Changeset 3621 in MondoRescue for branches/3.3/mindi-busybox/archival/libarchive/decompress_gunzip.c
- Timestamp:
- Dec 20, 2016, 4:07:32 PM (7 years ago)
- Location:
- branches/3.3
- Files:
-
- 1 edited
- 1 copied
Legend:
- Unmodified
- Added
- Removed
-
branches/3.3/mindi-busybox/archival/libarchive/decompress_gunzip.c
r3233 r3621 306 306 unsigned j; /* counter */ 307 307 int k; /* number of bits in current code */ 308 unsigned *p;/* pointer into c[], b[], or v[] */308 const unsigned *p; /* pointer into c[], b[], or v[] */ 309 309 huft_t *q; /* points to current table */ 310 310 huft_t r; /* table entry for structure assignment */ 311 311 huft_t *u[BMAX]; /* table stack */ 312 unsigned v[N_MAX ]; /* values in order of bit length*/312 unsigned v[N_MAX + 1]; /* values in order of bit length. last v[] is never used */ 313 313 int ws[BMAX + 1]; /* bits decoded stack */ 314 314 int w; /* bits decoded */ … … 325 325 /* Generate counts for each bit length */ 326 326 memset(c, 0, sizeof(c)); 327 p = (unsigned *) b; /* cast allows us to reuse p for pointing to b */327 p = b; 328 328 i = n; 329 329 do { … … 337 337 338 338 /* Find minimum and maximum length, bound *m by those */ 339 for (j = 1; ( c[j] == 0) && (j <= BMAX); j++)339 for (j = 1; (j <= BMAX) && (c[j] == 0); j++) 340 340 continue; 341 341 k = j; /* minimum code length */ … … 365 365 } 366 366 367 /* Make a table of values in order of bit lengths */ 368 p = (unsigned *) b; 367 /* Make a table of values in order of bit lengths. 368 * To detect bad input, unused v[i]'s are set to invalid value UINT_MAX. 369 * In particular, last v[i] is never filled and must not be accessed. 370 */ 371 memset(v, 0xff, sizeof(v)); 372 p = b; 369 373 i = 0; 370 374 do { … … 433 437 /* set up table entry in r */ 434 438 r.b = (unsigned char) (k - w); 435 if (p >= v + n) { 439 if (/*p >= v + n || -- redundant, caught by the second check: */ 440 *p == UINT_MAX /* do we access uninited v[i]? (see memset(v))*/ 441 ) { 436 442 r.e = 99; /* out of values--invalid code */ 437 443 } else if (*p < s) { … … 518 524 if (e > 16) 519 525 do { 520 if (e == 99) 521 abort_unzip(PASS_STATE_ONLY);; 526 if (e == 99) { 527 abort_unzip(PASS_STATE_ONLY); 528 } 522 529 bb >>= t->b; 523 530 k -= t->b; … … 555 562 if (e > 16) 556 563 do { 557 if (e == 99) 564 if (e == 99) { 558 565 abort_unzip(PASS_STATE_ONLY); 566 } 559 567 bb >>= t->b; 560 568 k -= t->b; … … 822 830 b_dynamic >>= 4; 823 831 k_dynamic -= 4; 824 if (nl > 286 || nd > 30) 832 if (nl > 286 || nd > 30) { 825 833 abort_unzip(PASS_STATE_ONLY); /* bad lengths */ 834 } 826 835 827 836 /* read in bit-length-code lengths */ … … 904 913 905 914 i = huft_build(ll, nl, 257, cplens, cplext, &inflate_codes_tl, &bl); 906 if (i != 0) 915 if (i != 0) { 907 916 abort_unzip(PASS_STATE_ONLY); 917 } 908 918 bd = dbits; 909 919 i = huft_build(ll + nl, nd, 0, cpdist, cpdext, &inflate_codes_td, &bd); 910 if (i != 0) 920 if (i != 0) { 911 921 abort_unzip(PASS_STATE_ONLY); 922 } 912 923 913 924 /* set up data for inflate_codes() */ … … 972 983 /* Called from unpack_gz_stream() and inflate_unzip() */ 973 984 static IF_DESKTOP(long long) int 974 inflate_unzip_internal(STATE_PARAM int in, int out)985 inflate_unzip_internal(STATE_PARAM transformer_state_t *xstate) 975 986 { 976 987 IF_DESKTOP(long long) int n = 0; … … 981 992 gunzip_outbuf_count = 0; 982 993 gunzip_bytes_out = 0; 983 gunzip_src_fd = in;994 gunzip_src_fd = xstate->src_fd; 984 995 985 996 /* (re) initialize state */ … … 997 1008 if (setjmp(error_jmp)) { 998 1009 /* Error from deep inside zip machinery */ 1010 bb_error_msg(error_msg); 999 1011 n = -1; 1000 1012 goto ret; … … 1003 1015 while (1) { 1004 1016 int r = inflate_get_next_window(PASS_STATE_ONLY); 1005 nwrote = full_write(out, gunzip_window, gunzip_outbuf_count); 1006 if (nwrote != (ssize_t)gunzip_outbuf_count) { 1007 bb_perror_msg("write"); 1017 nwrote = transformer_write(xstate, gunzip_window, gunzip_outbuf_count); 1018 if (nwrote == (ssize_t)-1) { 1008 1019 n = -1; 1009 1020 goto ret; … … 1035 1046 1036 1047 IF_DESKTOP(long long) int FAST_FUNC 1037 inflate_unzip(transformer_ aux_data_t *aux, int in, int out)1048 inflate_unzip(transformer_state_t *xstate) 1038 1049 { 1039 1050 IF_DESKTOP(long long) int n; … … 1042 1053 ALLOC_STATE; 1043 1054 1044 to_read = aux->bytes_in;1055 to_read = xstate->bytes_in; 1045 1056 // bytebuffer_max = 0x8000; 1046 1057 bytebuffer_offset = 4; 1047 1058 bytebuffer = xmalloc(bytebuffer_max); 1048 n = inflate_unzip_internal(PASS_STATE in, out);1059 n = inflate_unzip_internal(PASS_STATE xstate); 1049 1060 free(bytebuffer); 1050 1061 1051 aux->crc32 = gunzip_crc;1052 aux->bytes_out = gunzip_bytes_out;1062 xstate->crc32 = gunzip_crc; 1063 xstate->bytes_out = gunzip_bytes_out; 1053 1064 DEALLOC_STATE; 1054 1065 return n; … … 1108 1119 } 1109 1120 1110 static int check_header_gzip(STATE_PARAM transformer_ aux_data_t *aux)1121 static int check_header_gzip(STATE_PARAM transformer_state_t *xstate) 1111 1122 { 1112 1123 union { … … 1120 1131 } PACKED formatted; 1121 1132 } header; 1122 struct BUG_header { 1123 char BUG_header[sizeof(header) == 8 ? 1 : -1]; 1124 }; 1133 1134 BUILD_BUG_ON(sizeof(header) != 8); 1125 1135 1126 1136 /* … … 1170 1180 } 1171 1181 1172 if (aux) 1173 aux->mtime = SWAP_LE32(header.formatted.mtime); 1182 xstate->mtime = SWAP_LE32(header.formatted.mtime); 1174 1183 1175 1184 /* Read the header checksum */ … … 1183 1192 1184 1193 IF_DESKTOP(long long) int FAST_FUNC 1185 unpack_gz_stream(transformer_ aux_data_t *aux, int src_fd, int dst_fd)1194 unpack_gz_stream(transformer_state_t *xstate) 1186 1195 { 1187 1196 uint32_t v32; … … 1190 1199 1191 1200 #if !ENABLE_FEATURE_SEAMLESS_Z 1192 if (check_signature16( aux, src_fd, GZIP_MAGIC))1201 if (check_signature16(xstate, GZIP_MAGIC)) 1193 1202 return -1; 1194 1203 #else 1195 if ( aux && aux->check_signature) {1204 if (!xstate->signature_skipped) { 1196 1205 uint16_t magic2; 1197 1206 1198 if (full_read( src_fd, &magic2, 2) != 2) {1207 if (full_read(xstate->src_fd, &magic2, 2) != 2) { 1199 1208 bad_magic: 1200 1209 bb_error_msg("invalid magic"); … … 1202 1211 } 1203 1212 if (magic2 == COMPRESS_MAGIC) { 1204 aux->check_signature = 0;1205 return unpack_Z_stream( aux, src_fd, dst_fd);1213 xstate->signature_skipped = 2; 1214 return unpack_Z_stream(xstate); 1206 1215 } 1207 1216 if (magic2 != GZIP_MAGIC) … … 1216 1225 // bytebuffer_max = 0x8000; 1217 1226 bytebuffer = xmalloc(bytebuffer_max); 1218 gunzip_src_fd = src_fd;1227 gunzip_src_fd = xstate->src_fd; 1219 1228 1220 1229 again: 1221 if (!check_header_gzip(PASS_STATE aux)) {1230 if (!check_header_gzip(PASS_STATE xstate)) { 1222 1231 bb_error_msg("corrupted data"); 1223 1232 total = -1; … … 1225 1234 } 1226 1235 1227 n = inflate_unzip_internal(PASS_STATE src_fd, dst_fd);1236 n = inflate_unzip_internal(PASS_STATE xstate); 1228 1237 if (n < 0) { 1229 1238 total = -1;
Note:
See TracChangeset
for help on using the changeset viewer.