blob: 38f939fb22a67cf50a9096233370de9f163c7473 [file] [log] [blame]
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -08001/*
2 * Copyright 2006 The Android Open Source Project
3 *
4 * Simple Zip file support.
5 */
6#include "safe_iop.h"
7#include "zlib.h"
8
9#include <errno.h>
10#include <fcntl.h>
11#include <limits.h>
12#include <stdint.h> // for uintptr_t
13#include <stdlib.h>
14#include <sys/stat.h> // for S_ISLNK()
15#include <unistd.h>
16
17#define LOG_TAG "minzip"
18#include "Zip.h"
19#include "Bits.h"
20#include "Log.h"
21#include "DirUtil.h"
22
23#undef NDEBUG // do this after including Log.h
24#include <assert.h>
25
26#define SORT_ENTRIES 1
27
28/*
29 * Offset and length constants (java.util.zip naming convention).
30 */
31enum {
32 CENSIG = 0x02014b50, // PK12
33 CENHDR = 46,
34
35 CENVEM = 4,
36 CENVER = 6,
37 CENFLG = 8,
38 CENHOW = 10,
39 CENTIM = 12,
40 CENCRC = 16,
41 CENSIZ = 20,
42 CENLEN = 24,
43 CENNAM = 28,
Doug Zongker596271f2009-04-29 16:52:04 -070044 CENEXT = 30,
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080045 CENCOM = 32,
46 CENDSK = 34,
47 CENATT = 36,
48 CENATX = 38,
49 CENOFF = 42,
50
51 ENDSIG = 0x06054b50, // PK56
52 ENDHDR = 22,
53
54 ENDSUB = 8,
55 ENDTOT = 10,
56 ENDSIZ = 12,
57 ENDOFF = 16,
58 ENDCOM = 20,
59
60 EXTSIG = 0x08074b50, // PK78
61 EXTHDR = 16,
62
63 EXTCRC = 4,
64 EXTSIZ = 8,
65 EXTLEN = 12,
66
67 LOCSIG = 0x04034b50, // PK34
68 LOCHDR = 30,
Doug Zongker596271f2009-04-29 16:52:04 -070069
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080070 LOCVER = 4,
71 LOCFLG = 6,
72 LOCHOW = 8,
73 LOCTIM = 10,
74 LOCCRC = 14,
Doug Zongker596271f2009-04-29 16:52:04 -070075 LOCSIZ = 18,
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080076 LOCLEN = 22,
77 LOCNAM = 26,
78 LOCEXT = 28,
79
80 STORED = 0,
81 DEFLATED = 8,
82
83 CENVEM_UNIX = 3 << 8, // the high byte of CENVEM
84};
85
86
87/*
88 * For debugging, dump the contents of a ZipEntry.
89 */
90#if 0
91static void dumpEntry(const ZipEntry* pEntry)
92{
93 LOGI(" %p '%.*s'\n", pEntry->fileName,pEntry->fileNameLen,pEntry->fileName);
94 LOGI(" off=%ld comp=%ld uncomp=%ld how=%d\n", pEntry->offset,
95 pEntry->compLen, pEntry->uncompLen, pEntry->compression);
96}
97#endif
98
99/*
100 * (This is a mzHashTableLookup callback.)
101 *
102 * Compare two ZipEntry structs, by name.
103 */
104static int hashcmpZipEntry(const void* ventry1, const void* ventry2)
105{
106 const ZipEntry* entry1 = (const ZipEntry*) ventry1;
107 const ZipEntry* entry2 = (const ZipEntry*) ventry2;
108
109 if (entry1->fileNameLen != entry2->fileNameLen)
110 return entry1->fileNameLen - entry2->fileNameLen;
111 return memcmp(entry1->fileName, entry2->fileName, entry1->fileNameLen);
112}
113
114/*
115 * (This is a mzHashTableLookup callback.)
116 *
117 * find a ZipEntry struct by name.
118 */
119static int hashcmpZipName(const void* ventry, const void* vname)
120{
121 const ZipEntry* entry = (const ZipEntry*) ventry;
122 const char* name = (const char*) vname;
123 unsigned int nameLen = strlen(name);
124
125 if (entry->fileNameLen != nameLen)
126 return entry->fileNameLen - nameLen;
127 return memcmp(entry->fileName, name, nameLen);
128}
129
130/*
131 * Compute the hash code for a ZipEntry filename.
132 *
133 * Not expected to be compatible with any other hash function, so we init
134 * to 2 to ensure it doesn't happen to match.
135 */
136static unsigned int computeHash(const char* name, int nameLen)
137{
138 unsigned int hash = 2;
139
140 while (nameLen--)
141 hash = hash * 31 + *name++;
142
143 return hash;
144}
145
146static void addEntryToHashTable(HashTable* pHash, ZipEntry* pEntry)
147{
148 unsigned int itemHash = computeHash(pEntry->fileName, pEntry->fileNameLen);
149 const ZipEntry* found;
150
151 found = (const ZipEntry*)mzHashTableLookup(pHash,
152 itemHash, pEntry, hashcmpZipEntry, true);
153 if (found != pEntry) {
154 LOGW("WARNING: duplicate entry '%.*s' in Zip\n",
155 found->fileNameLen, found->fileName);
156 /* keep going */
157 }
158}
159
160static int validFilename(const char *fileName, unsigned int fileNameLen)
161{
162 // Forbid super long filenames.
163 if (fileNameLen >= PATH_MAX) {
164 LOGW("Filename too long (%d chatacters)\n", fileNameLen);
165 return 0;
166 }
167
168 // Require all characters to be printable ASCII (no NUL, no UTF-8, etc).
169 unsigned int i;
170 for (i = 0; i < fileNameLen; ++i) {
171 if (fileName[i] < 32 || fileName[i] >= 127) {
172 LOGW("Filename contains invalid character '\%03o'\n", fileName[i]);
173 return 0;
174 }
175 }
176
177 return 1;
178}
179
180/*
181 * Parse the contents of a Zip archive. After confirming that the file
182 * is in fact a Zip, we scan out the contents of the central directory and
183 * store it in a hash table.
184 *
185 * Returns "true" on success.
186 */
Doug Zongker99916f02014-01-13 14:16:58 -0800187static bool parseZipArchive(ZipArchive* pArchive)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800188{
189 bool result = false;
190 const unsigned char* ptr;
191 unsigned int i, numEntries, cdOffset;
192 unsigned int val;
193
194 /*
195 * The first 4 bytes of the file will either be the local header
196 * signature for the first file (LOCSIG) or, if the archive doesn't
197 * have any files in it, the end-of-central-directory signature (ENDSIG).
198 */
Doug Zongker99916f02014-01-13 14:16:58 -0800199 val = get4LE(pArchive->addr);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800200 if (val == ENDSIG) {
Tao Baodd4d9812015-07-15 14:13:06 -0700201 LOGW("Found Zip archive, but it looks empty\n");
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800202 goto bail;
203 } else if (val != LOCSIG) {
Tao Baodd4d9812015-07-15 14:13:06 -0700204 LOGW("Not a Zip archive (found 0x%08x)\n", val);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800205 goto bail;
206 }
207
208 /*
209 * Find the EOCD. We'll find it immediately unless they have a file
210 * comment.
211 */
Doug Zongker99916f02014-01-13 14:16:58 -0800212 ptr = pArchive->addr + pArchive->length - ENDHDR;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800213
Doug Zongker99916f02014-01-13 14:16:58 -0800214 while (ptr >= (const unsigned char*) pArchive->addr) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800215 if (*ptr == (ENDSIG & 0xff) && get4LE(ptr) == ENDSIG)
216 break;
217 ptr--;
218 }
Doug Zongker99916f02014-01-13 14:16:58 -0800219 if (ptr < (const unsigned char*) pArchive->addr) {
Tao Baodd4d9812015-07-15 14:13:06 -0700220 LOGW("Could not find end-of-central-directory in Zip\n");
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800221 goto bail;
222 }
223
224 /*
225 * There are two interesting items in the EOCD block: the number of
226 * entries in the file, and the file offset of the start of the
227 * central directory.
228 */
229 numEntries = get2LE(ptr + ENDSUB);
230 cdOffset = get4LE(ptr + ENDOFF);
231
232 LOGVV("numEntries=%d cdOffset=%d\n", numEntries, cdOffset);
Doug Zongker99916f02014-01-13 14:16:58 -0800233 if (numEntries == 0 || cdOffset >= pArchive->length) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800234 LOGW("Invalid entries=%d offset=%d (len=%zd)\n",
Doug Zongker99916f02014-01-13 14:16:58 -0800235 numEntries, cdOffset, pArchive->length);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800236 goto bail;
237 }
238
239 /*
240 * Create data structures to hold entries.
241 */
242 pArchive->numEntries = numEntries;
243 pArchive->pEntries = (ZipEntry*) calloc(numEntries, sizeof(ZipEntry));
244 pArchive->pHash = mzHashTableCreate(mzHashSize(numEntries), NULL);
245 if (pArchive->pEntries == NULL || pArchive->pHash == NULL)
246 goto bail;
247
Doug Zongker99916f02014-01-13 14:16:58 -0800248 ptr = pArchive->addr + cdOffset;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800249 for (i = 0; i < numEntries; i++) {
250 ZipEntry* pEntry;
251 unsigned int fileNameLen, extraLen, commentLen, localHdrOffset;
252 const unsigned char* localHdr;
253 const char *fileName;
254
Doug Zongker99916f02014-01-13 14:16:58 -0800255 if (ptr + CENHDR > (const unsigned char*)pArchive->addr + pArchive->length) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800256 LOGW("Ran off the end (at %d)\n", i);
257 goto bail;
258 }
259 if (get4LE(ptr) != CENSIG) {
260 LOGW("Missed a central dir sig (at %d)\n", i);
261 goto bail;
262 }
263
264 localHdrOffset = get4LE(ptr + CENOFF);
265 fileNameLen = get2LE(ptr + CENNAM);
266 extraLen = get2LE(ptr + CENEXT);
267 commentLen = get2LE(ptr + CENCOM);
268 fileName = (const char*)ptr + CENHDR;
Doug Zongker99916f02014-01-13 14:16:58 -0800269 if (fileName + fileNameLen > (const char*)pArchive->addr + pArchive->length) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800270 LOGW("Filename ran off the end (at %d)\n", i);
271 goto bail;
272 }
273 if (!validFilename(fileName, fileNameLen)) {
274 LOGW("Invalid filename (at %d)\n", i);
275 goto bail;
276 }
277
278#if SORT_ENTRIES
279 /* Figure out where this entry should go (binary search).
280 */
281 if (i > 0) {
282 int low, high;
283
284 low = 0;
285 high = i - 1;
286 while (low <= high) {
287 int mid;
288 int diff;
289 int diffLen;
290
291 mid = low + ((high - low) / 2); // avoid overflow
292
293 if (pArchive->pEntries[mid].fileNameLen < fileNameLen) {
294 diffLen = pArchive->pEntries[mid].fileNameLen;
295 } else {
296 diffLen = fileNameLen;
297 }
298 diff = strncmp(pArchive->pEntries[mid].fileName, fileName,
299 diffLen);
300 if (diff == 0) {
301 diff = pArchive->pEntries[mid].fileNameLen - fileNameLen;
302 }
303 if (diff < 0) {
304 low = mid + 1;
305 } else if (diff > 0) {
306 high = mid - 1;
307 } else {
308 high = mid;
309 break;
310 }
311 }
312
313 unsigned int target = high + 1;
314 assert(target <= i);
315 if (target != i) {
316 /* It belongs somewhere other than at the end of
317 * the list. Make some room at [target].
318 */
319 memmove(pArchive->pEntries + target + 1,
320 pArchive->pEntries + target,
321 (i - target) * sizeof(ZipEntry));
322 }
323 pEntry = &pArchive->pEntries[target];
324 } else {
325 pEntry = &pArchive->pEntries[0];
326 }
327#else
328 pEntry = &pArchive->pEntries[i];
329#endif
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800330 pEntry->fileNameLen = fileNameLen;
331 pEntry->fileName = fileName;
332
333 pEntry->compLen = get4LE(ptr + CENSIZ);
334 pEntry->uncompLen = get4LE(ptr + CENLEN);
335 pEntry->compression = get2LE(ptr + CENHOW);
336 pEntry->modTime = get4LE(ptr + CENTIM);
337 pEntry->crc32 = get4LE(ptr + CENCRC);
338
339 /* These two are necessary for finding the mode of the file.
340 */
341 pEntry->versionMadeBy = get2LE(ptr + CENVEM);
342 if ((pEntry->versionMadeBy & 0xff00) != 0 &&
343 (pEntry->versionMadeBy & 0xff00) != CENVEM_UNIX)
344 {
345 LOGW("Incompatible \"version made by\": 0x%02x (at %d)\n",
346 pEntry->versionMadeBy >> 8, i);
347 goto bail;
348 }
349 pEntry->externalFileAttributes = get4LE(ptr + CENATX);
350
Doug Zongker99916f02014-01-13 14:16:58 -0800351 // Perform pArchive->addr + localHdrOffset, ensuring that it won't
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800352 // overflow. This is needed because localHdrOffset is untrusted.
Doug Zongker99916f02014-01-13 14:16:58 -0800353 if (!safe_add((uintptr_t *)&localHdr, (uintptr_t)pArchive->addr,
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800354 (uintptr_t)localHdrOffset)) {
355 LOGW("Integer overflow adding in parseZipArchive\n");
356 goto bail;
357 }
358 if ((uintptr_t)localHdr + LOCHDR >
Doug Zongker99916f02014-01-13 14:16:58 -0800359 (uintptr_t)pArchive->addr + pArchive->length) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800360 LOGW("Bad offset to local header: %d (at %d)\n", localHdrOffset, i);
361 goto bail;
362 }
363 if (get4LE(localHdr) != LOCSIG) {
364 LOGW("Missed a local header sig (at %d)\n", i);
365 goto bail;
366 }
367 pEntry->offset = localHdrOffset + LOCHDR
368 + get2LE(localHdr + LOCNAM) + get2LE(localHdr + LOCEXT);
369 if (!safe_add(NULL, pEntry->offset, pEntry->compLen)) {
370 LOGW("Integer overflow adding in parseZipArchive\n");
371 goto bail;
372 }
Doug Zongker99916f02014-01-13 14:16:58 -0800373 if ((size_t)pEntry->offset + pEntry->compLen > pArchive->length) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800374 LOGW("Data ran off the end (at %d)\n", i);
375 goto bail;
376 }
377
378#if !SORT_ENTRIES
379 /* Add to hash table; no need to lock here.
380 * Can't do this now if we're sorting, because entries
381 * will move around.
382 */
383 addEntryToHashTable(pArchive->pHash, pEntry);
384#endif
385
386 //dumpEntry(pEntry);
387 ptr += CENHDR + fileNameLen + extraLen + commentLen;
388 }
389
390#if SORT_ENTRIES
391 /* If we're sorting, we have to wait until all entries
392 * are in their final places, otherwise the pointers will
393 * probably point to the wrong things.
394 */
395 for (i = 0; i < numEntries; i++) {
396 /* Add to hash table; no need to lock here.
397 */
398 addEntryToHashTable(pArchive->pHash, &pArchive->pEntries[i]);
399 }
400#endif
401
402 result = true;
403
404bail:
405 if (!result) {
406 mzHashTableFree(pArchive->pHash);
407 pArchive->pHash = NULL;
408 }
409 return result;
410}
411
412/*
413 * Open a Zip archive and scan out the contents.
414 *
415 * The easiest way to do this is to mmap() the whole thing and do the
416 * traditional backward scan for central directory. Since the EOCD is
417 * a relatively small bit at the end, we should end up only touching a
418 * small set of pages.
419 *
420 * This will be called on non-Zip files, especially during startup, so
421 * we don't want to be too noisy about failures. (Do we want a "quiet"
422 * flag?)
423 *
424 * On success, we fill out the contents of "pArchive".
425 */
Doug Zongker99916f02014-01-13 14:16:58 -0800426int mzOpenZipArchive(unsigned char* addr, size_t length, ZipArchive* pArchive)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800427{
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800428 int err;
429
Doug Zongker99916f02014-01-13 14:16:58 -0800430 if (length < ENDHDR) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800431 err = -1;
Tao Baodd4d9812015-07-15 14:13:06 -0700432 LOGW("Archive %p is too small to be zip (%zd)\n", pArchive, length);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800433 goto bail;
434 }
435
Doug Zongker99916f02014-01-13 14:16:58 -0800436 pArchive->addr = addr;
437 pArchive->length = length;
438
439 if (!parseZipArchive(pArchive)) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800440 err = -1;
Tao Baodd4d9812015-07-15 14:13:06 -0700441 LOGW("Parsing archive %p failed\n", pArchive);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800442 goto bail;
443 }
444
445 err = 0;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800446
447bail:
448 if (err != 0)
449 mzCloseZipArchive(pArchive);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800450 return err;
451}
452
453/*
454 * Close a ZipArchive, closing the file and freeing the contents.
455 *
456 * NOTE: the ZipArchive may not have been fully created.
457 */
458void mzCloseZipArchive(ZipArchive* pArchive)
459{
460 LOGV("Closing archive %p\n", pArchive);
461
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800462 free(pArchive->pEntries);
463
464 mzHashTableFree(pArchive->pHash);
465
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800466 pArchive->pHash = NULL;
467 pArchive->pEntries = NULL;
468}
469
470/*
471 * Find a matching entry.
472 *
473 * Returns NULL if no matching entry found.
474 */
475const ZipEntry* mzFindZipEntry(const ZipArchive* pArchive,
476 const char* entryName)
477{
478 unsigned int itemHash = computeHash(entryName, strlen(entryName));
479
480 return (const ZipEntry*)mzHashTableLookup(pArchive->pHash,
481 itemHash, (char*) entryName, hashcmpZipName, false);
482}
483
484/*
485 * Return true if the entry is a symbolic link.
486 */
Narayan Kamath3e700cf2015-02-23 13:29:16 +0000487static bool mzIsZipEntrySymlink(const ZipEntry* pEntry)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800488{
489 if ((pEntry->versionMadeBy & 0xff00) == CENVEM_UNIX) {
490 return S_ISLNK(pEntry->externalFileAttributes >> 16);
491 }
492 return false;
493}
494
495/* Call processFunction on the uncompressed data of a STORED entry.
496 */
497static bool processStoredEntry(const ZipArchive *pArchive,
498 const ZipEntry *pEntry, ProcessZipEntryContentsFunction processFunction,
499 void *cookie)
500{
Doug Zongker99916f02014-01-13 14:16:58 -0800501 return processFunction(pArchive->addr + pEntry->offset, pEntry->uncompLen, cookie);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800502}
503
504static bool processDeflatedEntry(const ZipArchive *pArchive,
505 const ZipEntry *pEntry, ProcessZipEntryContentsFunction processFunction,
506 void *cookie)
507{
508 long result = -1;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800509 unsigned char procBuf[32 * 1024];
510 z_stream zstream;
511 int zerr;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800512
513 /*
514 * Initialize the zlib stream.
515 */
516 memset(&zstream, 0, sizeof(zstream));
517 zstream.zalloc = Z_NULL;
518 zstream.zfree = Z_NULL;
519 zstream.opaque = Z_NULL;
Doug Zongker99916f02014-01-13 14:16:58 -0800520 zstream.next_in = pArchive->addr + pEntry->offset;
521 zstream.avail_in = pEntry->compLen;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800522 zstream.next_out = (Bytef*) procBuf;
523 zstream.avail_out = sizeof(procBuf);
524 zstream.data_type = Z_UNKNOWN;
525
526 /*
527 * Use the undocumented "negative window bits" feature to tell zlib
528 * that there's no zlib header waiting for it.
529 */
530 zerr = inflateInit2(&zstream, -MAX_WBITS);
531 if (zerr != Z_OK) {
532 if (zerr == Z_VERSION_ERROR) {
533 LOGE("Installed zlib is not compatible with linked version (%s)\n",
534 ZLIB_VERSION);
535 } else {
536 LOGE("Call to inflateInit2 failed (zerr=%d)\n", zerr);
537 }
538 goto bail;
539 }
540
541 /*
542 * Loop while we have data.
543 */
544 do {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800545 /* uncompress the data */
546 zerr = inflate(&zstream, Z_NO_FLUSH);
547 if (zerr != Z_OK && zerr != Z_STREAM_END) {
Tao Baodd4d9812015-07-15 14:13:06 -0700548 LOGW("zlib inflate call failed (zerr=%d)\n", zerr);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800549 goto z_bail;
550 }
551
552 /* write when we're full or when we're done */
553 if (zstream.avail_out == 0 ||
554 (zerr == Z_STREAM_END && zstream.avail_out != sizeof(procBuf)))
555 {
556 long procSize = zstream.next_out - procBuf;
557 LOGVV("+++ processing %d bytes\n", (int) procSize);
558 bool ret = processFunction(procBuf, procSize, cookie);
559 if (!ret) {
560 LOGW("Process function elected to fail (in inflate)\n");
561 goto z_bail;
562 }
563
564 zstream.next_out = procBuf;
565 zstream.avail_out = sizeof(procBuf);
566 }
567 } while (zerr == Z_OK);
568
569 assert(zerr == Z_STREAM_END); /* other errors should've been caught */
570
571 // success!
572 result = zstream.total_out;
573
574z_bail:
575 inflateEnd(&zstream); /* free up any allocated structures */
576
577bail:
578 if (result != pEntry->uncompLen) {
579 if (result != -1) // error already shown?
580 LOGW("Size mismatch on inflated file (%ld vs %ld)\n",
581 result, pEntry->uncompLen);
582 return false;
583 }
584 return true;
585}
586
587/*
588 * Stream the uncompressed data through the supplied function,
589 * passing cookie to it each time it gets called. processFunction
590 * may be called more than once.
591 *
592 * If processFunction returns false, the operation is abandoned and
593 * mzProcessZipEntryContents() immediately returns false.
594 *
595 * This is useful for calculating the hash of an entry's uncompressed contents.
596 */
597bool mzProcessZipEntryContents(const ZipArchive *pArchive,
598 const ZipEntry *pEntry, ProcessZipEntryContentsFunction processFunction,
599 void *cookie)
600{
601 bool ret = false;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800602
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800603 switch (pEntry->compression) {
604 case STORED:
605 ret = processStoredEntry(pArchive, pEntry, processFunction, cookie);
606 break;
607 case DEFLATED:
608 ret = processDeflatedEntry(pArchive, pEntry, processFunction, cookie);
609 break;
610 default:
611 LOGE("Unsupported compression type %d for entry '%s'\n",
612 pEntry->compression, pEntry->fileName);
613 break;
614 }
615
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800616 return ret;
617}
618
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800619typedef struct {
620 char *buf;
621 int bufLen;
622} CopyProcessArgs;
623
624static bool copyProcessFunction(const unsigned char *data, int dataLen,
625 void *cookie)
626{
627 CopyProcessArgs *args = (CopyProcessArgs *)cookie;
628 if (dataLen <= args->bufLen) {
629 memcpy(args->buf, data, dataLen);
630 args->buf += dataLen;
631 args->bufLen -= dataLen;
632 return true;
633 }
634 return false;
635}
636
637/*
638 * Read an entry into a buffer allocated by the caller.
639 */
640bool mzReadZipEntry(const ZipArchive* pArchive, const ZipEntry* pEntry,
641 char *buf, int bufLen)
642{
643 CopyProcessArgs args;
644 bool ret;
Doug Zongker596271f2009-04-29 16:52:04 -0700645
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800646 args.buf = buf;
647 args.bufLen = bufLen;
648 ret = mzProcessZipEntryContents(pArchive, pEntry, copyProcessFunction,
649 (void *)&args);
650 if (!ret) {
651 LOGE("Can't extract entry to buffer.\n");
652 return false;
653 }
654 return true;
655}
656
657static bool writeProcessFunction(const unsigned char *data, int dataLen,
Doug Zongker683c4622009-05-05 17:50:21 -0700658 void *cookie)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800659{
Colin Cross92cdf9c2014-02-05 17:30:31 -0800660 int fd = (int)(intptr_t)cookie;
Michael Rungef5d9f892014-05-06 16:54:42 -0700661 if (dataLen == 0) {
662 return true;
663 }
Doug Zongker596271f2009-04-29 16:52:04 -0700664 ssize_t soFar = 0;
Doug Zongker683c4622009-05-05 17:50:21 -0700665 while (true) {
Elliott Hughes7bad7c42015-04-28 17:24:24 -0700666 ssize_t n = TEMP_FAILURE_RETRY(write(fd, data+soFar, dataLen-soFar));
Doug Zongker683c4622009-05-05 17:50:21 -0700667 if (n <= 0) {
Doug Zongkera9300302014-02-10 12:35:19 -0800668 LOGE("Error writing %zd bytes from zip file from %p: %s\n",
Doug Zongker683c4622009-05-05 17:50:21 -0700669 dataLen-soFar, data+soFar, strerror(errno));
Elliott Hughes7bad7c42015-04-28 17:24:24 -0700670 return false;
Doug Zongker596271f2009-04-29 16:52:04 -0700671 } else if (n > 0) {
672 soFar += n;
673 if (soFar == dataLen) return true;
674 if (soFar > dataLen) {
Doug Zongkera9300302014-02-10 12:35:19 -0800675 LOGE("write overrun? (%zd bytes instead of %d)\n",
Doug Zongker596271f2009-04-29 16:52:04 -0700676 soFar, dataLen);
677 return false;
678 }
Doug Zongker596271f2009-04-29 16:52:04 -0700679 }
Doug Zongker683c4622009-05-05 17:50:21 -0700680 }
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800681}
682
683/*
684 * Uncompress "pEntry" in "pArchive" to "fd" at the current offset.
685 */
686bool mzExtractZipEntryToFile(const ZipArchive *pArchive,
Doug Zongker1c4ceae2009-05-08 09:43:28 -0700687 const ZipEntry *pEntry, int fd)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800688{
689 bool ret = mzProcessZipEntryContents(pArchive, pEntry, writeProcessFunction,
Colin Cross92cdf9c2014-02-05 17:30:31 -0800690 (void*)(intptr_t)fd);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800691 if (!ret) {
692 LOGE("Can't extract entry to file.\n");
693 return false;
694 }
695 return true;
696}
697
Doug Zongker6aece332010-02-01 14:40:12 -0800698typedef struct {
699 unsigned char* buffer;
700 long len;
701} BufferExtractCookie;
702
703static bool bufferProcessFunction(const unsigned char *data, int dataLen,
704 void *cookie) {
705 BufferExtractCookie *bec = (BufferExtractCookie*)cookie;
706
707 memmove(bec->buffer, data, dataLen);
708 bec->buffer += dataLen;
709 bec->len -= dataLen;
710
711 return true;
712}
713
714/*
715 * Uncompress "pEntry" in "pArchive" to buffer, which must be large
716 * enough to hold mzGetZipEntryUncomplen(pEntry) bytes.
717 */
718bool mzExtractZipEntryToBuffer(const ZipArchive *pArchive,
719 const ZipEntry *pEntry, unsigned char *buffer)
720{
721 BufferExtractCookie bec;
722 bec.buffer = buffer;
723 bec.len = mzGetZipEntryUncompLen(pEntry);
724
725 bool ret = mzProcessZipEntryContents(pArchive, pEntry,
726 bufferProcessFunction, (void*)&bec);
727 if (!ret || bec.len != 0) {
728 LOGE("Can't extract entry to memory buffer.\n");
729 return false;
730 }
731 return true;
732}
733
734
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800735/* Helper state to make path translation easier and less malloc-happy.
736 */
737typedef struct {
738 const char *targetDir;
739 const char *zipDir;
740 char *buf;
741 int targetDirLen;
742 int zipDirLen;
743 int bufLen;
744} MzPathHelper;
745
746/* Given the values of targetDir and zipDir in the helper,
747 * return the target filename of the provided entry.
748 * The helper must be initialized first.
749 */
750static const char *targetEntryPath(MzPathHelper *helper, ZipEntry *pEntry)
751{
752 int needLen;
753 bool firstTime = (helper->buf == NULL);
754
755 /* target file <-- targetDir + / + entry[zipDirLen:]
756 */
757 needLen = helper->targetDirLen + 1 +
758 pEntry->fileNameLen - helper->zipDirLen + 1;
Tianjie Xu66296552016-02-22 19:49:38 -0800759 if (firstTime || needLen > helper->bufLen) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800760 char *newBuf;
761
762 needLen *= 2;
763 newBuf = (char *)realloc(helper->buf, needLen);
764 if (newBuf == NULL) {
765 return NULL;
766 }
767 helper->buf = newBuf;
768 helper->bufLen = needLen;
769 }
770
771 /* Every path will start with the target path and a slash.
772 */
773 if (firstTime) {
774 char *p = helper->buf;
775 memcpy(p, helper->targetDir, helper->targetDirLen);
776 p += helper->targetDirLen;
777 if (p == helper->buf || p[-1] != '/') {
778 helper->targetDirLen += 1;
779 *p++ = '/';
780 }
781 }
782
783 /* Replace the custom part of the path with the appropriate
784 * part of the entry's path.
785 */
786 char *epath = helper->buf + helper->targetDirLen;
787 memcpy(epath, pEntry->fileName + helper->zipDirLen,
788 pEntry->fileNameLen - helper->zipDirLen);
789 epath += pEntry->fileNameLen - helper->zipDirLen;
790 *epath = '\0';
791
792 return helper->buf;
793}
794
795/*
796 * Inflate all entries under zipDir to the directory specified by
797 * targetDir, which must exist and be a writable directory.
798 *
799 * The immediate children of zipDir will become the immediate
800 * children of targetDir; e.g., if the archive contains the entries
801 *
802 * a/b/c/one
803 * a/b/c/two
804 * a/b/c/d/three
805 *
806 * and mzExtractRecursive(a, "a/b/c", "/tmp") is called, the resulting
807 * files will be
808 *
809 * /tmp/one
810 * /tmp/two
811 * /tmp/d/three
812 *
813 * Returns true on success, false on failure.
814 */
815bool mzExtractRecursive(const ZipArchive *pArchive,
816 const char *zipDir, const char *targetDir,
Narayan Kamath9c0f5d62015-02-23 14:09:31 +0000817 const struct utimbuf *timestamp,
Stephen Smalley779701d2012-02-09 14:13:23 -0500818 void (*callback)(const char *fn, void *), void *cookie,
819 struct selabel_handle *sehnd)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800820{
821 if (zipDir[0] == '/') {
822 LOGE("mzExtractRecursive(): zipDir must be a relative path.\n");
823 return false;
824 }
825 if (targetDir[0] != '/') {
826 LOGE("mzExtractRecursive(): targetDir must be an absolute path.\n");
827 return false;
828 }
829
830 unsigned int zipDirLen;
831 char *zpath;
832
833 zipDirLen = strlen(zipDir);
834 zpath = (char *)malloc(zipDirLen + 2);
835 if (zpath == NULL) {
836 LOGE("Can't allocate %d bytes for zip path\n", zipDirLen + 2);
837 return false;
838 }
839 /* If zipDir is empty, we'll extract the entire zip file.
840 * Otherwise, canonicalize the path.
841 */
842 if (zipDirLen > 0) {
843 /* Make sure there's (hopefully, exactly one) slash at the
844 * end of the path. This way we don't need to worry about
845 * accidentally extracting "one/twothree" when a path like
846 * "one/two" is specified.
847 */
848 memcpy(zpath, zipDir, zipDirLen);
849 if (zpath[zipDirLen-1] != '/') {
850 zpath[zipDirLen++] = '/';
851 }
852 }
853 zpath[zipDirLen] = '\0';
854
855 /* Set up the helper structure that we'll use to assemble paths.
856 */
857 MzPathHelper helper;
858 helper.targetDir = targetDir;
859 helper.targetDirLen = strlen(helper.targetDir);
860 helper.zipDir = zpath;
861 helper.zipDirLen = strlen(helper.zipDir);
862 helper.buf = NULL;
863 helper.bufLen = 0;
864
865 /* Walk through the entries and extract anything whose path begins
866 * with zpath.
Nanik Tolaram4e8e93b2015-02-08 22:31:14 +1100867 //TODO: since the entries are sorted, binary search for the first match
868 // and stop after the first non-match.
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800869 */
870 unsigned int i;
871 bool seenMatch = false;
872 int ok = true;
Doug Zongkerbf80f492012-10-19 12:24:26 -0700873 int extractCount = 0;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800874 for (i = 0; i < pArchive->numEntries; i++) {
875 ZipEntry *pEntry = pArchive->pEntries + i;
876 if (pEntry->fileNameLen < zipDirLen) {
Nanik Tolaram4e8e93b2015-02-08 22:31:14 +1100877 //TODO: look out for a single empty directory entry that matches zpath, but
878 // missing the trailing slash. Most zip files seem to include
879 // the trailing slash, but I think it's legal to leave it off.
880 // e.g., zpath "a/b/", entry "a/b", with no children of the entry.
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800881 /* No chance of matching.
882 */
883#if SORT_ENTRIES
884 if (seenMatch) {
885 /* Since the entries are sorted, we can give up
886 * on the first mismatch after the first match.
887 */
888 break;
889 }
890#endif
891 continue;
892 }
893 /* If zpath is empty, this strncmp() will match everything,
894 * which is what we want.
895 */
896 if (strncmp(pEntry->fileName, zpath, zipDirLen) != 0) {
897#if SORT_ENTRIES
898 if (seenMatch) {
899 /* Since the entries are sorted, we can give up
900 * on the first mismatch after the first match.
901 */
902 break;
903 }
904#endif
905 continue;
906 }
907 /* This entry begins with zipDir, so we'll extract it.
908 */
909 seenMatch = true;
910
911 /* Find the target location of the entry.
912 */
913 const char *targetFile = targetEntryPath(&helper, pEntry);
914 if (targetFile == NULL) {
915 LOGE("Can't assemble target path for \"%.*s\"\n",
916 pEntry->fileNameLen, pEntry->fileName);
917 ok = false;
918 break;
919 }
920
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800921#define UNZIP_DIRMODE 0755
922#define UNZIP_FILEMODE 0644
Narayan Kamath9c0f5d62015-02-23 14:09:31 +0000923 /*
924 * Create the file or directory. We ignore directory entries
925 * because we recursively create paths to each file entry we encounter
926 * in the zip archive anyway.
927 *
928 * NOTE: A "directory entry" in a zip archive is just a zero length
929 * entry that ends in a "/". They're not mandatory and many tools get
930 * rid of them. We need to process them only if we want to preserve
931 * empty directories from the archive.
932 */
933 if (pEntry->fileName[pEntry->fileNameLen-1] != '/') {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800934 /* This is not a directory. First, make sure that
935 * the containing directory exists.
936 */
937 int ret = dirCreateHierarchy(
Stephen Smalley779701d2012-02-09 14:13:23 -0500938 targetFile, UNZIP_DIRMODE, timestamp, true, sehnd);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800939 if (ret != 0) {
940 LOGE("Can't create containing directory for \"%s\": %s\n",
941 targetFile, strerror(errno));
942 ok = false;
943 break;
944 }
945
Narayan Kamath9c0f5d62015-02-23 14:09:31 +0000946 /*
947 * The entry is a regular file or a symlink. Open the target for writing.
948 *
949 * TODO: This behavior for symlinks seems rather bizarre. For a
950 * symlink foo/bar/baz -> foo/tar/taz, we will create a file called
951 * "foo/bar/baz" whose contents are the literal "foo/tar/taz". We
952 * warn about this for now and preserve older behavior.
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800953 */
Narayan Kamath9c0f5d62015-02-23 14:09:31 +0000954 if (mzIsZipEntrySymlink(pEntry)) {
955 LOGE("Symlink entry \"%.*s\" will be output as a regular file.",
956 pEntry->fileNameLen, pEntry->fileName);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800957 }
Narayan Kamath9c0f5d62015-02-23 14:09:31 +0000958
959 char *secontext = NULL;
960
961 if (sehnd) {
962 selabel_lookup(sehnd, &secontext, targetFile, UNZIP_FILEMODE);
963 setfscreatecon(secontext);
964 }
965
966 int fd = open(targetFile, O_CREAT|O_WRONLY|O_TRUNC|O_SYNC,
967 UNZIP_FILEMODE);
968
969 if (secontext) {
970 freecon(secontext);
971 setfscreatecon(NULL);
972 }
973
974 if (fd < 0) {
975 LOGE("Can't create target file \"%s\": %s\n",
976 targetFile, strerror(errno));
977 ok = false;
978 break;
979 }
980
981 bool ok = mzExtractZipEntryToFile(pArchive, pEntry, fd);
982 if (ok) {
983 ok = (fsync(fd) == 0);
984 }
985 if (close(fd) != 0) {
986 ok = false;
987 }
988 if (!ok) {
989 LOGE("Error extracting \"%s\"\n", targetFile);
990 ok = false;
991 break;
992 }
993
994 if (timestamp != NULL && utime(targetFile, timestamp)) {
995 LOGE("Error touching \"%s\"\n", targetFile);
996 ok = false;
997 break;
998 }
999
1000 LOGV("Extracted file \"%s\"\n", targetFile);
1001 ++extractCount;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -08001002 }
1003
1004 if (callback != NULL) callback(targetFile, cookie);
1005 }
1006
Tao Baodd4d9812015-07-15 14:13:06 -07001007 LOGV("Extracted %d file(s)\n", extractCount);
Doug Zongkerbf80f492012-10-19 12:24:26 -07001008
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -08001009 free(helper.buf);
1010 free(zpath);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -08001011
1012 return ok;
1013}