2 * Copyright (c) 2004 Tim Kientzle
3 * Copyright (c) 2011 Michihiro NAKAJIMA
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 #include "archive_platform.h"
28 __FBSDID("$FreeBSD: head/lib/libarchive/archive_read_support_format_zip.c 201102 2009-12-28 03:11:36Z kientzle $");
41 #include "archive_entry.h"
42 #include "archive_entry_locale.h"
43 #include "archive_private.h"
44 #include "archive_read_private.h"
45 #include "archive_endian.h"
48 #include "archive_crc32.h"
52 int64_t local_header_offset;
53 int64_t compressed_size;
54 int64_t uncompressed_size;
57 struct archive_entry *entry;
69 /* Structural information about the archive. */
70 int64_t central_directory_offset;
71 size_t central_directory_size;
72 size_t central_directory_entries;
73 char have_central_directory;
75 /* List of entries (seekable Zip only) */
76 size_t entries_remaining;
77 struct zip_entry *zip_entries;
78 struct zip_entry *entry;
82 /* entry_bytes_remaining is the number of bytes we expect. */
83 int64_t entry_bytes_remaining;
85 /* These count the number of bytes actually read for the entry. */
86 int64_t entry_compressed_bytes_read;
87 int64_t entry_uncompressed_bytes_read;
89 /* Running CRC32 of the decompressed data */
90 unsigned long entry_crc32;
92 /* Flags to mark progress of decompression. */
96 ssize_t filename_length;
99 unsigned char *uncompressed_buffer;
100 size_t uncompressed_buffer_size;
106 struct archive_string extra;
107 struct archive_string_conv *sconv;
108 struct archive_string_conv *sconv_default;
109 struct archive_string_conv *sconv_utf8;
110 int init_default_conversion;
111 char format_name[64];
114 #define ZIP_LENGTH_AT_END 8
115 #define ZIP_ENCRYPTED (1<<0)
116 #define ZIP_STRONG_ENCRYPTED (1<<6)
117 #define ZIP_UTF8_NAME (1<<11)
119 static int archive_read_format_zip_streamable_bid(struct archive_read *, int);
120 static int archive_read_format_zip_seekable_bid(struct archive_read *, int);
121 static int archive_read_format_zip_options(struct archive_read *,
122 const char *, const char *);
123 static int archive_read_format_zip_cleanup(struct archive_read *);
124 static int archive_read_format_zip_read_data(struct archive_read *,
125 const void **, size_t *, int64_t *);
126 static int archive_read_format_zip_read_data_skip(struct archive_read *a);
127 static int archive_read_format_zip_seekable_read_header(struct archive_read *,
128 struct archive_entry *);
129 static int archive_read_format_zip_streamable_read_header(struct archive_read *,
130 struct archive_entry *);
132 static int zip_read_data_deflate(struct archive_read *a, const void **buff,
133 size_t *size, int64_t *offset);
135 static int zip_read_data_none(struct archive_read *a, const void **buff,
136 size_t *size, int64_t *offset);
137 static int zip_read_local_file_header(struct archive_read *a,
138 struct archive_entry *entry, struct zip *);
139 static time_t zip_time(const char *);
140 static const char *compression_name(int compression);
141 static void process_extra(const char *, size_t, struct zip_entry *);
143 int archive_read_support_format_zip_streamable(struct archive *);
144 int archive_read_support_format_zip_seekable(struct archive *);
147 archive_read_support_format_zip_streamable(struct archive *_a)
149 struct archive_read *a = (struct archive_read *)_a;
153 archive_check_magic(_a, ARCHIVE_READ_MAGIC,
154 ARCHIVE_STATE_NEW, "archive_read_support_format_zip");
156 zip = (struct zip *)malloc(sizeof(*zip));
158 archive_set_error(&a->archive, ENOMEM,
159 "Can't allocate zip data");
160 return (ARCHIVE_FATAL);
162 memset(zip, 0, sizeof(*zip));
164 r = __archive_read_register_format(a,
167 archive_read_format_zip_streamable_bid,
168 archive_read_format_zip_options,
169 archive_read_format_zip_streamable_read_header,
170 archive_read_format_zip_read_data,
171 archive_read_format_zip_read_data_skip,
172 archive_read_format_zip_cleanup);
180 archive_read_support_format_zip_seekable(struct archive *_a)
182 struct archive_read *a = (struct archive_read *)_a;
186 archive_check_magic(_a, ARCHIVE_READ_MAGIC,
187 ARCHIVE_STATE_NEW, "archive_read_support_format_zip_seekable");
189 zip = (struct zip *)malloc(sizeof(*zip));
191 archive_set_error(&a->archive, ENOMEM,
192 "Can't allocate zip data");
193 return (ARCHIVE_FATAL);
195 memset(zip, 0, sizeof(*zip));
197 r = __archive_read_register_format(a,
200 archive_read_format_zip_seekable_bid,
201 archive_read_format_zip_options,
202 archive_read_format_zip_seekable_read_header,
203 archive_read_format_zip_read_data,
204 archive_read_format_zip_read_data_skip,
205 archive_read_format_zip_cleanup);
213 archive_read_support_format_zip(struct archive *a)
216 r = archive_read_support_format_zip_streamable(a);
219 return (archive_read_support_format_zip_seekable(a));
223 * TODO: This is a performance sink because it forces the read core to
224 * drop buffered data from the start of file, which will then have to
225 * be re-read again if this bidder loses.
227 * We workaround this a little by passing in the best bid so far so
228 * that later bidders can do nothing if they know they'll never
229 * outbid. But we can certainly do better...
232 archive_read_format_zip_seekable_bid(struct archive_read *a, int best_bid)
234 struct zip *zip = (struct zip *)a->format->data;
238 /* If someone has already bid more than 32, then avoid
239 trashing the look-ahead buffers with a seek. */
243 filesize = __archive_read_seek(a, -22, SEEK_END);
244 /* If we can't seek, then we can't bid. */
248 /* TODO: More robust search for end of central directory record. */
249 if ((p = __archive_read_ahead(a, 22, NULL)) == NULL)
251 /* First four bytes are signature for end of central directory
252 record. Four zero bytes ensure this isn't a multi-volume
253 Zip file (which we don't yet support). */
254 if (memcmp(p, "PK\005\006\000\000\000\000", 8) != 0)
257 /* Since we've already done the hard work of finding the
258 end of central directory record, let's save the important
260 zip->central_directory_entries = archive_le16dec(p + 10);
261 zip->central_directory_size = archive_le32dec(p + 12);
262 zip->central_directory_offset = archive_le32dec(p + 16);
264 /* Just one volume, so central dir must all be on this volume. */
265 if (zip->central_directory_entries != archive_le16dec(p + 8))
267 /* Central directory can't extend beyond end of this file. */
268 if (zip->central_directory_offset + zip->central_directory_size > filesize)
271 /* This is just a tiny bit higher than the maximum returned by
272 the streaming Zip bidder. This ensures that the more accurate
273 seeking Zip parser wins whenever seek is available. */
278 slurp_central_directory(struct archive_read *a, struct zip *zip)
282 __archive_read_seek(a, zip->central_directory_offset, SEEK_SET);
284 zip->zip_entries = calloc(zip->central_directory_entries, sizeof(struct zip_entry));
285 for (i = 0; i < zip->central_directory_entries; ++i) {
286 struct zip_entry *zip_entry = &zip->zip_entries[i];
287 size_t filename_length, extra_length, comment_length;
288 uint32_t external_attributes;
291 if ((p = __archive_read_ahead(a, 46, NULL)) == NULL)
292 return ARCHIVE_FATAL;
293 if (memcmp(p, "PK\001\002", 4) != 0) {
294 archive_set_error(&a->archive,
295 -1, "Invalid central directory signature");
296 return ARCHIVE_FATAL;
298 zip->have_central_directory = 1;
299 /* version = p[4]; */
300 zip_entry->system = p[5];
301 /* version_required = archive_le16dec(p + 6); */
302 zip_entry->flags = archive_le16dec(p + 8);
303 zip_entry->compression = archive_le16dec(p + 10);
304 zip_entry->mtime = zip_time(p + 12);
305 zip_entry->crc32 = archive_le32dec(p + 16);
306 zip_entry->compressed_size = archive_le32dec(p + 20);
307 zip_entry->uncompressed_size = archive_le32dec(p + 24);
308 filename_length = archive_le16dec(p + 28);
309 extra_length = archive_le16dec(p + 30);
310 comment_length = archive_le16dec(p + 32);
311 /* disk_start = archive_le16dec(p + 34); */ /* Better be zero. */
312 /* internal_attributes = archive_le16dec(p + 36); */ /* text bit */
313 external_attributes = archive_le32dec(p + 38);
314 zip_entry->local_header_offset = archive_le32dec(p + 42);
316 /* If we can't guess the mode, leave it zero here;
317 when we read the local file header we might get
320 if (zip_entry->system == 3) {
321 zip_entry->mode = external_attributes >> 16;
324 /* We don't read the filename until we get to the
325 local file header. Reading it here would speed up
326 table-of-contents operations (removing the need to
327 find and read local file header to get the
328 filename) at the cost of requiring a lot of extra
330 /* We don't read the extra block here. We assume it
331 will be duplicated at the local file header. */
332 __archive_read_consume(a,
333 46 + filename_length + extra_length + comment_length);
336 /* TODO: Sort zip entries by file offset so that we
337 can optimize get_next_header() to use skip instead of
344 archive_read_format_zip_seekable_read_header(struct archive_read *a,
345 struct archive_entry *entry)
347 struct zip *zip = (struct zip *)a->format->data;
350 a->archive.archive_format = ARCHIVE_FORMAT_ZIP;
351 if (a->archive.archive_format_name == NULL)
352 a->archive.archive_format_name = "ZIP";
354 if (zip->zip_entries == NULL) {
355 r = slurp_central_directory(a, zip);
356 zip->entries_remaining = zip->central_directory_entries;
359 zip->entry = zip->zip_entries;
364 if (zip->entries_remaining <= 0)
366 --zip->entries_remaining;
368 /* TODO: If entries are sorted by offset within the file, we
369 should be able to skip here instead of seeking. Skipping is
370 typically faster (easier for I/O layer to optimize). */
371 __archive_read_seek(a, zip->entry->local_header_offset, SEEK_SET);
373 r = zip_read_local_file_header(a, entry, zip);
376 if ((zip->entry->mode & AE_IFMT) == AE_IFLNK) {
378 size_t linkname_length = archive_entry_size(entry);
380 archive_entry_set_size(entry, 0);
381 p = __archive_read_ahead(a, linkname_length, NULL);
383 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
384 "Truncated Zip file");
385 return ARCHIVE_FATAL;
388 if (archive_entry_copy_symlink_l(entry, p, linkname_length,
390 /* NOTE: If the last argument is NULL, this will
391 * fail only by memeory allocation failure. */
392 archive_set_error(&a->archive, ENOMEM,
393 "Can't allocate memory for Symlink");
394 return (ARCHIVE_FATAL);
396 /* TODO: handle character-set issues? */
402 archive_read_format_zip_streamable_bid(struct archive_read *a, int best_bid)
406 (void)best_bid; /* UNUSED */
408 if ((p = __archive_read_ahead(a, 4, NULL)) == NULL)
412 * Bid of 30 here is: 16 bits for "PK",
413 * next 16-bit field has four options (-2 bits).
416 if (p[0] == 'P' && p[1] == 'K') {
417 if ((p[2] == '\001' && p[3] == '\002')
418 || (p[2] == '\003' && p[3] == '\004')
419 || (p[2] == '\005' && p[3] == '\006')
420 || (p[2] == '\007' && p[3] == '\010')
421 || (p[2] == '0' && p[3] == '0'))
425 /* TODO: It's worth looking ahead a little bit for a valid
426 * PK signature. In particular, that would make it possible
427 * to read some UUEncoded SFX files or SFX files coming from
428 * a network socket. */
434 archive_read_format_zip_options(struct archive_read *a,
435 const char *key, const char *val)
438 int ret = ARCHIVE_FAILED;
440 zip = (struct zip *)(a->format->data);
441 if (strcmp(key, "compat-2x") == 0) {
442 /* Handle filnames as libarchive 2.x */
443 zip->init_default_conversion = (val != NULL) ? 1 : 0;
445 } else if (strcmp(key, "hdrcharset") == 0) {
446 if (val == NULL || val[0] == 0)
447 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
448 "zip: hdrcharset option needs a character-set name");
450 zip->sconv = archive_string_conversion_from_charset(
451 &a->archive, val, 0);
452 if (zip->sconv != NULL) {
453 if (strcmp(val, "UTF-8") == 0)
454 zip->sconv_utf8 = zip->sconv;
460 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
461 "zip: unknown keyword ``%s''", key);
467 archive_read_format_zip_streamable_read_header(struct archive_read *a,
468 struct archive_entry *entry)
472 a->archive.archive_format = ARCHIVE_FORMAT_ZIP;
473 if (a->archive.archive_format_name == NULL)
474 a->archive.archive_format_name = "ZIP";
476 zip = (struct zip *)(a->format->data);
478 /* Make sure we have a zip_entry structure to use. */
479 if (zip->zip_entries == NULL) {
480 zip->zip_entries = malloc(sizeof(struct zip_entry));
481 if (zip->zip_entries == NULL) {
482 archive_set_error(&a->archive, ENOMEM, "Out of memory");
483 return ARCHIVE_FATAL;
486 zip->entry = zip->zip_entries;
487 memset(zip->entry, 0, sizeof(struct zip_entry));
489 /* Search ahead for the next local file header. */
490 __archive_read_consume(a, zip->unconsumed);
497 p = __archive_read_ahead(a, 4, &bytes);
499 return (ARCHIVE_FATAL);
502 while (p + 4 <= end) {
503 if (p[0] == 'P' && p[1] == 'K') {
504 if (p[2] == '\001' && p[3] == '\002')
505 /* Beginning of central directory. */
506 return (ARCHIVE_EOF);
508 if (p[2] == '\003' && p[3] == '\004') {
509 /* Regular file entry. */
510 __archive_read_consume(a, skipped);
511 return zip_read_local_file_header(a, entry, zip);
514 if (p[2] == '\005' && p[3] == '\006')
515 /* End of central directory. */
516 return (ARCHIVE_EOF);
521 __archive_read_consume(a, skipped);
526 * Assumes file pointer is at beginning of local file header.
529 zip_read_local_file_header(struct archive_read *a, struct archive_entry *entry,
536 size_t len, filename_length, extra_length;
537 struct archive_string_conv *sconv;
538 struct zip_entry *zip_entry = zip->entry;
539 uint32_t local_crc32;
540 int64_t compressed_size, uncompressed_size;
541 int ret = ARCHIVE_OK;
544 zip->decompress_init = 0;
545 zip->end_of_entry = 0;
546 zip->entry_uncompressed_bytes_read = 0;
547 zip->entry_compressed_bytes_read = 0;
548 zip->entry_crc32 = crc32(0, NULL, 0);
550 /* Setup default conversion. */
551 if (zip->sconv == NULL && !zip->init_default_conversion) {
553 archive_string_default_conversion_for_read(&(a->archive));
554 zip->init_default_conversion = 1;
557 if ((p = __archive_read_ahead(a, 30, NULL)) == NULL) {
558 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
559 "Truncated ZIP file header");
560 return (ARCHIVE_FATAL);
563 if (memcmp(p, "PK\003\004", 4) != 0) {
564 archive_set_error(&a->archive, -1, "Damaged Zip archive");
565 return ARCHIVE_FATAL;
568 zip_entry->system = p[5];
569 zip_entry->flags = archive_le16dec(p + 6);
570 zip_entry->compression = archive_le16dec(p + 8);
571 zip_entry->mtime = zip_time(p + 10);
572 local_crc32 = archive_le32dec(p + 14);
573 compressed_size = archive_le32dec(p + 18);
574 uncompressed_size = archive_le32dec(p + 22);
575 filename_length = archive_le16dec(p + 26);
576 extra_length = archive_le16dec(p + 28);
578 __archive_read_consume(a, 30);
580 if (zip->have_central_directory) {
581 /* If we read the central dir entry, we must have size information
582 as well, so ignore the length-at-end flag. */
583 zip_entry->flags &= ~ZIP_LENGTH_AT_END;
584 /* If we have values from both the local file header
585 and the central directory, warn about mismatches
586 which might indicate a damaged file. But some
587 writers always put zero in the local header; don't
588 bother warning about that. */
589 if (local_crc32 != 0 && local_crc32 != zip_entry->crc32) {
590 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
591 "Inconsistent CRC32 values");
594 if (compressed_size != 0
595 && compressed_size != zip_entry->compressed_size) {
596 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
597 "Inconsistent compressed size");
600 if (uncompressed_size != 0
601 && uncompressed_size != zip_entry->uncompressed_size) {
602 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
603 "Inconsistent uncompressed size");
607 /* If we don't have the CD info, use whatever we do have. */
608 zip_entry->crc32 = local_crc32;
609 zip_entry->compressed_size = compressed_size;
610 zip_entry->uncompressed_size = uncompressed_size;
613 /* Read the filename. */
614 if ((h = __archive_read_ahead(a, filename_length, NULL)) == NULL) {
615 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
616 "Truncated ZIP file header");
617 return (ARCHIVE_FATAL);
619 if (zip_entry->flags & ZIP_UTF8_NAME) {
620 /* The filename is stored to be UTF-8. */
621 if (zip->sconv_utf8 == NULL) {
623 archive_string_conversion_from_charset(
624 &a->archive, "UTF-8", 1);
625 if (zip->sconv_utf8 == NULL)
626 return (ARCHIVE_FATAL);
628 sconv = zip->sconv_utf8;
629 } else if (zip->sconv != NULL)
632 sconv = zip->sconv_default;
634 if (archive_entry_copy_pathname_l(entry,
635 h, filename_length, sconv) != 0) {
636 if (errno == ENOMEM) {
637 archive_set_error(&a->archive, ENOMEM,
638 "Can't allocate memory for Pathname");
639 return (ARCHIVE_FATAL);
641 archive_set_error(&a->archive,
642 ARCHIVE_ERRNO_FILE_FORMAT,
643 "Pathname cannot be converted "
644 "from %s to current locale.",
645 archive_string_conversion_charset_name(sconv));
648 __archive_read_consume(a, filename_length);
650 if (zip_entry->mode == 0) {
651 /* Especially in streaming mode, we can end up
652 here without having seen any mode information.
653 Guess from the filename. */
654 wp = archive_entry_pathname_w(entry);
657 if (len > 0 && wp[len - 1] == L'/')
658 zip_entry->mode = AE_IFDIR | 0777;
660 zip_entry->mode = AE_IFREG | 0777;
662 cp = archive_entry_pathname(entry);
663 len = (cp != NULL)?strlen(cp):0;
664 if (len > 0 && cp[len - 1] == '/')
665 zip_entry->mode = AE_IFDIR | 0777;
667 zip_entry->mode = AE_IFREG | 0777;
671 /* Read the extra data. */
672 if ((h = __archive_read_ahead(a, extra_length, NULL)) == NULL) {
673 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
674 "Truncated ZIP file header");
675 return (ARCHIVE_FATAL);
677 process_extra(h, extra_length, zip_entry);
678 __archive_read_consume(a, extra_length);
680 /* Populate some additional entry fields: */
681 archive_entry_set_mode(entry, zip_entry->mode);
682 archive_entry_set_uid(entry, zip_entry->uid);
683 archive_entry_set_gid(entry, zip_entry->gid);
684 archive_entry_set_mtime(entry, zip_entry->mtime, 0);
685 archive_entry_set_ctime(entry, zip_entry->ctime, 0);
686 archive_entry_set_atime(entry, zip_entry->atime, 0);
687 /* Set the size only if it's meaningful. */
688 if (0 == (zip_entry->flags & ZIP_LENGTH_AT_END))
689 archive_entry_set_size(entry, zip_entry->uncompressed_size);
691 zip->entry_bytes_remaining = zip_entry->compressed_size;
693 /* If there's no body, force read_data() to return EOF immediately. */
694 if (0 == (zip_entry->flags & ZIP_LENGTH_AT_END)
695 && zip->entry_bytes_remaining < 1)
696 zip->end_of_entry = 1;
698 /* Set up a more descriptive format name. */
699 sprintf(zip->format_name, "ZIP %d.%d (%s)",
700 version / 10, version % 10,
701 compression_name(zip->entry->compression));
702 a->archive.archive_format_name = zip->format_name;
708 compression_name(int compression)
710 static const char *compression_names[] = {
722 if (0 <= compression && compression <
723 (int)(sizeof(compression_names)/sizeof(compression_names[0])))
724 return compression_names[compression];
729 /* Convert an MSDOS-style date/time into Unix-style time. */
731 zip_time(const char *p)
736 msTime = (0xff & (unsigned)p[0]) + 256 * (0xff & (unsigned)p[1]);
737 msDate = (0xff & (unsigned)p[2]) + 256 * (0xff & (unsigned)p[3]);
739 memset(&ts, 0, sizeof(ts));
740 ts.tm_year = ((msDate >> 9) & 0x7f) + 80; /* Years since 1900. */
741 ts.tm_mon = ((msDate >> 5) & 0x0f) - 1; /* Month number. */
742 ts.tm_mday = msDate & 0x1f; /* Day of month. */
743 ts.tm_hour = (msTime >> 11) & 0x1f;
744 ts.tm_min = (msTime >> 5) & 0x3f;
745 ts.tm_sec = (msTime << 1) & 0x3e;
751 archive_read_format_zip_read_data(struct archive_read *a,
752 const void **buff, size_t *size, int64_t *offset)
755 struct zip *zip = (struct zip *)(a->format->data);
757 *offset = zip->entry_uncompressed_bytes_read;
761 /* If we hit end-of-entry last time, return ARCHIVE_EOF. */
762 if (zip->end_of_entry)
763 return (ARCHIVE_EOF);
765 /* Return EOF immediately if this is a non-regular file. */
766 if (AE_IFREG != (zip->entry->mode & AE_IFMT))
767 return (ARCHIVE_EOF);
769 if (zip->entry->flags & (ZIP_ENCRYPTED | ZIP_STRONG_ENCRYPTED)) {
770 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
771 "Encrypted file is unsupported");
772 return (ARCHIVE_FAILED);
775 __archive_read_consume(a, zip->unconsumed);
778 switch(zip->entry->compression) {
779 case 0: /* No compression. */
780 r = zip_read_data_none(a, buff, size, offset);
783 case 8: /* Deflate compression. */
784 r = zip_read_data_deflate(a, buff, size, offset);
787 default: /* Unsupported compression. */
788 /* Return a warning. */
789 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
790 "Unsupported ZIP compression method (%s)",
791 compression_name(zip->entry->compression));
792 /* We can't decompress this entry, but we will
793 * be able to skip() it and try the next entry. */
794 return (ARCHIVE_FAILED);
799 /* Update checksum */
801 zip->entry_crc32 = crc32(zip->entry_crc32, *buff, *size);
802 /* If we hit the end, swallow any end-of-data marker. */
803 if (zip->end_of_entry) {
804 /* Check file size, CRC against these values. */
805 if (zip->entry->compressed_size != zip->entry_compressed_bytes_read) {
806 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
807 "ZIP compressed data is wrong size (read %jd, expected %jd)",
808 (intmax_t)zip->entry_compressed_bytes_read,
809 (intmax_t)zip->entry->compressed_size);
810 return (ARCHIVE_WARN);
812 /* Size field only stores the lower 32 bits of the actual
814 if ((zip->entry->uncompressed_size & UINT32_MAX)
815 != (zip->entry_uncompressed_bytes_read & UINT32_MAX)) {
816 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
817 "ZIP uncompressed data is wrong size (read %jd, expected %jd)",
818 (intmax_t)zip->entry_uncompressed_bytes_read,
819 (intmax_t)zip->entry->uncompressed_size);
820 return (ARCHIVE_WARN);
822 /* Check computed CRC against header */
823 if (zip->entry->crc32 != zip->entry_crc32) {
824 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
825 "ZIP bad CRC: 0x%lx should be 0x%lx",
826 (unsigned long)zip->entry_crc32,
827 (unsigned long)zip->entry->crc32);
828 return (ARCHIVE_WARN);
836 * Read "uncompressed" data. There are three cases:
837 * 1) We know the size of the data. This is always true for the
838 * seeking reader (we've examined the Central Directory already).
839 * 2) ZIP_LENGTH_AT_END was set, but only the CRC was deferred.
840 * Info-ZIP seems to do this; we know the size but have to grab
841 * the CRC from the data descriptor afterwards.
842 * 3) We're streaming and ZIP_LENGTH_AT_END was specified and
843 * we have no size information. In this case, we can do pretty
844 * well by watching for the data descriptor record. The data
845 * descriptor is 16 bytes and includes a computed CRC that should
846 * provide a strong check.
848 * TODO: Technically, the PK\007\010 signature is optional.
849 * In the original spec, the data descriptor contained CRC
850 * and size fields but had no leading signature. In practice,
851 * newer writers seem to provide the signature pretty consistently,
852 * but we might need to do something more complex here if
853 * we want to handle older archives that lack that signature.
855 * Returns ARCHIVE_OK if successful, ARCHIVE_FATAL otherwise, sets
856 * zip->end_of_entry if it consumes all of the data.
859 zip_read_data_none(struct archive_read *a, const void **_buff,
860 size_t *size, int64_t *offset)
866 (void)offset; /* UNUSED */
868 zip = (struct zip *)(a->format->data);
870 if (zip->entry->flags & ZIP_LENGTH_AT_END) {
873 /* Grab at least 16 bytes. */
874 buff = __archive_read_ahead(a, 16, &bytes_avail);
875 if (bytes_avail < 16) {
876 /* Zip archives have end-of-archive markers
877 that are longer than this, so a failure to get at
878 least 16 bytes really does indicate a truncated
880 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
881 "Truncated ZIP file data");
882 return (ARCHIVE_FATAL);
884 /* Check for a complete PK\007\010 signature. */
886 if (p[0] == 'P' && p[1] == 'K'
887 && p[2] == '\007' && p[3] == '\010'
888 && archive_le32dec(p + 4) == zip->entry_crc32
889 && archive_le32dec(p + 8) == zip->entry_compressed_bytes_read
890 && archive_le32dec(p + 12) == zip->entry_uncompressed_bytes_read) {
891 zip->entry->crc32 = archive_le32dec(p + 4);
892 zip->entry->compressed_size = archive_le32dec(p + 8);
893 zip->entry->uncompressed_size = archive_le32dec(p + 12);
894 zip->end_of_entry = 1;
895 zip->unconsumed = 16;
898 /* If not at EOF, ensure we consume at least one byte. */
901 /* Scan forward until we see where a PK\007\010 signature might be. */
902 /* Return bytes up until that point. On the next call, the code
903 above will verify the data descriptor. */
904 while (p < buff + bytes_avail - 4) {
905 if (p[3] == 'P') { p += 3; }
906 else if (p[3] == 'K') { p += 2; }
907 else if (p[3] == '\007') { p += 1; }
908 else if (p[3] == '\010' && p[2] == '\007'
909 && p[1] == 'K' && p[0] == 'P') {
913 bytes_avail = p - buff;
915 if (zip->entry_bytes_remaining == 0) {
916 zip->end_of_entry = 1;
919 /* Grab a bunch of bytes. */
920 buff = __archive_read_ahead(a, 1, &bytes_avail);
921 if (bytes_avail <= 0) {
922 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
923 "Truncated ZIP file data");
924 return (ARCHIVE_FATAL);
926 if (bytes_avail > zip->entry_bytes_remaining)
927 bytes_avail = zip->entry_bytes_remaining;
930 zip->entry_bytes_remaining -= bytes_avail;
931 zip->entry_uncompressed_bytes_read += bytes_avail;
932 zip->entry_compressed_bytes_read += bytes_avail;
933 zip->unconsumed += bytes_avail;
940 zip_read_data_deflate(struct archive_read *a, const void **buff,
941 size_t *size, int64_t *offset)
945 const void *compressed_buff;
948 (void)offset; /* UNUSED */
950 zip = (struct zip *)(a->format->data);
952 /* If the buffer hasn't been allocated, allocate it now. */
953 if (zip->uncompressed_buffer == NULL) {
954 zip->uncompressed_buffer_size = 256 * 1024;
955 zip->uncompressed_buffer
956 = (unsigned char *)malloc(zip->uncompressed_buffer_size);
957 if (zip->uncompressed_buffer == NULL) {
958 archive_set_error(&a->archive, ENOMEM,
959 "No memory for ZIP decompression");
960 return (ARCHIVE_FATAL);
964 /* If we haven't yet read any data, initialize the decompressor. */
965 if (!zip->decompress_init) {
966 if (zip->stream_valid)
967 r = inflateReset(&zip->stream);
969 r = inflateInit2(&zip->stream,
970 -15 /* Don't check for zlib header */);
972 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
973 "Can't initialize ZIP decompression.");
974 return (ARCHIVE_FATAL);
976 /* Stream structure has been set up. */
977 zip->stream_valid = 1;
978 /* We've initialized decompression for this stream. */
979 zip->decompress_init = 1;
983 * Note: '1' here is a performance optimization.
984 * Recall that the decompression layer returns a count of
985 * available bytes; asking for more than that forces the
986 * decompressor to combine reads by copying data.
988 compressed_buff = __archive_read_ahead(a, 1, &bytes_avail);
989 if (0 == (zip->entry->flags & ZIP_LENGTH_AT_END)
990 && bytes_avail > zip->entry_bytes_remaining) {
991 bytes_avail = zip->entry_bytes_remaining;
993 if (bytes_avail <= 0) {
994 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
995 "Truncated ZIP file body");
996 return (ARCHIVE_FATAL);
1000 * A bug in zlib.h: stream.next_in should be marked 'const'
1001 * but isn't (the library never alters data through the
1002 * next_in pointer, only reads it). The result: this ugly
1003 * cast to remove 'const'.
1005 zip->stream.next_in = (Bytef *)(uintptr_t)(const void *)compressed_buff;
1006 zip->stream.avail_in = bytes_avail;
1007 zip->stream.total_in = 0;
1008 zip->stream.next_out = zip->uncompressed_buffer;
1009 zip->stream.avail_out = zip->uncompressed_buffer_size;
1010 zip->stream.total_out = 0;
1012 r = inflate(&zip->stream, 0);
1017 zip->end_of_entry = 1;
1020 archive_set_error(&a->archive, ENOMEM,
1021 "Out of memory for ZIP decompression");
1022 return (ARCHIVE_FATAL);
1024 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1025 "ZIP decompression failed (%d)", r);
1026 return (ARCHIVE_FATAL);
1029 /* Consume as much as the compressor actually used. */
1030 bytes_avail = zip->stream.total_in;
1031 __archive_read_consume(a, bytes_avail);
1032 zip->entry_bytes_remaining -= bytes_avail;
1033 zip->entry_compressed_bytes_read += bytes_avail;
1035 *size = zip->stream.total_out;
1036 zip->entry_uncompressed_bytes_read += zip->stream.total_out;
1037 *buff = zip->uncompressed_buffer;
1039 if (zip->end_of_entry && (zip->entry->flags & ZIP_LENGTH_AT_END)) {
1042 if (NULL == (p = __archive_read_ahead(a, 16, NULL))) {
1043 archive_set_error(&a->archive,
1044 ARCHIVE_ERRNO_FILE_FORMAT,
1045 "Truncated ZIP end-of-file record");
1046 return (ARCHIVE_FATAL);
1048 /* Consume the optional PK\007\010 marker. */
1049 if (p[0] == 'P' && p[1] == 'K' && p[2] == '\007' && p[3] == '\010') {
1050 zip->entry->crc32 = archive_le32dec(p + 4);
1051 zip->entry->compressed_size = archive_le32dec(p + 8);
1052 zip->entry->uncompressed_size = archive_le32dec(p + 12);
1053 zip->unconsumed = 16;
1057 return (ARCHIVE_OK);
1062 archive_read_format_zip_read_data_skip(struct archive_read *a)
1066 zip = (struct zip *)(a->format->data);
1068 /* If we've already read to end of data, we're done. */
1069 if (zip->end_of_entry)
1070 return (ARCHIVE_OK);
1071 /* If we're seeking, we're done. */
1072 if (zip->have_central_directory)
1073 return (ARCHIVE_OK);
1075 /* So we know we're streaming... */
1076 if (0 == (zip->entry->flags & ZIP_LENGTH_AT_END)) {
1077 /* We know the compressed length, so we can just skip. */
1078 int64_t bytes_skipped = __archive_read_consume(a,
1079 zip->entry_bytes_remaining + zip->unconsumed);
1080 if (bytes_skipped < 0)
1081 return (ARCHIVE_FATAL);
1082 zip->unconsumed = 0;
1083 return (ARCHIVE_OK);
1086 /* We're streaming and we don't know the length. */
1087 /* If the body is compressed and we know the format, we can
1088 * find an exact end-of-entry by decompressing it. */
1089 switch (zip->entry->compression) {
1091 case 8: /* Deflate compression. */
1092 while (!zip->end_of_entry) {
1094 const void *buff = NULL;
1097 r = zip_read_data_deflate(a, &buff, &size, &offset);
1098 if (r != ARCHIVE_OK)
1103 default: /* Uncompressed or unknown. */
1104 /* Scan for a PK\007\010 signature. */
1105 __archive_read_consume(a, zip->unconsumed);
1106 zip->unconsumed = 0;
1108 const char *p, *buff;
1109 ssize_t bytes_avail;
1110 buff = __archive_read_ahead(a, 16, &bytes_avail);
1111 if (bytes_avail < 16) {
1112 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
1113 "Truncated ZIP file data");
1114 return (ARCHIVE_FATAL);
1117 while (p <= buff + bytes_avail - 16) {
1118 if (p[3] == 'P') { p += 3; }
1119 else if (p[3] == 'K') { p += 2; }
1120 else if (p[3] == '\007') { p += 1; }
1121 else if (p[3] == '\010' && p[2] == '\007'
1122 && p[1] == 'K' && p[0] == 'P') {
1123 __archive_read_consume(a, p - buff + 16);
1127 __archive_read_consume(a, p - buff);
1134 archive_read_format_zip_cleanup(struct archive_read *a)
1138 zip = (struct zip *)(a->format->data);
1140 if (zip->stream_valid)
1141 inflateEnd(&zip->stream);
1143 free(zip->zip_entries);
1144 free(zip->uncompressed_buffer);
1145 archive_string_free(&(zip->extra));
1147 (a->format->data) = NULL;
1148 return (ARCHIVE_OK);
1152 * The extra data is stored as a list of
1153 * id1+size1+data1 + id2+size2+data2 ...
1154 * triplets. id and size are 2 bytes each.
1157 process_extra(const char *p, size_t extra_length, struct zip_entry* zip_entry)
1159 unsigned offset = 0;
1161 while (offset < extra_length - 4)
1163 unsigned short headerid = archive_le16dec(p + offset);
1164 unsigned short datasize = archive_le16dec(p + offset + 2);
1166 if (offset + datasize > extra_length)
1169 fprintf(stderr, "Header id 0x%x, length %d\n",
1170 headerid, datasize);
1174 /* Zip64 extended information extra field. */
1176 zip_entry->uncompressed_size =
1177 archive_le64dec(p + offset);
1179 zip_entry->compressed_size =
1180 archive_le64dec(p + offset + 8);
1184 /* Extended time field "UT". */
1185 int flags = p[offset];
1188 /* Flag bits indicate which dates are present. */
1192 fprintf(stderr, "mtime: %lld -> %d\n",
1193 (long long)zip_entry->mtime,
1194 archive_le32dec(p + offset));
1198 zip_entry->mtime = archive_le32dec(p + offset);
1206 zip_entry->atime = archive_le32dec(p + offset);
1214 zip_entry->ctime = archive_le32dec(p + offset);
1222 /* Info-ZIP Unix Extra Field (old version) "UX". */
1223 if (datasize >= 8) {
1224 zip_entry->atime = archive_le32dec(p + offset);
1225 zip_entry->mtime = archive_le32dec(p + offset + 4);
1227 if (datasize >= 12) {
1228 zip_entry->uid = archive_le16dec(p + offset + 8);
1229 zip_entry->gid = archive_le16dec(p + offset + 10);
1234 /* Info-ZIP Unix Extra Field (type 2) "Ux". */
1236 fprintf(stderr, "uid %d gid %d\n",
1237 archive_le16dec(p + offset),
1238 archive_le16dec(p + offset + 2));
1241 zip_entry->uid = archive_le16dec(p + offset);
1243 zip_entry->gid = archive_le16dec(p + offset + 2);
1247 /* Info-Zip Unix Extra Field (type 3) "ux". */
1248 int uidsize = 0, gidsize = 0;
1250 if (datasize >= 1 && p[offset] == 1) {/* version=1 */
1251 if (datasize >= 4) {
1252 /* get a uid size. */
1253 uidsize = p[offset+1];
1255 zip_entry->uid = archive_le16dec(
1257 else if (uidsize == 4 && datasize >= 6)
1258 zip_entry->uid = archive_le32dec(
1261 if (datasize >= (2 + uidsize + 3)) {
1262 /* get a gid size. */
1263 gidsize = p[offset+2+uidsize];
1265 zip_entry->gid = archive_le16dec(
1266 p+offset+2+uidsize+1);
1267 else if (gidsize == 4 &&
1268 datasize >= (2 + uidsize + 5))
1269 zip_entry->gid = archive_le32dec(
1270 p+offset+2+uidsize+1);
1281 if (offset != extra_length)
1284 "Extra data field contents do not match reported size!\n");