1 // Copyright 2010 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package zip 6 7 import ( 8 "bufio" 9 "encoding/binary" 10 "errors" 11 "fmt" 12 "hash" 13 "hash/crc32" 14 "io" 15 "os" 16 ) 17 18 var ( 19 ErrFormat = errors.New("zip: not a valid zip file") 20 ErrAlgorithm = errors.New("zip: unsupported compression algorithm") 21 ErrChecksum = errors.New("zip: checksum error") 22 ) 23 24 type Reader struct { 25 r io.ReaderAt 26 File []*File 27 Comment string 28 } 29 30 type ReadCloser struct { 31 f *os.File 32 Reader 33 } 34 35 type File struct { 36 FileHeader 37 zipr io.ReaderAt 38 zipsize int64 39 headerOffset int64 40 } 41 42 func (f *File) hasDataDescriptor() bool { 43 return f.Flags&0x8 != 0 44 } 45 46 // OpenReader will open the Zip file specified by name and return a ReadCloser. 47 func OpenReader(name string) (*ReadCloser, error) { 48 f, err := os.Open(name) 49 if err != nil { 50 return nil, err 51 } 52 fi, err := f.Stat() 53 if err != nil { 54 f.Close() 55 return nil, err 56 } 57 r := new(ReadCloser) 58 if err := r.init(f, fi.Size()); err != nil { 59 f.Close() 60 return nil, err 61 } 62 r.f = f 63 return r, nil 64 } 65 66 // NewReader returns a new Reader reading from r, which is assumed to 67 // have the given size in bytes. 68 func NewReader(r io.ReaderAt, size int64) (*Reader, error) { 69 zr := new(Reader) 70 if err := zr.init(r, size); err != nil { 71 return nil, err 72 } 73 return zr, nil 74 } 75 76 func (z *Reader) init(r io.ReaderAt, size int64) error { 77 end, err := readDirectoryEnd(r, size) 78 if err != nil { 79 return err 80 } 81 if end.directoryRecords > uint64(size)/fileHeaderLen { 82 return fmt.Errorf("archive/zip: TOC declares impossible %d files in %d byte zip", end.directoryRecords, size) 83 } 84 z.r = r 85 z.File = make([]*File, 0, end.directoryRecords) 86 z.Comment = end.comment 87 rs := io.NewSectionReader(r, 0, size) 88 if _, err = rs.Seek(int64(end.directoryOffset), os.SEEK_SET); err != nil { 89 return err 90 } 91 buf := bufio.NewReader(rs) 92 93 // The count of files inside a zip is truncated to fit in a uint16. 94 // Gloss over this by reading headers until we encounter 95 // a bad one, and then only report a ErrFormat or UnexpectedEOF if 96 // the file count modulo 65536 is incorrect. 97 for { 98 f := &File{zipr: r, zipsize: size} 99 err = readDirectoryHeader(f, buf) 100 if err == ErrFormat || err == io.ErrUnexpectedEOF { 101 break 102 } 103 if err != nil { 104 return err 105 } 106 z.File = append(z.File, f) 107 } 108 if uint16(len(z.File)) != uint16(end.directoryRecords) { // only compare 16 bits here 109 // Return the readDirectoryHeader error if we read 110 // the wrong number of directory entries. 111 return err 112 } 113 return nil 114 } 115 116 // Close closes the Zip file, rendering it unusable for I/O. 117 func (rc *ReadCloser) Close() error { 118 return rc.f.Close() 119 } 120 121 // DataOffset returns the offset of the file's possibly-compressed 122 // data, relative to the beginning of the zip file. 123 // 124 // Most callers should instead use Open, which transparently 125 // decompresses data and verifies checksums. 126 func (f *File) DataOffset() (offset int64, err error) { 127 bodyOffset, err := f.findBodyOffset() 128 if err != nil { 129 return 130 } 131 return f.headerOffset + bodyOffset, nil 132 } 133 134 // Open returns a ReadCloser that provides access to the File's contents. 135 // Multiple files may be read concurrently. 136 func (f *File) Open() (rc io.ReadCloser, err error) { 137 bodyOffset, err := f.findBodyOffset() 138 if err != nil { 139 return 140 } 141 size := int64(f.CompressedSize64) 142 r := io.NewSectionReader(f.zipr, f.headerOffset+bodyOffset, size) 143 dcomp := decompressor(f.Method) 144 if dcomp == nil { 145 err = ErrAlgorithm 146 return 147 } 148 rc = dcomp(r) 149 var desr io.Reader 150 if f.hasDataDescriptor() { 151 desr = io.NewSectionReader(f.zipr, f.headerOffset+bodyOffset+size, dataDescriptorLen) 152 } 153 rc = &checksumReader{ 154 rc: rc, 155 hash: crc32.NewIEEE(), 156 f: f, 157 desr: desr, 158 } 159 return 160 } 161 162 type checksumReader struct { 163 rc io.ReadCloser 164 hash hash.Hash32 165 nread uint64 // number of bytes read so far 166 f *File 167 desr io.Reader // if non-nil, where to read the data descriptor 168 err error // sticky error 169 } 170 171 func (r *checksumReader) Read(b []byte) (n int, err error) { 172 if r.err != nil { 173 return 0, r.err 174 } 175 n, err = r.rc.Read(b) 176 r.hash.Write(b[:n]) 177 r.nread += uint64(n) 178 if err == nil { 179 return 180 } 181 if err == io.EOF { 182 if r.nread != r.f.UncompressedSize64 { 183 return 0, io.ErrUnexpectedEOF 184 } 185 if r.desr != nil { 186 if err1 := readDataDescriptor(r.desr, r.f); err1 != nil { 187 if err1 == io.EOF { 188 err = io.ErrUnexpectedEOF 189 } else { 190 err = err1 191 } 192 } else if r.hash.Sum32() != r.f.CRC32 { 193 err = ErrChecksum 194 } 195 } else { 196 // If there's not a data descriptor, we still compare 197 // the CRC32 of what we've read against the file header 198 // or TOC's CRC32, if it seems like it was set. 199 if r.f.CRC32 != 0 && r.hash.Sum32() != r.f.CRC32 { 200 err = ErrChecksum 201 } 202 } 203 } 204 r.err = err 205 return 206 } 207 208 func (r *checksumReader) Close() error { return r.rc.Close() } 209 210 // findBodyOffset does the minimum work to verify the file has a header 211 // and returns the file body offset. 212 func (f *File) findBodyOffset() (int64, error) { 213 var buf [fileHeaderLen]byte 214 if _, err := f.zipr.ReadAt(buf[:], f.headerOffset); err != nil { 215 return 0, err 216 } 217 b := readBuf(buf[:]) 218 if sig := b.uint32(); sig != fileHeaderSignature { 219 return 0, ErrFormat 220 } 221 b = b[22:] // skip over most of the header 222 filenameLen := int(b.uint16()) 223 extraLen := int(b.uint16()) 224 return int64(fileHeaderLen + filenameLen + extraLen), nil 225 } 226 227 // readDirectoryHeader attempts to read a directory header from r. 228 // It returns io.ErrUnexpectedEOF if it cannot read a complete header, 229 // and ErrFormat if it doesn't find a valid header signature. 230 func readDirectoryHeader(f *File, r io.Reader) error { 231 var buf [directoryHeaderLen]byte 232 if _, err := io.ReadFull(r, buf[:]); err != nil { 233 return err 234 } 235 b := readBuf(buf[:]) 236 if sig := b.uint32(); sig != directoryHeaderSignature { 237 return ErrFormat 238 } 239 f.CreatorVersion = b.uint16() 240 f.ReaderVersion = b.uint16() 241 f.Flags = b.uint16() 242 f.Method = b.uint16() 243 f.ModifiedTime = b.uint16() 244 f.ModifiedDate = b.uint16() 245 f.CRC32 = b.uint32() 246 f.CompressedSize = b.uint32() 247 f.UncompressedSize = b.uint32() 248 f.CompressedSize64 = uint64(f.CompressedSize) 249 f.UncompressedSize64 = uint64(f.UncompressedSize) 250 filenameLen := int(b.uint16()) 251 extraLen := int(b.uint16()) 252 commentLen := int(b.uint16()) 253 b = b[4:] // skipped start disk number and internal attributes (2x uint16) 254 f.ExternalAttrs = b.uint32() 255 f.headerOffset = int64(b.uint32()) 256 d := make([]byte, filenameLen+extraLen+commentLen) 257 if _, err := io.ReadFull(r, d); err != nil { 258 return err 259 } 260 f.Name = string(d[:filenameLen]) 261 f.Extra = d[filenameLen : filenameLen+extraLen] 262 f.Comment = string(d[filenameLen+extraLen:]) 263 264 if len(f.Extra) > 0 { 265 b := readBuf(f.Extra) 266 for len(b) >= 4 { // need at least tag and size 267 tag := b.uint16() 268 size := b.uint16() 269 if int(size) > len(b) { 270 return ErrFormat 271 } 272 if tag == zip64ExtraId { 273 // update directory values from the zip64 extra block 274 eb := readBuf(b[:size]) 275 if len(eb) >= 8 { 276 f.UncompressedSize64 = eb.uint64() 277 } 278 if len(eb) >= 8 { 279 f.CompressedSize64 = eb.uint64() 280 } 281 if len(eb) >= 8 { 282 f.headerOffset = int64(eb.uint64()) 283 } 284 } 285 b = b[size:] 286 } 287 // Should have consumed the whole header. 288 // But popular zip & JAR creation tools are broken and 289 // may pad extra zeros at the end, so accept those 290 // too. See golang.org/issue/8186. 291 for _, v := range b { 292 if v != 0 { 293 return ErrFormat 294 } 295 } 296 } 297 return nil 298 } 299 300 func readDataDescriptor(r io.Reader, f *File) error { 301 var buf [dataDescriptorLen]byte 302 303 // The spec says: "Although not originally assigned a 304 // signature, the value 0x08074b50 has commonly been adopted 305 // as a signature value for the data descriptor record. 306 // Implementers should be aware that ZIP files may be 307 // encountered with or without this signature marking data 308 // descriptors and should account for either case when reading 309 // ZIP files to ensure compatibility." 310 // 311 // dataDescriptorLen includes the size of the signature but 312 // first read just those 4 bytes to see if it exists. 313 if _, err := io.ReadFull(r, buf[:4]); err != nil { 314 return err 315 } 316 off := 0 317 maybeSig := readBuf(buf[:4]) 318 if maybeSig.uint32() != dataDescriptorSignature { 319 // No data descriptor signature. Keep these four 320 // bytes. 321 off += 4 322 } 323 if _, err := io.ReadFull(r, buf[off:12]); err != nil { 324 return err 325 } 326 b := readBuf(buf[:12]) 327 if b.uint32() != f.CRC32 { 328 return ErrChecksum 329 } 330 331 // The two sizes that follow here can be either 32 bits or 64 bits 332 // but the spec is not very clear on this and different 333 // interpretations has been made causing incompatibilities. We 334 // already have the sizes from the central directory so we can 335 // just ignore these. 336 337 return nil 338 } 339 340 func readDirectoryEnd(r io.ReaderAt, size int64) (dir *directoryEnd, err error) { 341 // look for directoryEndSignature in the last 1k, then in the last 65k 342 var buf []byte 343 var directoryEndOffset int64 344 for i, bLen := range []int64{1024, 65 * 1024} { 345 if bLen > size { 346 bLen = size 347 } 348 buf = make([]byte, int(bLen)) 349 if _, err := r.ReadAt(buf, size-bLen); err != nil && err != io.EOF { 350 return nil, err 351 } 352 if p := findSignatureInBlock(buf); p >= 0 { 353 buf = buf[p:] 354 directoryEndOffset = size - bLen + int64(p) 355 break 356 } 357 if i == 1 || bLen == size { 358 return nil, ErrFormat 359 } 360 } 361 362 // read header into struct 363 b := readBuf(buf[4:]) // skip signature 364 d := &directoryEnd{ 365 diskNbr: uint32(b.uint16()), 366 dirDiskNbr: uint32(b.uint16()), 367 dirRecordsThisDisk: uint64(b.uint16()), 368 directoryRecords: uint64(b.uint16()), 369 directorySize: uint64(b.uint32()), 370 directoryOffset: uint64(b.uint32()), 371 commentLen: b.uint16(), 372 } 373 l := int(d.commentLen) 374 if l > len(b) { 375 return nil, errors.New("zip: invalid comment length") 376 } 377 d.comment = string(b[:l]) 378 379 p, err := findDirectory64End(r, directoryEndOffset) 380 if err == nil && p >= 0 { 381 err = readDirectory64End(r, p, d) 382 } 383 if err != nil { 384 return nil, err 385 } 386 387 // Make sure directoryOffset points to somewhere in our file. 388 if o := int64(d.directoryOffset); o < 0 || o >= size { 389 return nil, ErrFormat 390 } 391 return d, nil 392 } 393 394 // findDirectory64End tries to read the zip64 locator just before the 395 // directory end and returns the offset of the zip64 directory end if 396 // found. 397 func findDirectory64End(r io.ReaderAt, directoryEndOffset int64) (int64, error) { 398 locOffset := directoryEndOffset - directory64LocLen 399 if locOffset < 0 { 400 return -1, nil // no need to look for a header outside the file 401 } 402 buf := make([]byte, directory64LocLen) 403 if _, err := r.ReadAt(buf, locOffset); err != nil { 404 return -1, err 405 } 406 b := readBuf(buf) 407 if sig := b.uint32(); sig != directory64LocSignature { 408 return -1, nil 409 } 410 b = b[4:] // skip number of the disk with the start of the zip64 end of central directory 411 p := b.uint64() // relative offset of the zip64 end of central directory record 412 return int64(p), nil 413 } 414 415 // readDirectory64End reads the zip64 directory end and updates the 416 // directory end with the zip64 directory end values. 417 func readDirectory64End(r io.ReaderAt, offset int64, d *directoryEnd) (err error) { 418 buf := make([]byte, directory64EndLen) 419 if _, err := r.ReadAt(buf, offset); err != nil { 420 return err 421 } 422 423 b := readBuf(buf) 424 if sig := b.uint32(); sig != directory64EndSignature { 425 return ErrFormat 426 } 427 428 b = b[12:] // skip dir size, version and version needed (uint64 + 2x uint16) 429 d.diskNbr = b.uint32() // number of this disk 430 d.dirDiskNbr = b.uint32() // number of the disk with the start of the central directory 431 d.dirRecordsThisDisk = b.uint64() // total number of entries in the central directory on this disk 432 d.directoryRecords = b.uint64() // total number of entries in the central directory 433 d.directorySize = b.uint64() // size of the central directory 434 d.directoryOffset = b.uint64() // offset of start of central directory with respect to the starting disk number 435 436 return nil 437 } 438 439 func findSignatureInBlock(b []byte) int { 440 for i := len(b) - directoryEndLen; i >= 0; i-- { 441 // defined from directoryEndSignature in struct.go 442 if b[i] == 'P' && b[i+1] == 'K' && b[i+2] == 0x05 && b[i+3] == 0x06 { 443 // n is length of comment 444 n := int(b[i+directoryEndLen-2]) | int(b[i+directoryEndLen-1])<<8 445 if n+directoryEndLen+i <= len(b) { 446 return i 447 } 448 } 449 } 450 return -1 451 } 452 453 type readBuf []byte 454 455 func (b *readBuf) uint16() uint16 { 456 v := binary.LittleEndian.Uint16(*b) 457 *b = (*b)[2:] 458 return v 459 } 460 461 func (b *readBuf) uint32() uint32 { 462 v := binary.LittleEndian.Uint32(*b) 463 *b = (*b)[4:] 464 return v 465 } 466 467 func (b *readBuf) uint64() uint64 { 468 v := binary.LittleEndian.Uint64(*b) 469 *b = (*b)[8:] 470 return v 471 } 472
