Home | History | Annotate | Download | only in minzip
      1 /*
      2  * Copyright 2006 The Android Open Source Project
      3  *
      4  * Simple Zip file support.
      5  */
      6 #include "safe_iop.h"
      7 #include "zlib.h"
      8 
      9 #include <errno.h>
     10 #include <fcntl.h>
     11 #include <limits.h>
     12 #include <stdint.h>     // for uintptr_t
     13 #include <stdlib.h>
     14 #include <sys/stat.h>   // for S_ISLNK()
     15 #include <unistd.h>
     16 
     17 #define LOG_TAG "minzip"
     18 #include "Zip.h"
     19 #include "Bits.h"
     20 #include "Log.h"
     21 #include "DirUtil.h"
     22 
     23 #undef NDEBUG   // do this after including Log.h
     24 #include <assert.h>
     25 
     26 #define SORT_ENTRIES 1
     27 
     28 /*
     29  * Offset and length constants (java.util.zip naming convention).
     30  */
     31 enum {
     32     CENSIG = 0x02014b50,      // PK12
     33     CENHDR = 46,
     34 
     35     CENVEM =  4,
     36     CENVER =  6,
     37     CENFLG =  8,
     38     CENHOW = 10,
     39     CENTIM = 12,
     40     CENCRC = 16,
     41     CENSIZ = 20,
     42     CENLEN = 24,
     43     CENNAM = 28,
     44     CENEXT = 30,
     45     CENCOM = 32,
     46     CENDSK = 34,
     47     CENATT = 36,
     48     CENATX = 38,
     49     CENOFF = 42,
     50 
     51     ENDSIG = 0x06054b50,     // PK56
     52     ENDHDR = 22,
     53 
     54     ENDSUB =  8,
     55     ENDTOT = 10,
     56     ENDSIZ = 12,
     57     ENDOFF = 16,
     58     ENDCOM = 20,
     59 
     60     EXTSIG = 0x08074b50,     // PK78
     61     EXTHDR = 16,
     62 
     63     EXTCRC =  4,
     64     EXTSIZ =  8,
     65     EXTLEN = 12,
     66 
     67     LOCSIG = 0x04034b50,      // PK34
     68     LOCHDR = 30,
     69 
     70     LOCVER =  4,
     71     LOCFLG =  6,
     72     LOCHOW =  8,
     73     LOCTIM = 10,
     74     LOCCRC = 14,
     75     LOCSIZ = 18,
     76     LOCLEN = 22,
     77     LOCNAM = 26,
     78     LOCEXT = 28,
     79 
     80     STORED = 0,
     81     DEFLATED = 8,
     82 
     83     CENVEM_UNIX = 3 << 8,   // the high byte of CENVEM
     84 };
     85 
     86 
     87 /*
     88  * For debugging, dump the contents of a ZipEntry.
     89  */
     90 #if 0
     91 static void dumpEntry(const ZipEntry* pEntry)
     92 {
     93     LOGI(" %p '%.*s'\n", pEntry->fileName,pEntry->fileNameLen,pEntry->fileName);
     94     LOGI("   off=%ld comp=%ld uncomp=%ld how=%d\n", pEntry->offset,
     95         pEntry->compLen, pEntry->uncompLen, pEntry->compression);
     96 }
     97 #endif
     98 
     99 /*
    100  * (This is a mzHashTableLookup callback.)
    101  *
    102  * Compare two ZipEntry structs, by name.
    103  */
    104 static int hashcmpZipEntry(const void* ventry1, const void* ventry2)
    105 {
    106     const ZipEntry* entry1 = (const ZipEntry*) ventry1;
    107     const ZipEntry* entry2 = (const ZipEntry*) ventry2;
    108 
    109     if (entry1->fileNameLen != entry2->fileNameLen)
    110         return entry1->fileNameLen - entry2->fileNameLen;
    111     return memcmp(entry1->fileName, entry2->fileName, entry1->fileNameLen);
    112 }
    113 
    114 /*
    115  * (This is a mzHashTableLookup callback.)
    116  *
    117  * find a ZipEntry struct by name.
    118  */
    119 static int hashcmpZipName(const void* ventry, const void* vname)
    120 {
    121     const ZipEntry* entry = (const ZipEntry*) ventry;
    122     const char* name = (const char*) vname;
    123     unsigned int nameLen = strlen(name);
    124 
    125     if (entry->fileNameLen != nameLen)
    126         return entry->fileNameLen - nameLen;
    127     return memcmp(entry->fileName, name, nameLen);
    128 }
    129 
    130 /*
    131  * Compute the hash code for a ZipEntry filename.
    132  *
    133  * Not expected to be compatible with any other hash function, so we init
    134  * to 2 to ensure it doesn't happen to match.
    135  */
    136 static unsigned int computeHash(const char* name, int nameLen)
    137 {
    138     unsigned int hash = 2;
    139 
    140     while (nameLen--)
    141         hash = hash * 31 + *name++;
    142 
    143     return hash;
    144 }
    145 
    146 static void addEntryToHashTable(HashTable* pHash, ZipEntry* pEntry)
    147 {
    148     unsigned int itemHash = computeHash(pEntry->fileName, pEntry->fileNameLen);
    149     const ZipEntry* found;
    150 
    151     found = (const ZipEntry*)mzHashTableLookup(pHash,
    152                 itemHash, pEntry, hashcmpZipEntry, true);
    153     if (found != pEntry) {
    154         LOGW("WARNING: duplicate entry '%.*s' in Zip\n",
    155             found->fileNameLen, found->fileName);
    156         /* keep going */
    157     }
    158 }
    159 
    160 static int validFilename(const char *fileName, unsigned int fileNameLen)
    161 {
    162     // Forbid super long filenames.
    163     if (fileNameLen >= PATH_MAX) {
    164         LOGW("Filename too long (%d chatacters)\n", fileNameLen);
    165         return 0;
    166     }
    167 
    168     // Require all characters to be printable ASCII (no NUL, no UTF-8, etc).
    169     unsigned int i;
    170     for (i = 0; i < fileNameLen; ++i) {
    171         if (fileName[i] < 32 || fileName[i] >= 127) {
    172             LOGW("Filename contains invalid character '\%03o'\n", fileName[i]);
    173             return 0;
    174         }
    175     }
    176 
    177     return 1;
    178 }
    179 
    180 /*
    181  * Parse the contents of a Zip archive.  After confirming that the file
    182  * is in fact a Zip, we scan out the contents of the central directory and
    183  * store it in a hash table.
    184  *
    185  * Returns "true" on success.
    186  */
    187 static bool parseZipArchive(ZipArchive* pArchive)
    188 {
    189     bool result = false;
    190     const unsigned char* ptr;
    191     unsigned int i, numEntries, cdOffset;
    192     unsigned int val;
    193 
    194     /*
    195      * The first 4 bytes of the file will either be the local header
    196      * signature for the first file (LOCSIG) or, if the archive doesn't
    197      * have any files in it, the end-of-central-directory signature (ENDSIG).
    198      */
    199     val = get4LE(pArchive->addr);
    200     if (val == ENDSIG) {
    201         LOGW("Found Zip archive, but it looks empty\n");
    202         goto bail;
    203     } else if (val != LOCSIG) {
    204         LOGW("Not a Zip archive (found 0x%08x)\n", val);
    205         goto bail;
    206     }
    207 
    208     /*
    209      * Find the EOCD.  We'll find it immediately unless they have a file
    210      * comment.
    211      */
    212     ptr = pArchive->addr + pArchive->length - ENDHDR;
    213 
    214     while (ptr >= (const unsigned char*) pArchive->addr) {
    215         if (*ptr == (ENDSIG & 0xff) && get4LE(ptr) == ENDSIG)
    216             break;
    217         ptr--;
    218     }
    219     if (ptr < (const unsigned char*) pArchive->addr) {
    220         LOGW("Could not find end-of-central-directory in Zip\n");
    221         goto bail;
    222     }
    223 
    224     /*
    225      * There are two interesting items in the EOCD block: the number of
    226      * entries in the file, and the file offset of the start of the
    227      * central directory.
    228      */
    229     numEntries = get2LE(ptr + ENDSUB);
    230     cdOffset = get4LE(ptr + ENDOFF);
    231 
    232     LOGVV("numEntries=%d cdOffset=%d\n", numEntries, cdOffset);
    233     if (numEntries == 0 || cdOffset >= pArchive->length) {
    234         LOGW("Invalid entries=%d offset=%d (len=%zd)\n",
    235             numEntries, cdOffset, pArchive->length);
    236         goto bail;
    237     }
    238 
    239     /*
    240      * Create data structures to hold entries.
    241      */
    242     pArchive->numEntries = numEntries;
    243     pArchive->pEntries = (ZipEntry*) calloc(numEntries, sizeof(ZipEntry));
    244     pArchive->pHash = mzHashTableCreate(mzHashSize(numEntries), NULL);
    245     if (pArchive->pEntries == NULL || pArchive->pHash == NULL)
    246         goto bail;
    247 
    248     ptr = pArchive->addr + cdOffset;
    249     for (i = 0; i < numEntries; i++) {
    250         ZipEntry* pEntry;
    251         unsigned int fileNameLen, extraLen, commentLen, localHdrOffset;
    252         const unsigned char* localHdr;
    253         const char *fileName;
    254 
    255         if (ptr + CENHDR > (const unsigned char*)pArchive->addr + pArchive->length) {
    256             LOGW("Ran off the end (at %d)\n", i);
    257             goto bail;
    258         }
    259         if (get4LE(ptr) != CENSIG) {
    260             LOGW("Missed a central dir sig (at %d)\n", i);
    261             goto bail;
    262         }
    263 
    264         localHdrOffset = get4LE(ptr + CENOFF);
    265         fileNameLen = get2LE(ptr + CENNAM);
    266         extraLen = get2LE(ptr + CENEXT);
    267         commentLen = get2LE(ptr + CENCOM);
    268         fileName = (const char*)ptr + CENHDR;
    269         if (fileName + fileNameLen > (const char*)pArchive->addr + pArchive->length) {
    270             LOGW("Filename ran off the end (at %d)\n", i);
    271             goto bail;
    272         }
    273         if (!validFilename(fileName, fileNameLen)) {
    274             LOGW("Invalid filename (at %d)\n", i);
    275             goto bail;
    276         }
    277 
    278 #if SORT_ENTRIES
    279         /* Figure out where this entry should go (binary search).
    280          */
    281         if (i > 0) {
    282             int low, high;
    283 
    284             low = 0;
    285             high = i - 1;
    286             while (low <= high) {
    287                 int mid;
    288                 int diff;
    289                 int diffLen;
    290 
    291                 mid = low + ((high - low) / 2); // avoid overflow
    292 
    293                 if (pArchive->pEntries[mid].fileNameLen < fileNameLen) {
    294                     diffLen = pArchive->pEntries[mid].fileNameLen;
    295                 } else {
    296                     diffLen = fileNameLen;
    297                 }
    298                 diff = strncmp(pArchive->pEntries[mid].fileName, fileName,
    299                         diffLen);
    300                 if (diff == 0) {
    301                     diff = pArchive->pEntries[mid].fileNameLen - fileNameLen;
    302                 }
    303                 if (diff < 0) {
    304                     low = mid + 1;
    305                 } else if (diff > 0) {
    306                     high = mid - 1;
    307                 } else {
    308                     high = mid;
    309                     break;
    310                 }
    311             }
    312 
    313             unsigned int target = high + 1;
    314             assert(target <= i);
    315             if (target != i) {
    316                 /* It belongs somewhere other than at the end of
    317                  * the list.  Make some room at [target].
    318                  */
    319                 memmove(pArchive->pEntries + target + 1,
    320                         pArchive->pEntries + target,
    321                         (i - target) * sizeof(ZipEntry));
    322             }
    323             pEntry = &pArchive->pEntries[target];
    324         } else {
    325             pEntry = &pArchive->pEntries[0];
    326         }
    327 #else
    328         pEntry = &pArchive->pEntries[i];
    329 #endif
    330         pEntry->fileNameLen = fileNameLen;
    331         pEntry->fileName = fileName;
    332 
    333         pEntry->compLen = get4LE(ptr + CENSIZ);
    334         pEntry->uncompLen = get4LE(ptr + CENLEN);
    335         pEntry->compression = get2LE(ptr + CENHOW);
    336         pEntry->modTime = get4LE(ptr + CENTIM);
    337         pEntry->crc32 = get4LE(ptr + CENCRC);
    338 
    339         /* These two are necessary for finding the mode of the file.
    340          */
    341         pEntry->versionMadeBy = get2LE(ptr + CENVEM);
    342         if ((pEntry->versionMadeBy & 0xff00) != 0 &&
    343                 (pEntry->versionMadeBy & 0xff00) != CENVEM_UNIX)
    344         {
    345             LOGW("Incompatible \"version made by\": 0x%02x (at %d)\n",
    346                     pEntry->versionMadeBy >> 8, i);
    347             goto bail;
    348         }
    349         pEntry->externalFileAttributes = get4LE(ptr + CENATX);
    350 
    351         // Perform pArchive->addr + localHdrOffset, ensuring that it won't
    352         // overflow. This is needed because localHdrOffset is untrusted.
    353         if (!safe_add((uintptr_t *)&localHdr, (uintptr_t)pArchive->addr,
    354             (uintptr_t)localHdrOffset)) {
    355             LOGW("Integer overflow adding in parseZipArchive\n");
    356             goto bail;
    357         }
    358         if ((uintptr_t)localHdr + LOCHDR >
    359             (uintptr_t)pArchive->addr + pArchive->length) {
    360             LOGW("Bad offset to local header: %d (at %d)\n", localHdrOffset, i);
    361             goto bail;
    362         }
    363         if (get4LE(localHdr) != LOCSIG) {
    364             LOGW("Missed a local header sig (at %d)\n", i);
    365             goto bail;
    366         }
    367         pEntry->offset = localHdrOffset + LOCHDR
    368             + get2LE(localHdr + LOCNAM) + get2LE(localHdr + LOCEXT);
    369         if (!safe_add(NULL, pEntry->offset, pEntry->compLen)) {
    370             LOGW("Integer overflow adding in parseZipArchive\n");
    371             goto bail;
    372         }
    373         if ((size_t)pEntry->offset + pEntry->compLen > pArchive->length) {
    374             LOGW("Data ran off the end (at %d)\n", i);
    375             goto bail;
    376         }
    377 
    378 #if !SORT_ENTRIES
    379         /* Add to hash table; no need to lock here.
    380          * Can't do this now if we're sorting, because entries
    381          * will move around.
    382          */
    383         addEntryToHashTable(pArchive->pHash, pEntry);
    384 #endif
    385 
    386         //dumpEntry(pEntry);
    387         ptr += CENHDR + fileNameLen + extraLen + commentLen;
    388     }
    389 
    390 #if SORT_ENTRIES
    391     /* If we're sorting, we have to wait until all entries
    392      * are in their final places, otherwise the pointers will
    393      * probably point to the wrong things.
    394      */
    395     for (i = 0; i < numEntries; i++) {
    396         /* Add to hash table; no need to lock here.
    397          */
    398         addEntryToHashTable(pArchive->pHash, &pArchive->pEntries[i]);
    399     }
    400 #endif
    401 
    402     result = true;
    403 
    404 bail:
    405     if (!result) {
    406         mzHashTableFree(pArchive->pHash);
    407         pArchive->pHash = NULL;
    408     }
    409     return result;
    410 }
    411 
    412 /*
    413  * Open a Zip archive and scan out the contents.
    414  *
    415  * The easiest way to do this is to mmap() the whole thing and do the
    416  * traditional backward scan for central directory.  Since the EOCD is
    417  * a relatively small bit at the end, we should end up only touching a
    418  * small set of pages.
    419  *
    420  * This will be called on non-Zip files, especially during startup, so
    421  * we don't want to be too noisy about failures.  (Do we want a "quiet"
    422  * flag?)
    423  *
    424  * On success, we fill out the contents of "pArchive".
    425  */
    426 int mzOpenZipArchive(unsigned char* addr, size_t length, ZipArchive* pArchive)
    427 {
    428     int err;
    429 
    430     if (length < ENDHDR) {
    431         err = -1;
    432         LOGW("Archive %p is too small to be zip (%zd)\n", pArchive, length);
    433         goto bail;
    434     }
    435 
    436     pArchive->addr = addr;
    437     pArchive->length = length;
    438 
    439     if (!parseZipArchive(pArchive)) {
    440         err = -1;
    441         LOGW("Parsing archive %p failed\n", pArchive);
    442         goto bail;
    443     }
    444 
    445     err = 0;
    446 
    447 bail:
    448     if (err != 0)
    449         mzCloseZipArchive(pArchive);
    450     return err;
    451 }
    452 
    453 /*
    454  * Close a ZipArchive, closing the file and freeing the contents.
    455  *
    456  * NOTE: the ZipArchive may not have been fully created.
    457  */
    458 void mzCloseZipArchive(ZipArchive* pArchive)
    459 {
    460     LOGV("Closing archive %p\n", pArchive);
    461 
    462     free(pArchive->pEntries);
    463 
    464     mzHashTableFree(pArchive->pHash);
    465 
    466     pArchive->pHash = NULL;
    467     pArchive->pEntries = NULL;
    468 }
    469 
    470 /*
    471  * Find a matching entry.
    472  *
    473  * Returns NULL if no matching entry found.
    474  */
    475 const ZipEntry* mzFindZipEntry(const ZipArchive* pArchive,
    476         const char* entryName)
    477 {
    478     unsigned int itemHash = computeHash(entryName, strlen(entryName));
    479 
    480     return (const ZipEntry*)mzHashTableLookup(pArchive->pHash,
    481                 itemHash, (char*) entryName, hashcmpZipName, false);
    482 }
    483 
    484 /*
    485  * Return true if the entry is a symbolic link.
    486  */
    487 static bool mzIsZipEntrySymlink(const ZipEntry* pEntry)
    488 {
    489     if ((pEntry->versionMadeBy & 0xff00) == CENVEM_UNIX) {
    490         return S_ISLNK(pEntry->externalFileAttributes >> 16);
    491     }
    492     return false;
    493 }
    494 
    495 /* Call processFunction on the uncompressed data of a STORED entry.
    496  */
    497 static bool processStoredEntry(const ZipArchive *pArchive,
    498     const ZipEntry *pEntry, ProcessZipEntryContentsFunction processFunction,
    499     void *cookie)
    500 {
    501     return processFunction(pArchive->addr + pEntry->offset, pEntry->uncompLen, cookie);
    502 }
    503 
    504 static bool processDeflatedEntry(const ZipArchive *pArchive,
    505     const ZipEntry *pEntry, ProcessZipEntryContentsFunction processFunction,
    506     void *cookie)
    507 {
    508     long result = -1;
    509     unsigned char procBuf[32 * 1024];
    510     z_stream zstream;
    511     int zerr;
    512     long compRemaining;
    513 
    514     compRemaining = pEntry->compLen;
    515 
    516     /*
    517      * Initialize the zlib stream.
    518      */
    519     memset(&zstream, 0, sizeof(zstream));
    520     zstream.zalloc = Z_NULL;
    521     zstream.zfree = Z_NULL;
    522     zstream.opaque = Z_NULL;
    523     zstream.next_in = pArchive->addr + pEntry->offset;
    524     zstream.avail_in = pEntry->compLen;
    525     zstream.next_out = (Bytef*) procBuf;
    526     zstream.avail_out = sizeof(procBuf);
    527     zstream.data_type = Z_UNKNOWN;
    528 
    529     /*
    530      * Use the undocumented "negative window bits" feature to tell zlib
    531      * that there's no zlib header waiting for it.
    532      */
    533     zerr = inflateInit2(&zstream, -MAX_WBITS);
    534     if (zerr != Z_OK) {
    535         if (zerr == Z_VERSION_ERROR) {
    536             LOGE("Installed zlib is not compatible with linked version (%s)\n",
    537                 ZLIB_VERSION);
    538         } else {
    539             LOGE("Call to inflateInit2 failed (zerr=%d)\n", zerr);
    540         }
    541         goto bail;
    542     }
    543 
    544     /*
    545      * Loop while we have data.
    546      */
    547     do {
    548         /* uncompress the data */
    549         zerr = inflate(&zstream, Z_NO_FLUSH);
    550         if (zerr != Z_OK && zerr != Z_STREAM_END) {
    551             LOGW("zlib inflate call failed (zerr=%d)\n", zerr);
    552             goto z_bail;
    553         }
    554 
    555         /* write when we're full or when we're done */
    556         if (zstream.avail_out == 0 ||
    557             (zerr == Z_STREAM_END && zstream.avail_out != sizeof(procBuf)))
    558         {
    559             long procSize = zstream.next_out - procBuf;
    560             LOGVV("+++ processing %d bytes\n", (int) procSize);
    561             bool ret = processFunction(procBuf, procSize, cookie);
    562             if (!ret) {
    563                 LOGW("Process function elected to fail (in inflate)\n");
    564                 goto z_bail;
    565             }
    566 
    567             zstream.next_out = procBuf;
    568             zstream.avail_out = sizeof(procBuf);
    569         }
    570     } while (zerr == Z_OK);
    571 
    572     assert(zerr == Z_STREAM_END);       /* other errors should've been caught */
    573 
    574     // success!
    575     result = zstream.total_out;
    576 
    577 z_bail:
    578     inflateEnd(&zstream);        /* free up any allocated structures */
    579 
    580 bail:
    581     if (result != pEntry->uncompLen) {
    582         if (result != -1)        // error already shown?
    583             LOGW("Size mismatch on inflated file (%ld vs %ld)\n",
    584                 result, pEntry->uncompLen);
    585         return false;
    586     }
    587     return true;
    588 }
    589 
    590 /*
    591  * Stream the uncompressed data through the supplied function,
    592  * passing cookie to it each time it gets called.  processFunction
    593  * may be called more than once.
    594  *
    595  * If processFunction returns false, the operation is abandoned and
    596  * mzProcessZipEntryContents() immediately returns false.
    597  *
    598  * This is useful for calculating the hash of an entry's uncompressed contents.
    599  */
    600 bool mzProcessZipEntryContents(const ZipArchive *pArchive,
    601     const ZipEntry *pEntry, ProcessZipEntryContentsFunction processFunction,
    602     void *cookie)
    603 {
    604     bool ret = false;
    605 
    606     switch (pEntry->compression) {
    607     case STORED:
    608         ret = processStoredEntry(pArchive, pEntry, processFunction, cookie);
    609         break;
    610     case DEFLATED:
    611         ret = processDeflatedEntry(pArchive, pEntry, processFunction, cookie);
    612         break;
    613     default:
    614         LOGE("Unsupported compression type %d for entry '%s'\n",
    615                 pEntry->compression, pEntry->fileName);
    616         break;
    617     }
    618 
    619     return ret;
    620 }
    621 
    622 typedef struct {
    623     char *buf;
    624     int bufLen;
    625 } CopyProcessArgs;
    626 
    627 static bool copyProcessFunction(const unsigned char *data, int dataLen,
    628         void *cookie)
    629 {
    630     CopyProcessArgs *args = (CopyProcessArgs *)cookie;
    631     if (dataLen <= args->bufLen) {
    632         memcpy(args->buf, data, dataLen);
    633         args->buf += dataLen;
    634         args->bufLen -= dataLen;
    635         return true;
    636     }
    637     return false;
    638 }
    639 
    640 /*
    641  * Read an entry into a buffer allocated by the caller.
    642  */
    643 bool mzReadZipEntry(const ZipArchive* pArchive, const ZipEntry* pEntry,
    644         char *buf, int bufLen)
    645 {
    646     CopyProcessArgs args;
    647     bool ret;
    648 
    649     args.buf = buf;
    650     args.bufLen = bufLen;
    651     ret = mzProcessZipEntryContents(pArchive, pEntry, copyProcessFunction,
    652             (void *)&args);
    653     if (!ret) {
    654         LOGE("Can't extract entry to buffer.\n");
    655         return false;
    656     }
    657     return true;
    658 }
    659 
    660 static bool writeProcessFunction(const unsigned char *data, int dataLen,
    661                                  void *cookie)
    662 {
    663     int fd = (int)(intptr_t)cookie;
    664     if (dataLen == 0) {
    665         return true;
    666     }
    667     ssize_t soFar = 0;
    668     while (true) {
    669         ssize_t n = TEMP_FAILURE_RETRY(write(fd, data+soFar, dataLen-soFar));
    670         if (n <= 0) {
    671             LOGE("Error writing %zd bytes from zip file from %p: %s\n",
    672                  dataLen-soFar, data+soFar, strerror(errno));
    673             return false;
    674         } else if (n > 0) {
    675             soFar += n;
    676             if (soFar == dataLen) return true;
    677             if (soFar > dataLen) {
    678                 LOGE("write overrun?  (%zd bytes instead of %d)\n",
    679                      soFar, dataLen);
    680                 return false;
    681             }
    682         }
    683     }
    684 }
    685 
    686 /*
    687  * Uncompress "pEntry" in "pArchive" to "fd" at the current offset.
    688  */
    689 bool mzExtractZipEntryToFile(const ZipArchive *pArchive,
    690     const ZipEntry *pEntry, int fd)
    691 {
    692     bool ret = mzProcessZipEntryContents(pArchive, pEntry, writeProcessFunction,
    693                                          (void*)(intptr_t)fd);
    694     if (!ret) {
    695         LOGE("Can't extract entry to file.\n");
    696         return false;
    697     }
    698     return true;
    699 }
    700 
    701 typedef struct {
    702     unsigned char* buffer;
    703     long len;
    704 } BufferExtractCookie;
    705 
    706 static bool bufferProcessFunction(const unsigned char *data, int dataLen,
    707     void *cookie) {
    708     BufferExtractCookie *bec = (BufferExtractCookie*)cookie;
    709 
    710     memmove(bec->buffer, data, dataLen);
    711     bec->buffer += dataLen;
    712     bec->len -= dataLen;
    713 
    714     return true;
    715 }
    716 
    717 /*
    718  * Uncompress "pEntry" in "pArchive" to buffer, which must be large
    719  * enough to hold mzGetZipEntryUncomplen(pEntry) bytes.
    720  */
    721 bool mzExtractZipEntryToBuffer(const ZipArchive *pArchive,
    722     const ZipEntry *pEntry, unsigned char *buffer)
    723 {
    724     BufferExtractCookie bec;
    725     bec.buffer = buffer;
    726     bec.len = mzGetZipEntryUncompLen(pEntry);
    727 
    728     bool ret = mzProcessZipEntryContents(pArchive, pEntry,
    729         bufferProcessFunction, (void*)&bec);
    730     if (!ret || bec.len != 0) {
    731         LOGE("Can't extract entry to memory buffer.\n");
    732         return false;
    733     }
    734     return true;
    735 }
    736 
    737 
    738 /* Helper state to make path translation easier and less malloc-happy.
    739  */
    740 typedef struct {
    741     const char *targetDir;
    742     const char *zipDir;
    743     char *buf;
    744     int targetDirLen;
    745     int zipDirLen;
    746     int bufLen;
    747 } MzPathHelper;
    748 
    749 /* Given the values of targetDir and zipDir in the helper,
    750  * return the target filename of the provided entry.
    751  * The helper must be initialized first.
    752  */
    753 static const char *targetEntryPath(MzPathHelper *helper, ZipEntry *pEntry)
    754 {
    755     int needLen;
    756     bool firstTime = (helper->buf == NULL);
    757 
    758     /* target file <-- targetDir + / + entry[zipDirLen:]
    759      */
    760     needLen = helper->targetDirLen + 1 +
    761             pEntry->fileNameLen - helper->zipDirLen + 1;
    762     if (needLen > helper->bufLen) {
    763         char *newBuf;
    764 
    765         needLen *= 2;
    766         newBuf = (char *)realloc(helper->buf, needLen);
    767         if (newBuf == NULL) {
    768             return NULL;
    769         }
    770         helper->buf = newBuf;
    771         helper->bufLen = needLen;
    772     }
    773 
    774     /* Every path will start with the target path and a slash.
    775      */
    776     if (firstTime) {
    777         char *p = helper->buf;
    778         memcpy(p, helper->targetDir, helper->targetDirLen);
    779         p += helper->targetDirLen;
    780         if (p == helper->buf || p[-1] != '/') {
    781             helper->targetDirLen += 1;
    782             *p++ = '/';
    783         }
    784     }
    785 
    786     /* Replace the custom part of the path with the appropriate
    787      * part of the entry's path.
    788      */
    789     char *epath = helper->buf + helper->targetDirLen;
    790     memcpy(epath, pEntry->fileName + helper->zipDirLen,
    791             pEntry->fileNameLen - helper->zipDirLen);
    792     epath += pEntry->fileNameLen - helper->zipDirLen;
    793     *epath = '\0';
    794 
    795     return helper->buf;
    796 }
    797 
    798 /*
    799  * Inflate all entries under zipDir to the directory specified by
    800  * targetDir, which must exist and be a writable directory.
    801  *
    802  * The immediate children of zipDir will become the immediate
    803  * children of targetDir; e.g., if the archive contains the entries
    804  *
    805  *     a/b/c/one
    806  *     a/b/c/two
    807  *     a/b/c/d/three
    808  *
    809  * and mzExtractRecursive(a, "a/b/c", "/tmp") is called, the resulting
    810  * files will be
    811  *
    812  *     /tmp/one
    813  *     /tmp/two
    814  *     /tmp/d/three
    815  *
    816  * Returns true on success, false on failure.
    817  */
    818 bool mzExtractRecursive(const ZipArchive *pArchive,
    819                         const char *zipDir, const char *targetDir,
    820                         const struct utimbuf *timestamp,
    821                         void (*callback)(const char *fn, void *), void *cookie,
    822                         struct selabel_handle *sehnd)
    823 {
    824     if (zipDir[0] == '/') {
    825         LOGE("mzExtractRecursive(): zipDir must be a relative path.\n");
    826         return false;
    827     }
    828     if (targetDir[0] != '/') {
    829         LOGE("mzExtractRecursive(): targetDir must be an absolute path.\n");
    830         return false;
    831     }
    832 
    833     unsigned int zipDirLen;
    834     char *zpath;
    835 
    836     zipDirLen = strlen(zipDir);
    837     zpath = (char *)malloc(zipDirLen + 2);
    838     if (zpath == NULL) {
    839         LOGE("Can't allocate %d bytes for zip path\n", zipDirLen + 2);
    840         return false;
    841     }
    842     /* If zipDir is empty, we'll extract the entire zip file.
    843      * Otherwise, canonicalize the path.
    844      */
    845     if (zipDirLen > 0) {
    846         /* Make sure there's (hopefully, exactly one) slash at the
    847          * end of the path.  This way we don't need to worry about
    848          * accidentally extracting "one/twothree" when a path like
    849          * "one/two" is specified.
    850          */
    851         memcpy(zpath, zipDir, zipDirLen);
    852         if (zpath[zipDirLen-1] != '/') {
    853             zpath[zipDirLen++] = '/';
    854         }
    855     }
    856     zpath[zipDirLen] = '\0';
    857 
    858     /* Set up the helper structure that we'll use to assemble paths.
    859      */
    860     MzPathHelper helper;
    861     helper.targetDir = targetDir;
    862     helper.targetDirLen = strlen(helper.targetDir);
    863     helper.zipDir = zpath;
    864     helper.zipDirLen = strlen(helper.zipDir);
    865     helper.buf = NULL;
    866     helper.bufLen = 0;
    867 
    868     /* Walk through the entries and extract anything whose path begins
    869      * with zpath.
    870     //TODO: since the entries are sorted, binary search for the first match
    871     //      and stop after the first non-match.
    872      */
    873     unsigned int i;
    874     bool seenMatch = false;
    875     int ok = true;
    876     int extractCount = 0;
    877     for (i = 0; i < pArchive->numEntries; i++) {
    878         ZipEntry *pEntry = pArchive->pEntries + i;
    879         if (pEntry->fileNameLen < zipDirLen) {
    880        //TODO: look out for a single empty directory entry that matches zpath, but
    881        //      missing the trailing slash.  Most zip files seem to include
    882        //      the trailing slash, but I think it's legal to leave it off.
    883        //      e.g., zpath "a/b/", entry "a/b", with no children of the entry.
    884             /* No chance of matching.
    885              */
    886 #if SORT_ENTRIES
    887             if (seenMatch) {
    888                 /* Since the entries are sorted, we can give up
    889                  * on the first mismatch after the first match.
    890                  */
    891                 break;
    892             }
    893 #endif
    894             continue;
    895         }
    896         /* If zpath is empty, this strncmp() will match everything,
    897          * which is what we want.
    898          */
    899         if (strncmp(pEntry->fileName, zpath, zipDirLen) != 0) {
    900 #if SORT_ENTRIES
    901             if (seenMatch) {
    902                 /* Since the entries are sorted, we can give up
    903                  * on the first mismatch after the first match.
    904                  */
    905                 break;
    906             }
    907 #endif
    908             continue;
    909         }
    910         /* This entry begins with zipDir, so we'll extract it.
    911          */
    912         seenMatch = true;
    913 
    914         /* Find the target location of the entry.
    915          */
    916         const char *targetFile = targetEntryPath(&helper, pEntry);
    917         if (targetFile == NULL) {
    918             LOGE("Can't assemble target path for \"%.*s\"\n",
    919                     pEntry->fileNameLen, pEntry->fileName);
    920             ok = false;
    921             break;
    922         }
    923 
    924 #define UNZIP_DIRMODE 0755
    925 #define UNZIP_FILEMODE 0644
    926         /*
    927          * Create the file or directory. We ignore directory entries
    928          * because we recursively create paths to each file entry we encounter
    929          * in the zip archive anyway.
    930          *
    931          * NOTE: A "directory entry" in a zip archive is just a zero length
    932          * entry that ends in a "/". They're not mandatory and many tools get
    933          * rid of them. We need to process them only if we want to preserve
    934          * empty directories from the archive.
    935          */
    936         if (pEntry->fileName[pEntry->fileNameLen-1] != '/') {
    937             /* This is not a directory.  First, make sure that
    938              * the containing directory exists.
    939              */
    940             int ret = dirCreateHierarchy(
    941                     targetFile, UNZIP_DIRMODE, timestamp, true, sehnd);
    942             if (ret != 0) {
    943                 LOGE("Can't create containing directory for \"%s\": %s\n",
    944                         targetFile, strerror(errno));
    945                 ok = false;
    946                 break;
    947             }
    948 
    949             /*
    950              * The entry is a regular file or a symlink. Open the target for writing.
    951              *
    952              * TODO: This behavior for symlinks seems rather bizarre. For a
    953              * symlink foo/bar/baz -> foo/tar/taz, we will create a file called
    954              * "foo/bar/baz" whose contents are the literal "foo/tar/taz". We
    955              * warn about this for now and preserve older behavior.
    956              */
    957             if (mzIsZipEntrySymlink(pEntry)) {
    958                 LOGE("Symlink entry \"%.*s\" will be output as a regular file.",
    959                      pEntry->fileNameLen, pEntry->fileName);
    960             }
    961 
    962             char *secontext = NULL;
    963 
    964             if (sehnd) {
    965                 selabel_lookup(sehnd, &secontext, targetFile, UNZIP_FILEMODE);
    966                 setfscreatecon(secontext);
    967             }
    968 
    969             int fd = open(targetFile, O_CREAT|O_WRONLY|O_TRUNC|O_SYNC,
    970                 UNZIP_FILEMODE);
    971 
    972             if (secontext) {
    973                 freecon(secontext);
    974                 setfscreatecon(NULL);
    975             }
    976 
    977             if (fd < 0) {
    978                 LOGE("Can't create target file \"%s\": %s\n",
    979                         targetFile, strerror(errno));
    980                 ok = false;
    981                 break;
    982             }
    983 
    984             bool ok = mzExtractZipEntryToFile(pArchive, pEntry, fd);
    985             if (ok) {
    986                 ok = (fsync(fd) == 0);
    987             }
    988             if (close(fd) != 0) {
    989                 ok = false;
    990             }
    991             if (!ok) {
    992                 LOGE("Error extracting \"%s\"\n", targetFile);
    993                 ok = false;
    994                 break;
    995             }
    996 
    997             if (timestamp != NULL && utime(targetFile, timestamp)) {
    998                 LOGE("Error touching \"%s\"\n", targetFile);
    999                 ok = false;
   1000                 break;
   1001             }
   1002 
   1003             LOGV("Extracted file \"%s\"\n", targetFile);
   1004             ++extractCount;
   1005         }
   1006 
   1007         if (callback != NULL) callback(targetFile, cookie);
   1008     }
   1009 
   1010     LOGV("Extracted %d file(s)\n", extractCount);
   1011 
   1012     free(helper.buf);
   1013     free(zpath);
   1014 
   1015     return ok;
   1016 }
   1017