blob: a64c833f95780ae6a403cf4ecb9668001f0c6975 [file] [log] [blame]
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -08001/*
2 * Copyright 2006 The Android Open Source Project
3 *
4 * Simple Zip file support.
5 */
6#include "safe_iop.h"
7#include "zlib.h"
8
9#include <errno.h>
10#include <fcntl.h>
11#include <limits.h>
12#include <stdint.h> // for uintptr_t
13#include <stdlib.h>
14#include <sys/stat.h> // for S_ISLNK()
15#include <unistd.h>
16
17#define LOG_TAG "minzip"
18#include "Zip.h"
19#include "Bits.h"
20#include "Log.h"
21#include "DirUtil.h"
22
23#undef NDEBUG // do this after including Log.h
24#include <assert.h>
25
26#define SORT_ENTRIES 1
27
28/*
29 * Offset and length constants (java.util.zip naming convention).
30 */
31enum {
32 CENSIG = 0x02014b50, // PK12
33 CENHDR = 46,
34
35 CENVEM = 4,
36 CENVER = 6,
37 CENFLG = 8,
38 CENHOW = 10,
39 CENTIM = 12,
40 CENCRC = 16,
41 CENSIZ = 20,
42 CENLEN = 24,
43 CENNAM = 28,
Doug Zongker596271f2009-04-29 16:52:04 -070044 CENEXT = 30,
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080045 CENCOM = 32,
46 CENDSK = 34,
47 CENATT = 36,
48 CENATX = 38,
49 CENOFF = 42,
50
51 ENDSIG = 0x06054b50, // PK56
52 ENDHDR = 22,
53
54 ENDSUB = 8,
55 ENDTOT = 10,
56 ENDSIZ = 12,
57 ENDOFF = 16,
58 ENDCOM = 20,
59
60 EXTSIG = 0x08074b50, // PK78
61 EXTHDR = 16,
62
63 EXTCRC = 4,
64 EXTSIZ = 8,
65 EXTLEN = 12,
66
67 LOCSIG = 0x04034b50, // PK34
68 LOCHDR = 30,
Doug Zongker596271f2009-04-29 16:52:04 -070069
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080070 LOCVER = 4,
71 LOCFLG = 6,
72 LOCHOW = 8,
73 LOCTIM = 10,
74 LOCCRC = 14,
Doug Zongker596271f2009-04-29 16:52:04 -070075 LOCSIZ = 18,
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -080076 LOCLEN = 22,
77 LOCNAM = 26,
78 LOCEXT = 28,
79
80 STORED = 0,
81 DEFLATED = 8,
82
83 CENVEM_UNIX = 3 << 8, // the high byte of CENVEM
84};
85
86
87/*
88 * For debugging, dump the contents of a ZipEntry.
89 */
90#if 0
91static void dumpEntry(const ZipEntry* pEntry)
92{
93 LOGI(" %p '%.*s'\n", pEntry->fileName,pEntry->fileNameLen,pEntry->fileName);
94 LOGI(" off=%ld comp=%ld uncomp=%ld how=%d\n", pEntry->offset,
95 pEntry->compLen, pEntry->uncompLen, pEntry->compression);
96}
97#endif
98
99/*
100 * (This is a mzHashTableLookup callback.)
101 *
102 * Compare two ZipEntry structs, by name.
103 */
104static int hashcmpZipEntry(const void* ventry1, const void* ventry2)
105{
106 const ZipEntry* entry1 = (const ZipEntry*) ventry1;
107 const ZipEntry* entry2 = (const ZipEntry*) ventry2;
108
109 if (entry1->fileNameLen != entry2->fileNameLen)
110 return entry1->fileNameLen - entry2->fileNameLen;
111 return memcmp(entry1->fileName, entry2->fileName, entry1->fileNameLen);
112}
113
114/*
115 * (This is a mzHashTableLookup callback.)
116 *
117 * find a ZipEntry struct by name.
118 */
119static int hashcmpZipName(const void* ventry, const void* vname)
120{
121 const ZipEntry* entry = (const ZipEntry*) ventry;
122 const char* name = (const char*) vname;
123 unsigned int nameLen = strlen(name);
124
125 if (entry->fileNameLen != nameLen)
126 return entry->fileNameLen - nameLen;
127 return memcmp(entry->fileName, name, nameLen);
128}
129
130/*
131 * Compute the hash code for a ZipEntry filename.
132 *
133 * Not expected to be compatible with any other hash function, so we init
134 * to 2 to ensure it doesn't happen to match.
135 */
136static unsigned int computeHash(const char* name, int nameLen)
137{
138 unsigned int hash = 2;
139
140 while (nameLen--)
141 hash = hash * 31 + *name++;
142
143 return hash;
144}
145
146static void addEntryToHashTable(HashTable* pHash, ZipEntry* pEntry)
147{
148 unsigned int itemHash = computeHash(pEntry->fileName, pEntry->fileNameLen);
149 const ZipEntry* found;
150
151 found = (const ZipEntry*)mzHashTableLookup(pHash,
152 itemHash, pEntry, hashcmpZipEntry, true);
153 if (found != pEntry) {
154 LOGW("WARNING: duplicate entry '%.*s' in Zip\n",
155 found->fileNameLen, found->fileName);
156 /* keep going */
157 }
158}
159
160static int validFilename(const char *fileName, unsigned int fileNameLen)
161{
162 // Forbid super long filenames.
163 if (fileNameLen >= PATH_MAX) {
164 LOGW("Filename too long (%d chatacters)\n", fileNameLen);
165 return 0;
166 }
167
168 // Require all characters to be printable ASCII (no NUL, no UTF-8, etc).
169 unsigned int i;
170 for (i = 0; i < fileNameLen; ++i) {
171 if (fileName[i] < 32 || fileName[i] >= 127) {
172 LOGW("Filename contains invalid character '\%03o'\n", fileName[i]);
173 return 0;
174 }
175 }
176
177 return 1;
178}
179
180/*
181 * Parse the contents of a Zip archive. After confirming that the file
182 * is in fact a Zip, we scan out the contents of the central directory and
183 * store it in a hash table.
184 *
185 * Returns "true" on success.
186 */
Doug Zongker99916f02014-01-13 14:16:58 -0800187static bool parseZipArchive(ZipArchive* pArchive)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800188{
189 bool result = false;
190 const unsigned char* ptr;
191 unsigned int i, numEntries, cdOffset;
192 unsigned int val;
193
194 /*
195 * The first 4 bytes of the file will either be the local header
196 * signature for the first file (LOCSIG) or, if the archive doesn't
197 * have any files in it, the end-of-central-directory signature (ENDSIG).
198 */
Doug Zongker99916f02014-01-13 14:16:58 -0800199 val = get4LE(pArchive->addr);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800200 if (val == ENDSIG) {
201 LOGI("Found Zip archive, but it looks empty\n");
202 goto bail;
203 } else if (val != LOCSIG) {
204 LOGV("Not a Zip archive (found 0x%08x)\n", val);
205 goto bail;
206 }
207
208 /*
209 * Find the EOCD. We'll find it immediately unless they have a file
210 * comment.
211 */
Doug Zongker99916f02014-01-13 14:16:58 -0800212 ptr = pArchive->addr + pArchive->length - ENDHDR;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800213
Doug Zongker99916f02014-01-13 14:16:58 -0800214 while (ptr >= (const unsigned char*) pArchive->addr) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800215 if (*ptr == (ENDSIG & 0xff) && get4LE(ptr) == ENDSIG)
216 break;
217 ptr--;
218 }
Doug Zongker99916f02014-01-13 14:16:58 -0800219 if (ptr < (const unsigned char*) pArchive->addr) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800220 LOGI("Could not find end-of-central-directory in Zip\n");
221 goto bail;
222 }
223
224 /*
225 * There are two interesting items in the EOCD block: the number of
226 * entries in the file, and the file offset of the start of the
227 * central directory.
228 */
229 numEntries = get2LE(ptr + ENDSUB);
230 cdOffset = get4LE(ptr + ENDOFF);
231
232 LOGVV("numEntries=%d cdOffset=%d\n", numEntries, cdOffset);
Doug Zongker99916f02014-01-13 14:16:58 -0800233 if (numEntries == 0 || cdOffset >= pArchive->length) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800234 LOGW("Invalid entries=%d offset=%d (len=%zd)\n",
Doug Zongker99916f02014-01-13 14:16:58 -0800235 numEntries, cdOffset, pArchive->length);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800236 goto bail;
237 }
238
239 /*
240 * Create data structures to hold entries.
241 */
242 pArchive->numEntries = numEntries;
243 pArchive->pEntries = (ZipEntry*) calloc(numEntries, sizeof(ZipEntry));
244 pArchive->pHash = mzHashTableCreate(mzHashSize(numEntries), NULL);
245 if (pArchive->pEntries == NULL || pArchive->pHash == NULL)
246 goto bail;
247
Doug Zongker99916f02014-01-13 14:16:58 -0800248 ptr = pArchive->addr + cdOffset;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800249 for (i = 0; i < numEntries; i++) {
250 ZipEntry* pEntry;
251 unsigned int fileNameLen, extraLen, commentLen, localHdrOffset;
252 const unsigned char* localHdr;
253 const char *fileName;
254
Doug Zongker99916f02014-01-13 14:16:58 -0800255 if (ptr + CENHDR > (const unsigned char*)pArchive->addr + pArchive->length) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800256 LOGW("Ran off the end (at %d)\n", i);
257 goto bail;
258 }
259 if (get4LE(ptr) != CENSIG) {
260 LOGW("Missed a central dir sig (at %d)\n", i);
261 goto bail;
262 }
263
264 localHdrOffset = get4LE(ptr + CENOFF);
265 fileNameLen = get2LE(ptr + CENNAM);
266 extraLen = get2LE(ptr + CENEXT);
267 commentLen = get2LE(ptr + CENCOM);
268 fileName = (const char*)ptr + CENHDR;
Doug Zongker99916f02014-01-13 14:16:58 -0800269 if (fileName + fileNameLen > (const char*)pArchive->addr + pArchive->length) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800270 LOGW("Filename ran off the end (at %d)\n", i);
271 goto bail;
272 }
273 if (!validFilename(fileName, fileNameLen)) {
274 LOGW("Invalid filename (at %d)\n", i);
275 goto bail;
276 }
277
278#if SORT_ENTRIES
279 /* Figure out where this entry should go (binary search).
280 */
281 if (i > 0) {
282 int low, high;
283
284 low = 0;
285 high = i - 1;
286 while (low <= high) {
287 int mid;
288 int diff;
289 int diffLen;
290
291 mid = low + ((high - low) / 2); // avoid overflow
292
293 if (pArchive->pEntries[mid].fileNameLen < fileNameLen) {
294 diffLen = pArchive->pEntries[mid].fileNameLen;
295 } else {
296 diffLen = fileNameLen;
297 }
298 diff = strncmp(pArchive->pEntries[mid].fileName, fileName,
299 diffLen);
300 if (diff == 0) {
301 diff = pArchive->pEntries[mid].fileNameLen - fileNameLen;
302 }
303 if (diff < 0) {
304 low = mid + 1;
305 } else if (diff > 0) {
306 high = mid - 1;
307 } else {
308 high = mid;
309 break;
310 }
311 }
312
313 unsigned int target = high + 1;
314 assert(target <= i);
315 if (target != i) {
316 /* It belongs somewhere other than at the end of
317 * the list. Make some room at [target].
318 */
319 memmove(pArchive->pEntries + target + 1,
320 pArchive->pEntries + target,
321 (i - target) * sizeof(ZipEntry));
322 }
323 pEntry = &pArchive->pEntries[target];
324 } else {
325 pEntry = &pArchive->pEntries[0];
326 }
327#else
328 pEntry = &pArchive->pEntries[i];
329#endif
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800330 pEntry->fileNameLen = fileNameLen;
331 pEntry->fileName = fileName;
332
333 pEntry->compLen = get4LE(ptr + CENSIZ);
334 pEntry->uncompLen = get4LE(ptr + CENLEN);
335 pEntry->compression = get2LE(ptr + CENHOW);
336 pEntry->modTime = get4LE(ptr + CENTIM);
337 pEntry->crc32 = get4LE(ptr + CENCRC);
338
339 /* These two are necessary for finding the mode of the file.
340 */
341 pEntry->versionMadeBy = get2LE(ptr + CENVEM);
342 if ((pEntry->versionMadeBy & 0xff00) != 0 &&
343 (pEntry->versionMadeBy & 0xff00) != CENVEM_UNIX)
344 {
345 LOGW("Incompatible \"version made by\": 0x%02x (at %d)\n",
346 pEntry->versionMadeBy >> 8, i);
347 goto bail;
348 }
349 pEntry->externalFileAttributes = get4LE(ptr + CENATX);
350
Doug Zongker99916f02014-01-13 14:16:58 -0800351 // Perform pArchive->addr + localHdrOffset, ensuring that it won't
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800352 // overflow. This is needed because localHdrOffset is untrusted.
Doug Zongker99916f02014-01-13 14:16:58 -0800353 if (!safe_add((uintptr_t *)&localHdr, (uintptr_t)pArchive->addr,
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800354 (uintptr_t)localHdrOffset)) {
355 LOGW("Integer overflow adding in parseZipArchive\n");
356 goto bail;
357 }
358 if ((uintptr_t)localHdr + LOCHDR >
Doug Zongker99916f02014-01-13 14:16:58 -0800359 (uintptr_t)pArchive->addr + pArchive->length) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800360 LOGW("Bad offset to local header: %d (at %d)\n", localHdrOffset, i);
361 goto bail;
362 }
363 if (get4LE(localHdr) != LOCSIG) {
364 LOGW("Missed a local header sig (at %d)\n", i);
365 goto bail;
366 }
367 pEntry->offset = localHdrOffset + LOCHDR
368 + get2LE(localHdr + LOCNAM) + get2LE(localHdr + LOCEXT);
369 if (!safe_add(NULL, pEntry->offset, pEntry->compLen)) {
370 LOGW("Integer overflow adding in parseZipArchive\n");
371 goto bail;
372 }
Doug Zongker99916f02014-01-13 14:16:58 -0800373 if ((size_t)pEntry->offset + pEntry->compLen > pArchive->length) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800374 LOGW("Data ran off the end (at %d)\n", i);
375 goto bail;
376 }
377
378#if !SORT_ENTRIES
379 /* Add to hash table; no need to lock here.
380 * Can't do this now if we're sorting, because entries
381 * will move around.
382 */
383 addEntryToHashTable(pArchive->pHash, pEntry);
384#endif
385
386 //dumpEntry(pEntry);
387 ptr += CENHDR + fileNameLen + extraLen + commentLen;
388 }
389
390#if SORT_ENTRIES
391 /* If we're sorting, we have to wait until all entries
392 * are in their final places, otherwise the pointers will
393 * probably point to the wrong things.
394 */
395 for (i = 0; i < numEntries; i++) {
396 /* Add to hash table; no need to lock here.
397 */
398 addEntryToHashTable(pArchive->pHash, &pArchive->pEntries[i]);
399 }
400#endif
401
402 result = true;
403
404bail:
405 if (!result) {
406 mzHashTableFree(pArchive->pHash);
407 pArchive->pHash = NULL;
408 }
409 return result;
410}
411
412/*
413 * Open a Zip archive and scan out the contents.
414 *
415 * The easiest way to do this is to mmap() the whole thing and do the
416 * traditional backward scan for central directory. Since the EOCD is
417 * a relatively small bit at the end, we should end up only touching a
418 * small set of pages.
419 *
420 * This will be called on non-Zip files, especially during startup, so
421 * we don't want to be too noisy about failures. (Do we want a "quiet"
422 * flag?)
423 *
424 * On success, we fill out the contents of "pArchive".
425 */
Doug Zongker99916f02014-01-13 14:16:58 -0800426int mzOpenZipArchive(unsigned char* addr, size_t length, ZipArchive* pArchive)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800427{
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800428 int err;
429
Doug Zongker99916f02014-01-13 14:16:58 -0800430 if (length < ENDHDR) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800431 err = -1;
432 LOGV("File '%s' too small to be zip (%zd)\n", fileName, map.length);
433 goto bail;
434 }
435
Doug Zongker99916f02014-01-13 14:16:58 -0800436 pArchive->addr = addr;
437 pArchive->length = length;
438
439 if (!parseZipArchive(pArchive)) {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800440 err = -1;
441 LOGV("Parsing '%s' failed\n", fileName);
442 goto bail;
443 }
444
445 err = 0;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800446
447bail:
448 if (err != 0)
449 mzCloseZipArchive(pArchive);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800450 return err;
451}
452
453/*
454 * Close a ZipArchive, closing the file and freeing the contents.
455 *
456 * NOTE: the ZipArchive may not have been fully created.
457 */
458void mzCloseZipArchive(ZipArchive* pArchive)
459{
460 LOGV("Closing archive %p\n", pArchive);
461
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800462 free(pArchive->pEntries);
463
464 mzHashTableFree(pArchive->pHash);
465
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800466 pArchive->pHash = NULL;
467 pArchive->pEntries = NULL;
468}
469
470/*
471 * Find a matching entry.
472 *
473 * Returns NULL if no matching entry found.
474 */
475const ZipEntry* mzFindZipEntry(const ZipArchive* pArchive,
476 const char* entryName)
477{
478 unsigned int itemHash = computeHash(entryName, strlen(entryName));
479
480 return (const ZipEntry*)mzHashTableLookup(pArchive->pHash,
481 itemHash, (char*) entryName, hashcmpZipName, false);
482}
483
484/*
485 * Return true if the entry is a symbolic link.
486 */
Narayan Kamath3e700cf2015-02-23 13:29:16 +0000487static bool mzIsZipEntrySymlink(const ZipEntry* pEntry)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800488{
489 if ((pEntry->versionMadeBy & 0xff00) == CENVEM_UNIX) {
490 return S_ISLNK(pEntry->externalFileAttributes >> 16);
491 }
492 return false;
493}
494
495/* Call processFunction on the uncompressed data of a STORED entry.
496 */
497static bool processStoredEntry(const ZipArchive *pArchive,
498 const ZipEntry *pEntry, ProcessZipEntryContentsFunction processFunction,
499 void *cookie)
500{
Doug Zongker99916f02014-01-13 14:16:58 -0800501 return processFunction(pArchive->addr + pEntry->offset, pEntry->uncompLen, cookie);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800502}
503
504static bool processDeflatedEntry(const ZipArchive *pArchive,
505 const ZipEntry *pEntry, ProcessZipEntryContentsFunction processFunction,
506 void *cookie)
507{
508 long result = -1;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800509 unsigned char procBuf[32 * 1024];
510 z_stream zstream;
511 int zerr;
512 long compRemaining;
513
514 compRemaining = pEntry->compLen;
515
516 /*
517 * Initialize the zlib stream.
518 */
519 memset(&zstream, 0, sizeof(zstream));
520 zstream.zalloc = Z_NULL;
521 zstream.zfree = Z_NULL;
522 zstream.opaque = Z_NULL;
Doug Zongker99916f02014-01-13 14:16:58 -0800523 zstream.next_in = pArchive->addr + pEntry->offset;
524 zstream.avail_in = pEntry->compLen;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800525 zstream.next_out = (Bytef*) procBuf;
526 zstream.avail_out = sizeof(procBuf);
527 zstream.data_type = Z_UNKNOWN;
528
529 /*
530 * Use the undocumented "negative window bits" feature to tell zlib
531 * that there's no zlib header waiting for it.
532 */
533 zerr = inflateInit2(&zstream, -MAX_WBITS);
534 if (zerr != Z_OK) {
535 if (zerr == Z_VERSION_ERROR) {
536 LOGE("Installed zlib is not compatible with linked version (%s)\n",
537 ZLIB_VERSION);
538 } else {
539 LOGE("Call to inflateInit2 failed (zerr=%d)\n", zerr);
540 }
541 goto bail;
542 }
543
544 /*
545 * Loop while we have data.
546 */
547 do {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800548 /* uncompress the data */
549 zerr = inflate(&zstream, Z_NO_FLUSH);
550 if (zerr != Z_OK && zerr != Z_STREAM_END) {
551 LOGD("zlib inflate call failed (zerr=%d)\n", zerr);
552 goto z_bail;
553 }
554
555 /* write when we're full or when we're done */
556 if (zstream.avail_out == 0 ||
557 (zerr == Z_STREAM_END && zstream.avail_out != sizeof(procBuf)))
558 {
559 long procSize = zstream.next_out - procBuf;
560 LOGVV("+++ processing %d bytes\n", (int) procSize);
561 bool ret = processFunction(procBuf, procSize, cookie);
562 if (!ret) {
563 LOGW("Process function elected to fail (in inflate)\n");
564 goto z_bail;
565 }
566
567 zstream.next_out = procBuf;
568 zstream.avail_out = sizeof(procBuf);
569 }
570 } while (zerr == Z_OK);
571
572 assert(zerr == Z_STREAM_END); /* other errors should've been caught */
573
574 // success!
575 result = zstream.total_out;
576
577z_bail:
578 inflateEnd(&zstream); /* free up any allocated structures */
579
580bail:
581 if (result != pEntry->uncompLen) {
582 if (result != -1) // error already shown?
583 LOGW("Size mismatch on inflated file (%ld vs %ld)\n",
584 result, pEntry->uncompLen);
585 return false;
586 }
587 return true;
588}
589
590/*
591 * Stream the uncompressed data through the supplied function,
592 * passing cookie to it each time it gets called. processFunction
593 * may be called more than once.
594 *
595 * If processFunction returns false, the operation is abandoned and
596 * mzProcessZipEntryContents() immediately returns false.
597 *
598 * This is useful for calculating the hash of an entry's uncompressed contents.
599 */
600bool mzProcessZipEntryContents(const ZipArchive *pArchive,
601 const ZipEntry *pEntry, ProcessZipEntryContentsFunction processFunction,
602 void *cookie)
603{
604 bool ret = false;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800605
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800606 switch (pEntry->compression) {
607 case STORED:
608 ret = processStoredEntry(pArchive, pEntry, processFunction, cookie);
609 break;
610 case DEFLATED:
611 ret = processDeflatedEntry(pArchive, pEntry, processFunction, cookie);
612 break;
613 default:
614 LOGE("Unsupported compression type %d for entry '%s'\n",
615 pEntry->compression, pEntry->fileName);
616 break;
617 }
618
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800619 return ret;
620}
621
622static bool crcProcessFunction(const unsigned char *data, int dataLen,
623 void *crc)
624{
625 *(unsigned long *)crc = crc32(*(unsigned long *)crc, data, dataLen);
626 return true;
627}
628
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800629typedef struct {
630 char *buf;
631 int bufLen;
632} CopyProcessArgs;
633
634static bool copyProcessFunction(const unsigned char *data, int dataLen,
635 void *cookie)
636{
637 CopyProcessArgs *args = (CopyProcessArgs *)cookie;
638 if (dataLen <= args->bufLen) {
639 memcpy(args->buf, data, dataLen);
640 args->buf += dataLen;
641 args->bufLen -= dataLen;
642 return true;
643 }
644 return false;
645}
646
647/*
648 * Read an entry into a buffer allocated by the caller.
649 */
650bool mzReadZipEntry(const ZipArchive* pArchive, const ZipEntry* pEntry,
651 char *buf, int bufLen)
652{
653 CopyProcessArgs args;
654 bool ret;
Doug Zongker596271f2009-04-29 16:52:04 -0700655
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800656 args.buf = buf;
657 args.bufLen = bufLen;
658 ret = mzProcessZipEntryContents(pArchive, pEntry, copyProcessFunction,
659 (void *)&args);
660 if (!ret) {
661 LOGE("Can't extract entry to buffer.\n");
662 return false;
663 }
664 return true;
665}
666
667static bool writeProcessFunction(const unsigned char *data, int dataLen,
Doug Zongker683c4622009-05-05 17:50:21 -0700668 void *cookie)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800669{
Colin Cross92cdf9c2014-02-05 17:30:31 -0800670 int fd = (int)(intptr_t)cookie;
Michael Rungef5d9f892014-05-06 16:54:42 -0700671 if (dataLen == 0) {
672 return true;
673 }
Doug Zongker596271f2009-04-29 16:52:04 -0700674 ssize_t soFar = 0;
Doug Zongker683c4622009-05-05 17:50:21 -0700675 while (true) {
Elliott Hughes7bad7c42015-04-28 17:24:24 -0700676 ssize_t n = TEMP_FAILURE_RETRY(write(fd, data+soFar, dataLen-soFar));
Doug Zongker683c4622009-05-05 17:50:21 -0700677 if (n <= 0) {
Doug Zongkera9300302014-02-10 12:35:19 -0800678 LOGE("Error writing %zd bytes from zip file from %p: %s\n",
Doug Zongker683c4622009-05-05 17:50:21 -0700679 dataLen-soFar, data+soFar, strerror(errno));
Elliott Hughes7bad7c42015-04-28 17:24:24 -0700680 return false;
Doug Zongker596271f2009-04-29 16:52:04 -0700681 } else if (n > 0) {
682 soFar += n;
683 if (soFar == dataLen) return true;
684 if (soFar > dataLen) {
Doug Zongkera9300302014-02-10 12:35:19 -0800685 LOGE("write overrun? (%zd bytes instead of %d)\n",
Doug Zongker596271f2009-04-29 16:52:04 -0700686 soFar, dataLen);
687 return false;
688 }
Doug Zongker596271f2009-04-29 16:52:04 -0700689 }
Doug Zongker683c4622009-05-05 17:50:21 -0700690 }
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800691}
692
693/*
694 * Uncompress "pEntry" in "pArchive" to "fd" at the current offset.
695 */
696bool mzExtractZipEntryToFile(const ZipArchive *pArchive,
Doug Zongker1c4ceae2009-05-08 09:43:28 -0700697 const ZipEntry *pEntry, int fd)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800698{
699 bool ret = mzProcessZipEntryContents(pArchive, pEntry, writeProcessFunction,
Colin Cross92cdf9c2014-02-05 17:30:31 -0800700 (void*)(intptr_t)fd);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800701 if (!ret) {
702 LOGE("Can't extract entry to file.\n");
703 return false;
704 }
705 return true;
706}
707
Doug Zongker6aece332010-02-01 14:40:12 -0800708typedef struct {
709 unsigned char* buffer;
710 long len;
711} BufferExtractCookie;
712
713static bool bufferProcessFunction(const unsigned char *data, int dataLen,
714 void *cookie) {
715 BufferExtractCookie *bec = (BufferExtractCookie*)cookie;
716
717 memmove(bec->buffer, data, dataLen);
718 bec->buffer += dataLen;
719 bec->len -= dataLen;
720
721 return true;
722}
723
724/*
725 * Uncompress "pEntry" in "pArchive" to buffer, which must be large
726 * enough to hold mzGetZipEntryUncomplen(pEntry) bytes.
727 */
728bool mzExtractZipEntryToBuffer(const ZipArchive *pArchive,
729 const ZipEntry *pEntry, unsigned char *buffer)
730{
731 BufferExtractCookie bec;
732 bec.buffer = buffer;
733 bec.len = mzGetZipEntryUncompLen(pEntry);
734
735 bool ret = mzProcessZipEntryContents(pArchive, pEntry,
736 bufferProcessFunction, (void*)&bec);
737 if (!ret || bec.len != 0) {
738 LOGE("Can't extract entry to memory buffer.\n");
739 return false;
740 }
741 return true;
742}
743
744
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800745/* Helper state to make path translation easier and less malloc-happy.
746 */
747typedef struct {
748 const char *targetDir;
749 const char *zipDir;
750 char *buf;
751 int targetDirLen;
752 int zipDirLen;
753 int bufLen;
754} MzPathHelper;
755
756/* Given the values of targetDir and zipDir in the helper,
757 * return the target filename of the provided entry.
758 * The helper must be initialized first.
759 */
760static const char *targetEntryPath(MzPathHelper *helper, ZipEntry *pEntry)
761{
762 int needLen;
763 bool firstTime = (helper->buf == NULL);
764
765 /* target file <-- targetDir + / + entry[zipDirLen:]
766 */
767 needLen = helper->targetDirLen + 1 +
768 pEntry->fileNameLen - helper->zipDirLen + 1;
769 if (needLen > helper->bufLen) {
770 char *newBuf;
771
772 needLen *= 2;
773 newBuf = (char *)realloc(helper->buf, needLen);
774 if (newBuf == NULL) {
775 return NULL;
776 }
777 helper->buf = newBuf;
778 helper->bufLen = needLen;
779 }
780
781 /* Every path will start with the target path and a slash.
782 */
783 if (firstTime) {
784 char *p = helper->buf;
785 memcpy(p, helper->targetDir, helper->targetDirLen);
786 p += helper->targetDirLen;
787 if (p == helper->buf || p[-1] != '/') {
788 helper->targetDirLen += 1;
789 *p++ = '/';
790 }
791 }
792
793 /* Replace the custom part of the path with the appropriate
794 * part of the entry's path.
795 */
796 char *epath = helper->buf + helper->targetDirLen;
797 memcpy(epath, pEntry->fileName + helper->zipDirLen,
798 pEntry->fileNameLen - helper->zipDirLen);
799 epath += pEntry->fileNameLen - helper->zipDirLen;
800 *epath = '\0';
801
802 return helper->buf;
803}
804
805/*
806 * Inflate all entries under zipDir to the directory specified by
807 * targetDir, which must exist and be a writable directory.
808 *
809 * The immediate children of zipDir will become the immediate
810 * children of targetDir; e.g., if the archive contains the entries
811 *
812 * a/b/c/one
813 * a/b/c/two
814 * a/b/c/d/three
815 *
816 * and mzExtractRecursive(a, "a/b/c", "/tmp") is called, the resulting
817 * files will be
818 *
819 * /tmp/one
820 * /tmp/two
821 * /tmp/d/three
822 *
823 * Returns true on success, false on failure.
824 */
825bool mzExtractRecursive(const ZipArchive *pArchive,
826 const char *zipDir, const char *targetDir,
Narayan Kamath9c0f5d62015-02-23 14:09:31 +0000827 const struct utimbuf *timestamp,
Stephen Smalley779701d2012-02-09 14:13:23 -0500828 void (*callback)(const char *fn, void *), void *cookie,
829 struct selabel_handle *sehnd)
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800830{
831 if (zipDir[0] == '/') {
832 LOGE("mzExtractRecursive(): zipDir must be a relative path.\n");
833 return false;
834 }
835 if (targetDir[0] != '/') {
836 LOGE("mzExtractRecursive(): targetDir must be an absolute path.\n");
837 return false;
838 }
839
840 unsigned int zipDirLen;
841 char *zpath;
842
843 zipDirLen = strlen(zipDir);
844 zpath = (char *)malloc(zipDirLen + 2);
845 if (zpath == NULL) {
846 LOGE("Can't allocate %d bytes for zip path\n", zipDirLen + 2);
847 return false;
848 }
849 /* If zipDir is empty, we'll extract the entire zip file.
850 * Otherwise, canonicalize the path.
851 */
852 if (zipDirLen > 0) {
853 /* Make sure there's (hopefully, exactly one) slash at the
854 * end of the path. This way we don't need to worry about
855 * accidentally extracting "one/twothree" when a path like
856 * "one/two" is specified.
857 */
858 memcpy(zpath, zipDir, zipDirLen);
859 if (zpath[zipDirLen-1] != '/') {
860 zpath[zipDirLen++] = '/';
861 }
862 }
863 zpath[zipDirLen] = '\0';
864
865 /* Set up the helper structure that we'll use to assemble paths.
866 */
867 MzPathHelper helper;
868 helper.targetDir = targetDir;
869 helper.targetDirLen = strlen(helper.targetDir);
870 helper.zipDir = zpath;
871 helper.zipDirLen = strlen(helper.zipDir);
872 helper.buf = NULL;
873 helper.bufLen = 0;
874
875 /* Walk through the entries and extract anything whose path begins
876 * with zpath.
Nanik Tolaram4e8e93b2015-02-08 22:31:14 +1100877 //TODO: since the entries are sorted, binary search for the first match
878 // and stop after the first non-match.
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800879 */
880 unsigned int i;
881 bool seenMatch = false;
882 int ok = true;
Doug Zongkerbf80f492012-10-19 12:24:26 -0700883 int extractCount = 0;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800884 for (i = 0; i < pArchive->numEntries; i++) {
885 ZipEntry *pEntry = pArchive->pEntries + i;
886 if (pEntry->fileNameLen < zipDirLen) {
Nanik Tolaram4e8e93b2015-02-08 22:31:14 +1100887 //TODO: look out for a single empty directory entry that matches zpath, but
888 // missing the trailing slash. Most zip files seem to include
889 // the trailing slash, but I think it's legal to leave it off.
890 // e.g., zpath "a/b/", entry "a/b", with no children of the entry.
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800891 /* No chance of matching.
892 */
893#if SORT_ENTRIES
894 if (seenMatch) {
895 /* Since the entries are sorted, we can give up
896 * on the first mismatch after the first match.
897 */
898 break;
899 }
900#endif
901 continue;
902 }
903 /* If zpath is empty, this strncmp() will match everything,
904 * which is what we want.
905 */
906 if (strncmp(pEntry->fileName, zpath, zipDirLen) != 0) {
907#if SORT_ENTRIES
908 if (seenMatch) {
909 /* Since the entries are sorted, we can give up
910 * on the first mismatch after the first match.
911 */
912 break;
913 }
914#endif
915 continue;
916 }
917 /* This entry begins with zipDir, so we'll extract it.
918 */
919 seenMatch = true;
920
921 /* Find the target location of the entry.
922 */
923 const char *targetFile = targetEntryPath(&helper, pEntry);
924 if (targetFile == NULL) {
925 LOGE("Can't assemble target path for \"%.*s\"\n",
926 pEntry->fileNameLen, pEntry->fileName);
927 ok = false;
928 break;
929 }
930
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800931#define UNZIP_DIRMODE 0755
932#define UNZIP_FILEMODE 0644
Narayan Kamath9c0f5d62015-02-23 14:09:31 +0000933 /*
934 * Create the file or directory. We ignore directory entries
935 * because we recursively create paths to each file entry we encounter
936 * in the zip archive anyway.
937 *
938 * NOTE: A "directory entry" in a zip archive is just a zero length
939 * entry that ends in a "/". They're not mandatory and many tools get
940 * rid of them. We need to process them only if we want to preserve
941 * empty directories from the archive.
942 */
943 if (pEntry->fileName[pEntry->fileNameLen-1] != '/') {
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800944 /* This is not a directory. First, make sure that
945 * the containing directory exists.
946 */
947 int ret = dirCreateHierarchy(
Stephen Smalley779701d2012-02-09 14:13:23 -0500948 targetFile, UNZIP_DIRMODE, timestamp, true, sehnd);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800949 if (ret != 0) {
950 LOGE("Can't create containing directory for \"%s\": %s\n",
951 targetFile, strerror(errno));
952 ok = false;
953 break;
954 }
955
Narayan Kamath9c0f5d62015-02-23 14:09:31 +0000956 /*
957 * The entry is a regular file or a symlink. Open the target for writing.
958 *
959 * TODO: This behavior for symlinks seems rather bizarre. For a
960 * symlink foo/bar/baz -> foo/tar/taz, we will create a file called
961 * "foo/bar/baz" whose contents are the literal "foo/tar/taz". We
962 * warn about this for now and preserve older behavior.
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800963 */
Narayan Kamath9c0f5d62015-02-23 14:09:31 +0000964 if (mzIsZipEntrySymlink(pEntry)) {
965 LOGE("Symlink entry \"%.*s\" will be output as a regular file.",
966 pEntry->fileNameLen, pEntry->fileName);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -0800967 }
Narayan Kamath9c0f5d62015-02-23 14:09:31 +0000968
969 char *secontext = NULL;
970
971 if (sehnd) {
972 selabel_lookup(sehnd, &secontext, targetFile, UNZIP_FILEMODE);
973 setfscreatecon(secontext);
974 }
975
976 int fd = open(targetFile, O_CREAT|O_WRONLY|O_TRUNC|O_SYNC,
977 UNZIP_FILEMODE);
978
979 if (secontext) {
980 freecon(secontext);
981 setfscreatecon(NULL);
982 }
983
984 if (fd < 0) {
985 LOGE("Can't create target file \"%s\": %s\n",
986 targetFile, strerror(errno));
987 ok = false;
988 break;
989 }
990
991 bool ok = mzExtractZipEntryToFile(pArchive, pEntry, fd);
992 if (ok) {
993 ok = (fsync(fd) == 0);
994 }
995 if (close(fd) != 0) {
996 ok = false;
997 }
998 if (!ok) {
999 LOGE("Error extracting \"%s\"\n", targetFile);
1000 ok = false;
1001 break;
1002 }
1003
1004 if (timestamp != NULL && utime(targetFile, timestamp)) {
1005 LOGE("Error touching \"%s\"\n", targetFile);
1006 ok = false;
1007 break;
1008 }
1009
1010 LOGV("Extracted file \"%s\"\n", targetFile);
1011 ++extractCount;
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -08001012 }
1013
1014 if (callback != NULL) callback(targetFile, cookie);
1015 }
1016
Doug Zongkerbf80f492012-10-19 12:24:26 -07001017 LOGD("Extracted %d file(s)\n", extractCount);
1018
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -08001019 free(helper.buf);
1020 free(zpath);
The Android Open Source Projectc24a8e62009-03-03 19:28:42 -08001021
1022 return ok;
1023}