1/*- 2* Copyright (c) 2003-2007 Tim Kientzle 3* Copyright (c) 2011 Andres Mejia 4* All rights reserved. 5* 6* Redistribution and use in source and binary forms, with or without 7* modification, are permitted provided that the following conditions 8* are met: 9* 1. Redistributions of source code must retain the above copyright 10* notice, this list of conditions and the following disclaimer. 11* 2. Redistributions in binary form must reproduce the above copyright 12* notice, this list of conditions and the following disclaimer in the 13* documentation and/or other materials provided with the distribution. 14* 15* THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 16* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18* IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 19* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25*/ 26 27#include "archive_platform.h" 28 29#ifdef HAVE_ERRNO_H 30#include <errno.h> 31#endif 32#include <time.h> 33#include <limits.h> 34#ifdef HAVE_ZLIB_H 35#include <zlib.h> /* crc32 */ 36#endif 37 38#include "archive.h" 39#ifndef HAVE_ZLIB_H 40#include "archive_crc32.h" 41#endif 42#include "archive_endian.h" 43#include "archive_entry.h" 44#include "archive_entry_locale.h" 45#include "archive_ppmd7_private.h" 46#include "archive_private.h" 47#include "archive_read_private.h" 48 49/* RAR signature, also known as the mark header */ 50#define RAR_SIGNATURE "\x52\x61\x72\x21\x1A\x07\x00" 51 52/* Header types */ 53#define MARK_HEAD 0x72 54#define MAIN_HEAD 0x73 55#define FILE_HEAD 0x74 56#define COMM_HEAD 0x75 57#define AV_HEAD 0x76 58#define SUB_HEAD 0x77 59#define PROTECT_HEAD 0x78 60#define SIGN_HEAD 0x79 61#define NEWSUB_HEAD 0x7a 62#define ENDARC_HEAD 0x7b 63 64/* Main Header Flags */ 65#define MHD_VOLUME 0x0001 66#define MHD_COMMENT 0x0002 67#define MHD_LOCK 0x0004 68#define MHD_SOLID 0x0008 69#define MHD_NEWNUMBERING 0x0010 70#define MHD_AV 0x0020 71#define MHD_PROTECT 0x0040 72#define MHD_PASSWORD 0x0080 73#define MHD_FIRSTVOLUME 0x0100 74#define MHD_ENCRYPTVER 0x0200 75 76/* Flags common to all headers */ 77#define HD_MARKDELETION 0x4000 78#define HD_ADD_SIZE_PRESENT 0x8000 79 80/* File Header Flags */ 81#define FHD_SPLIT_BEFORE 0x0001 82#define FHD_SPLIT_AFTER 0x0002 83#define FHD_PASSWORD 0x0004 84#define FHD_COMMENT 0x0008 85#define FHD_SOLID 0x0010 86#define FHD_LARGE 0x0100 87#define FHD_UNICODE 0x0200 88#define FHD_SALT 0x0400 89#define FHD_VERSION 0x0800 90#define FHD_EXTTIME 0x1000 91#define FHD_EXTFLAGS 0x2000 92 93/* File dictionary sizes */ 94#define DICTIONARY_SIZE_64 0x00 95#define DICTIONARY_SIZE_128 0x20 96#define DICTIONARY_SIZE_256 0x40 97#define DICTIONARY_SIZE_512 0x60 98#define DICTIONARY_SIZE_1024 0x80 99#define DICTIONARY_SIZE_2048 0xA0 100#define DICTIONARY_SIZE_4096 0xC0 101#define FILE_IS_DIRECTORY 0xE0 102#define DICTIONARY_MASK FILE_IS_DIRECTORY 103 104/* OS Flags */ 105#define OS_MSDOS 0 106#define OS_OS2 1 107#define OS_WIN32 2 108#define OS_UNIX 3 109#define OS_MAC_OS 4 110#define OS_BEOS 5 111 112/* Compression Methods */ 113#define COMPRESS_METHOD_STORE 0x30 114/* LZSS */ 115#define COMPRESS_METHOD_FASTEST 0x31 116#define COMPRESS_METHOD_FAST 0x32 117#define COMPRESS_METHOD_NORMAL 0x33 118/* PPMd Variant H */ 119#define COMPRESS_METHOD_GOOD 0x34 120#define COMPRESS_METHOD_BEST 0x35 121 122#define CRC_POLYNOMIAL 0xEDB88320 123 124#define NS_UNIT 10000000 125 126#define DICTIONARY_MAX_SIZE 0x400000 127 128#define MAINCODE_SIZE 299 129#define OFFSETCODE_SIZE 60 130#define LOWOFFSETCODE_SIZE 17 131#define LENGTHCODE_SIZE 28 132#define HUFFMAN_TABLE_SIZE \ 133 MAINCODE_SIZE + OFFSETCODE_SIZE + LOWOFFSETCODE_SIZE + LENGTHCODE_SIZE 134 135#define MAX_SYMBOL_LENGTH 0xF 136#define MAX_SYMBOLS 20 137 138/* 139 * Considering L1,L2 cache miss and a calling of write system-call, 140 * the best size of the output buffer(uncompressed buffer) is 128K. 141 * If the structure of extracting process is changed, this value 142 * might be researched again. 143 */ 144#define UNP_BUFFER_SIZE (128 * 1024) 145 146/* Define this here for non-Windows platforms */ 147#if !((defined(__WIN32__) || defined(_WIN32) || defined(__WIN32)) && !defined(__CYGWIN__)) 148#define FILE_ATTRIBUTE_DIRECTORY 0x10 149#endif 150 151/* Fields common to all headers */ 152struct rar_header 153{ 154 char crc[2]; 155 char type; 156 char flags[2]; 157 char size[2]; 158}; 159 160/* Fields common to all file headers */ 161struct rar_file_header 162{ 163 char pack_size[4]; 164 char unp_size[4]; 165 char host_os; 166 char file_crc[4]; 167 char file_time[4]; 168 char unp_ver; 169 char method; 170 char name_size[2]; 171 char file_attr[4]; 172}; 173 174struct huffman_tree_node 175{ 176 int branches[2]; 177}; 178 179struct huffman_table_entry 180{ 181 unsigned int length; 182 int value; 183}; 184 185struct huffman_code 186{ 187 struct huffman_tree_node *tree; 188 int numentries; 189 int minlength; 190 int maxlength; 191 int tablesize; 192 struct huffman_table_entry *table; 193}; 194 195struct lzss 196{ 197 unsigned char *window; 198 int mask; 199 int64_t position; 200}; 201 202struct data_block_offsets 203{ 204 int64_t header_size; 205 int64_t start_offset; 206 int64_t end_offset; 207}; 208 209struct rar 210{ 211 /* Entries from main RAR header */ 212 unsigned main_flags; 213 unsigned long file_crc; 214 char reserved1[2]; 215 char reserved2[4]; 216 char encryptver; 217 218 /* File header entries */ 219 char compression_method; 220 unsigned file_flags; 221 int64_t packed_size; 222 int64_t unp_size; 223 time_t mtime; 224 long mnsec; 225 mode_t mode; 226 char *filename; 227 char *filename_save; 228 size_t filename_allocated; 229 230 /* File header optional entries */ 231 char salt[8]; 232 time_t atime; 233 long ansec; 234 time_t ctime; 235 long cnsec; 236 time_t arctime; 237 long arcnsec; 238 239 /* Fields to help with tracking decompression of files. */ 240 int64_t bytes_unconsumed; 241 int64_t bytes_remaining; 242 int64_t bytes_uncopied; 243 int64_t offset; 244 int64_t offset_outgoing; 245 int64_t offset_seek; 246 char valid; 247 unsigned int unp_offset; 248 unsigned int unp_buffer_size; 249 unsigned char *unp_buffer; 250 unsigned int dictionary_size; 251 char start_new_block; 252 char entry_eof; 253 unsigned long crc_calculated; 254 int found_first_header; 255 char has_endarc_header; 256 struct data_block_offsets *dbo; 257 unsigned int cursor; 258 unsigned int nodes; 259 260 /* LZSS members */ 261 struct huffman_code maincode; 262 struct huffman_code offsetcode; 263 struct huffman_code lowoffsetcode; 264 struct huffman_code lengthcode; 265 unsigned char lengthtable[HUFFMAN_TABLE_SIZE]; 266 struct lzss lzss; 267 char output_last_match; 268 unsigned int lastlength; 269 unsigned int lastoffset; 270 unsigned int oldoffset[4]; 271 unsigned int lastlowoffset; 272 unsigned int numlowoffsetrepeats; 273 int64_t filterstart; 274 char start_new_table; 275 276 /* PPMd Variant H members */ 277 char ppmd_valid; 278 char ppmd_eod; 279 char is_ppmd_block; 280 int ppmd_escape; 281 CPpmd7 ppmd7_context; 282 CPpmd7z_RangeDec range_dec; 283 IByteIn bytein; 284 285 /* 286 * String conversion object. 287 */ 288 int init_default_conversion; 289 struct archive_string_conv *sconv_default; 290 struct archive_string_conv *opt_sconv; 291 struct archive_string_conv *sconv_utf8; 292 struct archive_string_conv *sconv_utf16be; 293 294 /* 295 * Bit stream reader. 296 */ 297 struct rar_br { 298#define CACHE_TYPE uint64_t 299#define CACHE_BITS (8 * sizeof(CACHE_TYPE)) 300 /* Cache buffer. */ 301 CACHE_TYPE cache_buffer; 302 /* Indicates how many bits avail in cache_buffer. */ 303 int cache_avail; 304 ssize_t avail_in; 305 const unsigned char *next_in; 306 } br; 307}; 308 309static int archive_read_format_rar_bid(struct archive_read *, int); 310static int archive_read_format_rar_options(struct archive_read *, 311 const char *, const char *); 312static int archive_read_format_rar_read_header(struct archive_read *, 313 struct archive_entry *); 314static int archive_read_format_rar_read_data(struct archive_read *, 315 const void **, size_t *, int64_t *); 316static int archive_read_format_rar_read_data_skip(struct archive_read *a); 317static int64_t archive_read_format_rar_seek_data(struct archive_read *, int64_t, 318 int); 319static int archive_read_format_rar_cleanup(struct archive_read *); 320 321/* Support functions */ 322static int read_header(struct archive_read *, struct archive_entry *, char); 323static time_t get_time(int); 324static int read_exttime(const char *, struct rar *, const char *); 325static int read_symlink_stored(struct archive_read *, struct archive_entry *, 326 struct archive_string_conv *); 327static int read_data_stored(struct archive_read *, const void **, size_t *, 328 int64_t *); 329static int read_data_compressed(struct archive_read *, const void **, size_t *, 330 int64_t *); 331static int rar_br_preparation(struct archive_read *, struct rar_br *); 332static int parse_codes(struct archive_read *); 333static void free_codes(struct archive_read *); 334static int read_next_symbol(struct archive_read *, struct huffman_code *); 335static int create_code(struct archive_read *, struct huffman_code *, 336 unsigned char *, int, char); 337static int add_value(struct archive_read *, struct huffman_code *, int, int, 338 int); 339static int new_node(struct huffman_code *); 340static int make_table(struct archive_read *, struct huffman_code *); 341static int make_table_recurse(struct archive_read *, struct huffman_code *, int, 342 struct huffman_table_entry *, int, int); 343static int64_t expand(struct archive_read *, int64_t); 344static int copy_from_lzss_window(struct archive_read *, const void **, 345 int64_t, int); 346static const void *rar_read_ahead(struct archive_read *, size_t, ssize_t *); 347 348/* 349 * Bit stream reader. 350 */ 351/* Check that the cache buffer has enough bits. */ 352#define rar_br_has(br, n) ((br)->cache_avail >= n) 353/* Get compressed data by bit. */ 354#define rar_br_bits(br, n) \ 355 (((uint32_t)((br)->cache_buffer >> \ 356 ((br)->cache_avail - (n)))) & cache_masks[n]) 357#define rar_br_bits_forced(br, n) \ 358 (((uint32_t)((br)->cache_buffer << \ 359 ((n) - (br)->cache_avail))) & cache_masks[n]) 360/* Read ahead to make sure the cache buffer has enough compressed data we 361 * will use. 362 * True : completed, there is enough data in the cache buffer. 363 * False : there is no data in the stream. */ 364#define rar_br_read_ahead(a, br, n) \ 365 ((rar_br_has(br, (n)) || rar_br_fillup(a, br)) || rar_br_has(br, (n))) 366/* Notify how many bits we consumed. */ 367#define rar_br_consume(br, n) ((br)->cache_avail -= (n)) 368#define rar_br_consume_unalined_bits(br) ((br)->cache_avail &= ~7) 369 370static const uint32_t cache_masks[] = { 371 0x00000000, 0x00000001, 0x00000003, 0x00000007, 372 0x0000000F, 0x0000001F, 0x0000003F, 0x0000007F, 373 0x000000FF, 0x000001FF, 0x000003FF, 0x000007FF, 374 0x00000FFF, 0x00001FFF, 0x00003FFF, 0x00007FFF, 375 0x0000FFFF, 0x0001FFFF, 0x0003FFFF, 0x0007FFFF, 376 0x000FFFFF, 0x001FFFFF, 0x003FFFFF, 0x007FFFFF, 377 0x00FFFFFF, 0x01FFFFFF, 0x03FFFFFF, 0x07FFFFFF, 378 0x0FFFFFFF, 0x1FFFFFFF, 0x3FFFFFFF, 0x7FFFFFFF, 379 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF 380}; 381 382/* 383 * Shift away used bits in the cache data and fill it up with following bits. 384 * Call this when cache buffer does not have enough bits you need. 385 * 386 * Returns 1 if the cache buffer is full. 387 * Returns 0 if the cache buffer is not full; input buffer is empty. 388 */ 389static int 390rar_br_fillup(struct archive_read *a, struct rar_br *br) 391{ 392 struct rar *rar = (struct rar *)(a->format->data); 393 int n = CACHE_BITS - br->cache_avail; 394 395 for (;;) { 396 switch (n >> 3) { 397 case 8: 398 if (br->avail_in >= 8) { 399 br->cache_buffer = 400 ((uint64_t)br->next_in[0]) << 56 | 401 ((uint64_t)br->next_in[1]) << 48 | 402 ((uint64_t)br->next_in[2]) << 40 | 403 ((uint64_t)br->next_in[3]) << 32 | 404 ((uint32_t)br->next_in[4]) << 24 | 405 ((uint32_t)br->next_in[5]) << 16 | 406 ((uint32_t)br->next_in[6]) << 8 | 407 (uint32_t)br->next_in[7]; 408 br->next_in += 8; 409 br->avail_in -= 8; 410 br->cache_avail += 8 * 8; 411 rar->bytes_unconsumed += 8; 412 rar->bytes_remaining -= 8; 413 return (1); 414 } 415 break; 416 case 7: 417 if (br->avail_in >= 7) { 418 br->cache_buffer = 419 (br->cache_buffer << 56) | 420 ((uint64_t)br->next_in[0]) << 48 | 421 ((uint64_t)br->next_in[1]) << 40 | 422 ((uint64_t)br->next_in[2]) << 32 | 423 ((uint32_t)br->next_in[3]) << 24 | 424 ((uint32_t)br->next_in[4]) << 16 | 425 ((uint32_t)br->next_in[5]) << 8 | 426 (uint32_t)br->next_in[6]; 427 br->next_in += 7; 428 br->avail_in -= 7; 429 br->cache_avail += 7 * 8; 430 rar->bytes_unconsumed += 7; 431 rar->bytes_remaining -= 7; 432 return (1); 433 } 434 break; 435 case 6: 436 if (br->avail_in >= 6) { 437 br->cache_buffer = 438 (br->cache_buffer << 48) | 439 ((uint64_t)br->next_in[0]) << 40 | 440 ((uint64_t)br->next_in[1]) << 32 | 441 ((uint32_t)br->next_in[2]) << 24 | 442 ((uint32_t)br->next_in[3]) << 16 | 443 ((uint32_t)br->next_in[4]) << 8 | 444 (uint32_t)br->next_in[5]; 445 br->next_in += 6; 446 br->avail_in -= 6; 447 br->cache_avail += 6 * 8; 448 rar->bytes_unconsumed += 6; 449 rar->bytes_remaining -= 6; 450 return (1); 451 } 452 break; 453 case 0: 454 /* We have enough compressed data in 455 * the cache buffer.*/ 456 return (1); 457 default: 458 break; 459 } 460 if (br->avail_in <= 0) { 461 462 if (rar->bytes_unconsumed > 0) { 463 /* Consume as much as the decompressor 464 * actually used. */ 465 __archive_read_consume(a, rar->bytes_unconsumed); 466 rar->bytes_unconsumed = 0; 467 } 468 br->next_in = rar_read_ahead(a, 1, &(br->avail_in)); 469 if (br->next_in == NULL) 470 return (0); 471 if (br->avail_in == 0) 472 return (0); 473 } 474 br->cache_buffer = 475 (br->cache_buffer << 8) | *br->next_in++; 476 br->avail_in--; 477 br->cache_avail += 8; 478 n -= 8; 479 rar->bytes_unconsumed++; 480 rar->bytes_remaining--; 481 } 482} 483 484static int 485rar_br_preparation(struct archive_read *a, struct rar_br *br) 486{ 487 struct rar *rar = (struct rar *)(a->format->data); 488 489 if (rar->bytes_remaining > 0) { 490 br->next_in = rar_read_ahead(a, 1, &(br->avail_in)); 491 if (br->next_in == NULL) { 492 archive_set_error(&a->archive, 493 ARCHIVE_ERRNO_FILE_FORMAT, 494 "Truncated RAR file data"); 495 return (ARCHIVE_FATAL); 496 } 497 if (br->cache_avail == 0) 498 (void)rar_br_fillup(a, br); 499 } 500 return (ARCHIVE_OK); 501} 502 503/* Find last bit set */ 504static inline int 505rar_fls(unsigned int word) 506{ 507 word |= (word >> 1); 508 word |= (word >> 2); 509 word |= (word >> 4); 510 word |= (word >> 8); 511 word |= (word >> 16); 512 return word - (word >> 1); 513} 514 515/* LZSS functions */ 516static inline int64_t 517lzss_position(struct lzss *lzss) 518{ 519 return lzss->position; 520} 521 522static inline int 523lzss_mask(struct lzss *lzss) 524{ 525 return lzss->mask; 526} 527 528static inline int 529lzss_size(struct lzss *lzss) 530{ 531 return lzss->mask + 1; 532} 533 534static inline int 535lzss_offset_for_position(struct lzss *lzss, int64_t pos) 536{ 537 return (int)(pos & lzss->mask); 538} 539 540static inline unsigned char * 541lzss_pointer_for_position(struct lzss *lzss, int64_t pos) 542{ 543 return &lzss->window[lzss_offset_for_position(lzss, pos)]; 544} 545 546static inline int 547lzss_current_offset(struct lzss *lzss) 548{ 549 return lzss_offset_for_position(lzss, lzss->position); 550} 551 552static inline uint8_t * 553lzss_current_pointer(struct lzss *lzss) 554{ 555 return lzss_pointer_for_position(lzss, lzss->position); 556} 557 558static inline void 559lzss_emit_literal(struct rar *rar, uint8_t literal) 560{ 561 *lzss_current_pointer(&rar->lzss) = literal; 562 rar->lzss.position++; 563} 564 565static inline void 566lzss_emit_match(struct rar *rar, int offset, int length) 567{ 568 int dstoffs = lzss_current_offset(&rar->lzss); 569 int srcoffs = (dstoffs - offset) & lzss_mask(&rar->lzss); 570 int l, li, remaining; 571 unsigned char *d, *s; 572 573 remaining = length; 574 while (remaining > 0) { 575 l = remaining; 576 if (dstoffs > srcoffs) { 577 if (l > lzss_size(&rar->lzss) - dstoffs) 578 l = lzss_size(&rar->lzss) - dstoffs; 579 } else { 580 if (l > lzss_size(&rar->lzss) - srcoffs) 581 l = lzss_size(&rar->lzss) - srcoffs; 582 } 583 d = &(rar->lzss.window[dstoffs]); 584 s = &(rar->lzss.window[srcoffs]); 585 if ((dstoffs + l < srcoffs) || (srcoffs + l < dstoffs)) 586 memcpy(d, s, l); 587 else { 588 for (li = 0; li < l; li++) 589 d[li] = s[li]; 590 } 591 remaining -= l; 592 dstoffs = (dstoffs + l) & lzss_mask(&(rar->lzss)); 593 srcoffs = (srcoffs + l) & lzss_mask(&(rar->lzss)); 594 } 595 rar->lzss.position += length; 596} 597 598static void * 599ppmd_alloc(void *p, size_t size) 600{ 601 (void)p; 602 return malloc(size); 603} 604static void 605ppmd_free(void *p, void *address) 606{ 607 (void)p; 608 free(address); 609} 610static ISzAlloc g_szalloc = { ppmd_alloc, ppmd_free }; 611 612static Byte 613ppmd_read(void *p) 614{ 615 struct archive_read *a = ((IByteIn*)p)->a; 616 struct rar *rar = (struct rar *)(a->format->data); 617 struct rar_br *br = &(rar->br); 618 Byte b; 619 if (!rar_br_read_ahead(a, br, 8)) 620 { 621 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 622 "Truncated RAR file data"); 623 rar->valid = 0; 624 return 0; 625 } 626 b = rar_br_bits(br, 8); 627 rar_br_consume(br, 8); 628 return b; 629} 630 631int 632archive_read_support_format_rar(struct archive *_a) 633{ 634 struct archive_read *a = (struct archive_read *)_a; 635 struct rar *rar; 636 int r; 637 638 archive_check_magic(_a, ARCHIVE_READ_MAGIC, ARCHIVE_STATE_NEW, 639 "archive_read_support_format_rar"); 640 641 rar = (struct rar *)malloc(sizeof(*rar)); 642 if (rar == NULL) 643 { 644 archive_set_error(&a->archive, ENOMEM, "Can't allocate rar data"); 645 return (ARCHIVE_FATAL); 646 } 647 memset(rar, 0, sizeof(*rar)); 648 649 r = __archive_read_register_format(a, 650 rar, 651 "rar", 652 archive_read_format_rar_bid, 653 archive_read_format_rar_options, 654 archive_read_format_rar_read_header, 655 archive_read_format_rar_read_data, 656 archive_read_format_rar_read_data_skip, 657 archive_read_format_rar_seek_data, 658 archive_read_format_rar_cleanup); 659 660 if (r != ARCHIVE_OK) 661 free(rar); 662 return (r); 663} 664 665static int 666archive_read_format_rar_bid(struct archive_read *a, int best_bid) 667{ 668 const char *p; 669 670 /* If there's already a bid > 30, we'll never win. */ 671 if (best_bid > 30) 672 return (-1); 673 674 if ((p = __archive_read_ahead(a, 7, NULL)) == NULL) 675 return (-1); 676 677 if (memcmp(p, RAR_SIGNATURE, 7) == 0) 678 return (30); 679 680 if ((p[0] == 'M' && p[1] == 'Z') || memcmp(p, "\x7F\x45LF", 4) == 0) { 681 /* This is a PE file */ 682 ssize_t offset = 0x10000; 683 ssize_t window = 4096; 684 ssize_t bytes_avail; 685 while (offset + window <= (1024 * 128)) { 686 const char *buff = __archive_read_ahead(a, offset + window, &bytes_avail); 687 if (buff == NULL) { 688 /* Remaining bytes are less than window. */ 689 window >>= 1; 690 if (window < 0x40) 691 return (0); 692 continue; 693 } 694 p = buff + offset; 695 while (p + 7 < buff + bytes_avail) { 696 if (memcmp(p, RAR_SIGNATURE, 7) == 0) 697 return (30); 698 p += 0x10; 699 } 700 offset = p - buff; 701 } 702 } 703 return (0); 704} 705 706static int 707skip_sfx(struct archive_read *a) 708{ 709 const void *h; 710 const char *p, *q; 711 size_t skip, total; 712 ssize_t bytes, window; 713 714 total = 0; 715 window = 4096; 716 while (total + window <= (1024 * 128)) { 717 h = __archive_read_ahead(a, window, &bytes); 718 if (h == NULL) { 719 /* Remaining bytes are less than window. */ 720 window >>= 1; 721 if (window < 0x40) 722 goto fatal; 723 continue; 724 } 725 if (bytes < 0x40) 726 goto fatal; 727 p = h; 728 q = p + bytes; 729 730 /* 731 * Scan ahead until we find something that looks 732 * like the RAR header. 733 */ 734 while (p + 7 < q) { 735 if (memcmp(p, RAR_SIGNATURE, 7) == 0) { 736 skip = p - (const char *)h; 737 __archive_read_consume(a, skip); 738 return (ARCHIVE_OK); 739 } 740 p += 0x10; 741 } 742 skip = p - (const char *)h; 743 __archive_read_consume(a, skip); 744 total += skip; 745 } 746fatal: 747 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 748 "Couldn't find out RAR header"); 749 return (ARCHIVE_FATAL); 750} 751 752static int 753archive_read_format_rar_options(struct archive_read *a, 754 const char *key, const char *val) 755{ 756 struct rar *rar; 757 int ret = ARCHIVE_FAILED; 758 759 rar = (struct rar *)(a->format->data); 760 if (strcmp(key, "hdrcharset") == 0) { 761 if (val == NULL || val[0] == 0) 762 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 763 "rar: hdrcharset option needs a character-set name"); 764 else { 765 rar->opt_sconv = 766 archive_string_conversion_from_charset( 767 &a->archive, val, 0); 768 if (rar->opt_sconv != NULL) 769 ret = ARCHIVE_OK; 770 else 771 ret = ARCHIVE_FATAL; 772 } 773 return (ret); 774 } 775 776 /* Note: The "warn" return is just to inform the options 777 * supervisor that we didn't handle it. It will generate 778 * a suitable error if no one used this option. */ 779 return (ARCHIVE_WARN); 780} 781 782static int 783archive_read_format_rar_read_header(struct archive_read *a, 784 struct archive_entry *entry) 785{ 786 const void *h; 787 const char *p; 788 struct rar *rar; 789 size_t skip; 790 char head_type; 791 int ret; 792 unsigned flags; 793 794 a->archive.archive_format = ARCHIVE_FORMAT_RAR; 795 if (a->archive.archive_format_name == NULL) 796 a->archive.archive_format_name = "RAR"; 797 798 rar = (struct rar *)(a->format->data); 799 800 /* RAR files can be generated without EOF headers, so return ARCHIVE_EOF if 801 * this fails. 802 */ 803 if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) 804 return (ARCHIVE_EOF); 805 806 p = h; 807 if (rar->found_first_header == 0 && 808 ((p[0] == 'M' && p[1] == 'Z') || memcmp(p, "\x7F\x45LF", 4) == 0)) { 809 /* This is an executable ? Must be self-extracting... */ 810 ret = skip_sfx(a); 811 if (ret < ARCHIVE_WARN) 812 return (ret); 813 } 814 rar->found_first_header = 1; 815 816 while (1) 817 { 818 unsigned long crc32_val; 819 820 if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) 821 return (ARCHIVE_FATAL); 822 p = h; 823 824 head_type = p[2]; 825 switch(head_type) 826 { 827 case MARK_HEAD: 828 if (memcmp(p, RAR_SIGNATURE, 7) != 0) { 829 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 830 "Invalid marker header"); 831 return (ARCHIVE_FATAL); 832 } 833 __archive_read_consume(a, 7); 834 break; 835 836 case MAIN_HEAD: 837 rar->main_flags = archive_le16dec(p + 3); 838 skip = archive_le16dec(p + 5); 839 if (skip < 7 + sizeof(rar->reserved1) + sizeof(rar->reserved2)) { 840 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 841 "Invalid header size"); 842 return (ARCHIVE_FATAL); 843 } 844 if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) 845 return (ARCHIVE_FATAL); 846 p = h; 847 memcpy(rar->reserved1, p + 7, sizeof(rar->reserved1)); 848 memcpy(rar->reserved2, p + 7 + sizeof(rar->reserved1), 849 sizeof(rar->reserved2)); 850 if (rar->main_flags & MHD_ENCRYPTVER) { 851 if (skip < 7 + sizeof(rar->reserved1) + sizeof(rar->reserved2)+1) { 852 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 853 "Invalid header size"); 854 return (ARCHIVE_FATAL); 855 } 856 rar->encryptver = *(p + 7 + sizeof(rar->reserved1) + 857 sizeof(rar->reserved2)); 858 } 859 860 if (rar->main_flags & MHD_PASSWORD) 861 { 862 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 863 "RAR encryption support unavailable."); 864 return (ARCHIVE_FATAL); 865 } 866 867 crc32_val = crc32(0, (const unsigned char *)p + 2, (unsigned)skip - 2); 868 if ((crc32_val & 0xffff) != archive_le16dec(p)) { 869 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 870 "Header CRC error"); 871 return (ARCHIVE_FATAL); 872 } 873 __archive_read_consume(a, skip); 874 break; 875 876 case FILE_HEAD: 877 return read_header(a, entry, head_type); 878 879 case COMM_HEAD: 880 case AV_HEAD: 881 case SUB_HEAD: 882 case PROTECT_HEAD: 883 case SIGN_HEAD: 884 case ENDARC_HEAD: 885 flags = archive_le16dec(p + 3); 886 skip = archive_le16dec(p + 5); 887 if (skip < 7) { 888 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 889 "Invalid header size"); 890 return (ARCHIVE_FATAL); 891 } 892 if (skip > 7) { 893 if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) 894 return (ARCHIVE_FATAL); 895 p = h; 896 } 897 if (flags & HD_ADD_SIZE_PRESENT) 898 { 899 if (skip < 7 + 4) { 900 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 901 "Invalid header size"); 902 return (ARCHIVE_FATAL); 903 } 904 skip += archive_le32dec(p + 7); 905 if ((h = __archive_read_ahead(a, skip, NULL)) == NULL) 906 return (ARCHIVE_FATAL); 907 p = h; 908 } 909 910 crc32_val = crc32(0, (const unsigned char *)p + 2, (unsigned)skip - 2); 911 if ((crc32_val & 0xffff) != archive_le16dec(p)) { 912 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 913 "Header CRC error"); 914 return (ARCHIVE_FATAL); 915 } 916 __archive_read_consume(a, skip); 917 if (head_type == ENDARC_HEAD) 918 return (ARCHIVE_EOF); 919 break; 920 921 case NEWSUB_HEAD: 922 if ((ret = read_header(a, entry, head_type)) < ARCHIVE_WARN) 923 return ret; 924 break; 925 926 default: 927 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 928 "Bad RAR file"); 929 return (ARCHIVE_FATAL); 930 } 931 } 932} 933 934static int 935archive_read_format_rar_read_data(struct archive_read *a, const void **buff, 936 size_t *size, int64_t *offset) 937{ 938 struct rar *rar = (struct rar *)(a->format->data); 939 int ret; 940 941 if (rar->bytes_unconsumed > 0) { 942 /* Consume as much as the decompressor actually used. */ 943 __archive_read_consume(a, rar->bytes_unconsumed); 944 rar->bytes_unconsumed = 0; 945 } 946 947 if (rar->entry_eof || rar->offset_seek >= rar->unp_size) { 948 *buff = NULL; 949 *size = 0; 950 *offset = rar->offset; 951 if (*offset < rar->unp_size) 952 *offset = rar->unp_size; 953 return (ARCHIVE_EOF); 954 } 955 956 switch (rar->compression_method) 957 { 958 case COMPRESS_METHOD_STORE: 959 ret = read_data_stored(a, buff, size, offset); 960 break; 961 962 case COMPRESS_METHOD_FASTEST: 963 case COMPRESS_METHOD_FAST: 964 case COMPRESS_METHOD_NORMAL: 965 case COMPRESS_METHOD_GOOD: 966 case COMPRESS_METHOD_BEST: 967 ret = read_data_compressed(a, buff, size, offset); 968 if (ret != ARCHIVE_OK && ret != ARCHIVE_WARN) 969 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 970 break; 971 972 default: 973 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 974 "Unsupported compression method for RAR file."); 975 ret = ARCHIVE_FATAL; 976 break; 977 } 978 return (ret); 979} 980 981static int 982archive_read_format_rar_read_data_skip(struct archive_read *a) 983{ 984 struct rar *rar; 985 int64_t bytes_skipped; 986 int ret; 987 988 rar = (struct rar *)(a->format->data); 989 990 if (rar->bytes_unconsumed > 0) { 991 /* Consume as much as the decompressor actually used. */ 992 __archive_read_consume(a, rar->bytes_unconsumed); 993 rar->bytes_unconsumed = 0; 994 } 995 996 if (rar->bytes_remaining > 0) { 997 bytes_skipped = __archive_read_consume(a, rar->bytes_remaining); 998 if (bytes_skipped < 0) 999 return (ARCHIVE_FATAL); 1000 } 1001 1002 /* Compressed data to skip must be read from each header in a multivolume 1003 * archive. 1004 */ 1005 if (rar->main_flags & MHD_VOLUME && rar->file_flags & FHD_SPLIT_AFTER) 1006 { 1007 ret = archive_read_format_rar_read_header(a, a->entry); 1008 if (ret == (ARCHIVE_EOF)) 1009 ret = archive_read_format_rar_read_header(a, a->entry); 1010 if (ret != (ARCHIVE_OK)) 1011 return ret; 1012 return archive_read_format_rar_read_data_skip(a); 1013 } 1014 1015 return (ARCHIVE_OK); 1016} 1017 1018static int64_t 1019archive_read_format_rar_seek_data(struct archive_read *a, int64_t offset, 1020 int whence) 1021{ 1022 int64_t client_offset, ret; 1023 unsigned int i; 1024 struct rar *rar = (struct rar *)(a->format->data); 1025 1026 if (rar->compression_method == COMPRESS_METHOD_STORE) 1027 { 1028 /* Modify the offset for use with SEEK_SET */ 1029 switch (whence) 1030 { 1031 case SEEK_CUR: 1032 client_offset = rar->offset_seek; 1033 break; 1034 case SEEK_END: 1035 client_offset = rar->unp_size; 1036 break; 1037 case SEEK_SET: 1038 default: 1039 client_offset = 0; 1040 } 1041 client_offset += offset; 1042 if (client_offset < 0) 1043 { 1044 /* Can't seek past beginning of data block */ 1045 return -1; 1046 } 1047 else if (client_offset > rar->unp_size) 1048 { 1049 /* 1050 * Set the returned offset but only seek to the end of 1051 * the data block. 1052 */ 1053 rar->offset_seek = client_offset; 1054 client_offset = rar->unp_size; 1055 } 1056 1057 client_offset += rar->dbo[0].start_offset; 1058 i = 0; 1059 while (i < rar->cursor) 1060 { 1061 i++; 1062 client_offset += rar->dbo[i].start_offset - rar->dbo[i-1].end_offset; 1063 } 1064 if (rar->main_flags & MHD_VOLUME) 1065 { 1066 /* Find the appropriate offset among the multivolume archive */ 1067 while (1) 1068 { 1069 if (client_offset < rar->dbo[rar->cursor].start_offset && 1070 rar->file_flags & FHD_SPLIT_BEFORE) 1071 { 1072 /* Search backwards for the correct data block */ 1073 if (rar->cursor == 0) 1074 { 1075 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1076 "Attempt to seek past beginning of RAR data block"); 1077 return (ARCHIVE_FAILED); 1078 } 1079 rar->cursor--; 1080 client_offset -= rar->dbo[rar->cursor+1].start_offset - 1081 rar->dbo[rar->cursor].end_offset; 1082 if (client_offset < rar->dbo[rar->cursor].start_offset) 1083 continue; 1084 ret = __archive_read_seek(a, rar->dbo[rar->cursor].start_offset - 1085 rar->dbo[rar->cursor].header_size, SEEK_SET); 1086 if (ret < (ARCHIVE_OK)) 1087 return ret; 1088 ret = archive_read_format_rar_read_header(a, a->entry); 1089 if (ret != (ARCHIVE_OK)) 1090 { 1091 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1092 "Error during seek of RAR file"); 1093 return (ARCHIVE_FAILED); 1094 } 1095 rar->cursor--; 1096 break; 1097 } 1098 else if (client_offset > rar->dbo[rar->cursor].end_offset && 1099 rar->file_flags & FHD_SPLIT_AFTER) 1100 { 1101 /* Search forward for the correct data block */ 1102 rar->cursor++; 1103 if (rar->cursor < rar->nodes && 1104 client_offset > rar->dbo[rar->cursor].end_offset) 1105 { 1106 client_offset += rar->dbo[rar->cursor].start_offset - 1107 rar->dbo[rar->cursor-1].end_offset; 1108 continue; 1109 } 1110 rar->cursor--; 1111 ret = __archive_read_seek(a, rar->dbo[rar->cursor].end_offset, 1112 SEEK_SET); 1113 if (ret < (ARCHIVE_OK)) 1114 return ret; 1115 ret = archive_read_format_rar_read_header(a, a->entry); 1116 if (ret == (ARCHIVE_EOF)) 1117 { 1118 rar->has_endarc_header = 1; 1119 ret = archive_read_format_rar_read_header(a, a->entry); 1120 } 1121 if (ret != (ARCHIVE_OK)) 1122 { 1123 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1124 "Error during seek of RAR file"); 1125 return (ARCHIVE_FAILED); 1126 } 1127 client_offset += rar->dbo[rar->cursor].start_offset - 1128 rar->dbo[rar->cursor-1].end_offset; 1129 continue; 1130 } 1131 break; 1132 } 1133 } 1134 1135 ret = __archive_read_seek(a, client_offset, SEEK_SET); 1136 if (ret < (ARCHIVE_OK)) 1137 return ret; 1138 rar->bytes_remaining = rar->dbo[rar->cursor].end_offset - ret; 1139 i = rar->cursor; 1140 while (i > 0) 1141 { 1142 i--; 1143 ret -= rar->dbo[i+1].start_offset - rar->dbo[i].end_offset; 1144 } 1145 ret -= rar->dbo[0].start_offset; 1146 1147 /* Always restart reading the file after a seek */ 1148 a->read_data_block = NULL; 1149 a->read_data_offset = 0; 1150 a->read_data_output_offset = 0; 1151 a->read_data_remaining = 0; 1152 rar->bytes_unconsumed = 0; 1153 rar->offset = 0; 1154 1155 /* 1156 * If a seek past the end of file was requested, return the requested 1157 * offset. 1158 */ 1159 if (ret == rar->unp_size && rar->offset_seek > rar->unp_size) 1160 return rar->offset_seek; 1161 1162 /* Return the new offset */ 1163 rar->offset_seek = ret; 1164 return rar->offset_seek; 1165 } 1166 else 1167 { 1168 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1169 "Seeking of compressed RAR files is unsupported"); 1170 } 1171 return (ARCHIVE_FAILED); 1172} 1173 1174static int 1175archive_read_format_rar_cleanup(struct archive_read *a) 1176{ 1177 struct rar *rar; 1178 1179 rar = (struct rar *)(a->format->data); 1180 free_codes(a); 1181 free(rar->filename); 1182 free(rar->filename_save); 1183 free(rar->dbo); 1184 free(rar->unp_buffer); 1185 free(rar->lzss.window); 1186 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 1187 free(rar); 1188 (a->format->data) = NULL; 1189 return (ARCHIVE_OK); 1190} 1191 1192static int 1193read_header(struct archive_read *a, struct archive_entry *entry, 1194 char head_type) 1195{ 1196 const void *h; 1197 const char *p, *endp; 1198 struct rar *rar; 1199 struct rar_header rar_header; 1200 struct rar_file_header file_header; 1201 int64_t header_size; 1202 unsigned filename_size, end; 1203 char *filename; 1204 char *strp; 1205 char packed_size[8]; 1206 char unp_size[8]; 1207 int ttime; 1208 struct archive_string_conv *sconv, *fn_sconv; 1209 unsigned long crc32_val; 1210 int ret = (ARCHIVE_OK), ret2; 1211 1212 rar = (struct rar *)(a->format->data); 1213 1214 /* Setup a string conversion object for non-rar-unicode filenames. */ 1215 sconv = rar->opt_sconv; 1216 if (sconv == NULL) { 1217 if (!rar->init_default_conversion) { 1218 rar->sconv_default = 1219 archive_string_default_conversion_for_read( 1220 &(a->archive)); 1221 rar->init_default_conversion = 1; 1222 } 1223 sconv = rar->sconv_default; 1224 } 1225 1226 1227 if ((h = __archive_read_ahead(a, 7, NULL)) == NULL) 1228 return (ARCHIVE_FATAL); 1229 p = h; 1230 memcpy(&rar_header, p, sizeof(rar_header)); 1231 rar->file_flags = archive_le16dec(rar_header.flags); 1232 header_size = archive_le16dec(rar_header.size); 1233 if (header_size < (int64_t)sizeof(file_header) + 7) { 1234 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1235 "Invalid header size"); 1236 return (ARCHIVE_FATAL); 1237 } 1238 crc32_val = crc32(0, (const unsigned char *)p + 2, 7 - 2); 1239 __archive_read_consume(a, 7); 1240 1241 if (!(rar->file_flags & FHD_SOLID)) 1242 { 1243 rar->compression_method = 0; 1244 rar->packed_size = 0; 1245 rar->unp_size = 0; 1246 rar->mtime = 0; 1247 rar->ctime = 0; 1248 rar->atime = 0; 1249 rar->arctime = 0; 1250 rar->mode = 0; 1251 memset(&rar->salt, 0, sizeof(rar->salt)); 1252 rar->atime = 0; 1253 rar->ansec = 0; 1254 rar->ctime = 0; 1255 rar->cnsec = 0; 1256 rar->mtime = 0; 1257 rar->mnsec = 0; 1258 rar->arctime = 0; 1259 rar->arcnsec = 0; 1260 } 1261 else 1262 { 1263 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1264 "RAR solid archive support unavailable."); 1265 return (ARCHIVE_FATAL); 1266 } 1267 1268 if ((h = __archive_read_ahead(a, (size_t)header_size - 7, NULL)) == NULL) 1269 return (ARCHIVE_FATAL); 1270 1271 /* File Header CRC check. */ 1272 crc32_val = crc32(crc32_val, h, (unsigned)(header_size - 7)); 1273 if ((crc32_val & 0xffff) != archive_le16dec(rar_header.crc)) { 1274 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1275 "Header CRC error"); 1276 return (ARCHIVE_FATAL); 1277 } 1278 /* If no CRC error, Go on parsing File Header. */ 1279 p = h; 1280 endp = p + header_size - 7; 1281 memcpy(&file_header, p, sizeof(file_header)); 1282 p += sizeof(file_header); 1283 1284 rar->compression_method = file_header.method; 1285 1286 ttime = archive_le32dec(file_header.file_time); 1287 rar->mtime = get_time(ttime); 1288 1289 rar->file_crc = archive_le32dec(file_header.file_crc); 1290 1291 if (rar->file_flags & FHD_PASSWORD) 1292 { 1293 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1294 "RAR encryption support unavailable."); 1295 return (ARCHIVE_FATAL); 1296 } 1297 1298 if (rar->file_flags & FHD_LARGE) 1299 { 1300 memcpy(packed_size, file_header.pack_size, 4); 1301 memcpy(packed_size + 4, p, 4); /* High pack size */ 1302 p += 4; 1303 memcpy(unp_size, file_header.unp_size, 4); 1304 memcpy(unp_size + 4, p, 4); /* High unpack size */ 1305 p += 4; 1306 rar->packed_size = archive_le64dec(&packed_size); 1307 rar->unp_size = archive_le64dec(&unp_size); 1308 } 1309 else 1310 { 1311 rar->packed_size = archive_le32dec(file_header.pack_size); 1312 rar->unp_size = archive_le32dec(file_header.unp_size); 1313 } 1314 1315 if (rar->packed_size < 0 || rar->unp_size < 0) 1316 { 1317 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1318 "Invalid sizes specified."); 1319 return (ARCHIVE_FATAL); 1320 } 1321 1322 rar->bytes_remaining = rar->packed_size; 1323 1324 /* TODO: RARv3 subblocks contain comments. For now the complete block is 1325 * consumed at the end. 1326 */ 1327 if (head_type == NEWSUB_HEAD) { 1328 size_t distance = p - (const char *)h; 1329 header_size += rar->packed_size; 1330 /* Make sure we have the extended data. */ 1331 if ((h = __archive_read_ahead(a, (size_t)header_size - 7, NULL)) == NULL) 1332 return (ARCHIVE_FATAL); 1333 p = h; 1334 endp = p + header_size - 7; 1335 p += distance; 1336 } 1337 1338 filename_size = archive_le16dec(file_header.name_size); 1339 if (p + filename_size > endp) { 1340 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1341 "Invalid filename size"); 1342 return (ARCHIVE_FATAL); 1343 } 1344 if (rar->filename_allocated < filename_size * 2 + 2) { 1345 char *newptr; 1346 size_t newsize = filename_size * 2 + 2; 1347 newptr = realloc(rar->filename, newsize); 1348 if (newptr == NULL) { 1349 archive_set_error(&a->archive, ENOMEM, 1350 "Couldn't allocate memory."); 1351 return (ARCHIVE_FATAL); 1352 } 1353 rar->filename = newptr; 1354 rar->filename_allocated = newsize; 1355 } 1356 filename = rar->filename; 1357 memcpy(filename, p, filename_size); 1358 filename[filename_size] = '\0'; 1359 if (rar->file_flags & FHD_UNICODE) 1360 { 1361 if (filename_size != strlen(filename)) 1362 { 1363 unsigned char highbyte, flagbits, flagbyte; 1364 unsigned fn_end, offset; 1365 1366 end = filename_size; 1367 fn_end = filename_size * 2; 1368 filename_size = 0; 1369 offset = (unsigned)strlen(filename) + 1; 1370 highbyte = *(p + offset++); 1371 flagbits = 0; 1372 flagbyte = 0; 1373 while (offset < end && filename_size < fn_end) 1374 { 1375 if (!flagbits) 1376 { 1377 flagbyte = *(p + offset++); 1378 flagbits = 8; 1379 } 1380 1381 flagbits -= 2; 1382 switch((flagbyte >> flagbits) & 3) 1383 { 1384 case 0: 1385 filename[filename_size++] = '\0'; 1386 filename[filename_size++] = *(p + offset++); 1387 break; 1388 case 1: 1389 filename[filename_size++] = highbyte; 1390 filename[filename_size++] = *(p + offset++); 1391 break; 1392 case 2: 1393 filename[filename_size++] = *(p + offset + 1); 1394 filename[filename_size++] = *(p + offset); 1395 offset += 2; 1396 break; 1397 case 3: 1398 { 1399 char extra, high; 1400 uint8_t length = *(p + offset++); 1401 1402 if (length & 0x80) { 1403 extra = *(p + offset++); 1404 high = (char)highbyte; 1405 } else 1406 extra = high = 0; 1407 length = (length & 0x7f) + 2; 1408 while (length && filename_size < fn_end) { 1409 unsigned cp = filename_size >> 1; 1410 filename[filename_size++] = high; 1411 filename[filename_size++] = p[cp] + extra; 1412 length--; 1413 } 1414 } 1415 break; 1416 } 1417 } 1418 if (filename_size > fn_end) { 1419 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1420 "Invalid filename"); 1421 return (ARCHIVE_FATAL); 1422 } 1423 filename[filename_size++] = '\0'; 1424 filename[filename_size++] = '\0'; 1425 1426 /* Decoded unicode form is UTF-16BE, so we have to update a string 1427 * conversion object for it. */ 1428 if (rar->sconv_utf16be == NULL) { 1429 rar->sconv_utf16be = archive_string_conversion_from_charset( 1430 &a->archive, "UTF-16BE", 1); 1431 if (rar->sconv_utf16be == NULL) 1432 return (ARCHIVE_FATAL); 1433 } 1434 fn_sconv = rar->sconv_utf16be; 1435 1436 strp = filename; 1437 while (memcmp(strp, "\x00\x00", 2)) 1438 { 1439 if (!memcmp(strp, "\x00\\", 2)) 1440 *(strp + 1) = '/'; 1441 strp += 2; 1442 } 1443 p += offset; 1444 } else { 1445 /* 1446 * If FHD_UNICODE is set but no unicode data, this file name form 1447 * is UTF-8, so we have to update a string conversion object for 1448 * it accordingly. 1449 */ 1450 if (rar->sconv_utf8 == NULL) { 1451 rar->sconv_utf8 = archive_string_conversion_from_charset( 1452 &a->archive, "UTF-8", 1); 1453 if (rar->sconv_utf8 == NULL) 1454 return (ARCHIVE_FATAL); 1455 } 1456 fn_sconv = rar->sconv_utf8; 1457 while ((strp = strchr(filename, '\\')) != NULL) 1458 *strp = '/'; 1459 p += filename_size; 1460 } 1461 } 1462 else 1463 { 1464 fn_sconv = sconv; 1465 while ((strp = strchr(filename, '\\')) != NULL) 1466 *strp = '/'; 1467 p += filename_size; 1468 } 1469 1470 /* Split file in multivolume RAR. No more need to process header. */ 1471 if (rar->filename_save && 1472 !memcmp(rar->filename, rar->filename_save, filename_size + 1)) 1473 { 1474 __archive_read_consume(a, header_size - 7); 1475 rar->cursor++; 1476 if (rar->cursor >= rar->nodes) 1477 { 1478 rar->nodes++; 1479 if ((rar->dbo = 1480 realloc(rar->dbo, sizeof(*rar->dbo) * rar->nodes)) == NULL) 1481 { 1482 archive_set_error(&a->archive, ENOMEM, "Couldn't allocate memory."); 1483 return (ARCHIVE_FATAL); 1484 } 1485 rar->dbo[rar->cursor].header_size = header_size; 1486 rar->dbo[rar->cursor].start_offset = -1; 1487 rar->dbo[rar->cursor].end_offset = -1; 1488 } 1489 if (rar->dbo[rar->cursor].start_offset < 0) 1490 { 1491 rar->dbo[rar->cursor].start_offset = a->filter->position; 1492 rar->dbo[rar->cursor].end_offset = rar->dbo[rar->cursor].start_offset + 1493 rar->packed_size; 1494 } 1495 return ret; 1496 } 1497 1498 rar->filename_save = (char*)realloc(rar->filename_save, 1499 filename_size + 1); 1500 memcpy(rar->filename_save, rar->filename, filename_size + 1); 1501 1502 /* Set info for seeking */ 1503 free(rar->dbo); 1504 if ((rar->dbo = calloc(1, sizeof(*rar->dbo))) == NULL) 1505 { 1506 archive_set_error(&a->archive, ENOMEM, "Couldn't allocate memory."); 1507 return (ARCHIVE_FATAL); 1508 } 1509 rar->dbo[0].header_size = header_size; 1510 rar->dbo[0].start_offset = -1; 1511 rar->dbo[0].end_offset = -1; 1512 rar->cursor = 0; 1513 rar->nodes = 1; 1514 1515 if (rar->file_flags & FHD_SALT) 1516 { 1517 if (p + 8 > endp) { 1518 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1519 "Invalid header size"); 1520 return (ARCHIVE_FATAL); 1521 } 1522 memcpy(rar->salt, p, 8); 1523 p += 8; 1524 } 1525 1526 if (rar->file_flags & FHD_EXTTIME) { 1527 if (read_exttime(p, rar, endp) < 0) { 1528 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1529 "Invalid header size"); 1530 return (ARCHIVE_FATAL); 1531 } 1532 } 1533 1534 __archive_read_consume(a, header_size - 7); 1535 rar->dbo[0].start_offset = a->filter->position; 1536 rar->dbo[0].end_offset = rar->dbo[0].start_offset + rar->packed_size; 1537 1538 switch(file_header.host_os) 1539 { 1540 case OS_MSDOS: 1541 case OS_OS2: 1542 case OS_WIN32: 1543 rar->mode = archive_le32dec(file_header.file_attr); 1544 if (rar->mode & FILE_ATTRIBUTE_DIRECTORY) 1545 rar->mode = AE_IFDIR | S_IXUSR | S_IXGRP | S_IXOTH; 1546 else 1547 rar->mode = AE_IFREG; 1548 rar->mode |= S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH; 1549 break; 1550 1551 case OS_UNIX: 1552 case OS_MAC_OS: 1553 case OS_BEOS: 1554 rar->mode = archive_le32dec(file_header.file_attr); 1555 break; 1556 1557 default: 1558 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1559 "Unknown file attributes from RAR file's host OS"); 1560 return (ARCHIVE_FATAL); 1561 } 1562 1563 rar->bytes_uncopied = rar->bytes_unconsumed = 0; 1564 rar->lzss.position = rar->offset = 0; 1565 rar->offset_seek = 0; 1566 rar->dictionary_size = 0; 1567 rar->offset_outgoing = 0; 1568 rar->br.cache_avail = 0; 1569 rar->br.avail_in = 0; 1570 rar->crc_calculated = 0; 1571 rar->entry_eof = 0; 1572 rar->valid = 1; 1573 rar->is_ppmd_block = 0; 1574 rar->start_new_table = 1; 1575 free(rar->unp_buffer); 1576 rar->unp_buffer = NULL; 1577 rar->unp_offset = 0; 1578 rar->unp_buffer_size = UNP_BUFFER_SIZE; 1579 memset(rar->lengthtable, 0, sizeof(rar->lengthtable)); 1580 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 1581 rar->ppmd_valid = rar->ppmd_eod = 0; 1582 1583 /* Don't set any archive entries for non-file header types */ 1584 if (head_type == NEWSUB_HEAD) 1585 return ret; 1586 1587 archive_entry_set_mtime(entry, rar->mtime, rar->mnsec); 1588 archive_entry_set_ctime(entry, rar->ctime, rar->cnsec); 1589 archive_entry_set_atime(entry, rar->atime, rar->ansec); 1590 archive_entry_set_size(entry, rar->unp_size); 1591 archive_entry_set_mode(entry, rar->mode); 1592 1593 if (archive_entry_copy_pathname_l(entry, filename, filename_size, fn_sconv)) 1594 { 1595 if (errno == ENOMEM) 1596 { 1597 archive_set_error(&a->archive, ENOMEM, 1598 "Can't allocate memory for Pathname"); 1599 return (ARCHIVE_FATAL); 1600 } 1601 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1602 "Pathname cannot be converted from %s to current locale.", 1603 archive_string_conversion_charset_name(fn_sconv)); 1604 ret = (ARCHIVE_WARN); 1605 } 1606 1607 if (((rar->mode) & AE_IFMT) == AE_IFLNK) 1608 { 1609 /* Make sure a symbolic-link file does not have its body. */ 1610 rar->bytes_remaining = 0; 1611 archive_entry_set_size(entry, 0); 1612 1613 /* Read a symbolic-link name. */ 1614 if ((ret2 = read_symlink_stored(a, entry, sconv)) < (ARCHIVE_WARN)) 1615 return ret2; 1616 if (ret > ret2) 1617 ret = ret2; 1618 } 1619 1620 if (rar->bytes_remaining == 0) 1621 rar->entry_eof = 1; 1622 1623 return ret; 1624} 1625 1626static time_t 1627get_time(int ttime) 1628{ 1629 struct tm tm; 1630 tm.tm_sec = 2 * (ttime & 0x1f); 1631 tm.tm_min = (ttime >> 5) & 0x3f; 1632 tm.tm_hour = (ttime >> 11) & 0x1f; 1633 tm.tm_mday = (ttime >> 16) & 0x1f; 1634 tm.tm_mon = ((ttime >> 21) & 0x0f) - 1; 1635 tm.tm_year = ((ttime >> 25) & 0x7f) + 80; 1636 tm.tm_isdst = -1; 1637 return mktime(&tm); 1638} 1639 1640static int 1641read_exttime(const char *p, struct rar *rar, const char *endp) 1642{ 1643 unsigned rmode, flags, rem, j, count; 1644 int ttime, i; 1645 struct tm *tm; 1646 time_t t; 1647 long nsec; 1648 1649 if (p + 2 > endp) 1650 return (-1); 1651 flags = archive_le16dec(p); 1652 p += 2; 1653 1654 for (i = 3; i >= 0; i--) 1655 { 1656 t = 0; 1657 if (i == 3) 1658 t = rar->mtime; 1659 rmode = flags >> i * 4; 1660 if (rmode & 8) 1661 { 1662 if (!t) 1663 { 1664 if (p + 4 > endp) 1665 return (-1); 1666 ttime = archive_le32dec(p); 1667 t = get_time(ttime); 1668 p += 4; 1669 } 1670 rem = 0; 1671 count = rmode & 3; 1672 if (p + count > endp) 1673 return (-1); 1674 for (j = 0; j < count; j++) 1675 { 1676 rem = ((*p) << 16) | (rem >> 8); 1677 p++; 1678 } 1679 tm = localtime(&t); 1680 nsec = tm->tm_sec + rem / NS_UNIT; 1681 if (rmode & 4) 1682 { 1683 tm->tm_sec++; 1684 t = mktime(tm); 1685 } 1686 if (i == 3) 1687 { 1688 rar->mtime = t; 1689 rar->mnsec = nsec; 1690 } 1691 else if (i == 2) 1692 { 1693 rar->ctime = t; 1694 rar->cnsec = nsec; 1695 } 1696 else if (i == 1) 1697 { 1698 rar->atime = t; 1699 rar->ansec = nsec; 1700 } 1701 else 1702 { 1703 rar->arctime = t; 1704 rar->arcnsec = nsec; 1705 } 1706 } 1707 } 1708 return (0); 1709} 1710 1711static int 1712read_symlink_stored(struct archive_read *a, struct archive_entry *entry, 1713 struct archive_string_conv *sconv) 1714{ 1715 const void *h; 1716 const char *p; 1717 struct rar *rar; 1718 int ret = (ARCHIVE_OK); 1719 1720 rar = (struct rar *)(a->format->data); 1721 if ((h = rar_read_ahead(a, (size_t)rar->packed_size, NULL)) == NULL) 1722 return (ARCHIVE_FATAL); 1723 p = h; 1724 1725 if (archive_entry_copy_symlink_l(entry, 1726 p, (size_t)rar->packed_size, sconv)) 1727 { 1728 if (errno == ENOMEM) 1729 { 1730 archive_set_error(&a->archive, ENOMEM, 1731 "Can't allocate memory for link"); 1732 return (ARCHIVE_FATAL); 1733 } 1734 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1735 "link cannot be converted from %s to current locale.", 1736 archive_string_conversion_charset_name(sconv)); 1737 ret = (ARCHIVE_WARN); 1738 } 1739 __archive_read_consume(a, rar->packed_size); 1740 return ret; 1741} 1742 1743static int 1744read_data_stored(struct archive_read *a, const void **buff, size_t *size, 1745 int64_t *offset) 1746{ 1747 struct rar *rar; 1748 ssize_t bytes_avail; 1749 1750 rar = (struct rar *)(a->format->data); 1751 if (rar->bytes_remaining == 0 && 1752 !(rar->main_flags & MHD_VOLUME && rar->file_flags & FHD_SPLIT_AFTER)) 1753 { 1754 *buff = NULL; 1755 *size = 0; 1756 *offset = rar->offset; 1757 if (rar->file_crc != rar->crc_calculated) { 1758 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1759 "File CRC error"); 1760 return (ARCHIVE_FATAL); 1761 } 1762 rar->entry_eof = 1; 1763 return (ARCHIVE_EOF); 1764 } 1765 1766 *buff = rar_read_ahead(a, 1, &bytes_avail); 1767 if (bytes_avail <= 0) 1768 { 1769 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1770 "Truncated RAR file data"); 1771 return (ARCHIVE_FATAL); 1772 } 1773 1774 *size = bytes_avail; 1775 *offset = rar->offset; 1776 rar->offset += bytes_avail; 1777 rar->offset_seek += bytes_avail; 1778 rar->bytes_remaining -= bytes_avail; 1779 rar->bytes_unconsumed = bytes_avail; 1780 /* Calculate File CRC. */ 1781 rar->crc_calculated = crc32(rar->crc_calculated, *buff, 1782 (unsigned)bytes_avail); 1783 return (ARCHIVE_OK); 1784} 1785 1786static int 1787read_data_compressed(struct archive_read *a, const void **buff, size_t *size, 1788 int64_t *offset) 1789{ 1790 struct rar *rar; 1791 int64_t start, end, actualend; 1792 size_t bs; 1793 int ret = (ARCHIVE_OK), sym, code, lzss_offset, length, i; 1794 1795 rar = (struct rar *)(a->format->data); 1796 1797 do { 1798 if (!rar->valid) 1799 return (ARCHIVE_FATAL); 1800 if (rar->ppmd_eod || 1801 (rar->dictionary_size && rar->offset >= rar->unp_size)) 1802 { 1803 if (rar->unp_offset > 0) { 1804 /* 1805 * We have unprocessed extracted data. write it out. 1806 */ 1807 *buff = rar->unp_buffer; 1808 *size = rar->unp_offset; 1809 *offset = rar->offset_outgoing; 1810 rar->offset_outgoing += *size; 1811 /* Calculate File CRC. */ 1812 rar->crc_calculated = crc32(rar->crc_calculated, *buff, 1813 (unsigned)*size); 1814 rar->unp_offset = 0; 1815 return (ARCHIVE_OK); 1816 } 1817 *buff = NULL; 1818 *size = 0; 1819 *offset = rar->offset; 1820 if (rar->file_crc != rar->crc_calculated) { 1821 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1822 "File CRC error"); 1823 return (ARCHIVE_FATAL); 1824 } 1825 rar->entry_eof = 1; 1826 return (ARCHIVE_EOF); 1827 } 1828 1829 if (!rar->is_ppmd_block && rar->dictionary_size && rar->bytes_uncopied > 0) 1830 { 1831 if (rar->bytes_uncopied > (rar->unp_buffer_size - rar->unp_offset)) 1832 bs = rar->unp_buffer_size - rar->unp_offset; 1833 else 1834 bs = (size_t)rar->bytes_uncopied; 1835 ret = copy_from_lzss_window(a, buff, rar->offset, (int)bs); 1836 if (ret != ARCHIVE_OK) 1837 return (ret); 1838 rar->offset += bs; 1839 rar->bytes_uncopied -= bs; 1840 if (*buff != NULL) { 1841 rar->unp_offset = 0; 1842 *size = rar->unp_buffer_size; 1843 *offset = rar->offset_outgoing; 1844 rar->offset_outgoing += *size; 1845 /* Calculate File CRC. */ 1846 rar->crc_calculated = crc32(rar->crc_calculated, *buff, 1847 (unsigned)*size); 1848 return (ret); 1849 } 1850 continue; 1851 } 1852 1853 if (!rar->br.next_in && 1854 (ret = rar_br_preparation(a, &(rar->br))) < ARCHIVE_WARN) 1855 return (ret); 1856 if (rar->start_new_table && ((ret = parse_codes(a)) < (ARCHIVE_WARN))) 1857 return (ret); 1858 1859 if (rar->is_ppmd_block) 1860 { 1861 if ((sym = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1862 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1863 { 1864 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1865 "Invalid symbol"); 1866 return (ARCHIVE_FATAL); 1867 } 1868 if(sym != rar->ppmd_escape) 1869 { 1870 lzss_emit_literal(rar, sym); 1871 rar->bytes_uncopied++; 1872 } 1873 else 1874 { 1875 if ((code = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1876 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1877 { 1878 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1879 "Invalid symbol"); 1880 return (ARCHIVE_FATAL); 1881 } 1882 1883 switch(code) 1884 { 1885 case 0: 1886 rar->start_new_table = 1; 1887 return read_data_compressed(a, buff, size, offset); 1888 1889 case 2: 1890 rar->ppmd_eod = 1;/* End Of ppmd Data. */ 1891 continue; 1892 1893 case 3: 1894 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1895 "Parsing filters is unsupported."); 1896 return (ARCHIVE_FAILED); 1897 1898 case 4: 1899 lzss_offset = 0; 1900 for (i = 2; i >= 0; i--) 1901 { 1902 if ((code = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1903 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1904 { 1905 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1906 "Invalid symbol"); 1907 return (ARCHIVE_FATAL); 1908 } 1909 lzss_offset |= code << (i * 8); 1910 } 1911 if ((length = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1912 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1913 { 1914 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1915 "Invalid symbol"); 1916 return (ARCHIVE_FATAL); 1917 } 1918 lzss_emit_match(rar, lzss_offset + 2, length + 32); 1919 rar->bytes_uncopied += length + 32; 1920 break; 1921 1922 case 5: 1923 if ((length = __archive_ppmd7_functions.Ppmd7_DecodeSymbol( 1924 &rar->ppmd7_context, &rar->range_dec.p)) < 0) 1925 { 1926 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1927 "Invalid symbol"); 1928 return (ARCHIVE_FATAL); 1929 } 1930 lzss_emit_match(rar, 1, length + 4); 1931 rar->bytes_uncopied += length + 4; 1932 break; 1933 1934 default: 1935 lzss_emit_literal(rar, sym); 1936 rar->bytes_uncopied++; 1937 } 1938 } 1939 } 1940 else 1941 { 1942 start = rar->offset; 1943 end = start + rar->dictionary_size; 1944 rar->filterstart = INT64_MAX; 1945 1946 if ((actualend = expand(a, end)) < 0) 1947 return ((int)actualend); 1948 1949 rar->bytes_uncopied = actualend - start; 1950 if (rar->bytes_uncopied == 0) { 1951 /* Broken RAR files cause this case. 1952 * NOTE: If this case were possible on a normal RAR file 1953 * we would find out where it was actually bad and 1954 * what we would do to solve it. */ 1955 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 1956 "Internal error extracting RAR file"); 1957 return (ARCHIVE_FATAL); 1958 } 1959 } 1960 if (rar->bytes_uncopied > (rar->unp_buffer_size - rar->unp_offset)) 1961 bs = rar->unp_buffer_size - rar->unp_offset; 1962 else 1963 bs = (size_t)rar->bytes_uncopied; 1964 ret = copy_from_lzss_window(a, buff, rar->offset, (int)bs); 1965 if (ret != ARCHIVE_OK) 1966 return (ret); 1967 rar->offset += bs; 1968 rar->bytes_uncopied -= bs; 1969 /* 1970 * If *buff is NULL, it means unp_buffer is not full. 1971 * So we have to continue extracting a RAR file. 1972 */ 1973 } while (*buff == NULL); 1974 1975 rar->unp_offset = 0; 1976 *size = rar->unp_buffer_size; 1977 *offset = rar->offset_outgoing; 1978 rar->offset_outgoing += *size; 1979 /* Calculate File CRC. */ 1980 rar->crc_calculated = crc32(rar->crc_calculated, *buff, (unsigned)*size); 1981 return ret; 1982} 1983 1984static int 1985parse_codes(struct archive_read *a) 1986{ 1987 int i, j, val, n, r; 1988 unsigned char bitlengths[MAX_SYMBOLS], zerocount, ppmd_flags; 1989 unsigned int maxorder; 1990 struct huffman_code precode; 1991 struct rar *rar = (struct rar *)(a->format->data); 1992 struct rar_br *br = &(rar->br); 1993 1994 free_codes(a); 1995 1996 /* Skip to the next byte */ 1997 rar_br_consume_unalined_bits(br); 1998 1999 /* PPMd block flag */ 2000 if (!rar_br_read_ahead(a, br, 1)) 2001 goto truncated_data; 2002 if ((rar->is_ppmd_block = rar_br_bits(br, 1)) != 0) 2003 { 2004 rar_br_consume(br, 1); 2005 if (!rar_br_read_ahead(a, br, 7)) 2006 goto truncated_data; 2007 ppmd_flags = rar_br_bits(br, 7); 2008 rar_br_consume(br, 7); 2009 2010 /* Memory is allocated in MB */ 2011 if (ppmd_flags & 0x20) 2012 { 2013 if (!rar_br_read_ahead(a, br, 8)) 2014 goto truncated_data; 2015 rar->dictionary_size = (rar_br_bits(br, 8) + 1) << 20; 2016 rar_br_consume(br, 8); 2017 } 2018 2019 if (ppmd_flags & 0x40) 2020 { 2021 if (!rar_br_read_ahead(a, br, 8)) 2022 goto truncated_data; 2023 rar->ppmd_escape = rar->ppmd7_context.InitEsc = rar_br_bits(br, 8); 2024 rar_br_consume(br, 8); 2025 } 2026 else 2027 rar->ppmd_escape = 2; 2028 2029 if (ppmd_flags & 0x20) 2030 { 2031 maxorder = (ppmd_flags & 0x1F) + 1; 2032 if(maxorder > 16) 2033 maxorder = 16 + (maxorder - 16) * 3; 2034 2035 if (maxorder == 1) 2036 { 2037 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2038 "Truncated RAR file data"); 2039 return (ARCHIVE_FATAL); 2040 } 2041 2042 /* Make sure ppmd7_contest is freed before Ppmd7_Construct 2043 * because reading a broken file cause this abnormal sequence. */ 2044 __archive_ppmd7_functions.Ppmd7_Free(&rar->ppmd7_context, &g_szalloc); 2045 2046 rar->bytein.a = a; 2047 rar->bytein.Read = &ppmd_read; 2048 __archive_ppmd7_functions.PpmdRAR_RangeDec_CreateVTable(&rar->range_dec); 2049 rar->range_dec.Stream = &rar->bytein; 2050 __archive_ppmd7_functions.Ppmd7_Construct(&rar->ppmd7_context); 2051 2052 if (!__archive_ppmd7_functions.Ppmd7_Alloc(&rar->ppmd7_context, 2053 rar->dictionary_size, &g_szalloc)) 2054 { 2055 archive_set_error(&a->archive, ENOMEM, 2056 "Out of memory"); 2057 return (ARCHIVE_FATAL); 2058 } 2059 if (!__archive_ppmd7_functions.PpmdRAR_RangeDec_Init(&rar->range_dec)) 2060 { 2061 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2062 "Unable to initialize PPMd range decoder"); 2063 return (ARCHIVE_FATAL); 2064 } 2065 __archive_ppmd7_functions.Ppmd7_Init(&rar->ppmd7_context, maxorder); 2066 rar->ppmd_valid = 1; 2067 } 2068 else 2069 { 2070 if (!rar->ppmd_valid) { 2071 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2072 "Invalid PPMd sequence"); 2073 return (ARCHIVE_FATAL); 2074 } 2075 if (!__archive_ppmd7_functions.PpmdRAR_RangeDec_Init(&rar->range_dec)) 2076 { 2077 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2078 "Unable to initialize PPMd range decoder"); 2079 return (ARCHIVE_FATAL); 2080 } 2081 } 2082 } 2083 else 2084 { 2085 rar_br_consume(br, 1); 2086 2087 /* Keep existing table flag */ 2088 if (!rar_br_read_ahead(a, br, 1)) 2089 goto truncated_data; 2090 if (!rar_br_bits(br, 1)) 2091 memset(rar->lengthtable, 0, sizeof(rar->lengthtable)); 2092 rar_br_consume(br, 1); 2093 2094 memset(&bitlengths, 0, sizeof(bitlengths)); 2095 for (i = 0; i < MAX_SYMBOLS;) 2096 { 2097 if (!rar_br_read_ahead(a, br, 4)) 2098 goto truncated_data; 2099 bitlengths[i++] = rar_br_bits(br, 4); 2100 rar_br_consume(br, 4); 2101 if (bitlengths[i-1] == 0xF) 2102 { 2103 if (!rar_br_read_ahead(a, br, 4)) 2104 goto truncated_data; 2105 zerocount = rar_br_bits(br, 4); 2106 rar_br_consume(br, 4); 2107 if (zerocount) 2108 { 2109 i--; 2110 for (j = 0; j < zerocount + 2 && i < MAX_SYMBOLS; j++) 2111 bitlengths[i++] = 0; 2112 } 2113 } 2114 } 2115 2116 memset(&precode, 0, sizeof(precode)); 2117 r = create_code(a, &precode, bitlengths, MAX_SYMBOLS, MAX_SYMBOL_LENGTH); 2118 if (r != ARCHIVE_OK) { 2119 free(precode.tree); 2120 free(precode.table); 2121 return (r); 2122 } 2123 2124 for (i = 0; i < HUFFMAN_TABLE_SIZE;) 2125 { 2126 if ((val = read_next_symbol(a, &precode)) < 0) { 2127 free(precode.tree); 2128 free(precode.table); 2129 return (ARCHIVE_FATAL); 2130 } 2131 if (val < 16) 2132 { 2133 rar->lengthtable[i] = (rar->lengthtable[i] + val) & 0xF; 2134 i++; 2135 } 2136 else if (val < 18) 2137 { 2138 if (i == 0) 2139 { 2140 free(precode.tree); 2141 free(precode.table); 2142 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2143 "Internal error extracting RAR file."); 2144 return (ARCHIVE_FATAL); 2145 } 2146 2147 if(val == 16) { 2148 if (!rar_br_read_ahead(a, br, 3)) { 2149 free(precode.tree); 2150 free(precode.table); 2151 goto truncated_data; 2152 } 2153 n = rar_br_bits(br, 3) + 3; 2154 rar_br_consume(br, 3); 2155 } else { 2156 if (!rar_br_read_ahead(a, br, 7)) { 2157 free(precode.tree); 2158 free(precode.table); 2159 goto truncated_data; 2160 } 2161 n = rar_br_bits(br, 7) + 11; 2162 rar_br_consume(br, 7); 2163 } 2164 2165 for (j = 0; j < n && i < HUFFMAN_TABLE_SIZE; j++) 2166 { 2167 rar->lengthtable[i] = rar->lengthtable[i-1]; 2168 i++; 2169 } 2170 } 2171 else 2172 { 2173 if(val == 18) { 2174 if (!rar_br_read_ahead(a, br, 3)) { 2175 free(precode.tree); 2176 free(precode.table); 2177 goto truncated_data; 2178 } 2179 n = rar_br_bits(br, 3) + 3; 2180 rar_br_consume(br, 3); 2181 } else { 2182 if (!rar_br_read_ahead(a, br, 7)) { 2183 free(precode.tree); 2184 free(precode.table); 2185 goto truncated_data; 2186 } 2187 n = rar_br_bits(br, 7) + 11; 2188 rar_br_consume(br, 7); 2189 } 2190 2191 for(j = 0; j < n && i < HUFFMAN_TABLE_SIZE; j++) 2192 rar->lengthtable[i++] = 0; 2193 } 2194 } 2195 free(precode.tree); 2196 free(precode.table); 2197 2198 r = create_code(a, &rar->maincode, &rar->lengthtable[0], MAINCODE_SIZE, 2199 MAX_SYMBOL_LENGTH); 2200 if (r != ARCHIVE_OK) 2201 return (r); 2202 r = create_code(a, &rar->offsetcode, &rar->lengthtable[MAINCODE_SIZE], 2203 OFFSETCODE_SIZE, MAX_SYMBOL_LENGTH); 2204 if (r != ARCHIVE_OK) 2205 return (r); 2206 r = create_code(a, &rar->lowoffsetcode, 2207 &rar->lengthtable[MAINCODE_SIZE + OFFSETCODE_SIZE], 2208 LOWOFFSETCODE_SIZE, MAX_SYMBOL_LENGTH); 2209 if (r != ARCHIVE_OK) 2210 return (r); 2211 r = create_code(a, &rar->lengthcode, 2212 &rar->lengthtable[MAINCODE_SIZE + OFFSETCODE_SIZE + 2213 LOWOFFSETCODE_SIZE], LENGTHCODE_SIZE, MAX_SYMBOL_LENGTH); 2214 if (r != ARCHIVE_OK) 2215 return (r); 2216 } 2217 2218 if (!rar->dictionary_size || !rar->lzss.window) 2219 { 2220 /* Seems as though dictionary sizes are not used. Even so, minimize 2221 * memory usage as much as possible. 2222 */ 2223 void *new_window; 2224 unsigned int new_size; 2225 2226 if (rar->unp_size >= DICTIONARY_MAX_SIZE) 2227 new_size = DICTIONARY_MAX_SIZE; 2228 else 2229 new_size = rar_fls((unsigned int)rar->unp_size) << 1; 2230 new_window = realloc(rar->lzss.window, new_size); 2231 if (new_window == NULL) { 2232 archive_set_error(&a->archive, ENOMEM, 2233 "Unable to allocate memory for uncompressed data."); 2234 return (ARCHIVE_FATAL); 2235 } 2236 rar->lzss.window = (unsigned char *)new_window; 2237 rar->dictionary_size = new_size; 2238 memset(rar->lzss.window, 0, rar->dictionary_size); 2239 rar->lzss.mask = rar->dictionary_size - 1; 2240 } 2241 2242 rar->start_new_table = 0; 2243 return (ARCHIVE_OK); 2244truncated_data: 2245 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2246 "Truncated RAR file data"); 2247 rar->valid = 0; 2248 return (ARCHIVE_FATAL); 2249} 2250 2251static void 2252free_codes(struct archive_read *a) 2253{ 2254 struct rar *rar = (struct rar *)(a->format->data); 2255 free(rar->maincode.tree); 2256 free(rar->offsetcode.tree); 2257 free(rar->lowoffsetcode.tree); 2258 free(rar->lengthcode.tree); 2259 free(rar->maincode.table); 2260 free(rar->offsetcode.table); 2261 free(rar->lowoffsetcode.table); 2262 free(rar->lengthcode.table); 2263 memset(&rar->maincode, 0, sizeof(rar->maincode)); 2264 memset(&rar->offsetcode, 0, sizeof(rar->offsetcode)); 2265 memset(&rar->lowoffsetcode, 0, sizeof(rar->lowoffsetcode)); 2266 memset(&rar->lengthcode, 0, sizeof(rar->lengthcode)); 2267} 2268 2269 2270static int 2271read_next_symbol(struct archive_read *a, struct huffman_code *code) 2272{ 2273 unsigned char bit; 2274 unsigned int bits; 2275 int length, value, node; 2276 struct rar *rar; 2277 struct rar_br *br; 2278 2279 if (!code->table) 2280 { 2281 if (make_table(a, code) != (ARCHIVE_OK)) 2282 return -1; 2283 } 2284 2285 rar = (struct rar *)(a->format->data); 2286 br = &(rar->br); 2287 2288 /* Look ahead (peek) at bits */ 2289 if (!rar_br_read_ahead(a, br, code->tablesize)) { 2290 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2291 "Truncated RAR file data"); 2292 rar->valid = 0; 2293 return -1; 2294 } 2295 bits = rar_br_bits(br, code->tablesize); 2296 2297 length = code->table[bits].length; 2298 value = code->table[bits].value; 2299 2300 if (length < 0) 2301 { 2302 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2303 "Invalid prefix code in bitstream"); 2304 return -1; 2305 } 2306 2307 if (length <= code->tablesize) 2308 { 2309 /* Skip length bits */ 2310 rar_br_consume(br, length); 2311 return value; 2312 } 2313 2314 /* Skip tablesize bits */ 2315 rar_br_consume(br, code->tablesize); 2316 2317 node = value; 2318 while (!(code->tree[node].branches[0] == 2319 code->tree[node].branches[1])) 2320 { 2321 if (!rar_br_read_ahead(a, br, 1)) { 2322 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2323 "Truncated RAR file data"); 2324 rar->valid = 0; 2325 return -1; 2326 } 2327 bit = rar_br_bits(br, 1); 2328 rar_br_consume(br, 1); 2329 2330 if (code->tree[node].branches[bit] < 0) 2331 { 2332 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2333 "Invalid prefix code in bitstream"); 2334 return -1; 2335 } 2336 node = code->tree[node].branches[bit]; 2337 } 2338 2339 return code->tree[node].branches[0]; 2340} 2341 2342static int 2343create_code(struct archive_read *a, struct huffman_code *code, 2344 unsigned char *lengths, int numsymbols, char maxlength) 2345{ 2346 int i, j, codebits = 0, symbolsleft = numsymbols; 2347 2348 if (new_node(code) < 0) { 2349 archive_set_error(&a->archive, ENOMEM, 2350 "Unable to allocate memory for node data."); 2351 return (ARCHIVE_FATAL); 2352 } 2353 code->numentries = 1; 2354 code->minlength = INT_MAX; 2355 code->maxlength = INT_MIN; 2356 codebits = 0; 2357 for(i = 1; i <= maxlength; i++) 2358 { 2359 for(j = 0; j < numsymbols; j++) 2360 { 2361 if (lengths[j] != i) continue; 2362 if (add_value(a, code, j, codebits, i) != ARCHIVE_OK) 2363 return (ARCHIVE_FATAL); 2364 codebits++; 2365 if (--symbolsleft <= 0) { break; break; } 2366 } 2367 codebits <<= 1; 2368 } 2369 return (ARCHIVE_OK); 2370} 2371 2372static int 2373add_value(struct archive_read *a, struct huffman_code *code, int value, 2374 int codebits, int length) 2375{ 2376 int repeatpos, lastnode, bitpos, bit, repeatnode, nextnode; 2377 2378 free(code->table); 2379 code->table = NULL; 2380 2381 if(length > code->maxlength) 2382 code->maxlength = length; 2383 if(length < code->minlength) 2384 code->minlength = length; 2385 2386 repeatpos = -1; 2387 if (repeatpos == 0 || (repeatpos >= 0 2388 && (((codebits >> (repeatpos - 1)) & 3) == 0 2389 || ((codebits >> (repeatpos - 1)) & 3) == 3))) 2390 { 2391 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2392 "Invalid repeat position"); 2393 return (ARCHIVE_FATAL); 2394 } 2395 2396 lastnode = 0; 2397 for (bitpos = length - 1; bitpos >= 0; bitpos--) 2398 { 2399 bit = (codebits >> bitpos) & 1; 2400 2401 /* Leaf node check */ 2402 if (code->tree[lastnode].branches[0] == 2403 code->tree[lastnode].branches[1]) 2404 { 2405 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2406 "Prefix found"); 2407 return (ARCHIVE_FATAL); 2408 } 2409 2410 if (bitpos == repeatpos) 2411 { 2412 /* Open branch check */ 2413 if (!(code->tree[lastnode].branches[bit] < 0)) 2414 { 2415 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2416 "Invalid repeating code"); 2417 return (ARCHIVE_FATAL); 2418 } 2419 2420 if ((repeatnode = new_node(code)) < 0) { 2421 archive_set_error(&a->archive, ENOMEM, 2422 "Unable to allocate memory for node data."); 2423 return (ARCHIVE_FATAL); 2424 } 2425 if ((nextnode = new_node(code)) < 0) { 2426 archive_set_error(&a->archive, ENOMEM, 2427 "Unable to allocate memory for node data."); 2428 return (ARCHIVE_FATAL); 2429 } 2430 2431 /* Set branches */ 2432 code->tree[lastnode].branches[bit] = repeatnode; 2433 code->tree[repeatnode].branches[bit] = repeatnode; 2434 code->tree[repeatnode].branches[bit^1] = nextnode; 2435 lastnode = nextnode; 2436 2437 bitpos++; /* terminating bit already handled, skip it */ 2438 } 2439 else 2440 { 2441 /* Open branch check */ 2442 if (code->tree[lastnode].branches[bit] < 0) 2443 { 2444 if (new_node(code) < 0) { 2445 archive_set_error(&a->archive, ENOMEM, 2446 "Unable to allocate memory for node data."); 2447 return (ARCHIVE_FATAL); 2448 } 2449 code->tree[lastnode].branches[bit] = code->numentries++; 2450 } 2451 2452 /* set to branch */ 2453 lastnode = code->tree[lastnode].branches[bit]; 2454 } 2455 } 2456 2457 if (!(code->tree[lastnode].branches[0] == -1 2458 && code->tree[lastnode].branches[1] == -2)) 2459 { 2460 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2461 "Prefix found"); 2462 return (ARCHIVE_FATAL); 2463 } 2464 2465 /* Set leaf value */ 2466 code->tree[lastnode].branches[0] = value; 2467 code->tree[lastnode].branches[1] = value; 2468 2469 return (ARCHIVE_OK); 2470} 2471 2472static int 2473new_node(struct huffman_code *code) 2474{ 2475 void *new_tree; 2476 2477 new_tree = realloc(code->tree, (code->numentries + 1) * sizeof(*code->tree)); 2478 if (new_tree == NULL) 2479 return (-1); 2480 code->tree = (struct huffman_tree_node *)new_tree; 2481 code->tree[code->numentries].branches[0] = -1; 2482 code->tree[code->numentries].branches[1] = -2; 2483 return 1; 2484} 2485 2486static int 2487make_table(struct archive_read *a, struct huffman_code *code) 2488{ 2489 if (code->maxlength < code->minlength || code->maxlength > 10) 2490 code->tablesize = 10; 2491 else 2492 code->tablesize = code->maxlength; 2493 2494 code->table = 2495 (struct huffman_table_entry *)calloc(1, sizeof(*code->table) 2496 * ((size_t)1 << code->tablesize)); 2497 2498 return make_table_recurse(a, code, 0, code->table, 0, code->tablesize); 2499} 2500 2501static int 2502make_table_recurse(struct archive_read *a, struct huffman_code *code, int node, 2503 struct huffman_table_entry *table, int depth, 2504 int maxdepth) 2505{ 2506 int currtablesize, i, ret = (ARCHIVE_OK); 2507 2508 if (!code->tree) 2509 { 2510 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2511 "Huffman tree was not created."); 2512 return (ARCHIVE_FATAL); 2513 } 2514 if (node < 0 || node >= code->numentries) 2515 { 2516 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2517 "Invalid location to Huffman tree specified."); 2518 return (ARCHIVE_FATAL); 2519 } 2520 2521 currtablesize = 1 << (maxdepth - depth); 2522 2523 if (code->tree[node].branches[0] == 2524 code->tree[node].branches[1]) 2525 { 2526 for(i = 0; i < currtablesize; i++) 2527 { 2528 table[i].length = depth; 2529 table[i].value = code->tree[node].branches[0]; 2530 } 2531 } 2532 else if (node < 0) 2533 { 2534 for(i = 0; i < currtablesize; i++) 2535 table[i].length = -1; 2536 } 2537 else 2538 { 2539 if(depth == maxdepth) 2540 { 2541 table[0].length = maxdepth + 1; 2542 table[0].value = node; 2543 } 2544 else 2545 { 2546 ret |= make_table_recurse(a, code, code->tree[node].branches[0], table, 2547 depth + 1, maxdepth); 2548 ret |= make_table_recurse(a, code, code->tree[node].branches[1], 2549 table + currtablesize / 2, depth + 1, maxdepth); 2550 } 2551 } 2552 return ret; 2553} 2554 2555static int64_t 2556expand(struct archive_read *a, int64_t end) 2557{ 2558 static const unsigned char lengthbases[] = 2559 { 0, 1, 2, 3, 4, 5, 6, 2560 7, 8, 10, 12, 14, 16, 20, 2561 24, 28, 32, 40, 48, 56, 64, 2562 80, 96, 112, 128, 160, 192, 224 }; 2563 static const unsigned char lengthbits[] = 2564 { 0, 0, 0, 0, 0, 0, 0, 2565 0, 1, 1, 1, 1, 2, 2, 2566 2, 2, 3, 3, 3, 3, 4, 2567 4, 4, 4, 5, 5, 5, 5 }; 2568 static const unsigned int offsetbases[] = 2569 { 0, 1, 2, 3, 4, 6, 2570 8, 12, 16, 24, 32, 48, 2571 64, 96, 128, 192, 256, 384, 2572 512, 768, 1024, 1536, 2048, 3072, 2573 4096, 6144, 8192, 12288, 16384, 24576, 2574 32768, 49152, 65536, 98304, 131072, 196608, 2575 262144, 327680, 393216, 458752, 524288, 589824, 2576 655360, 720896, 786432, 851968, 917504, 983040, 2577 1048576, 1310720, 1572864, 1835008, 2097152, 2359296, 2578 2621440, 2883584, 3145728, 3407872, 3670016, 3932160 }; 2579 static const unsigned char offsetbits[] = 2580 { 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 2581 5, 5, 6, 6, 7, 7, 8, 8, 9, 9, 10, 10, 2582 11, 11, 12, 12, 13, 13, 14, 14, 15, 15, 16, 16, 2583 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 2584 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18, 18 }; 2585 static const unsigned char shortbases[] = 2586 { 0, 4, 8, 16, 32, 64, 128, 192 }; 2587 static const unsigned char shortbits[] = 2588 { 2, 2, 3, 4, 5, 6, 6, 6 }; 2589 2590 int symbol, offs, len, offsindex, lensymbol, i, offssymbol, lowoffsetsymbol; 2591 unsigned char newfile; 2592 struct rar *rar = (struct rar *)(a->format->data); 2593 struct rar_br *br = &(rar->br); 2594 2595 if (rar->filterstart < end) 2596 end = rar->filterstart; 2597 2598 while (1) 2599 { 2600 if (rar->output_last_match && 2601 lzss_position(&rar->lzss) + rar->lastlength <= end) 2602 { 2603 lzss_emit_match(rar, rar->lastoffset, rar->lastlength); 2604 rar->output_last_match = 0; 2605 } 2606 2607 if(rar->is_ppmd_block || rar->output_last_match || 2608 lzss_position(&rar->lzss) >= end) 2609 return lzss_position(&rar->lzss); 2610 2611 if ((symbol = read_next_symbol(a, &rar->maincode)) < 0) 2612 return (ARCHIVE_FATAL); 2613 rar->output_last_match = 0; 2614 2615 if (symbol < 256) 2616 { 2617 lzss_emit_literal(rar, symbol); 2618 continue; 2619 } 2620 else if (symbol == 256) 2621 { 2622 if (!rar_br_read_ahead(a, br, 1)) 2623 goto truncated_data; 2624 newfile = !rar_br_bits(br, 1); 2625 rar_br_consume(br, 1); 2626 2627 if(newfile) 2628 { 2629 rar->start_new_block = 1; 2630 if (!rar_br_read_ahead(a, br, 1)) 2631 goto truncated_data; 2632 rar->start_new_table = rar_br_bits(br, 1); 2633 rar_br_consume(br, 1); 2634 return lzss_position(&rar->lzss); 2635 } 2636 else 2637 { 2638 if (parse_codes(a) != ARCHIVE_OK) 2639 return (ARCHIVE_FATAL); 2640 continue; 2641 } 2642 } 2643 else if(symbol==257) 2644 { 2645 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2646 "Parsing filters is unsupported."); 2647 return (ARCHIVE_FAILED); 2648 } 2649 else if(symbol==258) 2650 { 2651 if(rar->lastlength == 0) 2652 continue; 2653 2654 offs = rar->lastoffset; 2655 len = rar->lastlength; 2656 } 2657 else if (symbol <= 262) 2658 { 2659 offsindex = symbol - 259; 2660 offs = rar->oldoffset[offsindex]; 2661 2662 if ((lensymbol = read_next_symbol(a, &rar->lengthcode)) < 0) 2663 goto bad_data; 2664 if (lensymbol > (int)(sizeof(lengthbases)/sizeof(lengthbases[0]))) 2665 goto bad_data; 2666 if (lensymbol > (int)(sizeof(lengthbits)/sizeof(lengthbits[0]))) 2667 goto bad_data; 2668 len = lengthbases[lensymbol] + 2; 2669 if (lengthbits[lensymbol] > 0) { 2670 if (!rar_br_read_ahead(a, br, lengthbits[lensymbol])) 2671 goto truncated_data; 2672 len += rar_br_bits(br, lengthbits[lensymbol]); 2673 rar_br_consume(br, lengthbits[lensymbol]); 2674 } 2675 2676 for (i = offsindex; i > 0; i--) 2677 rar->oldoffset[i] = rar->oldoffset[i-1]; 2678 rar->oldoffset[0] = offs; 2679 } 2680 else if(symbol<=270) 2681 { 2682 offs = shortbases[symbol-263] + 1; 2683 if(shortbits[symbol-263] > 0) { 2684 if (!rar_br_read_ahead(a, br, shortbits[symbol-263])) 2685 goto truncated_data; 2686 offs += rar_br_bits(br, shortbits[symbol-263]); 2687 rar_br_consume(br, shortbits[symbol-263]); 2688 } 2689 2690 len = 2; 2691 2692 for(i = 3; i > 0; i--) 2693 rar->oldoffset[i] = rar->oldoffset[i-1]; 2694 rar->oldoffset[0] = offs; 2695 } 2696 else 2697 { 2698 if (symbol-271 > (int)(sizeof(lengthbases)/sizeof(lengthbases[0]))) 2699 goto bad_data; 2700 if (symbol-271 > (int)(sizeof(lengthbits)/sizeof(lengthbits[0]))) 2701 goto bad_data; 2702 len = lengthbases[symbol-271]+3; 2703 if(lengthbits[symbol-271] > 0) { 2704 if (!rar_br_read_ahead(a, br, lengthbits[symbol-271])) 2705 goto truncated_data; 2706 len += rar_br_bits(br, lengthbits[symbol-271]); 2707 rar_br_consume(br, lengthbits[symbol-271]); 2708 } 2709 2710 if ((offssymbol = read_next_symbol(a, &rar->offsetcode)) < 0) 2711 goto bad_data; 2712 if (offssymbol > (int)(sizeof(offsetbases)/sizeof(offsetbases[0]))) 2713 goto bad_data; 2714 if (offssymbol > (int)(sizeof(offsetbits)/sizeof(offsetbits[0]))) 2715 goto bad_data; 2716 offs = offsetbases[offssymbol]+1; 2717 if(offsetbits[offssymbol] > 0) 2718 { 2719 if(offssymbol > 9) 2720 { 2721 if(offsetbits[offssymbol] > 4) { 2722 if (!rar_br_read_ahead(a, br, offsetbits[offssymbol] - 4)) 2723 goto truncated_data; 2724 offs += rar_br_bits(br, offsetbits[offssymbol] - 4) << 4; 2725 rar_br_consume(br, offsetbits[offssymbol] - 4); 2726 } 2727 2728 if(rar->numlowoffsetrepeats > 0) 2729 { 2730 rar->numlowoffsetrepeats--; 2731 offs += rar->lastlowoffset; 2732 } 2733 else 2734 { 2735 if ((lowoffsetsymbol = 2736 read_next_symbol(a, &rar->lowoffsetcode)) < 0) 2737 return (ARCHIVE_FATAL); 2738 if(lowoffsetsymbol == 16) 2739 { 2740 rar->numlowoffsetrepeats = 15; 2741 offs += rar->lastlowoffset; 2742 } 2743 else 2744 { 2745 offs += lowoffsetsymbol; 2746 rar->lastlowoffset = lowoffsetsymbol; 2747 } 2748 } 2749 } 2750 else { 2751 if (!rar_br_read_ahead(a, br, offsetbits[offssymbol])) 2752 goto truncated_data; 2753 offs += rar_br_bits(br, offsetbits[offssymbol]); 2754 rar_br_consume(br, offsetbits[offssymbol]); 2755 } 2756 } 2757 2758 if (offs >= 0x40000) 2759 len++; 2760 if (offs >= 0x2000) 2761 len++; 2762 2763 for(i = 3; i > 0; i--) 2764 rar->oldoffset[i] = rar->oldoffset[i-1]; 2765 rar->oldoffset[0] = offs; 2766 } 2767 2768 rar->lastoffset = offs; 2769 rar->lastlength = len; 2770 rar->output_last_match = 1; 2771 } 2772truncated_data: 2773 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2774 "Truncated RAR file data"); 2775 rar->valid = 0; 2776 return (ARCHIVE_FATAL); 2777bad_data: 2778 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2779 "Bad RAR file data"); 2780 return (ARCHIVE_FATAL); 2781} 2782 2783static int 2784copy_from_lzss_window(struct archive_read *a, const void **buffer, 2785 int64_t startpos, int length) 2786{ 2787 int windowoffs, firstpart; 2788 struct rar *rar = (struct rar *)(a->format->data); 2789 2790 if (!rar->unp_buffer) 2791 { 2792 if ((rar->unp_buffer = malloc(rar->unp_buffer_size)) == NULL) 2793 { 2794 archive_set_error(&a->archive, ENOMEM, 2795 "Unable to allocate memory for uncompressed data."); 2796 return (ARCHIVE_FATAL); 2797 } 2798 } 2799 2800 windowoffs = lzss_offset_for_position(&rar->lzss, startpos); 2801 if(windowoffs + length <= lzss_size(&rar->lzss)) 2802 memcpy(&rar->unp_buffer[rar->unp_offset], &rar->lzss.window[windowoffs], 2803 length); 2804 else 2805 { 2806 firstpart = lzss_size(&rar->lzss) - windowoffs; 2807 if (firstpart < 0) { 2808 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 2809 "Bad RAR file data"); 2810 return (ARCHIVE_FATAL); 2811 } 2812 if (firstpart < length) { 2813 memcpy(&rar->unp_buffer[rar->unp_offset], 2814 &rar->lzss.window[windowoffs], firstpart); 2815 memcpy(&rar->unp_buffer[rar->unp_offset + firstpart], 2816 &rar->lzss.window[0], length - firstpart); 2817 } else 2818 memcpy(&rar->unp_buffer[rar->unp_offset], 2819 &rar->lzss.window[windowoffs], length); 2820 } 2821 rar->unp_offset += length; 2822 if (rar->unp_offset >= rar->unp_buffer_size) 2823 *buffer = rar->unp_buffer; 2824 else 2825 *buffer = NULL; 2826 return (ARCHIVE_OK); 2827} 2828 2829static const void * 2830rar_read_ahead(struct archive_read *a, size_t min, ssize_t *avail) 2831{ 2832 struct rar *rar = (struct rar *)(a->format->data); 2833 const void *h = __archive_read_ahead(a, min, avail); 2834 int ret; 2835 if (avail) 2836 { 2837 if (a->read_data_is_posix_read && *avail > (ssize_t)a->read_data_requested) 2838 *avail = a->read_data_requested; 2839 if (*avail > rar->bytes_remaining) 2840 *avail = (ssize_t)rar->bytes_remaining; 2841 if (*avail < 0) 2842 return NULL; 2843 else if (*avail == 0 && rar->main_flags & MHD_VOLUME && 2844 rar->file_flags & FHD_SPLIT_AFTER) 2845 { 2846 ret = archive_read_format_rar_read_header(a, a->entry); 2847 if (ret == (ARCHIVE_EOF)) 2848 { 2849 rar->has_endarc_header = 1; 2850 ret = archive_read_format_rar_read_header(a, a->entry); 2851 } 2852 if (ret != (ARCHIVE_OK)) 2853 return NULL; 2854 return rar_read_ahead(a, min, avail); 2855 } 2856 } 2857 return h; 2858} 2859