmsg("CAB: Compression method: MSZIP\n");
747
- ret = mszip_decompress(file->cab->state->stream, file->length);
750
- case 0x0002: /* QUANTUM */
751
- cli_dbgmsg("CAB: Compression method: QUANTUM\n");
753
- ret = qtm_decompress(file->cab->state->stream, file->length);
756
- case 0x0003: /* LZX */
757
- cli_dbgmsg("CAB: Compression method: LZX\n");
759
- ret = lzx_decompress(file->cab->state->stream, file->length);
763
- cli_dbgmsg("CAB: Not supported compression method: 0x%x\n", file->folder->cmethod & 0x000f);
769
- if(ret == CL_BREAK)
774
diff --git a/libclamav/cab.h b/libclamav/cab.h
775
deleted file mode 100644
776
index 795900d..0000000
777
--- a/libclamav/cab.h
781
- * Copyright (C) 2007-2008 Sourcefire, Inc.
783
- * Authors: Tomasz Kojm
785
- * This program is free software; you can redistribute it and/or modify
786
- * it under the terms of the GNU General Public License version 2 as
787
- * published by the Free Software Foundation.
789
- * This program is distributed in the hope that it will be useful,
790
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
791
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
792
- * GNU General Public License for more details.
794
- * You should have received a copy of the GNU General Public License
795
- * along with this program; if not, write to the Free Software
796
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
797
- * MA 02110-1301, USA.
803
-#include <sys/types.h>
804
-#include "cltypes.h"
807
-#define CAB_BLOCKMAX 65535
808
-#define CAB_INPUTMAX (CAB_BLOCKMAX + 6144)
810
-struct cab_archive {
811
- struct cab_folder *folders, *actfol;
812
- struct cab_file *files;
813
- struct cab_state *state;
825
- unsigned char *pt, *end;
827
- unsigned char block[CAB_INPUTMAX];
841
- struct cab_folder *folder;
842
- struct cab_file *next;
843
- struct cab_archive *cab;
845
- uint64_t max_size, written_size;
849
- struct cab_archive *cab;
851
- struct cab_folder *next;
856
-int cab_open(fmap_t *map, off_t offset, struct cab_archive *cab);
857
-int cab_extract(struct cab_file *file, const char *name);
858
-void cab_free(struct cab_archive *cab);
861
diff --git a/libclamav/chmunpack.h b/libclamav/chmunpack.h
862
deleted file mode 100644
863
index 7864386..0000000
864
--- a/libclamav/chmunpack.h
868
- * Extract component parts of MS CHM files
870
- * Copyright (C) 2007-2008 Sourcefire, Inc.
874
- * This program is free software; you can redistribute it and/or modify
875
- * it under the terms of the GNU General Public License version 2 as
876
- * published by the Free Software Foundation.
878
- * This program is distributed in the hope that it will be useful,
879
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
880
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
881
- * GNU General Public License for more details.
883
- * You should have received a copy of the GNU General Public License
884
- * along with this program; if not, write to the Free Software
885
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
886
- * MA 02110-1301, USA.
889
-#ifndef __CHM_UNPACK_H
890
-#define __CHM_UNPACK_H
893
-#include "clamav-config.h"
896
-#include "cltypes.h"
900
-#ifndef HAVE_ATTRIB_PACKED
901
-#define __attribute__(x)
904
-#ifdef HAVE_PRAGMA_PACK
908
-#ifdef HAVE_PRAGMA_PACK_HPPA
912
-#define CHM_ITSF_MIN_LEN (0x60)
913
-typedef struct chm_itsf_header_tag
915
- unsigned char signature[4];
916
- int32_t version __attribute__ ((packed));
917
- int32_t header_len __attribute__ ((packed));
918
- uint32_t unknown __attribute__ ((packed));
919
- uint32_t last_modified __attribute__ ((packed));
920
- uint32_t lang_id __attribute__ ((packed));
921
- unsigned char dir_clsid[16];
922
- unsigned char stream_clsid[16];
923
- uint64_t sec0_offset __attribute__ ((packed));
924
- uint64_t sec0_len __attribute__ ((packed));
925
- uint64_t dir_offset __attribute__ ((packed));
926
- uint64_t dir_len __attribute__ ((packed));
927
- uint64_t data_offset __attribute__ ((packed));
928
-} chm_itsf_header_t;
930
-#define CHM_ITSP_LEN (0x54)
931
-typedef struct chm_itsp_header_tag
933
- unsigned char signature[4];
934
- int32_t version __attribute__ ((packed));
935
- int32_t header_len __attribute__ ((packed));
936
- int32_t unknown1 __attribute__ ((packed));
937
- uint32_t block_len __attribute__ ((packed));
938
- int32_t blockidx_intvl __attribute__ ((packed));
939
- int32_t index_depth __attribute__ ((packed));
940
- int32_t index_root __attribute__ ((packed));
941
- int32_t index_head __attribute__ ((packed));
942
- int32_t index_tail __attribute__ ((packed));
943
- int32_t unknown2 __attribute__ ((packed));
944
- uint32_t num_blocks __attribute__ ((packed));
945
- uint32_t lang_id __attribute__ ((packed));
946
- unsigned char system_clsid[16];
947
- unsigned char unknown4[16];
948
-} chm_itsp_header_t;
950
-#ifdef HAVE_PRAGMA_PACK
954
-#ifdef HAVE_PRAGMA_PACK_HPPA
958
-typedef struct chm_sys_entry_tag
964
-typedef struct chm_metadata_tag {
965
- uint64_t file_length;
966
- uint64_t file_offset;
967
- chm_sys_entry_t sys_control;
968
- chm_sys_entry_t sys_content;
969
- chm_sys_entry_t sys_reset;
971
- chm_itsf_header_t itsf_hdr;
972
- chm_itsp_header_t itsp_hdr;
975
- uint32_t num_chunks;
976
- off_t chunk_offset;
977
- const char *chunk_data;
978
- const char *chunk_current;
979
- const char *chunk_end;
981
- uint16_t chunk_entries;
984
-int cli_chm_open(const char *dirname, chm_metadata_t *metadata, cli_ctx *ctx);
985
-int cli_chm_prepare_file(chm_metadata_t *metadata);
986
-int cli_chm_extract_file(char *dirname, chm_metadata_t *metadata, cli_ctx *ctx);
987
-void cli_chm_close(chm_metadata_t *metadata);
989
diff --git a/libclamav/libmspack.c b/libclamav/libmspack.c
991
index 0000000..788ece0
993
+++ b/libclamav/libmspack.c
996
+ * Glue code for libmspack handling.
997
+ * Author: 웃 Sebastian Andrzej Siewior
998
+ * ✉ sebastian @ breakpoint ̣cc
1002
+#include <stdlib.h>
1003
+#include <sys/stat.h>
1006
+#include <mspack.h>
1008
+#include "clamav.h"
1010
+#include "scanners.h"
1011
+#include "others.h"
1016
+ FILETYPE_FILENAME,
1019
+struct mspack_name {
1024
+struct mspack_system_ex {
1025
+ struct mspack_system ops;
1029
+struct mspack_handle {
1030
+ enum mspack_type type;
1040
+#define container_of(ptr, type, member) ({ \
1041
+ const typeof( ((type *)0)->member ) *__mptr = (ptr); \
1042
+ (type *)( (char *)__mptr - offsetof(type,member) );})
1044
+#define min_t(type, x, y) ({ \
1045
+ type __min1 = (x); \
1046
+ type __min2 = (y); \
1047
+ __min1 < __min2 ? __min1: __min2; })
1049
+static struct mspack_file *mspack_fmap_open(struct mspack_system *self,
1050
+ const char *filename, int mode)
1052
+ struct mspack_name *mspack_name;
1053
+ struct mspack_handle *mspack_handle;
1054
+ struct mspack_system_ex *self_ex;
1055
+ const char *fmode;
1058
+ cli_dbgmsg("%s() failed at %d\n", __func__, __LINE__);
1061
+ mspack_handle = malloc(sizeof(*mspack_handle));
1062
+ if (!mspack_handle) {
1063
+ cli_dbgmsg("%s() failed at %d\n", __func__, __LINE__);
1067
+ case MSPACK_SYS_OPEN_READ:
1068
+ mspack_handle->type = FILETYPE_FMAP;
1070
+ mspack_name = (struct mspack_name *)filename;
1071
+ mspack_handle->fmap = mspack_name->fmap;
1072
+ mspack_handle->org = mspack_name->org;
1073
+ mspack_handle->offset = 0;
1075
+ return (struct mspack_file *)mspack_handle;
1077
+ case MSPACK_SYS_OPEN_WRITE:
1080
+ case MSPACK_SYS_OPEN_UPDATE:
1083
+ case MSPACK_SYS_OPEN_APPEND:
1087
+ cli_dbgmsg("%s() wrong mode\n", __func__);
1091
+ mspack_handle->type = FILETYPE_FILENAME;
1093
+ mspack_handle->f = fopen(filename, fmode);
1094
+ if (!mspack_handle->f) {
1095
+ cli_dbgmsg("%s() failed %d\n", __func__, __LINE__);
1098
+ self_ex = container_of(self, struct mspack_system_ex, ops);
1099
+ mspack_handle->max_size = self_ex->max_size;
1100
+ return (struct mspack_file *)mspack_handle;
1103
+ free(mspack_handle);
1107
+static void mspack_fmap_close(struct mspack_file *file)
1109
+ struct mspack_handle *mspack_handle = (struct mspack_handle *)file;
1111
+ if (!mspack_handle)
1114
+ if (mspack_handle->type == FILETYPE_FILENAME)
1115
+ fclose(mspack_handle->f);
1116
+ free(mspack_handle);
1119
+static int mspack_fmap_read(struct mspack_file *file, void *buffer, int bytes)
1121
+ struct mspack_handle *mspack_handle = (struct mspack_handle *)file;
1127
+ cli_dbgmsg("%s() %d\n", __func__, __LINE__);
1130
+ if (!mspack_handle) {
1131
+ cli_dbgmsg("%s() %d\n", __func__, __LINE__);
1135
+ if (mspack_handle->type == FILETYPE_FMAP) {
1136
+ offset = mspack_handle->offset + mspack_handle->org;
1138
+ ret = fmap_readn(mspack_handle->fmap, buffer, offset, bytes);
1139
+ if (ret != bytes) {
1140
+ cli_dbgmsg("%s() %d %d, %d\n", __func__, __LINE__, bytes, ret);
1144
+ mspack_handle->offset += bytes;
1147
+ count = fread(buffer, bytes, 1, mspack_handle->f);
1149
+ cli_dbgmsg("%s() %d %d, %zd\n", __func__, __LINE__, bytes, count);
1155
+static int mspack_fmap_write(struct mspack_file *file, void *buffer, int bytes)
1157
+ struct mspack_handle *mspack_handle = (struct mspack_handle *)file;
1161
+ if (bytes < 0 || !mspack_handle) {
1162
+ cli_dbgmsg("%s() err %d\n", __func__, __LINE__);
1166
+ if (mspack_handle->type == FILETYPE_FMAP) {
1167
+ cli_dbgmsg("%s() err %d\n", __func__, __LINE__);
1174
+ max_size = mspack_handle->max_size;
1178
+ max_size = min_t(off_t, max_size, bytes);
1179
+ mspack_handle->max_size -= max_size;
1181
+ count = fwrite(buffer, max_size, 1, mspack_handle->f);
1183
+ cli_dbgmsg("%s() err %m <%zd %d>\n", __func__, count, bytes);
1190
+static int mspack_fmap_seek(struct mspack_file *file, off_t offset, int mode)
1192
+ struct mspack_handle *mspack_handle = (struct mspack_handle *)file;
1194
+ if (!mspack_handle) {
1195
+ cli_dbgmsg("%s() err %d\n", __func__, __LINE__);
1199
+ if (mspack_handle->type == FILETYPE_FMAP) {
1203
+ case MSPACK_SYS_SEEK_START:
1206
+ case MSPACK_SYS_SEEK_CUR:
1207
+ new_pos = mspack_handle->offset + offset;
1209
+ case MSPACK_SYS_SEEK_END:
1210
+ new_pos = mspack_handle->fmap->len + offset;
1213
+ cli_dbgmsg("%s() err %d\n", __func__, __LINE__);
1216
+ if (new_pos < 0 || new_pos > mspack_handle->fmap->len) {
1217
+ cli_dbgmsg("%s() err %d\n", __func__, __LINE__);
1221
+ mspack_handle->offset = new_pos;
1226
+ case MSPACK_SYS_SEEK_START:
1229
+ case MSPACK_SYS_SEEK_CUR:
1232
+ case MSPACK_SYS_SEEK_END:
1236
+ cli_dbgmsg("%s() err %d\n", __func__, __LINE__);
1240
+ return fseeko(mspack_handle->f, offset, mode);
1243
+static off_t mspack_fmap_tell(struct mspack_file *file)
1245
+ struct mspack_handle *mspack_handle = (struct mspack_handle *)file;
1247
+ if (!mspack_handle)
1250
+ if (mspack_handle->type == FILETYPE_FMAP)
1251
+ return mspack_handle->offset;
1253
+ return ftello(mspack_handle->f);
1256
+static void mspack_fmap_message(struct mspack_file *file, const char *fmt, ...)
1258
+ cli_dbgmsg("%s() %s\n", __func__, fmt);
1260
+static void *mspack_fmap_alloc(struct mspack_system *self, size_t num)
1262
+ return malloc(num);
1265
+static void mspack_fmap_free(void *mem)
1270
+static void mspack_fmap_copy(void *src, void *dst, size_t num)
1272
+ memcpy(dst, src, num);
1275
+static struct mspack_system mspack_sys_fmap_ops = {
1276
+ .open = mspack_fmap_open,
1277
+ .close = mspack_fmap_close,
1278
+ .read = mspack_fmap_read,
1279
+ .write = mspack_fmap_write,
1280
+ .seek = mspack_fmap_seek,
1281
+ .tell = mspack_fmap_tell,
1282
+ .message = mspack_fmap_message,
1283
+ .alloc = mspack_fmap_alloc,
1284
+ .free = mspack_fmap_free,
1285
+ .copy = mspack_fmap_copy,
1288
+static int cli_scanfile(const char *filename, cli_ctx *ctx)
1292
+ /* internal version of cl_scanfile with arec/mrec preserved */
1293
+ fd = safe_open(filename, O_RDONLY|O_BINARY);
1297
+ ret = cli_magic_scandesc(fd, ctx);
1303
+int cli_scanmscab(cli_ctx *ctx, off_t sfx_offset)
1305
+ struct mscab_decompressor *cab_d;
1306
+ struct mscabd_cabinet *cab_h;
1307
+ struct mscabd_file *cab_f;
1310
+ int virus_num = 0;
1311
+ struct mspack_name mspack_fmap = {
1312
+ .fmap = *ctx->fmap,
1313
+ .org = sfx_offset,
1315
+ struct mspack_system_ex ops_ex = {
1316
+ .ops = mspack_sys_fmap_ops,
1319
+ MSPACK_SYS_SELFTEST(ret);
1321
+ cli_dbgmsg("%s() failed at %d\n", __func__, __LINE__);
1322
+ return CL_EUNPACK;
1325
+ cab_d = mspack_create_cab_decompressor(&ops_ex.ops);
1327
+ cli_dbgmsg("%s() failed at %d\n", __func__, __LINE__);
1328
+ return CL_EUNPACK;
1331
+ cab_h = cab_d->open(cab_d, (char *)&mspack_fmap);
1334
+ cli_dbgmsg("%s() failed at %d\n", __func__, __LINE__);
1338
+ for (cab_f = cab_h->files; cab_f; cab_f = cab_f->next) {
1342
+ ret = cli_matchmeta(ctx, cab_f->filename, 0, cab_f->length, 0,
1345
+ if (ret == CL_VIRUS) {
1353
+ if (ctx->engine->maxscansize) {
1354
+ if (ctx->scansize >= ctx->engine->maxscansize) {
1360
+ if (ctx->engine->maxscansize &&
1361
+ ctx->scansize + ctx->engine->maxfilesize >=
1362
+ ctx->engine->maxscansize)
1363
+ max_size = ctx->engine->maxscansize -
1366
+ max_size = ctx->engine->maxfilesize ?
1367
+ ctx->engine->maxfilesize :
1370
+ tmp_fname = cli_gentemp(ctx->engine->tmpdir);
1376
+ ops_ex.max_size = max_size;
1378
+ ret = cab_d->extract(cab_d, cab_f, tmp_fname);
1380
+ /* Failed to extract. Try to scan what is there */
1381
+ cli_dbgmsg("%s() failed to extract %d\n", __func__, ret);
1383
+ ret = cli_scanfile(tmp_fname, ctx);
1384
+ if (ret == CL_VIRUS)
1387
+ if (!ctx->engine->keeptmp) {
1388
+ if (!access(tmp_fname, R_OK) && cli_unlink(tmp_fname)) {
1396
+ if (ret == CL_VIRUS && SCAN_ALL)
1403
+ cab_d->close(cab_d, cab_h);
1405
+ mspack_destroy_cab_decompressor(cab_d);
1411
+int cli_scanmschm(cli_ctx *ctx)
1413
+ struct mschm_decompressor *mschm_d;
1414
+ struct mschmd_header *mschm_h;
1415
+ struct mschmd_file *mschm_f;
1418
+ int virus_num = 0;
1419
+ struct mspack_name mspack_fmap = {
1420
+ .fmap = *ctx->fmap,
1422
+ struct mspack_system_ex ops_ex = {
1423
+ .ops = mspack_sys_fmap_ops,
1426
+ MSPACK_SYS_SELFTEST(ret);
1428
+ cli_dbgmsg("%s() failed at %d\n", __func__, __LINE__);
1429
+ return CL_EUNPACK;
1432
+ mschm_d = mspack_create_chm_decompressor(&ops_ex.ops);
1434
+ cli_dbgmsg("%s() failed at %d\n", __func__, __LINE__);
1435
+ return CL_EUNPACK;
1438
+ mschm_h = mschm_d->open(mschm_d, (char *)&mspack_fmap);
1441
+ cli_dbgmsg("%s() failed at %d\n", __func__, __LINE__);
1445
+ for (mschm_f = mschm_h->files; mschm_f; mschm_f = mschm_f->next) {
1449
+ ret = cli_matchmeta(ctx, mschm_f->filename, 0, mschm_f->length,
1450
+ 0, files, 0, NULL);
1452
+ if (ret == CL_VIRUS) {
1460
+ if (ctx->engine->maxscansize) {
1461
+ if (ctx->scansize >= ctx->engine->maxscansize) {
1467
+ if (ctx->engine->maxscansize &&
1468
+ ctx->scansize + ctx->engine->maxfilesize >=
1469
+ ctx->engine->maxscansize)
1470
+ max_size = ctx->engine->maxscansize -
1473
+ max_size = ctx->engine->maxfilesize ?
1474
+ ctx->engine->maxfilesize :
1477
+ ops_ex.max_size = max_size;
1479
+ tmp_fname = cli_gentemp(ctx->engine->tmpdir);
1486
+ ret = mschm_d->extract(mschm_d, mschm_f, tmp_fname);
1488
+ /* Failed to extract. Try to scan what is there */
1489
+ cli_dbgmsg("%s() failed to extract %d\n", __func__, ret);
1491
+ ret = cli_scanfile(tmp_fname, ctx);
1492
+ if (ret == CL_VIRUS)
1495
+ if (!ctx->engine->keeptmp) {
1496
+ if (!access(tmp_fname, R_OK) && cli_unlink(tmp_fname)) {
1504
+ if (ret == CL_VIRUS && SCAN_ALL)
1511
+ mschm_d->close(mschm_d, mschm_h);
1513
+ mspack_destroy_chm_decompressor(mschm_d);
1520
diff --git a/libclamav/libmspack.h b/libclamav/libmspack.h
1521
new file mode 100644
1522
index 0000000..07a9442
1524
+++ b/libclamav/libmspack.h
1526
+#ifndef __LIBMSPACK_H__
1527
+#define __LIBMSPACK_H__
1529
+int cli_scanmscab(cli_ctx *ctx, off_t sfx_offset);
1530
+int cli_scanmschm(cli_ctx *ctx);
1533
diff --git a/libclamav/mspack.c b/libclamav/mspack.c
1534
deleted file mode 100644
1535
index cc4c0a5..0000000
1536
--- a/libclamav/mspack.c
1540
- * This file includes code from libmspack adapted for libclamav by
1541
- * tkojm@clamav.net and draynor@sourcefire.com
1543
- * Copyright (C) 2003-2004 Stuart Caie
1545
- * This library is free software; you can redistribute it and/or
1546
- * modify it under the terms of the GNU Lesser General Public
1547
- * License version 2.1 as published by the Free Software Foundation.
1549
- * This library is distributed in the hope that it will be useful,
1550
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
1551
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
1552
- * Lesser General Public License for more details.
1554
- * You should have received a copy of the GNU Lesser General Public
1555
- * License along with this library; if not, write to the Free Software
1556
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
1561
-#include "clamav-config.h"
1565
-#include <string.h>
1567
-#include "others.h"
1568
-#include "clamav.h"
1569
-#include "mspack.h"
1572
-# include <limits.h>
1575
-# define CHAR_BIT (8)
1579
-/***************************************************************************
1580
- * MS-ZIP decompression implementation
1581
- ***************************************************************************
1582
- * The LZX method was created by Jonathan Forbes and Tomi Poutanen, adapted
1583
- * by Microsoft Corporation.
1585
- * The deflate method was created by Phil Katz. MSZIP is equivalent to the
1590
-/* match lengths for literal codes 257.. 285 */
1591
-static const unsigned short mszip_lit_lengths[29] = {
1592
- 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 15, 17, 19, 23, 27,
1593
- 31, 35, 43, 51, 59, 67, 83, 99, 115, 131, 163, 195, 227, 258
1596
-/* match offsets for distance codes 0 .. 29 */
1597
-static const unsigned short mszip_dist_offsets[30] = {
1598
- 1, 2, 3, 4, 5, 7, 9, 13, 17, 25, 33, 49, 65, 97, 129, 193, 257, 385,
1599
- 513, 769, 1025, 1537, 2049, 3073, 4097, 6145, 8193, 12289, 16385, 24577
1602
-/* extra bits required for literal codes 257.. 285 */
1603
-static const unsigned char mszip_lit_extrabits[29] = {
1604
- 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 2, 2,
1605
- 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 5, 5, 5, 5, 0
1608
-/* extra bits required for distance codes 0 .. 29 */
1609
-static const unsigned char mszip_dist_extrabits[30] = {
1610
- 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6,
1611
- 6, 7, 7, 8, 8, 9, 9, 10, 10, 11, 11, 12, 12, 13, 13
1614
-/* the order of the bit length Huffman code lengths */
1615
-static const unsigned char mszip_bitlen_order[19] = {
1616
- 16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15
1619
-/* ANDing with mszip_bit_mask[n] masks the lower n bits */
1620
-static const unsigned short mszip_bit_mask_tab[17] = {
1621
- 0x0000, 0x0001, 0x0003, 0x0007, 0x000f, 0x001f, 0x003f, 0x007f, 0x00ff,
1622
- 0x01ff, 0x03ff, 0x07ff, 0x0fff, 0x1fff, 0x3fff, 0x7fff, 0xffff
1625
-#define MSZIP_STORE_BITS do { \
1626
- zip->i_ptr = i_ptr; \
1627
- zip->i_end = i_end; \
1628
- zip->bit_buffer = bit_buffer; \
1629
- zip->bits_left = bits_left; \
1632
-#define MSZIP_RESTORE_BITS do { \
1633
- i_ptr = zip->i_ptr; \
1634
- i_end = zip->i_end; \
1635
- bit_buffer = zip->bit_buffer; \
1636
- bits_left = zip->bits_left; \
1639
-#define MSZIP_ENSURE_BITS(nbits) do { \
1640
- while (bits_left < (nbits)) { \
1641
- if (i_ptr >= i_end) { \
1642
- if (mszip_read_input(zip)) return zip->error; \
1643
- i_ptr = zip->i_ptr; \
1644
- i_end = zip->i_end; \
1645
- if(i_ptr == i_end) break; \
1647
- bit_buffer |= *i_ptr++ << bits_left; bits_left += 8; \
1651
-#define MSZIP_PEEK_BITS(nbits) (bit_buffer & ((1<<(nbits))-1))
1652
-#define MSZIP_PEEK_BITS_T(nbits) (bit_buffer & mszip_bit_mask_tab[(nbits)])
1654
-#define MSZIP_REMOVE_BITS(nbits) ((bit_buffer >>= (nbits)), (bits_left -= (nbits)))
1656
-#define MSZIP_READ_BITS(val, nbits) do { \
1657
- MSZIP_ENSURE_BITS(nbits); (val) = MSZIP_PEEK_BITS(nbits); MSZIP_REMOVE_BITS(nbits); \
1660
-#define MSZIP_READ_BITS_T(val, nbits) do { \
1661
- MSZIP_ENSURE_BITS(nbits); (val) = MSZIP_PEEK_BITS_T(nbits); MSZIP_REMOVE_BITS(nbits); \
1664
-static int mszip_read_input(struct mszip_stream *zip) {
1665
- int nread = zip->read_cb(zip->file, zip->inbuf, (int)zip->inbuf_size);
1667
- if (zip->file->error == CL_BREAK) {
1668
- if ((unsigned int)nread == zip->last) {
1669
- cli_dbgmsg("mszip_read_input: Two consecutive CL_BREAKs reached.\n");
1672
- // Need short circuit to ensure scanning small files
1673
- cli_dbgmsg("mszip_read_input: First CL_BREAK reached.\n");
1674
- zip->i_ptr = zip->i_end;
1675
- zip->last = nread;
1676
- return CL_SUCCESS;
1679
- return zip->error = CL_EFORMAT;
1682
- zip->last = nread;
1683
- zip->i_ptr = &zip->inbuf[0];
1684
- zip->i_end = &zip->inbuf[nread];
1686
- return CL_SUCCESS;
1689
-/* inflate() error codes */
1690
-#define INF_ERR_BLOCKTYPE (-1) /* unknown block type */
1691
-#define INF_ERR_COMPLEMENT (-2) /* block size complement mismatch */
1692
-#define INF_ERR_FLUSH (-3) /* error from flush_window() callback */
1693
-#define INF_ERR_BITBUF (-4) /* too many bits in bit buffer */
1694
-#define INF_ERR_SYMLENS (-5) /* too many symbols in blocktype 2 header */
1695
-#define INF_ERR_BITLENTBL (-6) /* failed to build bitlens huffman table */
1696
-#define INF_ERR_LITERALTBL (-7) /* failed to build literals huffman table */
1697
-#define INF_ERR_DISTANCETBL (-8) /* failed to build distance huffman table */
1698
-#define INF_ERR_BITOVERRUN (-9) /* bitlen RLE code goes over table size */
1699
-#define INF_ERR_BADBITLEN (-10) /* invalid bit-length code */
1700
-#define INF_ERR_LITCODE (-11) /* out-of-range literal code */
1701
-#define INF_ERR_DISTCODE (-12) /* out-of-range distance code */
1702
-#define INF_ERR_DISTANCE (-13) /* somehow, distance is beyond 32k */
1703
-#define INF_ERR_HUFFSYM (-14) /* out of bits decoding huffman symbol */
1705
-/* mszip_make_decode_table(nsyms, nbits, length[], table[])
1707
- * This function was coded by David Tritscher. It builds a fast huffman
1708
- * decoding table out of just a canonical huffman code lengths table.
1710
- * NOTE: this is NOT identical to the mszip_make_decode_table() in lzxd.c. This
1711
- * one reverses the quick-lookup bit pattern. Bits are read MSB to LSB in LZX,
1712
- * but LSB to MSB in MSZIP.
1714
- * nsyms = total number of symbols in this huffman tree.
1715
- * nbits = any symbols with a code length of nbits or less can be decoded
1716
- * in one lookup of the table.
1717
- * length = A table to get code lengths from [0 to nsyms-1]
1718
- * table = The table to fill up with decoded symbols and pointers.
1720
- * Returns 0 for OK or 1 for error
1722
-static int mszip_make_decode_table(unsigned int nsyms, unsigned int nbits,
1723
- unsigned char *length, unsigned short *table)
1725
- register unsigned int leaf, reverse, fill;
1726
- register unsigned short sym, next_sym;
1727
- register unsigned char bit_num;
1728
- unsigned int pos = 0; /* the current position in the decode table */
1729
- unsigned int table_mask = 1 << nbits;
1730
- unsigned int mszip_bit_mask = table_mask >> 1; /* don't do 0 length codes */
1732
- /* fill entries for codes short enough for a direct mapping */
1733
- for (bit_num = 1; bit_num <= nbits; bit_num++) {
1734
- for (sym = 0; sym < nsyms; sym++) {
1735
- if (length[sym] != bit_num) continue;
1737
- /* reverse the significant bits */
1738
- fill = length[sym]; reverse = pos >> (nbits - fill); leaf = 0;
1739
- do {leaf <<= 1; leaf |= reverse & 1; reverse >>= 1;} while (--fill);
1741
- if((pos += mszip_bit_mask) > table_mask) return 1; /* table overrun */
1743
- /* fill all possible lookups of this symbol with the symbol itself */
1744
- fill = mszip_bit_mask; next_sym = 1 << bit_num;
1745
- do { table[leaf] = sym; leaf += next_sym; } while (--fill);
1747
- mszip_bit_mask >>= 1;
1750
- /* exit with success if table is now complete */
1751
- if (pos == table_mask) return 0;
1753
- /* mark all remaining table entries as unused */
1754
- for (sym = pos; sym < table_mask; sym++) {
1755
- reverse = sym; leaf = 0; fill = nbits;
1756
- do { leaf <<= 1; leaf |= reverse & 1; reverse >>= 1; } while (--fill);
1757
- table[leaf] = 0xFFFF;
1760
- /* where should the longer codes be allocated from? */
1761
- next_sym = ((table_mask >> 1) < nsyms) ? nsyms : (table_mask >> 1);
1763
- /* give ourselves room for codes to grow by up to 16 more bits.
1764
- * codes now start at bit nbits+16 and end at (nbits+16-codelength) */
1766
- table_mask <<= 16;
1767
- mszip_bit_mask = 1 << 15;
1769
- for (bit_num = nbits+1; bit_num <= MSZIP_MAX_HUFFBITS; bit_num++) {
1770
- for (sym = 0; sym < nsyms; sym++) {
1771
- if (length[sym] != bit_num) continue;
1773
- /* leaf = the first nbits of the code, reversed */
1774
- reverse = pos >> 16; leaf = 0; fill = nbits;
1775
- do {leaf <<= 1; leaf |= reverse & 1; reverse >>= 1;} while (--fill);
1777
- for (fill = 0; fill < (bit_num - nbits); fill++) {
1778
- /* if this path hasn't been taken yet, 'allocate' two entries */
1779
- if (table[leaf] == 0xFFFF) {
1780
- table[(next_sym << 1) ] = 0xFFFF;
1781
- table[(next_sym << 1) + 1 ] = 0xFFFF;
1782
- table[leaf] = next_sym++;
1784
- /* follow the path and select either left or right for next bit */
1785
- leaf = (table[leaf] << 1) | ((pos >> (15 - fill)) & 1);
1787
- table[leaf] = sym;
1789
- if ((pos += mszip_bit_mask) > table_mask) return 1; /* table overflow */
1791
- mszip_bit_mask >>= 1;
1795
- return (pos != table_mask) ? 1 : 0;
1798
-/* MSZIP_READ_HUFFSYM(tablename, var) decodes one huffman symbol from the
1799
- * bitstream using the stated table and puts it in var.
1801
-#define MSZIP_READ_HUFFSYM(tbl, var) do { \
1802
- /* huffman symbols can be up to 16 bits long */ \
1803
- MSZIP_ENSURE_BITS(MSZIP_MAX_HUFFBITS); \
1804
- /* immediate table lookup of [tablebits] bits of the code */ \
1805
- sym = zip->tbl##_table[MSZIP_PEEK_BITS(MSZIP_##tbl##_TABLEBITS)]; \
1806
- /* is the symbol is longer than [tablebits] bits? (i=node index) */ \
1807
- if (sym >= MSZIP_##tbl##_MAXSYMBOLS) { \
1808
- /* decode remaining bits by tree traversal */ \
1809
- i = MSZIP_##tbl##_TABLEBITS - 1; \
1811
- /* check next bit. error if we run out of bits before decode */ \
1812
- if (i++ > MSZIP_MAX_HUFFBITS) { \
1813
- cli_dbgmsg("zip_inflate: out of bits in huffman decode\n"); \
1814
- return INF_ERR_HUFFSYM; \
1816
- sym = (sym << 1) | ((bit_buffer >> i) & 1); \
1817
- if(sym >= MSZIP_##tbl##_TABLESIZE) { \
1818
- cli_dbgmsg("zip_inflate: index out of table\n"); \
1819
- return INF_ERR_HUFFSYM; \
1821
- /* double node index and add 0 (left branch) or 1 (right) */ \
1822
- sym = zip->tbl##_table[sym]; \
1823
- /* while we are still in node indicies, not decoded symbols */ \
1824
- } while (sym >= MSZIP_##tbl##_MAXSYMBOLS); \
1828
- /* look up the code length of that symbol and discard those bits */ \
1829
- i = zip->tbl##_len[sym]; \
1830
- MSZIP_REMOVE_BITS(i); \
1833
-static int mszip_read_lens(struct mszip_stream *zip) {
1834
- /* for the bit buffer and huffman decoding */
1835
- register unsigned int bit_buffer;
1836
- register int bits_left;
1837
- unsigned char *i_ptr, *i_end;
1839
- /* bitlen Huffman codes -- immediate lookup, 7 bit max code length */
1840
- unsigned short bl_table[(1 << 7)];
1841
- unsigned char bl_len[19];
1843
- unsigned char lens[MSZIP_LITERAL_MAXSYMBOLS + MSZIP_DISTANCE_MAXSYMBOLS];
1844
- unsigned int lit_codes, dist_codes, code, last_code=0, bitlen_codes, i, run;
1846
- MSZIP_RESTORE_BITS;
1848
- /* read the number of codes */
1849
- MSZIP_READ_BITS(lit_codes, 5); lit_codes += 257;
1850
- MSZIP_READ_BITS(dist_codes, 5); dist_codes += 1;
1851
- MSZIP_READ_BITS(bitlen_codes, 4); bitlen_codes += 4;
1852
- if (lit_codes > MSZIP_LITERAL_MAXSYMBOLS) return INF_ERR_SYMLENS;
1853
- if (dist_codes > MSZIP_DISTANCE_MAXSYMBOLS) return INF_ERR_SYMLENS;
1855
- /* read in the bit lengths in their unusual order */
1856
- for (i = 0; i < bitlen_codes; i++) MSZIP_READ_BITS(bl_len[mszip_bitlen_order[i]], 3);
1857
- while (i < 19) bl_len[mszip_bitlen_order[i++]] = 0;
1859
- /* create decoding table with an immediate lookup */
1860
- if (mszip_make_decode_table(19, 7, &bl_len[0], &bl_table[0])) {
1861
- return INF_ERR_BITLENTBL;
1864
- /* read literal / distance code lengths */
1865
- for (i = 0; i < (lit_codes + dist_codes); i++) {
1866
- /* single-level huffman lookup */
1867
- MSZIP_ENSURE_BITS(7);
1868
- code = bl_table[MSZIP_PEEK_BITS(7)];
1869
- MSZIP_REMOVE_BITS(bl_len[code]);
1871
- if (code < 16) lens[i] = last_code = code;
1874
- case 16: MSZIP_READ_BITS(run, 2); run += 3; code = last_code; break;
1875
- case 17: MSZIP_READ_BITS(run, 3); run += 3; code = 0; break;
1876
- case 18: MSZIP_READ_BITS(run, 7); run += 11; code = 0; break;
1877
- default: cli_dbgmsg("zip_read_lens: bad code!: %u\n", code); return INF_ERR_BADBITLEN;
1879
- if ((i + run) > (lit_codes + dist_codes)) return INF_ERR_BITOVERRUN;
1880
- while (run--) lens[i++] = code;
1885
- /* copy LITERAL code lengths and clear any remaining */
1887
- memcpy(&zip->LITERAL_len[0], &lens[0], i);
1888
- while (i < MSZIP_LITERAL_MAXSYMBOLS) zip->LITERAL_len[i++] = 0;
1891
- memcpy(&zip->DISTANCE_len[0], &lens[lit_codes], i);
1892
- while (i < MSZIP_DISTANCE_MAXSYMBOLS) zip->DISTANCE_len[i++] = 0;
1898
-static int mspack_write(int fd, const void *buff, unsigned int count, struct cab_file *file)
1902
- if(file->max_size) {
1903
- if(file->written_size >= file->max_size)
1906
- if(file->written_size + count > file->max_size)
1907
- count = file->max_size - file->written_size;
1909
- if((ret = cli_writen(fd, buff, count)) > 0)
1910
- file->written_size += ret;
1912
- return (ret == -1) ? CL_EWRITE : CL_SUCCESS;
1915
-/* a clean implementation of RFC 1951 / inflate */
1916
-static int mszip_inflate(struct mszip_stream *zip) {
1917
- unsigned int last_block, block_type, distance, length, this_run, i;
1919
- /* for the bit buffer and huffman decoding */
1920
- register unsigned int bit_buffer;
1921
- register int bits_left;
1922
- register unsigned short sym;
1923
- unsigned char *i_ptr, *i_end;
1925
- MSZIP_RESTORE_BITS;
1928
- /* read in last block bit */
1929
- MSZIP_READ_BITS(last_block, 1);
1931
- /* read in block type */
1932
- MSZIP_READ_BITS(block_type, 2);
1934
- if (block_type == 0) {
1935
- /* uncompressed block */
1936
- unsigned char lens_buf[4];
1938
- /* go to byte boundary */
1939
- i = bits_left & 7; MSZIP_REMOVE_BITS(i);
1941
- /* read 4 bytes of data, emptying the bit-buffer if necessary */
1942
- for (i = 0; (bits_left >= 8); i++) {
1943
- if (i == 4) return INF_ERR_BITBUF;
1944
- lens_buf[i] = MSZIP_PEEK_BITS(8);
1945
- MSZIP_REMOVE_BITS(8);
1947
- if (bits_left != 0) return INF_ERR_BITBUF;
1949
- if (i_ptr >= i_end) {
1950
- if (mszip_read_input(zip)) return zip->error;
1951
- i_ptr = zip->i_ptr;
1952
- i_end = zip->i_end;
1953
- if(i_ptr == i_end) break;
1955
- lens_buf[i++] = *i_ptr++;
1957
- if (i < 4) return INF_ERR_BITBUF;
1959
- /* get the length and its complement */
1960
- length = lens_buf[0] | (lens_buf[1] << 8);
1961
- i = lens_buf[2] | (lens_buf[3] << 8);
1962
- if (length != (~i & 0xFFFF)) return INF_ERR_COMPLEMENT;
1964
- /* read and copy the uncompressed data into the window */
1965
- while (length > 0) {
1966
- if (i_ptr >= i_end) {
1967
- if (mszip_read_input(zip)) return zip->error;
1968
- i_ptr = zip->i_ptr;
1969
- i_end = zip->i_end;
1970
- if(i_ptr == i_end) break;
1973
- this_run = length;
1974
- if (this_run > (unsigned int)(i_end - i_ptr)) this_run = i_end - i_ptr;
1975
- if (this_run > (MSZIP_FRAME_SIZE - zip->window_posn))
1976
- this_run = MSZIP_FRAME_SIZE - zip->window_posn;
1978
- memcpy(&zip->window[zip->window_posn], i_ptr, this_run);
1979
- zip->window_posn += this_run;
1980
- i_ptr += this_run;
1981
- length -= this_run;
1983
- if (zip->window_posn == MSZIP_FRAME_SIZE) {
1984
- if (zip->flush_window(zip, MSZIP_FRAME_SIZE)) return INF_ERR_FLUSH;
1985
- zip->window_posn = 0;
1989
- else if ((block_type == 1) || (block_type == 2)) {
1990
- /* Huffman-compressed LZ77 block */
1991
- unsigned int window_posn, match_posn, code;
1993
- if (block_type == 1) {
1994
- /* block with fixed Huffman codes */
1996
- while (i < 144) zip->LITERAL_len[i++] = 8;
1997
- while (i < 256) zip->LITERAL_len[i++] = 9;
1998
- while (i < 280) zip->LITERAL_len[i++] = 7;
1999
- while (i < 288) zip->LITERAL_len[i++] = 8;
2000
- for (i = 0; i < 32; i++) zip->DISTANCE_len[i] = 5;
2003
- /* block with dynamic Huffman codes */
2005
- if ((i = mszip_read_lens(zip))) return i;
2006
- MSZIP_RESTORE_BITS;
2009
- /* now huffman lengths are read for either kind of block,
2010
- * create huffman decoding tables */
2011
- if (mszip_make_decode_table(MSZIP_LITERAL_MAXSYMBOLS, MSZIP_LITERAL_TABLEBITS,
2012
- &zip->LITERAL_len[0], &zip->LITERAL_table[0]))
2014
- return INF_ERR_LITERALTBL;
2017
- if (mszip_make_decode_table(MSZIP_DISTANCE_MAXSYMBOLS,MSZIP_DISTANCE_TABLEBITS,
2018
- &zip->DISTANCE_len[0], &zip->DISTANCE_table[0]))
2020
- return INF_ERR_DISTANCETBL;
2023
- /* decode forever until end of block code */
2024
- window_posn = zip->window_posn;
2026
- MSZIP_READ_HUFFSYM(LITERAL, code);
2028
- zip->window[window_posn++] = (unsigned char) code;
2029
- if (window_posn == MSZIP_FRAME_SIZE) {
2030
- if (zip->flush_window(zip, MSZIP_FRAME_SIZE)) return INF_ERR_FLUSH;
2034
- else if (code == 256) {
2035
- /* END OF BLOCK CODE: loop break point */
2040
- if (code >= 29) return INF_ERR_LITCODE;
2041
- MSZIP_READ_BITS_T(length, mszip_lit_extrabits[code]);
2042
- length += mszip_lit_lengths[code];
2044
- MSZIP_READ_HUFFSYM(DISTANCE, code);
2045
- if (code >= 30) return INF_ERR_DISTCODE;
2046
- MSZIP_READ_BITS_T(distance, mszip_dist_extrabits[code]);
2047
- distance += mszip_dist_offsets[code];
2049
- /* match position is window position minus distance. If distance
2050
- * is more than window position numerically, it must 'wrap
2051
- * around' the frame size. */
2052
- match_posn = ((distance > window_posn) ? MSZIP_FRAME_SIZE : 0)
2053
- + window_posn - distance;
2056
- if (length < 12) {
2057
- /* short match, use slower loop but no loop setup code */
2058
- while (length--) {
2059
- zip->window[window_posn++] = zip->window[match_posn++];
2060
- match_posn &= MSZIP_FRAME_SIZE - 1;
2062
- if (window_posn == MSZIP_FRAME_SIZE) {
2063
- if (zip->flush_window(zip, MSZIP_FRAME_SIZE))
2064
- return INF_ERR_FLUSH;
2070
- /* longer match, use faster loop but with setup expense */
2071
- unsigned char *runsrc, *rundest;
2073
- this_run = length;
2074
- if ((match_posn + this_run) > MSZIP_FRAME_SIZE)
2075
- this_run = MSZIP_FRAME_SIZE - match_posn;
2076
- if ((window_posn + this_run) > MSZIP_FRAME_SIZE)
2077
- this_run = MSZIP_FRAME_SIZE - window_posn;
2079
- rundest = &zip->window[window_posn]; window_posn += this_run;
2080
- runsrc = &zip->window[match_posn]; match_posn += this_run;
2081
- length -= this_run;
2082
- while (this_run--) *rundest++ = *runsrc++;
2084
- /* flush if necessary */
2085
- if (window_posn == MSZIP_FRAME_SIZE) {
2086
- if (zip->flush_window(zip, MSZIP_FRAME_SIZE))
2087
- return INF_ERR_FLUSH;
2090
- if (match_posn == MSZIP_FRAME_SIZE) match_posn = 0;
2091
- } while (length > 0);
2094
- } /* else (code >= 257) */
2096
- } /* while (forever) -- break point at 'code == 256' */
2097
- zip->window_posn = window_posn;
2100
- /* block_type == 3 -- bad block type */
2101
- return INF_ERR_BLOCKTYPE;
2103
- } while (!last_block);
2105
- /* flush the remaining data */
2106
- if (zip->window_posn) {
2107
- if (zip->flush_window(zip, zip->window_posn)) return INF_ERR_FLUSH;
2111
- /* return success */
2115
-/* inflate() calls this whenever the window should be flushed. As
2116
- * MSZIP only expands to the size of the window, the implementation used
2117
- * simply keeps track of the amount of data flushed, and if more than 32k
2118
- * is flushed, an error is raised.
2120
-static int mszip_flush_window(struct mszip_stream *zip,
2121
- unsigned int data_flushed)
2123
- zip->bytes_output += data_flushed;
2124
- if (zip->bytes_output > MSZIP_FRAME_SIZE) {
2125
- cli_dbgmsg("mszip_flush_window: overflow: %u bytes flushed, total is now %u\n", data_flushed, zip->bytes_output);
2131
-struct mszip_stream *mszip_init(int ofd,
2132
- int input_buffer_size,
2134
- struct cab_file *file,
2135
- int (*read_cb)(struct cab_file *, unsigned char *, int))
2137
- struct mszip_stream *zip;
2139
- input_buffer_size = (input_buffer_size + 1) & -2;
2140
- if (!input_buffer_size) return NULL;
2142
- /* allocate decompression state */
2143
- if (!(zip = cli_calloc(1, sizeof(struct mszip_stream)))) {
2144
- cli_errmsg("mszip_stream: Unable to allocate zip buffer\n");
2148
- /* allocate input buffer */
2149
- zip->inbuf = cli_malloc((size_t) input_buffer_size);
2150
- if (!zip->inbuf) {
2151
- cli_errmsg("mszip_stream: Unable to allocate input buffer\n");
2156
- /* initialise decompression state */
2159
- zip->inbuf_size = input_buffer_size;
2160
- zip->error = CL_SUCCESS;
2161
- zip->repair_mode = repair_mode;
2162
- zip->flush_window = &mszip_flush_window;
2163
- zip->input_end = 0;
2165
- zip->i_ptr = zip->i_end = &zip->inbuf[0];
2166
- zip->o_ptr = zip->o_end = NULL;
2167
- zip->bit_buffer = 0; zip->bits_left = 0;
2170
- zip->read_cb = read_cb;
2175
-int mszip_decompress(struct mszip_stream *zip, uint32_t out_bytes) {
2176
- /* for the bit buffer */
2177
- register unsigned int bit_buffer;
2178
- register int bits_left;
2179
- unsigned char *i_ptr, *i_end;
2181
- int i, ret, state, error;
2183
- /* easy answers */
2184
- if (!zip) return CL_ENULLARG;
2185
- if (zip->error) return zip->error;
2187
- /* flush out any stored-up bytes before we begin */
2188
- i = zip->o_end - zip->o_ptr;
2189
- if (((off_t) i > out_bytes) && ((int) out_bytes >= 0)) i = (int) out_bytes;
2191
- if (zip->wflag && (ret = mspack_write(zip->ofd, zip->o_ptr, i, zip->file)) != CL_SUCCESS) {
2192
- return zip->error = ret;
2197
- if (out_bytes == 0) return CL_SUCCESS;
2199
- while (out_bytes > 0) {
2200
- /* unpack another block */
2201
- MSZIP_RESTORE_BITS;
2203
- /* skip to next read 'CK' header */
2204
- i = bits_left & 7; MSZIP_REMOVE_BITS(i); /* align to bytestream */
2207
- MSZIP_READ_BITS(i, 8);
2208
- if (i == 'C') state = 1;
2209
- else if ((state == 1) && (i == 'K')) state = 2;
2211
- } while (state != 2);
2213
- /* inflate a block, repair and realign if necessary */
2214
- zip->window_posn = 0;
2215
- zip->bytes_output = 0;
2217
- if ((error = mszip_inflate(zip))) {
2218
- cli_dbgmsg("mszip_decompress: inflate error %d\n", error);
2219
- if (zip->repair_mode) {
2220
- cli_dbgmsg("mszip_decompress: MSZIP error, %u bytes of data lost\n",
2221
- MSZIP_FRAME_SIZE - zip->bytes_output);
2222
- for (i = zip->bytes_output; i < MSZIP_FRAME_SIZE; i++) {
2223
- zip->window[i] = '\0';
2225
- zip->bytes_output = MSZIP_FRAME_SIZE;
2228
- return zip->error = (error > 0) ? error : CL_EFORMAT;
2231
- zip->o_ptr = &zip->window[0];
2232
- zip->o_end = &zip->o_ptr[zip->bytes_output];
2234
- /* write a frame */
2235
- i = (out_bytes < (off_t)zip->bytes_output) ?
2236
- (int)out_bytes : zip->bytes_output;
2237
- if (zip->wflag && (ret = mspack_write(zip->ofd, zip->o_ptr, i, zip->file)) != CL_SUCCESS) {
2238
- return zip->error = ret;
2241
- /* mspack errors (i.e. read errors) are fatal and can't be recovered */
2242
- if ((error > 0) && zip->repair_mode) return error;
2249
- cli_dbgmsg("mszip_decompress: bytes left to output\n");
2251
- return CL_SUCCESS;
2254
-void mszip_free(struct mszip_stream *zip) {
2261
-/***************************************************************************
2262
- * LZX decompression implementation
2263
- ***************************************************************************
2264
- * The LZX method was created by Jonathan Forbes and Tomi Poutanen, adapted
2265
- * by Microsoft Corporation.
2269
-/* LZX decompressor input macros
2271
- * LZX_STORE_BITS stores bitstream state in lzx_stream structure
2272
- * LZX_RESTORE_BITS restores bitstream state from lzx_stream structure
2273
- * LZX_READ_BITS(var,n) takes N bits from the buffer and puts them in var
2274
- * LZX_ENSURE_BITS(n) ensures there are at least N bits in the bit buffer.
2275
- * LZX_PEEK_BITS(n) extracts without removing N bits from the bit buffer
2276
- * LZX_REMOVE_BITS(n) removes N bits from the bit buffer
2280
-#define LZX_BITBUF_WIDTH (sizeof(bit_buffer) * CHAR_BIT)
2282
-#define LZX_STORE_BITS do { \
2283
- lzx->i_ptr = i_ptr; \
2284
- lzx->i_end = i_end; \
2285
- lzx->bit_buffer = bit_buffer; \
2286
- lzx->bits_left = bits_left; \
2289
-#define LZX_RESTORE_BITS do { \
2290
- i_ptr = lzx->i_ptr; \
2291
- i_end = lzx->i_end; \
2292
- bit_buffer = lzx->bit_buffer; \
2293
- bits_left = lzx->bits_left; \
2296
-#define LZX_ENSURE_BITS(nbits) \
2297
- while (bits_left < (nbits)) { \
2298
- if (i_ptr + 1 >= i_end) { \
2299
- if (lzx_read_input(lzx)) return lzx->error; \
2300
- i_ptr = lzx->i_ptr; \
2301
- i_end = lzx->i_end; \
2303
- bit_buffer |= ((i_ptr[1] << 8) | i_ptr[0]) \
2304
- << (LZX_BITBUF_WIDTH - 16 - bits_left); \
2305
- bits_left += 16; \
2309
-#define LZX_PEEK_BITS(nbits) (bit_buffer >> (LZX_BITBUF_WIDTH - (nbits)))
2311
-#define LZX_REMOVE_BITS(nbits) ((bit_buffer <<= (nbits)), (bits_left -= (nbits)))
2313
-#define LZX_READ_BITS(val, nbits) do { \
2314
- LZX_ENSURE_BITS(nbits); \
2315
- (val) = LZX_PEEK_BITS(nbits); \
2316
- LZX_REMOVE_BITS(nbits); \
2319
-static int lzx_read_input(struct lzx_stream *lzx) {
2320
- int bread = lzx->read_cb(lzx->file, &lzx->inbuf[0], (int)lzx->inbuf_size);
2322
- if (lzx->file->error == CL_BREAK)
2323
- return lzx->error = CL_BREAK;
2325
- return lzx->error = CL_EFORMAT;
2328
- /* huff decode's ENSURE_BYTES(16) might overrun the input stream, even
2329
- * if those bits aren't used, so fake 2 more bytes */
2331
- if (lzx->input_end) {
2332
- cli_dbgmsg("lzx_read_input: out of input bytes\n");
2333
- return lzx->error = CL_EREAD;
2337
- lzx->inbuf[0] = lzx->inbuf[1] = 0;
2338
- lzx->input_end = 1;
2342
- lzx->i_ptr = &lzx->inbuf[0];
2343
- lzx->i_end = &lzx->inbuf[bread];
2345
- return CL_SUCCESS;
2348
-/* Huffman decoding macros */
2350
-/* LZX_READ_HUFFSYM(tablename, var) decodes one huffman symbol from the
2351
- * bitstream using the stated table and puts it in var.
2353
-#define LZX_READ_HUFFSYM(tbl, var) do { \
2354
- /* huffman symbols can be up to 16 bits long */ \
2355
- LZX_ENSURE_BITS(16); \
2356
- /* immediate table lookup of [tablebits] bits of the code */ \
2357
- sym = lzx->tbl##_table[LZX_PEEK_BITS(LZX_##tbl##_TABLEBITS)]; \
2358
- /* is the symbol is longer than [tablebits] bits? (i=node index) */ \
2359
- if (sym >= LZX_##tbl##_MAXSYMBOLS) { \
2360
- /* decode remaining bits by tree traversal */ \
2361
- i = 1 << (LZX_BITBUF_WIDTH - LZX_##tbl##_TABLEBITS); \
2363
- /* one less bit. error if we run out of bits before decode */ \
2366
- cli_dbgmsg("lzx: out of bits in huffman decode\n"); \
2367
- return lzx->error = CL_EFORMAT; \
2369
- /* double node index and add 0 (left branch) or 1 (right) */ \
2370
- sym <<= 1; sym |= (bit_buffer & i) ? 1 : 0; \
2371
- /* hop to next node index / decoded symbol */ \
2372
- if(sym >= (1 << LZX_##tbl##_TABLEBITS) + (LZX_##tbl##_MAXSYMBOLS * 2)) { \
2373
- cli_dbgmsg("lzx: index out of table\n"); \
2374
- return lzx->error = CL_EFORMAT; \
2376
- sym = lzx->tbl##_table[sym]; \
2377
- /* while we are still in node indicies, not decoded symbols */ \
2378
- } while (sym >= LZX_##tbl##_MAXSYMBOLS); \
2382
- /* look up the code length of that symbol and discard those bits */ \
2383
- i = lzx->tbl##_len[sym]; \
2384
- LZX_REMOVE_BITS(i); \
2387
-/* LZX_BUILD_TABLE(tbl) builds a huffman lookup table from code lengths */
2388
-#define LZX_BUILD_TABLE(tbl) \
2389
- if (lzx_make_decode_table(LZX_##tbl##_MAXSYMBOLS, LZX_##tbl##_TABLEBITS, \
2390
- &lzx->tbl##_len[0], &lzx->tbl##_table[0])) \
2392
- cli_dbgmsg("lzx: failed to build %s table\n", #tbl); \
2393
- return lzx->error = CL_EFORMAT; \
2396
-/* lzx_make_decode_table(nsyms, nbits, length[], table[])
2398
- * This function was coded by David Tritscher. It builds a fast huffman
2399
- * decoding table from a canonical huffman code lengths table.
2401
- * nsyms = total number of symbols in this huffman tree.
2402
- * nbits = any symbols with a code length of nbits or less can be decoded
2403
- * in one lookup of the table.
2404
- * length = A table to get code lengths from [0 to syms-1]
2405
- * table = The table to fill up with decoded symbols and pointers.
2407
- * Returns 0 for OK or 1 for error
2410
-static int lzx_make_decode_table(unsigned int nsyms, unsigned int nbits,
2411
- unsigned char *length, unsigned short *table)
2413
- register unsigned short sym;
2414
- register unsigned int leaf, fill;
2415
- register unsigned char bit_num;
2416
- unsigned int pos = 0; /* the current position in the decode table */
2417
- unsigned int table_mask = 1 << nbits;
2418
- unsigned int bit_mask = table_mask >> 1; /* don't do 0 length codes */
2419
- unsigned int next_symbol = bit_mask; /* base of allocation for long codes */
2421
- /* fill entries for codes short enough for a direct mapping */
2422
- for (bit_num = 1; bit_num <= nbits; bit_num++) {
2423
- for (sym = 0; sym < nsyms; sym++) {
2424
- if (length[sym] != bit_num) continue;
2426
- if((pos += bit_mask) > table_mask) return 1; /* table overrun */
2427
- /* fill all possible lookups of this symbol with the symbol itself */
2428
- for (fill = bit_mask; fill-- > 0;) table[leaf++] = sym;
2433
- /* full table already? */
2434
- if (pos == table_mask) return 0;
2436
- /* clear the remainder of the table */
2437
- for (sym = pos; sym < table_mask; sym++) table[sym] = 0xFFFF;
2439
- /* allow codes to be up to nbits+16 long, instead of nbits */
2441
- table_mask <<= 16;
2442
- bit_mask = 1 << 15;
2444
- for (bit_num = nbits+1; bit_num <= 16; bit_num++) {
2445
- for (sym = 0; sym < nsyms; sym++) {
2446
- if (length[sym] != bit_num) continue;
2449
- for (fill = 0; fill < bit_num - nbits; fill++) {
2450
- /* if this path hasn't been taken yet, 'allocate' two entries */
2451
- if (table[leaf] == 0xFFFF) {
2452
- table[(next_symbol << 1)] = 0xFFFF;
2453
- table[(next_symbol << 1) + 1] = 0xFFFF;
2454
- table[leaf] = next_symbol++;
2456
- /* follow the path and select either left or right for next bit */
2457
- leaf = table[leaf] << 1;
2458
- if ((pos >> (15-fill)) & 1) leaf++;
2460
- table[leaf] = sym;
2462
- if ((pos += bit_mask) > table_mask) return 1; /* table overflow */
2468
- if (pos == table_mask) return 0;
2470
- /* either erroneous table, or all elements are 0 - let's find out. */
2471
- for (sym = 0; sym < nsyms; sym++) if (length[sym]) return 1;
2475
-/* LZX_READ_LENGTHS(tablename, first, last) reads in code lengths for symbols
2476
- * first to last in the given table. The code lengths are stored in their
2477
- * own special LZX way.
2479
-#define LZX_READ_LENGTHS(tbl, first, last) do { \
2481
- if (lzx_read_lens(lzx, &lzx->tbl##_len[0], (first), \
2482
- (unsigned int)(last))) return lzx->error; \
2483
- LZX_RESTORE_BITS; \
2486
-static int lzx_read_lens(struct lzx_stream *lzx, unsigned char *lens,
2487
- unsigned int first, unsigned int last)
2489
- /* bit buffer and huffman symbol decode variables */
2490
- register unsigned int bit_buffer;
2491
- register int bits_left, i;
2492
- register unsigned short sym;
2493
- unsigned char *i_ptr, *i_end;
2495
- unsigned int x, y;
2500
- /* read lengths for pretree (20 symbols, lengths stored in fixed 4 bits) */
2501
- for (x = 0; x < 20; x++) {
2502
- LZX_READ_BITS(y, 4);
2503
- lzx->PRETREE_len[x] = y;
2505
- LZX_BUILD_TABLE(PRETREE);
2507
- for (x = first; x < last; ) {
2508
- LZX_READ_HUFFSYM(PRETREE, z);
2510
- /* code = 17, run of ([read 4 bits]+4) zeros */
2511
- LZX_READ_BITS(y, 4); y += 4;
2512
- while (y--) lens[x++] = 0;
2514
- else if (z == 18) {
2515
- /* code = 18, run of ([read 5 bits]+20) zeros */
2516
- LZX_READ_BITS(y, 5); y += 20;
2517
- while (y--) lens[x++] = 0;
2519
- else if (z == 19) {
2520
- /* code = 19, run of ([read 1 bit]+4) [read huffman symbol] */
2521
- LZX_READ_BITS(y, 1); y += 4;
2522
- LZX_READ_HUFFSYM(PRETREE, z);
2523
- z = lens[x] - z; if (z < 0) z += 17;
2524
- while (y--) lens[x++] = z;
2527
- /* code = 0 to 16, delta current length entry */
2528
- z = lens[x] - z; if (z < 0) z += 17;
2535
- return CL_SUCCESS;
2538
-static void lzx_reset_state(struct lzx_stream *lzx) {
2544
- lzx->header_read = 0;
2545
- lzx->block_remaining = 0;
2546
- lzx->block_type = LZX_BLOCKTYPE_INVALID;
2548
- /* initialise tables to 0 (because deltas will be applied to them) */
2549
- for (i = 0; i < LZX_MAINTREE_MAXSYMBOLS; i++) lzx->MAINTREE_len[i] = 0;
2550
- for (i = 0; i < LZX_LENGTH_MAXSYMBOLS; i++) lzx->LENGTH_len[i] = 0;
2553
-/*-------- main LZX code --------*/
2555
-struct lzx_stream *lzx_init(int ofd,
2557
- int reset_interval,
2558
- int input_buffer_size,
2559
- off_t output_length,
2560
- struct cab_file *file,
2561
- int (*read_cb)(struct cab_file *, unsigned char *, int))
2563
- unsigned int window_size = 1 << window_bits;
2564
- struct lzx_stream *lzx;
2567
- /* LZX supports window sizes of 2^15 (32Kb) through 2^21 (2Mb) */
2568
- if (window_bits < 15 || window_bits > 21) return NULL;
2570
- input_buffer_size = (input_buffer_size + 1) & -2;
2571
- if (!input_buffer_size) return NULL;
2573
- /* allocate decompression state */
2574
- if (!(lzx = cli_calloc(1, sizeof(struct lzx_stream)))) {
2578
- for (i = 0, j = 0; i < 51; i += 2) {
2579
- lzx->extra_bits[i] = j; /* 0,0,0,0,1,1,2,2,3,3,4,4,5,5,6,6,7,7... */
2581
- lzx->extra_bits[i+1] = j;
2582
- if ((i != 0) && (j < 17)) j++; /* 0,0,1,2,3,4...15,16,17,17,17,17... */
2585
- for (i = 0, j = 0; i < 51; i++) {
2586
- lzx->position_base[i] = j; /* 0,1,2,3,4,6,8,12,16,24,32,... */
2587
- j += 1 << lzx->extra_bits[i]; /* 1,1,1,1,2,2,4,4,8,8,16,16,32,32,... */
2590
- /* allocate decompression window and input buffer */
2591
- lzx->window = cli_calloc(1, (size_t) window_size);
2592
- if(!lzx->window) {
2597
- lzx->inbuf = cli_calloc(1, (size_t) input_buffer_size);
2598
- if (!lzx->inbuf) {
2599
- free(lzx->window);
2604
- /* initialise decompression state */
2608
- lzx->length = output_length;
2610
- lzx->read_cb = read_cb;
2612
- lzx->inbuf_size = input_buffer_size;
2613
- lzx->window_size = 1 << window_bits;
2614
- lzx->window_posn = 0;
2615
- lzx->frame_posn = 0;
2617
- lzx->reset_interval = reset_interval;
2618
- lzx->intel_filesize = 0;
2619
- lzx->intel_curpos = 0;
2621
- /* window bits: 15 16 17 18 19 20 21
2622
- * position slots: 30 32 34 36 38 42 50 */
2623
- lzx->posn_slots = ((window_bits == 21) ? 50 :
2624
- ((window_bits == 20) ? 42 : (window_bits << 1)));
2625
- lzx->intel_started = 0;
2626
- lzx->input_end = 0;
2628
- lzx->error = CL_SUCCESS;
2630
- lzx->i_ptr = lzx->i_end = &lzx->inbuf[0];
2631
- lzx->o_ptr = lzx->o_end = &lzx->e8_buf[0];
2632
- lzx->bit_buffer = lzx->bits_left = 0;
2634
- lzx_reset_state(lzx);
2638
-void lzx_set_output_length(struct lzx_stream *lzx, off_t out_bytes) {
2639
- if (lzx) lzx->length = out_bytes;
2642
-int lzx_decompress(struct lzx_stream *lzx, uint32_t out_bytes) {
2643
- /* bitstream reading and huffman variables */
2644
- register unsigned int bit_buffer;
2645
- register int bits_left, i=0;
2646
- register unsigned short sym;
2647
- unsigned char *i_ptr, *i_end;
2649
- int match_length, length_footer, extra, verbatim_bits, bytes_todo;
2650
- int this_run, main_element, aligned_bits, j, ret, warned=0;
2651
- unsigned char *window, *runsrc, *rundest, buf[12];
2652
- unsigned int frame_size=0, end_frame, match_offset, window_posn;
2653
- unsigned int R0, R1, R2;
2655
- /* easy answers */
2656
- if (!lzx) return CL_ENULLARG;
2657
- if (lzx->error) return lzx->error;
2659
- /* flush out any stored-up bytes before we begin */
2660
- i = lzx->o_end - lzx->o_ptr;
2661
- if (((off_t) i > out_bytes) && ((int) out_bytes >= 0)) i = (int) out_bytes;
2663
- if (lzx->wflag && (ret = mspack_write(lzx->ofd, lzx->o_ptr, i, lzx->file)) != CL_SUCCESS) {
2664
- return lzx->error = ret;
2670
- if (out_bytes == 0) return CL_SUCCESS;
2672
- /* restore local state */
2674
- window = lzx->window;
2675
- window_posn = lzx->window_posn;
2680
- end_frame = (unsigned int)((lzx->offset + out_bytes) / LZX_FRAME_SIZE) + 1;
2681
- cli_dbgmsg("lzx_decompress: end frame = %u\n", end_frame);
2683
- while (lzx->frame < end_frame) {
2684
- cli_dbgmsg("lzx_decompress: current frame = %u\n", lzx->frame);
2685
- /* have we reached the reset interval? (if there is one?) */
2686
- if (lzx->reset_interval && ((lzx->frame % lzx->reset_interval) == 0)) {
2687
- if (lzx->block_remaining) {
2688
- /* this is a file format error, but we need to extract what we can and scan that */
2689
- cli_dbgmsg("lzx_decompress: %d bytes remaining at reset interval\n", lzx->block_remaining);
2691
- cli_dbgmsg("Detected an invalid reset interval during decompression.\n");
2694
- if (!lzx->header_read) {
2695
- /* cannot continue if no header at all */
2696
- return lzx->error = CL_EFORMAT;
2699
- /* re-read the intel header and reset the huffman lengths */
2700
- lzx_reset_state(lzx);
2704
- /* read header if necessary */
2705
- if (!lzx->header_read) {
2706
- /* read 1 bit. if bit=0, intel filesize = 0.
2707
- * if bit=1, read intel filesize (32 bits) */
2708
- j = 0; LZX_READ_BITS(i, 1); if (i) { LZX_READ_BITS(i, 16); LZX_READ_BITS(j, 16); }
2709
- lzx->intel_filesize = (i << 16) | j;
2710
- lzx->header_read = 1;
2713
- /* calculate size of frame: all frames are 32k except the final frame
2714
- * which is 32kb or less. this can only be calculated when lzx->length
2715
- * has been filled in. */
2716
- frame_size = LZX_FRAME_SIZE;
2717
- if (lzx->length && (lzx->length - lzx->offset) < (off_t)frame_size) {
2718
- frame_size = lzx->length - lzx->offset;
2721
- /* decode until one more frame is available */
2722
- bytes_todo = lzx->frame_posn + frame_size - window_posn;
2723
- while (bytes_todo > 0) {
2724
- /* initialise new block, if one is needed */
2725
- if (lzx->block_remaining == 0) {
2726
- /* realign if previous block was an odd-sized UNCOMPRESSED block */
2727
- if ((lzx->block_type == LZX_BLOCKTYPE_UNCOMPRESSED) &&
2728
- (lzx->block_length & 1))
2730
- if (i_ptr == i_end) {
2731
- if (lzx_read_input(lzx)) return lzx->error;
2732
- i_ptr = lzx->i_ptr;
2733
- i_end = lzx->i_end;
2738
- /* read block type (3 bits) and block length (24 bits) */
2739
- LZX_READ_BITS(lzx->block_type, 3);
2740
- LZX_READ_BITS(i, 16); LZX_READ_BITS(j, 8);
2741
- lzx->block_remaining = lzx->block_length = (i << 8) | j;
2743
- /* read individual block headers */
2744
- switch (lzx->block_type) {
2745
- case LZX_BLOCKTYPE_ALIGNED:
2746
- /* read lengths of and build aligned huffman decoding tree */
2747
- for (i = 0; i < 8; i++) { LZX_READ_BITS(j, 3); lzx->ALIGNED_len[i] = j; }
2748
- LZX_BUILD_TABLE(ALIGNED);
2749
- /* no break -- rest of aligned header is same as verbatim */
2750
- case LZX_BLOCKTYPE_VERBATIM:
2751
- /* read lengths of and build main huffman decoding tree */
2752
- LZX_READ_LENGTHS(MAINTREE, 0, 256);
2753
- LZX_READ_LENGTHS(MAINTREE, 256, LZX_NUM_CHARS + (lzx->posn_slots << 3));
2754
- LZX_BUILD_TABLE(MAINTREE);
2755
- /* if the literal 0xE8 is anywhere in the block... */
2756
- if (lzx->MAINTREE_len[0xE8] != 0) lzx->intel_started = 1;
2757
- /* read lengths of and build lengths huffman decoding tree */
2758
- LZX_READ_LENGTHS(LENGTH, 0, LZX_NUM_SECONDARY_LENGTHS);
2759
- LZX_BUILD_TABLE(LENGTH);
2762
- case LZX_BLOCKTYPE_UNCOMPRESSED:
2763
- /* because we can't assume otherwise */
2764
- lzx->intel_started = 1;
2766
- /* read 1-16 (not 0-15) bits to align to bytes */
2767
- LZX_ENSURE_BITS(16);
2768
- if (bits_left > 16) i_ptr -= 2;
2769
- bits_left = 0; bit_buffer = 0;
2771
- /* read 12 bytes of stored R0 / R1 / R2 values */
2772
- for (rundest = &buf[0], i = 0; i < 12; i++) {
2773
- if (i_ptr == i_end) {
2774
- if (lzx_read_input(lzx)) return lzx->error;
2775
- i_ptr = lzx->i_ptr;
2776
- i_end = lzx->i_end;
2778
- *rundest++ = *i_ptr++;
2780
- R0 = buf[0] | (buf[1] << 8) | (buf[2] << 16) | (buf[3] << 24);
2781
- R1 = buf[4] | (buf[5] << 8) | (buf[6] << 16) | (buf[7] << 24);
2782
- R2 = buf[8] | (buf[9] << 8) | (buf[10] << 16) | (buf[11] << 24);
2786
- cli_dbgmsg("lzx_decompress: bad block type (0x%x)\n", lzx->block_type);
2787
- return lzx->error = CL_EFORMAT;
2791
- /* decode more of the block:
2792
- * run = min(what's available, what's needed) */
2793
- this_run = lzx->block_remaining;
2794
- if (this_run > bytes_todo) this_run = bytes_todo;
2796
- /* assume we decode exactly this_run bytes, for now */
2797
- bytes_todo -= this_run;
2798
- lzx->block_remaining -= this_run;
2800
- /* decode at least this_run bytes */
2801
- switch (lzx->block_type) {
2802
- case LZX_BLOCKTYPE_VERBATIM:
2803
- while (this_run > 0) {
2804
- LZX_READ_HUFFSYM(MAINTREE, main_element);
2805
- if (main_element < LZX_NUM_CHARS) {
2806
- /* literal: 0 to LZX_NUM_CHARS-1 */
2807
- window[window_posn++] = main_element;
2811
- /* match: LZX_NUM_CHARS + ((slot<<3) | length_header (3 bits)) */
2812
- main_element -= LZX_NUM_CHARS;
2814
- /* get match length */
2815
- match_length = main_element & LZX_NUM_PRIMARY_LENGTHS;
2816
- if (match_length == LZX_NUM_PRIMARY_LENGTHS) {
2817
- LZX_READ_HUFFSYM(LENGTH, length_footer);
2818
- match_length += length_footer;
2820
- match_length += LZX_MIN_MATCH;
2822
- /* get match offset */
2823
- switch ((match_offset = (main_element >> 3))) {
2824
- case 0: match_offset = R0; break;
2825
- case 1: match_offset = R1; R1=R0; R0 = match_offset; break;
2826
- case 2: match_offset = R2; R2=R0; R0 = match_offset; break;
2827
- case 3: match_offset = 1; R2=R1; R1=R0; R0 = match_offset; break;
2829
- extra = lzx->extra_bits[match_offset];
2830
- LZX_READ_BITS(verbatim_bits, extra);
2831
- match_offset = lzx->position_base[match_offset] - 2 + verbatim_bits;
2832
- R2 = R1; R1 = R0; R0 = match_offset;
2835
- if ((window_posn + match_length) > lzx->window_size) {
2836
- cli_dbgmsg("lzx_decompress: match ran over window wrap\n");
2837
- return lzx->error = CL_EFORMAT;
2841
- rundest = &window[window_posn];
2843
- /* does match offset wrap the window? */
2844
- if (match_offset > window_posn) {
2845
- /* j = length from match offset to end of window */
2846
- j = match_offset - window_posn;
2847
- if (j > (int) lzx->window_size) {
2848
- cli_dbgmsg("lzx_decompress: match offset beyond window boundaries\n");
2849
- return lzx->error = CL_EFORMAT;
2851
- runsrc = &window[lzx->window_size - j];
2853
- /* if match goes over the window edge, do two copy runs */
2854
- i -= j; while (j-- > 0) *rundest++ = *runsrc++;
2857
- while (i-- > 0) *rundest++ = *runsrc++;
2860
- runsrc = rundest - match_offset;
2861
- if(i > (int) (lzx->window_size - window_posn))
2862
- i = lzx->window_size - window_posn;
2863
- while (i-- > 0) *rundest++ = *runsrc++;
2866
- this_run -= match_length;
2867
- window_posn += match_length;
2869
- } /* while (this_run > 0) */
2872
- case LZX_BLOCKTYPE_ALIGNED:
2873
- while (this_run > 0) {
2874
- LZX_READ_HUFFSYM(MAINTREE, main_element);
2875
- if (main_element < LZX_NUM_CHARS) {
2876
- /* literal: 0 to LZX_NUM_CHARS-1 */
2877
- window[window_posn++] = main_element;
2881
- /* match: LZX_NUM_CHARS + ((slot<<3) | length_header (3 bits)) */
2882
- main_element -= LZX_NUM_CHARS;
2884
- /* get match length */
2885
- match_length = main_element & LZX_NUM_PRIMARY_LENGTHS;
2886
- if (match_length == LZX_NUM_PRIMARY_LENGTHS) {
2887
- LZX_READ_HUFFSYM(LENGTH, length_footer);
2888
- match_length += length_footer;
2890
- match_length += LZX_MIN_MATCH;
2892
- /* get match offset */
2893
- switch ((match_offset = (main_element >> 3))) {
2894
- case 0: match_offset = R0; break;
2895
- case 1: match_offset = R1; R1 = R0; R0 = match_offset; break;
2896
- case 2: match_offset = R2; R2 = R0; R0 = match_offset; break;
2898
- extra = lzx->extra_bits[match_offset];
2899
- match_offset = lzx->position_base[match_offset] - 2;
2901
- /* verbatim and aligned bits */
2903
- LZX_READ_BITS(verbatim_bits, extra);
2904
- match_offset += (verbatim_bits << 3);
2905
- LZX_READ_HUFFSYM(ALIGNED, aligned_bits);
2906
- match_offset += aligned_bits;
2908
- else if (extra == 3) {
2909
- /* aligned bits only */
2910
- LZX_READ_HUFFSYM(ALIGNED, aligned_bits);
2911
- match_offset += aligned_bits;
2913
- else if (extra > 0) { /* extra==1, extra==2 */
2914
- /* verbatim bits only */
2915
- LZX_READ_BITS(verbatim_bits, extra);
2916
- match_offset += verbatim_bits;
2918
- else /* extra == 0 */ {
2919
- /* ??? not defined in LZX specification! */
2922
- /* update repeated offset LRU queue */
2923
- R2 = R1; R1 = R0; R0 = match_offset;
2926
- if ((window_posn + match_length) > lzx->window_size) {
2927
- cli_dbgmsg("lzx_decompress: match ran over window wrap\n");
2928
- return lzx->error = CL_EFORMAT;
2932
- rundest = &window[window_posn];
2934
- /* does match offset wrap the window? */
2935
- if (match_offset > window_posn) {
2936
- /* j = length from match offset to end of window */
2937
- j = match_offset - window_posn;
2938
- if (j > (int) lzx->window_size) {
2939
- cli_dbgmsg("lzx_decompress: match offset beyond window boundaries\n");
2940
- return lzx->error = CL_EFORMAT;
2942
- runsrc = &window[lzx->window_size - j];
2944
- /* if match goes over the window edge, do two copy runs */
2945
- i -= j; while (j-- > 0) *rundest++ = *runsrc++;
2948
- while (i-- > 0) *rundest++ = *runsrc++;
2951
- runsrc = rundest - match_offset;
2952
- while (i-- > 0) *rundest++ = *runsrc++;
2955
- this_run -= match_length;
2956
- window_posn += match_length;
2958
- } /* while (this_run > 0) */
2961
- case LZX_BLOCKTYPE_UNCOMPRESSED:
2962
- /* as this_run is limited not to wrap a frame, this also means it
2963
- * won't wrap the window (as the window is a multiple of 32k) */
2964
- rundest = &window[window_posn];
2965
- window_posn += this_run;
2966
- while (this_run > 0) {
2967
- if ((i = i_end - i_ptr)) {
2968
- if (i > this_run) i = this_run;
2969
- memcpy(rundest, i_ptr, (size_t) i);
2975
- if (lzx_read_input(lzx)) return lzx->error;
2976
- i_ptr = lzx->i_ptr;
2977
- i_end = lzx->i_end;
2983
- return lzx->error = CL_EFORMAT; /* might as well */
2986
- /* did the final match overrun our desired this_run length? */
2987
- if (this_run < 0) {
2988
- if ((unsigned int)(-this_run) > lzx->block_remaining) {
2989
- cli_dbgmsg("lzx_decompress: overrun went past end of block by %d (%d remaining)\n", -this_run, lzx->block_remaining);
2990
- return lzx->error = CL_EFORMAT;
2992
- lzx->block_remaining -= -this_run;
2994
- } /* while (bytes_todo > 0) */
2996
- /* streams don't extend over frame boundaries */
2997
- if ((window_posn - lzx->frame_posn) != frame_size) {
2998
- cli_dbgmsg("lzx_decompress: decode beyond output frame limits! %d != %d\n", window_posn - lzx->frame_posn, frame_size);
2999
- return lzx->error = CL_EFORMAT;
3002
- /* re-align input bitstream */
3003
- if (bits_left > 0) LZX_ENSURE_BITS(16);
3004
- if (bits_left & 15) LZX_REMOVE_BITS(bits_left & 15);
3006
- /* check that we've used all of the previous frame first */
3007
- if (lzx->o_ptr != lzx->o_end) {
3008
- cli_dbgmsg("lzx_decompress: %ld avail bytes, new %d frame\n", lzx->o_end-lzx->o_ptr, frame_size);
3009
- return lzx->error = CL_EFORMAT;
3012
- /* does this intel block _really_ need decoding? */
3013
- if (lzx->intel_started && lzx->intel_filesize &&
3014
- (lzx->frame <= 32768) && (frame_size > 10))
3016
- unsigned char *data = &lzx->e8_buf[0];
3017
- unsigned char *dataend = &lzx->e8_buf[frame_size - 10];
3018
- signed int curpos = lzx->intel_curpos;
3019
- signed int filesize = lzx->intel_filesize;
3020
- signed int abs_off, rel_off;
3022
- /* copy e8 block to the e8 buffer and tweak if needed */
3023
- lzx->o_ptr = data;
3024
- memcpy(data, &lzx->window[lzx->frame_posn], frame_size);
3026
- while (data < dataend) {
3027
- if (*data++ != 0xE8) { curpos++; continue; }
3028
- abs_off = data[0] | (data[1]<<8) | (data[2]<<16) | (data[3]<<24);
3029
- if ((abs_off >= -curpos) && (abs_off < filesize)) {
3030
- rel_off = (abs_off >= 0) ? abs_off - curpos : abs_off + filesize;
3031
- data[0] = (unsigned char) rel_off;
3032
- data[1] = (unsigned char) (rel_off >> 8);
3033
- data[2] = (unsigned char) (rel_off >> 16);
3034
- data[3] = (unsigned char) (rel_off >> 24);
3039
- lzx->intel_curpos += frame_size;
3042
- lzx->o_ptr = &lzx->window[lzx->frame_posn];
3043
- if (lzx->intel_filesize) lzx->intel_curpos += frame_size;
3045
- lzx->o_end = &lzx->o_ptr[frame_size];
3047
- /* write a frame */
3048
- i = (out_bytes < (off_t)frame_size) ? (unsigned int)out_bytes : frame_size;
3049
- if (lzx->wflag && (ret = mspack_write(lzx->ofd, lzx->o_ptr, i, lzx->file)) != CL_SUCCESS) {
3050
- return lzx->error = ret;
3056
- /* advance frame start position */
3057
- lzx->frame_posn += frame_size;
3060
- /* wrap window / frame position pointers */
3061
- if (window_posn == lzx->window_size) window_posn = 0;
3062
- if (lzx->frame_posn == lzx->window_size) lzx->frame_posn = 0;
3064
- } /* while (lzx->frame < end_frame) */
3067
- cli_dbgmsg("lzx_decompress: bytes left to output\n");
3069
- /* store local state */
3071
- lzx->window_posn = window_posn;
3076
- return CL_SUCCESS;
3079
-void lzx_free(struct lzx_stream *lzx) {
3082
- free(lzx->window);
3087
-/***************************************************************************
3088
- * Quantum decompression implementation
3089
- ***************************************************************************
3090
- * The Quantum method was created by David Stafford, adapted by Microsoft
3093
- * This decompressor is based on an implementation by Matthew Russotto, used
3094
- * with permission.
3096
- * This decompressor was researched and implemented by Matthew Russotto. It
3097
- * has since been tidied up by Stuart Caie. More information can be found at
3098
- * http://www.speakeasy.org/~russotto/quantumcomp.html
3101
-/* Quantum decompressor bitstream reading macros
3103
- * QTM_STORE_BITS stores bitstream state in qtm_stream structure
3104
- * QTM_RESTORE_BITS restores bitstream state from qtm_stream structure
3105
- * QTM_READ_BITS(var,n) takes N bits from the buffer and puts them in var
3106
- * QTM_FILL_BUFFER if there is room for another 16 bits, reads another
3107
- * 16 bits from the input stream.
3108
- * QTM_PEEK_BITS(n) extracts without removing N bits from the bit buffer
3109
- * QTM_REMOVE_BITS(n) removes N bits from the bit buffer
3111
- * These bit access routines work by using the area beyond the MSB and the
3112
- * LSB as a free source of zeroes. This avoids having to mask any bits.
3113
- * So we have to know the bit width of the bitbuffer variable.
3116
-#define QTM_BITBUF_WIDTH (sizeof(unsigned int) * CHAR_BIT)
3118
-#define QTM_STORE_BITS do { \
3119
- qtm->i_ptr = i_ptr; \
3120
- qtm->i_end = i_end; \
3121
- qtm->bit_buffer = bit_buffer; \
3122
- qtm->bits_left = bits_left; \
3125
-#define QTM_RESTORE_BITS do { \
3126
- i_ptr = qtm->i_ptr; \
3127
- i_end = qtm->i_end; \
3128
- bit_buffer = qtm->bit_buffer; \
3129
- bits_left = qtm->bits_left; \
3132
-/* adds 16 bits to bit buffer, if there's space for the new bits */
3133
-#define QTM_FILL_BUFFER do { \
3134
- if (bits_left <= (QTM_BITBUF_WIDTH - 16)) { \
3135
- if (i_ptr >= i_end) { \
3136
- if (qtm_read_input(qtm)) return qtm->error; \
3137
- i_ptr = qtm->i_ptr; \
3138
- i_end = qtm->i_end; \
3140
- bit_buffer |= ((i_ptr[0] << 8) | i_ptr[1]) \
3141
- << (QTM_BITBUF_WIDTH - 16 - bits_left); \
3142
- bits_left += 16; \
3147
-#define QTM_PEEK_BITS(n) (bit_buffer >> (QTM_BITBUF_WIDTH - (n)))
3148
-#define QTM_REMOVE_BITS(n) ((bit_buffer <<= (n)), (bits_left -= (n)))
3150
-#define QTM_READ_BITS(val, bits) do { \
3152
- for (bits_needed = (bits); bits_needed > 0; bits_needed -= bit_run) { \
3153
- QTM_FILL_BUFFER; \
3154
- bit_run = (bits_left < bits_needed) ? bits_left : bits_needed; \
3155
- (val) = ((val) << bit_run) | QTM_PEEK_BITS(bit_run); \
3156
- QTM_REMOVE_BITS(bit_run); \
3160
-static int qtm_read_input(struct qtm_stream *qtm) {
3161
- int nread = qtm->read_cb(qtm->file, &qtm->inbuf[0], (int)qtm->inbuf_size);
3163
- if (qtm->file->error == CL_BREAK)
3164
- return qtm->error = CL_BREAK;
3166
- return qtm->error = CL_EFORMAT;
3170
- if (qtm->input_end) {
3171
- cli_dbgmsg("qtm_read_input: out of input bytes\n");
3172
- return qtm->error = CL_EREAD;
3176
- qtm->inbuf[0] = qtm->inbuf[1] = 0;
3177
- qtm->input_end = 1;
3181
- qtm->i_ptr = &qtm->inbuf[0];
3182
- qtm->i_end = &qtm->inbuf[nread];
3183
- return CL_SUCCESS;
3186
-/* Arithmetic decoder:
3188
- * QTM_GET_SYMBOL(model, var) fetches the next symbol from the stated model
3189
- * and puts it in var.
3191
- * If necessary, qtm_update_model() is called.
3193
-#define QTM_GET_SYMBOL(model, var) do { \
3194
- range = ((H - L) & 0xFFFF) + 1; \
3195
- symf = ((((C - L + 1) * model.syms[0].cumfreq)-1) / range) & 0xFFFF; \
3197
- for (i = 1; i < model.entries; i++) { \
3198
- if (model.syms[i].cumfreq <= symf) break; \
3200
- (var) = model.syms[i-1].sym; \
3202
- range = (H - L) + 1; \
3203
- symf = model.syms[0].cumfreq; \
3204
- H = L + ((model.syms[i-1].cumfreq * range) / symf) - 1; \
3205
- L = L + ((model.syms[i].cumfreq * range) / symf); \
3207
- do { model.syms[--i].cumfreq += 8; } while (i > 0); \
3208
- if (model.syms[0].cumfreq > 3800) qtm_update_model(&model); \
3211
- if ((L & 0x8000) != (H & 0x8000)) { \
3212
- if ((L & 0x4000) && !(H & 0x4000)) { \
3213
- /* underflow case */ \
3214
- C ^= 0x4000; L &= 0x3FFF; H |= 0x4000; \
3218
- L <<= 1; H = (H << 1) | 1; \
3219
- QTM_FILL_BUFFER; \
3220
- C = (C << 1) | QTM_PEEK_BITS(1); \
3221
- QTM_REMOVE_BITS(1); \
3225
-static void qtm_update_model(struct qtm_model *model) {
3226
- struct qtm_modelsym tmp;
3229
- if (--model->shiftsleft) {
3230
- for (i = model->entries - 1; i >= 0; i--) {
3231
- /* -1, not -2; the 0 entry saves this */
3232
- model->syms[i].cumfreq >>= 1;
3233
- if (model->syms[i].cumfreq <= model->syms[i+1].cumfreq) {
3234
- model->syms[i].cumfreq = model->syms[i+1].cumfreq + 1;
3239
- model->shiftsleft = 50;
3240
- for (i = 0; i < model->entries; i++) {
3241
- /* no -1, want to include the 0 entry */
3242
- /* this converts cumfreqs into frequencies, then shifts right */
3243
- model->syms[i].cumfreq -= model->syms[i+1].cumfreq;
3244
- model->syms[i].cumfreq++; /* avoid losing things entirely */
3245
- model->syms[i].cumfreq >>= 1;
3248
- /* now sort by frequencies, decreasing order -- this must be an
3249
- * inplace selection sort, or a sort with the same (in)stability
3250
- * characteristics */
3251
- for (i = 0; i < model->entries - 1; i++) {
3252
- for (j = i + 1; j < model->entries; j++) {
3253
- if (model->syms[i].cumfreq < model->syms[j].cumfreq) {
3254
- tmp = model->syms[i];
3255
- model->syms[i] = model->syms[j];
3256
- model->syms[j] = tmp;
3261
- /* then convert frequencies back to cumfreq */
3262
- for (i = model->entries - 1; i >= 0; i--) {
3263
- model->syms[i].cumfreq += model->syms[i+1].cumfreq;
3268
-/* Initialises a model to decode symbols from [start] to [start]+[len]-1 */
3269
-static void qtm_init_model(struct qtm_model *model,
3270
- struct qtm_modelsym *syms, int start, int len)
3274
- model->shiftsleft = 4;
3275
- model->entries = len;
3276
- model->syms = syms;
3278
- for (i = 0; i <= len; i++) {
3279
- syms[i].sym = start + i; /* actual symbol */
3280
- syms[i].cumfreq = len - i; /* current frequency of that symbol */
3285
-/*-------- main Quantum code --------*/
3287
-struct qtm_stream *qtm_init(int ofd,
3288
- int window_bits, int input_buffer_size,
3289
- struct cab_file *file,
3290
- int (*read_cb)(struct cab_file *, unsigned char *, int))
3292
- unsigned int window_size = 1 << window_bits;
3293
- struct qtm_stream *qtm;
3297
- /* Quantum supports window sizes of 2^10 (1Kb) through 2^21 (2Mb) */
3299
- /* tk: temporary fix: only process 32KB+ window sizes */
3300
- if (window_bits < 15 || window_bits > 21) return NULL;
3302
- input_buffer_size = (input_buffer_size + 1) & -2;
3303
- if (input_buffer_size < 2) return NULL;
3305
- /* allocate decompression state */
3306
- if (!(qtm = cli_calloc(1, sizeof(struct qtm_stream)))) {
3310
- for (i = 0, offset = 0; i < 42; i++) {
3311
- qtm->position_base[i] = offset;
3312
- qtm->extra_bits[i] = ((i < 2) ? 0 : (i - 2)) >> 1;
3313
- offset += 1 << qtm->extra_bits[i];
3316
- for (i = 0, offset = 0; i < 26; i++) {
3317
- qtm->length_base[i] = offset;
3318
- qtm->length_extra[i] = (i < 2 ? 0 : i - 2) >> 2;
3319
- offset += 1 << qtm->length_extra[i];
3321
- qtm->length_base[26] = 254; qtm->length_extra[26] = 0;
3323
- /* allocate decompression window and input buffer */
3324
- qtm->window = cli_malloc((size_t) window_size);
3325
- if (!qtm->window) {
3326
- cli_errmsg("qtm_init: Unable to allocate decompression window\n");
3331
- qtm->inbuf = cli_malloc((size_t) input_buffer_size);
3332
- if (!qtm->inbuf) {
3333
- cli_errmsg("qtm_init: Unable to allocate input buffer\n");
3334
- free(qtm->window);
3339
- /* initialise decompression state */
3342
- qtm->inbuf_size = input_buffer_size;
3343
- qtm->window_size = window_size;
3344
- qtm->window_posn = 0;
3345
- qtm->frame_start = 0;
3346
- qtm->header_read = 0;
3347
- qtm->error = CL_SUCCESS;
3349
- qtm->i_ptr = qtm->i_end = &qtm->inbuf[0];
3350
- qtm->o_ptr = qtm->o_end = &qtm->window[0];
3351
- qtm->bits_left = 0;
3352
- qtm->bit_buffer = 0;
3354
- /* initialise arithmetic coding models
3355
- * - model 4 depends on window size, ranges from 20 to 24
3356
- * - model 5 depends on window size, ranges from 20 to 36
3357
- * - model 6pos depends on window size, ranges from 20 to 42
3359
- i = window_bits * 2;
3360
- qtm_init_model(&qtm->model0, &qtm->m0sym[0], 0, 64);
3361
- qtm_init_model(&qtm->model1, &qtm->m1sym[0], 64, 64);
3362
- qtm_init_model(&qtm->model2, &qtm->m2sym[0], 128, 64);
3363
- qtm_init_model(&qtm->model3, &qtm->m3sym[0], 192, 64);
3364
- qtm_init_model(&qtm->model4, &qtm->m4sym[0], 0, (i > 24) ? 24 : i);
3365
- qtm_init_model(&qtm->model5, &qtm->m5sym[0], 0, (i > 36) ? 36 : i);
3366
- qtm_init_model(&qtm->model6, &qtm->m6sym[0], 0, i);
3367
- qtm_init_model(&qtm->model6len, &qtm->m6lsym[0], 0, 27);
3368
- qtm_init_model(&qtm->model7, &qtm->m7sym[0], 0, 7);
3371
- qtm->read_cb = read_cb;
3377
-int qtm_decompress(struct qtm_stream *qtm, uint32_t out_bytes) {
3378
- unsigned int frame_start, frame_end, window_posn, match_offset, range;
3379
- unsigned char *window, *i_ptr, *i_end, *runsrc, *rundest;
3380
- int i, j, selector, extra, sym, match_length, ret;
3381
- unsigned short H, L, C, symf;
3383
- register unsigned int bit_buffer;
3384
- register unsigned char bits_left;
3385
- unsigned char bits_needed, bit_run;
3387
- /* easy answers */
3388
- if (!qtm) return CL_ENULLARG;
3389
- if (qtm->error) return qtm->error;
3391
- /* flush out any stored-up bytes before we begin */
3392
- i = qtm->o_end - qtm->o_ptr;
3393
- if (((off_t) i > out_bytes) && ((int) out_bytes >= 0)) i = (int) out_bytes;
3395
- if (qtm->wflag && (ret = mspack_write(qtm->ofd, qtm->o_ptr, i, qtm->file)) != CL_SUCCESS) {
3396
- return qtm->error = ret;
3401
- if (out_bytes == 0) return CL_SUCCESS;
3403
- /* restore local state */
3405
- window = qtm->window;
3406
- window_posn = qtm->window_posn;
3407
- frame_start = qtm->frame_start;
3412
- /* while we do not have enough decoded bytes in reserve: */
3413
- while ((qtm->o_end - qtm->o_ptr) < out_bytes) {
3415
- /* read header if necessary. Initialises H, L and C */
3416
- if (!qtm->header_read) {
3417
- H = 0xFFFF; L = 0; QTM_READ_BITS(C, 16);
3418
- qtm->header_read = 1;
3421
- /* decode more, at most up to to frame boundary */
3422
- frame_end = window_posn + (out_bytes - (qtm->o_end - qtm->o_ptr));
3423
- if ((frame_start + QTM_FRAME_SIZE) < frame_end) {
3424
- frame_end = frame_start + QTM_FRAME_SIZE;
3426
- if (frame_end < window_posn) {
3427
- cli_dbgmsg("qtm_decompress: window position beyond end of frame\n");
3428
- return qtm->error = CL_EFORMAT;
3431
- while (window_posn < frame_end) {
3432
- QTM_GET_SYMBOL(qtm->model7, selector);
3433
- if (selector < 4) {
3434
- struct qtm_model *mdl = (selector == 0) ? &qtm->model0 :
3435
- ((selector == 1) ? &qtm->model1 :
3436
- ((selector == 2) ? &qtm->model2 :
3438
- QTM_GET_SYMBOL((*mdl), sym);
3439
- window[window_posn++] = sym;
3442
- switch (selector) {
3443
- case 4: /* selector 4 = fixed length match (3 bytes) */
3444
- QTM_GET_SYMBOL(qtm->model4, sym);
3445
- QTM_READ_BITS(extra, qtm->extra_bits[sym]);
3446
- match_offset = qtm->position_base[sym] + extra + 1;
3450
- case 5: /* selector 5 = fixed length match (4 bytes) */
3451
- QTM_GET_SYMBOL(qtm->model5, sym);
3452
- QTM_READ_BITS(extra, qtm->extra_bits[sym]);
3453
- match_offset = qtm->position_base[sym] + extra + 1;
3457
- case 6: /* selector 6 = variable length match */
3458
- QTM_GET_SYMBOL(qtm->model6len, sym);
3459
- QTM_READ_BITS(extra, qtm->length_extra[sym]);
3460
- match_length = qtm->length_base[sym] + extra + 5;
3462
- QTM_GET_SYMBOL(qtm->model6, sym);
3463
- QTM_READ_BITS(extra, qtm->extra_bits[sym]);
3464
- match_offset = qtm->position_base[sym] + extra + 1;
3468
- /* should be impossible, model7 can only return 0-6 */
3469
- return qtm->error = CL_EFORMAT;
3472
- if (window_posn + match_length > qtm->window_size) {
3473
- cli_dbgmsg("qtm_decompress: match ran over window wrap\n");
3474
- return qtm->error = CL_EFORMAT;
3477
- rundest = &window[window_posn];
3479
- /* does match offset wrap the window? */
3480
- if (match_offset > window_posn) {
3481
- /* j = length from match offset to end of window */
3482
- j = match_offset - window_posn;
3483
- if (j > (int) qtm->window_size) {
3484
- cli_dbgmsg("qtm_decompress: match offset beyond window boundaries\n");
3485
- return qtm->error = CL_EFORMAT;
3487
- runsrc = &window[qtm->window_size - j];
3489
- /* if match goes over the window edge, do two copy runs */
3490
- i -= j; while (j-- > 0) *rundest++ = *runsrc++;
3493
- while (i-- > 0) *rundest++ = *runsrc++;
3496
- runsrc = rundest - match_offset;
3497
- if(i > (int) (qtm->window_size - window_posn))
3498
- i = qtm->window_size - window_posn;
3499
- while (i-- > 0) *rundest++ = *runsrc++;
3501
- window_posn += match_length;
3503
- } /* while (window_posn < frame_end) */
3505
- qtm->o_end = &window[window_posn];
3507
- /* another frame completed? */
3508
- if ((window_posn - frame_start) >= QTM_FRAME_SIZE) {
3509
- if ((window_posn - frame_start) != QTM_FRAME_SIZE) {
3510
- cli_dbgmsg("qtm_decompress: overshot frame alignment\n");
3511
- return qtm->error = CL_EFORMAT;
3514
- /* re-align input */
3515
- if (bits_left & 7) QTM_REMOVE_BITS(bits_left & 7);
3516
- do { QTM_READ_BITS(i, 8); } while (i != 0xFF);
3517
- qtm->header_read = 0;
3519
- /* window wrap? */
3520
- if (window_posn == qtm->window_size) {
3521
- /* flush all currently stored data */
3522
- i = (qtm->o_end - qtm->o_ptr);
3525
- if (qtm->wflag && (ret = mspack_write(qtm->ofd, qtm->o_ptr, i, qtm->file)) != CL_SUCCESS) {
3526
- return qtm->error = ret;
3529
- qtm->o_ptr = &window[0];
3530
- qtm->o_end = &window[0];
3534
- frame_start = window_posn;
3537
- } /* while (more bytes needed) */
3539
- if (out_bytes > 0) {
3540
- i = (int) out_bytes;
3541
- if (qtm->wflag && (ret = mspack_write(qtm->ofd, qtm->o_ptr, i, qtm->file)) != CL_SUCCESS) {
3542
- return qtm->error = ret;
3547
- /* store local state */
3549
- qtm->window_posn = window_posn;
3550
- qtm->frame_start = frame_start;
3555
- return CL_SUCCESS;
3558
-void qtm_free(struct qtm_stream *qtm) {
3560
- free(qtm->window);
3565
diff --git a/libclamav/mspack.h b/libclamav/mspack.h
3566
deleted file mode 100644
3567
index 0ed472c..0000000
3568
--- a/libclamav/mspack.h
3572
- * This file includes code from libmspack adapted for libclamav by
3573
- * tkojm@clamav.net
3575
- * Copyright (C) 2003-2004 Stuart Caie
3577
- * This library is free software; you can redistribute it and/or
3578
- * modify it under the terms of the GNU Lesser General Public
3579
- * License version 2.1 as published by the Free Software Foundation.
3581
- * This library is distributed in the hope that it will be useful,
3582
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
3583
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
3584
- * Lesser General Public License for more details.
3586
- * You should have received a copy of the GNU Lesser General Public
3587
- * License along with this library; if not, write to the Free Software
3588
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
3595
-#include <sys/types.h>
3599
-/***************************************************************************
3600
- * MS-ZIP decompression definitions *
3601
- ***************************************************************************/
3603
-#define MSZIP_FRAME_SIZE (32768) /* size of LZ history window */
3604
-#define MSZIP_MAX_HUFFBITS (16) /* maximum huffman code length */
3605
-#define MSZIP_LITERAL_MAXSYMBOLS (288) /* literal/length huffman tree */
3606
-#define MSZIP_LITERAL_TABLEBITS (9)
3607
-#define MSZIP_DISTANCE_MAXSYMBOLS (32) /* distance huffman tree */
3608
-#define MSZIP_DISTANCE_TABLEBITS (6)
3610
-/* if there are less direct lookup entries than symbols, the longer
3611
- * code pointers will be <= maxsymbols. This must not happen, or we
3612
- * will decode entries badly */
3613
-#if (1 << MSZIP_LITERAL_TABLEBITS) < (MSZIP_LITERAL_MAXSYMBOLS * 2)
3614
-# define MSZIP_LITERAL_TABLESIZE (MSZIP_LITERAL_MAXSYMBOLS * 4)
3616
-# define MSZIP_LITERAL_TABLESIZE ((1 << MSZIP_LITERAL_TABLEBITS) + \
3617
- (MSZIP_LITERAL_MAXSYMBOLS * 2))
3620
-#if (1 << MSZIP_DISTANCE_TABLEBITS) < (MSZIP_DISTANCE_MAXSYMBOLS * 2)
3621
-# define MSZIP_DISTANCE_TABLESIZE (MSZIP_DISTANCE_MAXSYMBOLS * 4)
3623
-# define MSZIP_DISTANCE_TABLESIZE ((1 << MSZIP_DISTANCE_TABLEBITS) + \
3624
- (MSZIP_DISTANCE_MAXSYMBOLS * 2))
3627
-struct mszip_stream {
3628
- int ofd; /* output file descriptor */
3630
- /* inflate() will call this whenever the window should be emptied. */
3631
- int (*flush_window)(struct mszip_stream *, unsigned int);
3633
- int error, repair_mode, bytes_output, input_end;
3635
- /* I/O buffering */
3636
- unsigned char *inbuf, *i_ptr, *i_end, *o_ptr, *o_end;
3637
- unsigned int bit_buffer, bits_left, inbuf_size;
3639
- unsigned int window_posn; /* offset within window */
3641
- /* huffman code lengths */
3642
- unsigned char LITERAL_len[MSZIP_LITERAL_MAXSYMBOLS];
3643
- unsigned char DISTANCE_len[MSZIP_DISTANCE_MAXSYMBOLS];
3645
- /* huffman decoding tables */
3646
- unsigned short LITERAL_table [MSZIP_LITERAL_TABLESIZE];
3647
- unsigned short DISTANCE_table[MSZIP_DISTANCE_TABLESIZE];
3649
- /* 32kb history window */
3650
- unsigned char window[MSZIP_FRAME_SIZE];
3652
- /* cabinet related stuff */
3653
- struct cab_file *file;
3654
- int (*read_cb)(struct cab_file *, unsigned char *, int);
3656
- unsigned char wflag; /* write flag */
3657
- unsigned int last; /* prior end of content buffer */
3661
-struct mszip_stream *mszip_init(int ofd,
3662
- int input_buffer_size,
3664
- struct cab_file *file,
3665
- int (*read_cb)(struct cab_file *, unsigned char *, int));
3667
-extern int mszip_decompress(struct mszip_stream *zip, uint32_t out_bytes);
3669
-void mszip_free(struct mszip_stream *zip);
3672
-/***************************************************************************
3673
- * Quantum decompression definitions *
3674
- ***************************************************************************/
3676
-/* Quantum compression / decompression definitions */
3678
-#define QTM_FRAME_SIZE (32768)
3680
-struct qtm_modelsym {
3681
- unsigned short sym, cumfreq;
3685
- int shiftsleft, entries;
3686
- struct qtm_modelsym *syms;
3689
-struct qtm_stream {
3690
- int ofd; /* output file descriptor */
3692
- unsigned char *window; /* decoding window */
3693
- unsigned int window_size; /* window size */
3694
- unsigned int window_posn; /* decompression offset within window */
3695
- unsigned int frame_start; /* start of current frame within window */
3697
- unsigned short H, L, C; /* high/low/current: arith coding state */
3698
- unsigned char header_read; /* have we started decoding a new frame? */
3699
- unsigned char wflag; /* write flag */
3701
- int error, input_end;
3704
- unsigned int position_base[42];
3705
- unsigned char extra_bits[42], length_base[27], length_extra[27];
3707
- /* four literal models, each representing 64 symbols
3708
- * model0 for literals from 0 to 63 (selector = 0)
3709
- * model1 for literals from 64 to 127 (selector = 1)
3710
- * model2 for literals from 128 to 191 (selector = 2)
3711
- * model3 for literals from 129 to 255 (selector = 3) */
3712
- struct qtm_model model0, model1, model2, model3;
3714
- /* three match models.
3715
- * model4 for match with fixed length of 3 bytes
3716
- * model5 for match with fixed length of 4 bytes
3717
- * model6 for variable length match, encoded with model6len model */
3718
- struct qtm_model model4, model5, model6, model6len;
3720
- /* selector model. 0-6 to say literal (0,1,2,3) or match (4,5,6) */
3721
- struct qtm_model model7;
3723
- /* symbol arrays for all models */
3724
- struct qtm_modelsym m0sym[64 + 1];
3725
- struct qtm_modelsym m1sym[64 + 1];
3726
- struct qtm_modelsym m2sym[64 + 1];
3727
- struct qtm_modelsym m3sym[64 + 1];
3728
- struct qtm_modelsym m4sym[24 + 1];
3729
- struct qtm_modelsym m5sym[36 + 1];
3730
- struct qtm_modelsym m6sym[42 + 1], m6lsym[27 + 1];
3731
- struct qtm_modelsym m7sym[7 + 1];
3733
- /* I/O buffers - 1*/
3734
- unsigned int bit_buffer;
3736
- /* cabinet related stuff */
3737
- struct cab_file *file;
3738
- int (*read_cb)(struct cab_file *, unsigned char *, int);
3740
- /* I/O buffers - 2*/
3741
- unsigned char *inbuf, *i_ptr, *i_end, *o_ptr, *o_end;
3742
- unsigned int inbuf_size;
3743
- unsigned char bits_left;
3747
-extern struct qtm_stream *qtm_init(int ofd,
3749
- int input_buffer_size,
3750
- struct cab_file *file,
3751
- int (*read_cb)(struct cab_file *, unsigned char *, int));
3753
-extern int qtm_decompress(struct qtm_stream *qtm, uint32_t out_bytes);
3755
-void qtm_free(struct qtm_stream *qtm);
3757
-/***************************************************************************
3758
- * LZX decompression definitions *
3759
- ***************************************************************************/
3761
-/* some constants defined by the LZX specification */
3762
-#define LZX_MIN_MATCH (2)
3763
-#define LZX_MAX_MATCH (257)
3764
-#define LZX_NUM_CHARS (256)
3765
-#define LZX_BLOCKTYPE_INVALID (0) /* also blocktypes 4-7 invalid */
3766
-#define LZX_BLOCKTYPE_VERBATIM (1)
3767
-#define LZX_BLOCKTYPE_ALIGNED (2)
3768
-#define LZX_BLOCKTYPE_UNCOMPRESSED (3)
3769
-#define LZX_PRETREE_NUM_ELEMENTS (20)
3770
-#define LZX_ALIGNED_NUM_ELEMENTS (8) /* aligned offset tree #elements */
3771
-#define LZX_NUM_PRIMARY_LENGTHS (7) /* this one missing from spec! */
3772
-#define LZX_NUM_SECONDARY_LENGTHS (249) /* length tree #elements */
3774
-/* LZX huffman defines: tweak tablebits as desired */
3775
-#define LZX_PRETREE_MAXSYMBOLS (LZX_PRETREE_NUM_ELEMENTS)
3776
-#define LZX_PRETREE_TABLEBITS (6)
3777
-#define LZX_MAINTREE_MAXSYMBOLS (LZX_NUM_CHARS + 50*8)
3778
-#define LZX_MAINTREE_TABLEBITS (12)
3779
-#define LZX_LENGTH_MAXSYMBOLS (LZX_NUM_SECONDARY_LENGTHS+1)
3780
-#define LZX_LENGTH_TABLEBITS (12)
3781
-#define LZX_ALIGNED_MAXSYMBOLS (LZX_ALIGNED_NUM_ELEMENTS)
3782
-#define LZX_ALIGNED_TABLEBITS (7)
3783
-#define LZX_LENTABLE_SAFETY (64) /* table decoding overruns are allowed */
3785
-#define LZX_FRAME_SIZE (32768) /* the size of a frame in LZX */
3787
-struct lzx_stream {
3788
- int ofd; /* output file descriptor */
3790
- off_t offset; /* number of bytes actually output */
3791
- off_t length; /* overall decompressed length of stream */
3793
- unsigned char *window; /* decoding window */
3794
- unsigned int window_size; /* window size */
3795
- unsigned int window_posn; /* decompression offset within window */
3796
- unsigned int frame_posn; /* current frame offset within in window */
3797
- unsigned int frame; /* the number of 32kb frames processed */
3798
- unsigned int reset_interval; /* which frame do we reset the compressor? */
3800
- unsigned int R0, R1, R2; /* for the LRU offset system */
3801
- unsigned int block_length; /* uncompressed length of this LZX block */
3802
- unsigned int block_remaining; /* uncompressed bytes still left to decode */
3804
- signed int intel_filesize; /* magic header value used for transform */
3805
- signed int intel_curpos; /* current offset in transform space */
3807
- unsigned char intel_started; /* has intel E8 decoding started? */
3808
- unsigned char block_type; /* type of the current block */
3809
- unsigned char header_read; /* have we started decoding at all yet? */
3810
- unsigned char posn_slots; /* how many posn slots in stream? */
3814
- /* I/O buffering */
3815
- unsigned char *inbuf, *i_ptr, *i_end, *o_ptr, *o_end;
3816
- unsigned int bit_buffer, bits_left, inbuf_size;
3818
- /* huffman code lengths */
3819
- unsigned char PRETREE_len [LZX_PRETREE_MAXSYMBOLS + LZX_LENTABLE_SAFETY];
3820
- unsigned char MAINTREE_len [LZX_MAINTREE_MAXSYMBOLS + LZX_LENTABLE_SAFETY];
3821
- unsigned char LENGTH_len [LZX_LENGTH_MAXSYMBOLS + LZX_LENTABLE_SAFETY];
3822
- unsigned char ALIGNED_len [LZX_ALIGNED_MAXSYMBOLS + LZX_LENTABLE_SAFETY];
3824
- /* huffman decoding tables */
3825
- unsigned short PRETREE_table [(1 << LZX_PRETREE_TABLEBITS) +
3826
- (LZX_PRETREE_MAXSYMBOLS * 2)];
3827
- unsigned short MAINTREE_table[(1 << LZX_MAINTREE_TABLEBITS) +
3828
- (LZX_MAINTREE_MAXSYMBOLS * 2)];
3829
- unsigned short LENGTH_table [(1 << LZX_LENGTH_TABLEBITS) +
3830
- (LZX_LENGTH_MAXSYMBOLS * 2)];
3831
- unsigned short ALIGNED_table [(1 << LZX_ALIGNED_TABLEBITS) +
3832
- (LZX_ALIGNED_MAXSYMBOLS * 2)];
3833
- unsigned char input_end; /* have we reached the end of input? */
3834
- unsigned char wflag; /* write flag */
3836
- /* this is used purely for doing the intel E8 transform */
3837
- unsigned char e8_buf[LZX_FRAME_SIZE];
3839
- unsigned int position_base[51];
3841
- /* cabinet related stuff */
3842
- struct cab_file *file;
3843
- int (*read_cb)(struct cab_file *, unsigned char *, int);
3845
- unsigned char extra_bits[51];
3849
-struct lzx_stream *lzx_init(int ofd,
3851
- int reset_interval,
3852
- int input_buffer_size,
3853
- off_t output_length,
3854
- struct cab_file *file,
3855
- int (*read_cb)(struct cab_file *, unsigned char *, int));
3857
-extern void lzx_set_output_length(struct lzx_stream *lzx,
3858
- off_t output_length);
3860
-extern int lzx_decompress(struct lzx_stream *lzx, uint32_t out_bytes);
3862
-void lzx_free(struct lzx_stream *lzx);
3865
diff --git a/libclamav/scanners.c b/libclamav/scanners.c
3866
index 7f55da7..9de4f88 100644
3867
--- a/libclamav/scanners.c
3868
+++ b/libclamav/scanners.c
3870
#include "vba_extract.h"
3871
#include "msexpand.h"
3873
-#include "chmunpack.h"
3874
+#include "libmspack.h"
3877
#include "filetypes.h"
3882
-#include "mspack.h"
3886
#include "nsis/nulsft.h"
3887
@@ -853,82 +851,6 @@ static int cli_scanszdd(cli_ctx *ctx)
3891
-static int cli_scanmscab(cli_ctx *ctx, off_t sfx_offset)
3895
- unsigned int files = 0;
3896
- struct cab_archive cab;
3897
- struct cab_file *file;
3898
- unsigned int corrupted_input;
3899
- unsigned int viruses_found = 0;
3901
- cli_dbgmsg("in cli_scanmscab()\n");
3903
- if((ret = cab_open(*ctx->fmap, sfx_offset, &cab)))
3906
- for(file = cab.files; file; file = file->next) {
3909
- if(cli_matchmeta(ctx, file->name, 0, file->length, 0, files, 0, NULL) == CL_VIRUS) {
3917
- if(ctx->engine->maxscansize && ctx->scansize >= ctx->engine->maxscansize) {
3922
- if(!(tempname = cli_gentemp(ctx->engine->tmpdir))) {
3927
- if(ctx->engine->maxscansize && ctx->scansize + ctx->engine->maxfilesize >= ctx->engine->maxscansize)
3928
- file->max_size = ctx->engine->maxscansize - ctx->scansize;
3930
- file->max_size = ctx->engine->maxfilesize ? ctx->engine->maxfilesize : 0xffffffff;
3932
- cli_dbgmsg("CAB: Extracting file %s to %s, size %u, max_size: %u\n", file->name, tempname, file->length, (unsigned int) file->max_size);
3933
- file->written_size = 0;
3934
- if((ret = cab_extract(file, tempname))) {
3935
- cli_dbgmsg("CAB: Failed to extract file: %s\n", cl_strerror(ret));
3937
- corrupted_input = ctx->corrupted_input;
3938
- if(file->length != file->written_size) {
3939
- cli_dbgmsg("CAB: Length from header %u but wrote %u bytes\n", (unsigned int) file->length, (unsigned int) file->written_size);
3940
- ctx->corrupted_input = 1;
3942
- ret = cli_scanfile(tempname, ctx);
3943
- ctx->corrupted_input = corrupted_input;
3945
- if(!ctx->engine->keeptmp) {
3946
- if (!access(tempname, R_OK) && cli_unlink(tempname)) {
3953
- if(ret == CL_VIRUS) {
3962
- if (viruses_found)
3967
static int vba_scandata(const unsigned char *data, unsigned int len, cli_ctx *ctx)
3969
struct cli_matcher *groot = ctx->engine->root[0];
3970
@@ -1568,72 +1490,6 @@ static int cli_scantar(cli_ctx *ctx, unsigned int posix)
3974
-static int cli_scanmschm(cli_ctx *ctx)
3976
- int ret = CL_CLEAN, rc;
3977
- chm_metadata_t metadata;
3979
- unsigned int viruses_found = 0;
3981
- cli_dbgmsg("in cli_scanmschm()\n");
3983
- /* generate the temporary directory */
3984
- if(!(dir = cli_gentemp(ctx->engine->tmpdir)))
3987
- if(mkdir(dir, 0700)) {
3988
- cli_dbgmsg("CHM: Can't create temporary directory %s\n", dir);
3990
- return CL_ETMPDIR;
3993
- ret = cli_chm_open(dir, &metadata, ctx);
3994
- if (ret != CL_SUCCESS) {
3995
- if(!ctx->engine->keeptmp)
3998
- cli_dbgmsg("CHM: Error: %s\n", cl_strerror(ret));
4003
- ret = cli_chm_prepare_file(&metadata);
4004
- if (ret != CL_SUCCESS) {
4007
- ret = cli_chm_extract_file(dir, &metadata, ctx);
4008
- if (ret == CL_SUCCESS) {
4009
- rc = cli_magic_scandesc(metadata.ofd, ctx);
4010
- close(metadata.ofd);
4011
- if (rc == CL_VIRUS) {
4012
- cli_dbgmsg("CHM: infected with %s\n", cli_get_last_virus(ctx));
4022
- } while(ret == CL_SUCCESS);
4024
- cli_chm_close(&metadata);
4026
- if(!ctx->engine->keeptmp)
4031
- cli_dbgmsg("CHM: Exit code: %d\n", ret);
4032
- if (ret == CL_BREAK)
4035
- if (SCAN_ALL && viruses_found)
4040
static int cli_scanscrenc(cli_ctx *ctx)