1 /* 2 * Copyright (C) 2009 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 // See imgdiff.c in this directory for a description of the patch file 18 // format. 19 20 #include <stdio.h> 21 #include <sys/cdefs.h> 22 #include <sys/stat.h> 23 #include <errno.h> 24 #include <malloc.h> 25 #include <unistd.h> 26 #include <string.h> 27 28 #include "zlib.h" 29 #include "mincrypt/sha.h" 30 #include "applypatch.h" 31 #include "imgdiff.h" 32 #include "utils.h" 33 34 /* 35 * Apply the patch given in 'patch_filename' to the source data given 36 * by (old_data, old_size). Write the patched output to the 'output' 37 * file, and update the SHA context with the output data as well. 38 * Return 0 on success. 39 */ 40 int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size __unused, 41 const Value* patch, 42 SinkFn sink, void* token, SHA_CTX* ctx, 43 const Value* bonus_data) { 44 ssize_t pos = 12; 45 char* header = patch->data; 46 if (patch->size < 12) { 47 printf("patch too short to contain header\n"); 48 return -1; 49 } 50 51 // IMGDIFF2 uses CHUNK_NORMAL, CHUNK_DEFLATE, and CHUNK_RAW. 52 // (IMGDIFF1, which is no longer supported, used CHUNK_NORMAL and 53 // CHUNK_GZIP.) 54 if (memcmp(header, "IMGDIFF2", 8) != 0) { 55 printf("corrupt patch file header (magic number)\n"); 56 return -1; 57 } 58 59 int num_chunks = Read4(header+8); 60 61 int i; 62 for (i = 0; i < num_chunks; ++i) { 63 // each chunk's header record starts with 4 bytes. 64 if (pos + 4 > patch->size) { 65 printf("failed to read chunk %d record\n", i); 66 return -1; 67 } 68 int type = Read4(patch->data + pos); 69 pos += 4; 70 71 if (type == CHUNK_NORMAL) { 72 char* normal_header = patch->data + pos; 73 pos += 24; 74 if (pos > patch->size) { 75 printf("failed to read chunk %d normal header data\n", i); 76 return -1; 77 } 78 79 size_t src_start = Read8(normal_header); 80 size_t src_len = Read8(normal_header+8); 81 size_t patch_offset = Read8(normal_header+16); 82 83 ApplyBSDiffPatch(old_data + src_start, src_len, 84 patch, patch_offset, sink, token, ctx); 85 } else if (type == CHUNK_RAW) { 86 char* raw_header = patch->data + pos; 87 pos += 4; 88 if (pos > patch->size) { 89 printf("failed to read chunk %d raw header data\n", i); 90 return -1; 91 } 92 93 ssize_t data_len = Read4(raw_header); 94 95 if (pos + data_len > patch->size) { 96 printf("failed to read chunk %d raw data\n", i); 97 return -1; 98 } 99 if (ctx) SHA_update(ctx, patch->data + pos, data_len); 100 if (sink((unsigned char*)patch->data + pos, 101 data_len, token) != data_len) { 102 printf("failed to write chunk %d raw data\n", i); 103 return -1; 104 } 105 pos += data_len; 106 } else if (type == CHUNK_DEFLATE) { 107 // deflate chunks have an additional 60 bytes in their chunk header. 108 char* deflate_header = patch->data + pos; 109 pos += 60; 110 if (pos > patch->size) { 111 printf("failed to read chunk %d deflate header data\n", i); 112 return -1; 113 } 114 115 size_t src_start = Read8(deflate_header); 116 size_t src_len = Read8(deflate_header+8); 117 size_t patch_offset = Read8(deflate_header+16); 118 size_t expanded_len = Read8(deflate_header+24); 119 size_t target_len = Read8(deflate_header+32); 120 int level = Read4(deflate_header+40); 121 int method = Read4(deflate_header+44); 122 int windowBits = Read4(deflate_header+48); 123 int memLevel = Read4(deflate_header+52); 124 int strategy = Read4(deflate_header+56); 125 126 // Decompress the source data; the chunk header tells us exactly 127 // how big we expect it to be when decompressed. 128 129 // Note: expanded_len will include the bonus data size if 130 // the patch was constructed with bonus data. The 131 // deflation will come up 'bonus_size' bytes short; these 132 // must be appended from the bonus_data value. 133 size_t bonus_size = (i == 1 && bonus_data != NULL) ? bonus_data->size : 0; 134 135 unsigned char* expanded_source = malloc(expanded_len); 136 if (expanded_source == NULL) { 137 printf("failed to allocate %zu bytes for expanded_source\n", 138 expanded_len); 139 return -1; 140 } 141 142 z_stream strm; 143 strm.zalloc = Z_NULL; 144 strm.zfree = Z_NULL; 145 strm.opaque = Z_NULL; 146 strm.avail_in = src_len; 147 strm.next_in = (unsigned char*)(old_data + src_start); 148 strm.avail_out = expanded_len; 149 strm.next_out = expanded_source; 150 151 int ret; 152 ret = inflateInit2(&strm, -15); 153 if (ret != Z_OK) { 154 printf("failed to init source inflation: %d\n", ret); 155 return -1; 156 } 157 158 // Because we've provided enough room to accommodate the output 159 // data, we expect one call to inflate() to suffice. 160 ret = inflate(&strm, Z_SYNC_FLUSH); 161 if (ret != Z_STREAM_END) { 162 printf("source inflation returned %d\n", ret); 163 return -1; 164 } 165 // We should have filled the output buffer exactly, except 166 // for the bonus_size. 167 if (strm.avail_out != bonus_size) { 168 printf("source inflation short by %zu bytes\n", strm.avail_out-bonus_size); 169 return -1; 170 } 171 inflateEnd(&strm); 172 173 if (bonus_size) { 174 memcpy(expanded_source + (expanded_len - bonus_size), 175 bonus_data->data, bonus_size); 176 } 177 178 // Next, apply the bsdiff patch (in memory) to the uncompressed 179 // data. 180 unsigned char* uncompressed_target_data; 181 ssize_t uncompressed_target_size; 182 if (ApplyBSDiffPatchMem(expanded_source, expanded_len, 183 patch, patch_offset, 184 &uncompressed_target_data, 185 &uncompressed_target_size) != 0) { 186 return -1; 187 } 188 189 // Now compress the target data and append it to the output. 190 191 // we're done with the expanded_source data buffer, so we'll 192 // reuse that memory to receive the output of deflate. 193 unsigned char* temp_data = expanded_source; 194 ssize_t temp_size = expanded_len; 195 if (temp_size < 32768) { 196 // ... unless the buffer is too small, in which case we'll 197 // allocate a fresh one. 198 free(temp_data); 199 temp_data = malloc(32768); 200 temp_size = 32768; 201 } 202 203 // now the deflate stream 204 strm.zalloc = Z_NULL; 205 strm.zfree = Z_NULL; 206 strm.opaque = Z_NULL; 207 strm.avail_in = uncompressed_target_size; 208 strm.next_in = uncompressed_target_data; 209 ret = deflateInit2(&strm, level, method, windowBits, memLevel, strategy); 210 do { 211 strm.avail_out = temp_size; 212 strm.next_out = temp_data; 213 ret = deflate(&strm, Z_FINISH); 214 ssize_t have = temp_size - strm.avail_out; 215 216 if (sink(temp_data, have, token) != have) { 217 printf("failed to write %ld compressed bytes to output\n", 218 (long)have); 219 return -1; 220 } 221 if (ctx) SHA_update(ctx, temp_data, have); 222 } while (ret != Z_STREAM_END); 223 deflateEnd(&strm); 224 225 free(temp_data); 226 free(uncompressed_target_data); 227 } else { 228 printf("patch chunk %d is unknown type %d\n", i, type); 229 return -1; 230 } 231 } 232 233 return 0; 234 } 235