#ifdef UNSAFE_BUFFERS_BUILD
// TODO(crbug.com/40285824): Remove this and convert code to safer constructs.
#pragma allow_unsafe_buffers
#endif
/*-
* Copyright 2003-2005 Colin Percival
* All rights reserved
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted providing that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#if 0
__FBSDID("$FreeBSD: src/usr.bin/bsdiff/bspatch/bspatch.c,v 1.1 2005/08/06 01:59:06 cperciva Exp $");
#endif
#include <sys/types.h>
#include <bzlib.h>
#include <err.h>
#include <fcntl.h>
#include <lzma.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <zlib.h>
#if defined(__APPLE__)
#include <CommonCrypto/CommonDigest.h>
#include <libkern/OSByteOrder.h>
#define le64toh(x) OSSwapLittleToHostInt64(x)
#elif defined(__linux__)
#include <endian.h>
#elif defined(_WIN32) && (defined(_M_IX86) || defined(_M_X64))
#define le64toh(x) (x)
#else
#error Provide le64toh for this platform
#endif
static inline off_t offtin(u_char *buf)
{
return le64toh(*((off_t*)buf));
}
static void sha1tostr(const u_char *sha1, char *sha1str)
{
int i;
for (i = 0; i < CC_SHA1_DIGEST_LENGTH; ++i)
sprintf(&sha1str[i * 2], "%02x", sha1[i]);
}
/* xzfile is a provisional stdio-like interface to xz/lzma2-compressed data.
* liblzma does not currently include this functionality. The interface is
* read-only and only supports sequential access. */
typedef struct {
/* in and out are the underlying buffers to be used with lzma_stream. */
u_char in[BUFSIZ];
u_char out[BUFSIZ];
lzma_stream ls;
FILE *f;
/* read_out points to the first byte in out not yet consumed by an
* xzread call. read_out_len tracks the amount of data available in
* out beginning at read_out. */
u_char *read_out;
size_t read_out_len;
/* Error and end-of-file indicators. */
lzma_ret err;
int eof;
} xzfile;
/* Initializes and returns a new xzfile pointer that will read from f. On
* failure, returns NULL. If err is non-NULL, it will be set to indicate any
* error that may have occurred. */
static xzfile *xzdopen(FILE *f, lzma_ret *err)
{
xzfile *xzf;
lzma_stream ls = LZMA_STREAM_INIT;
uint64_t physmem, memlimit;
if (!(xzf = malloc(sizeof(xzfile)))) {
if (err) *err = LZMA_MEM_ERROR;
return NULL;
}
xzf->ls = ls;
xzf->f = f;
xzf->read_out = xzf->out;
xzf->read_out_len = 0;
xzf->err = LZMA_OK;
xzf->eof = 0;
/* Use the same memory limits used by xzdec and xz. Use 40% of
* physical memory if 80MB or more, otherwise use 80% of physical
* memory if 80MB or less, otherwise use 80MB. If physical memory
* can't be determined, use 128MB. These limits should be sufficient
* for any decompression on any general-purpose system. */
physmem = lzma_physmem();
if (physmem == 0)
physmem = 128 * 1024 * 1024;
memlimit = 40 * physmem / 100;
if (memlimit < 80 * 1024 * 1024) {
memlimit = 80 * physmem / 100;
if (memlimit > 80 * 1024 * 1024)
memlimit = 80 * 1024 * 1024;
}
xzf->err = lzma_stream_decoder(&xzf->ls, memlimit,
LZMA_TELL_NO_CHECK |
LZMA_TELL_UNSUPPORTED_CHECK);
if (xzf->err != LZMA_OK) {
if (err) *err = xzf->err;
free(xzf);
return NULL;
}
if (err) *err = xzf->err;
return xzf;
}
/* Closes an xzfile opened by xzopen, freeing all memory and closing all
* files. Returns LZMA_OK normally, or LZMA_STREAM_END if fclose fails. */
static lzma_ret xzclose(xzfile *xzf)
{
lzma_ret lzma_err = LZMA_OK;
lzma_end(&xzf->ls);
if (fclose(xzf->f) != 0)
lzma_err = LZMA_STREAM_END;
free(xzf);
return lzma_err;
}
/* Reads len uncompressed bytes from xzf into buf. Returns the number of bytes
* read, which may be less than len at the end of the file. Upon error, if
* err is non-NULL, it will be set to an appropriate value, which will either
* be a return value from lzma_code (with the exception of LZMA_STREAM_END,
* which is remapped to LZMA_OK), or LZMA_STREAM_END to indicate an I/O error.
*/
static size_t xzread(xzfile *xzf, u_char *buf, size_t len, lzma_ret *err)
{
lzma_action action = LZMA_RUN;
size_t copylen;
size_t nread = 0;
while (xzf->err == LZMA_OK && len > 0) {
if (xzf->read_out_len == 0) {
/* No unconsumed data is available, need to run
* lzma_code to decompress. */
if (xzf->ls.avail_in == 0 && !xzf->eof) {
/* No input data available, need to read. */
xzf->ls.next_in = xzf->in;
xzf->ls.avail_in = fread(xzf->in, 1, BUFSIZ,
xzf->f);
if (ferror(xzf->f)) {
/* Map I/O errors to LZMA_STREAM_END. */
xzf->err = LZMA_STREAM_END;
if (err) *err = xzf->err;
return 0;
} else if (feof(xzf->f)) {
xzf->eof = 1;
}
}
/* Use the full output buffer. */
xzf->ls.next_out = xzf->out;
xzf->ls.avail_out = BUFSIZ;
/* There must be something to decode. */
if (xzf->ls.avail_in == 0) {
xzf->err = LZMA_BUF_ERROR;
if (err) *err = xzf->err;
return 0;
}
/* LZMA_FINISH is not critical because
* LZMA_CONCATENATED is not in use. */
if (xzf->eof)
action = LZMA_FINISH;
/* Run the decoder. */
xzf->err = lzma_code(&xzf->ls, action);
if (xzf->err == LZMA_STREAM_END) {
xzf->eof = 1;
xzf->err = LZMA_OK;
} else if (xzf->err != LZMA_OK) {
if (err) *err = xzf->err;
return 0;
}
/* Everything that was decoded is now available for
* reading into buf. */
xzf->read_out = xzf->out;
xzf->read_out_len = BUFSIZ - xzf->ls.avail_out;
}
/* Copy everything available up to len, and push some
* pointers. */
copylen = xzf->read_out_len;
if (copylen > len)
copylen = len;
memcpy(buf, xzf->read_out, copylen);
nread += copylen;
buf += copylen;
len -= copylen;
xzf->read_out += copylen;
xzf->read_out_len -= copylen;
}
if (err) *err = xzf->err;
return nread;
}
/* cfile is a uniform interface to read from maybe-compressed files. */
typedef struct {
FILE *f; /* method = 1, 2 */
union {
BZFILE *bz2; /* method = 2 */
gzFile gz; /* method = 3 */
xzfile *xz; /* method = 4 */
} u;
const char *tag;
unsigned char method;
} cfile;
/* Opens a file at path, seeks to offset off, and prepares for reading using
* the specified method. Supported methods are plain uncompressed (1), bzip2
* (2), gzip (3), and xz/lzma2 (4). tag is used as an identifier for error
* reporting. */
static void cfopen(cfile *cf, const char *path, off_t off,
const char *tag, unsigned char method)
{
int fd;
int bz2_err, gz_err;
lzma_ret lzma_err;
if (method == 1 || method == 2 || method == 4) {
/* Use stdio for uncompressed files. The bzip interface also
* sits on top of a stdio FILE* but does not take "ownership"
* of the FILE*. The xz/lzma2 interface sits on top of a FILE*
* and does take ownership of the FILE*. */
if ((cf->f = fopen(path, "rb")) == NULL)
err(1, "fdopen(%s)", tag);
if ((fseeko(cf->f, off, SEEK_SET)) != 0)
err(1, "fseeko(%s, %lld)", tag, off);
if (method == 2) {
if ((cf->u.bz2 = BZ2_bzReadOpen(&bz2_err, cf->f, 0, 0,
NULL, 0)) == NULL)
errx(1, "BZ2_bzReadOpen(%s): %d", tag, bz2_err);
} else if (method == 4) {
if ((cf->u.xz = xzdopen(cf->f, &lzma_err)) == NULL)
errx(1, "xzdopen(%s): %d", tag, lzma_err);
/* cf->f belongs to the xzfile now, don't access it
* from here. */
cf->f = NULL;
}
} else if (method == 3) {
if ((fd = open(path, O_RDONLY)) < 0)
err(1, "open(%s)", tag);
if (lseek(fd, off, SEEK_SET) != off)
err(1, "lseek(%s, %lld)", tag, off);
if ((cf->u.gz = gzdopen(fd, "rb")) == NULL)
errx(1, "gzdopen(%s)", tag);
} else {
errx(1, "cfopen(%s): unknown method %d", tag, method);
}
cf->tag = tag;
cf->method = method;
}
static void cfclose(cfile *cf)
{
int bz2_err, gz_err;
lzma_ret lzma_err;
if (cf->method == 1 || cf->method == 2) {
if (cf->method == 2) {
bz2_err = BZ_OK;
BZ2_bzReadClose(&bz2_err, cf->u.bz2);
if (bz2_err != BZ_OK)
errx(1, "BZ2_bzReadClose(%s): %d\n",
cf->tag, bz2_err);
}
if (fclose(cf->f) != 0)
err(1, "fclose(%s)", cf->tag);
} else if (cf->method == 3) {
if ((gz_err = gzclose(cf->u.gz)) != Z_OK)
errx(1, "gzclose(%s): %d", cf->tag, gz_err);
} else if (cf->method == 4) {
if ((lzma_err = xzclose(cf->u.xz)) != LZMA_OK)
errx(1, "xzclose(%s): %d", cf->tag, lzma_err);
} else {
errx(1, "cfclose(%s): unknown method %d", cf->tag, cf->method);
}
}
static void cfread(cfile *cf, u_char *buf, size_t len)
{
size_t nread;
int bz2_err, gz_err;
lzma_ret lzma_err;
if (cf->method == 1) {
if ((nread = fread(buf, 1, len, cf->f)) != len) {
if (!ferror(cf->f))
errx(1, "fread(%s, %zd): short read %zd",
cf->tag, len, nread);
err(1, "fread(%s, %zd)", cf->tag, len);
}
} else if (cf->method == 2) {
bz2_err = BZ_OK;
if ((nread = BZ2_bzRead(&bz2_err, cf->u.bz2, buf, len)) !=
len) {
if (bz2_err == BZ_OK)
errx(1, "BZ2_bzRead(%s, %zd): short read %zd",
cf->tag, len, nread);
errx(1, "BZ2_bzRead(%s, %zd): %d",
cf->tag, len, bz2_err);
}
} else if (cf->method == 3) {
if ((nread = gzread(cf->u.gz, buf, len)) != len) {
gz_err = Z_OK;
gzerror(cf->u.gz, &gz_err);
if (gz_err == Z_OK)
errx(1, "gzread(%s, %zd): short read %zd",
cf->tag, len, nread);
errx(1, "gzread(%s, %zd): %d", cf->tag, len, gz_err);
}
} else if (cf->method == 4) {
if ((nread = xzread(cf->u.xz, buf, len, &lzma_err)) != len) {
if (lzma_err == LZMA_OK)
errx(1, "xzread(%s, %zd): short read %zd",
cf->tag, len, nread);
errx(1, "xzread(%s, %zd): %d", cf->tag, len, lzma_err);
}
} else {
errx(1, "cfread(%s, %zd): unknown method %d",
cf->tag, len, cf->method);
}
}
int main(int argc,char * argv[])
{
FILE * f;
cfile cf, df, ef;
int fd;
off_t expect_oldsize, oldsize, newsize, patchsize;
off_t zctrllen, zdatalen, zextralen;
u_char header[96], buf[8];
u_char *old, *new;
off_t oldpos,newpos;
off_t ctrl[3];
off_t i;
u_char sha1[CC_SHA1_DIGEST_LENGTH];
char sha1str[CC_SHA1_DIGEST_LENGTH * 2 + 1];
char expected_sha1str[CC_SHA1_DIGEST_LENGTH * 2 + 1];
if(argc!=4) errx(1,"usage: %s oldfile newfile patchfile",argv[0]);
/* Open patch file */
if ((f = fopen(argv[3], "rb")) == NULL)
err(1, "fopen(%s)", argv[3]);
/*
File format:
0 8 "BSDIFF4G"
8 8 length of compressed control block (x)
16 8 length of compressed diff block (y)
24 8 length of compressed extra block (z)
32 8 length of old file
40 8 length of new file
48 20 SHA1 of old file
68 20 SHA1 of new file
88 1 encoding of control block
89 1 encoding of diff block
90 1 encoding of extra block
91 5 unused
96 x compressed control block
96+x y compressed diff block
96+x+y z compressed extra block
Encodings are 1 (uncompressed), 2 (bzip2), 3 (gzip), and 4 (xz/lzma2).
The control block is a set of triples (x,y,z) meaning "add x bytes
from oldfile to x bytes from the diff block; copy y bytes from the
extra block; seek forwards in oldfile by z bytes".
*/
/* Read header */
if (fread(header, 1, sizeof(header), f) < sizeof(header)) {
if (feof(f))
errx(1, "corrupt patch (header size)");
err(1, "fread(%s)", argv[3]);
}
/* Check for appropriate magic */
if (memcmp(header, "BSDIFF4G", 8) != 0)
errx(1, "corrupt patch (magic)");
/* Read lengths from header */
zctrllen = offtin(header + 8);
zdatalen = offtin(header + 16);
zextralen = offtin(header + 24);
expect_oldsize = offtin(header + 32);
newsize = offtin(header + 40);
if (zctrllen < 0 || zdatalen < 0 || zextralen < 0)
errx(1, "corrupt patch (stream sizes)");
if (expect_oldsize < 0 || newsize < 0)
errx(1, "corrupt patch (file sizes)");
if (fseeko(f, 0, SEEK_END) != 0 || (patchsize = ftello(f)) < 0)
err(1, "fseeko/ftello(%s)", argv[3]);
if (patchsize != sizeof(header) + zctrllen + zdatalen + zextralen)
errx(1, "corrupt patch (patch size)");
cfopen(&cf, argv[3], sizeof(header), "control", header[88]);
cfopen(&df, argv[3], sizeof(header) + zctrllen, "diff", header[89]);
cfopen(&ef, argv[3], sizeof(header) + zctrllen + zdatalen, "extra",
header[90]);
if (fclose(f))
err(1, "fclose(%s)", argv[3]);
if(((fd=open(argv[1],O_RDONLY,0))<0) ||
((oldsize=lseek(fd,0,SEEK_END))==-1) ||
((old=malloc(oldsize+1))==NULL) ||
(lseek(fd,0,SEEK_SET)!=0) ||
(read(fd,old,oldsize)!=oldsize) ||
(close(fd)==-1)) err(1,"%s",argv[1]);
if (expect_oldsize != oldsize)
errx(1, "old size mismatch: %lld != %lld",
oldsize, expect_oldsize);
CC_SHA1(old, oldsize, sha1);
if (memcmp(sha1, header + 48, sizeof(sha1)) != 0) {
sha1tostr(sha1, sha1str);
sha1tostr(header + 48, expected_sha1str);
errx(1, "old hash mismatch: %s != %s",
sha1str, expected_sha1str);
}
if((new=malloc(newsize+1))==NULL) err(1,NULL);
oldpos=0;newpos=0;
while(newpos<newsize) {
/* Read control data */
for(i=0;i<=2;i++) {
cfread(&cf, buf, 8);
ctrl[i]=offtin(buf);
};
/* Sanity-check */
if((ctrl[0]<0) || (ctrl[1]<0))
errx(1,"corrupt patch (diff): negative chunk size");
/* Sanity-check */
if(newpos+ctrl[0]>newsize)
errx(1,"corrupt patch (diff): overrun");
/* Read diff string */
cfread(&df, new + newpos, ctrl[0]);
/* Add old data to diff string */
for(i=0;i<ctrl[0];i++)
if((oldpos+i>=0) && (oldpos+i<oldsize))
new[newpos+i]+=old[oldpos+i];
/* Adjust pointers */
newpos+=ctrl[0];
oldpos+=ctrl[0];
/* Sanity-check */
if(newpos+ctrl[1]>newsize)
errx(1,"corrupt patch (extra): overrun");
/* Read extra string */
cfread(&ef, new + newpos, ctrl[1]);
/* Adjust pointers */
newpos+=ctrl[1];
oldpos+=ctrl[2];
};
/* Clean up the readers */
cfclose(&cf);
cfclose(&df);
cfclose(&ef);
CC_SHA1(new, newsize, sha1);
if (memcmp(sha1, header + 68, sizeof(sha1)) != 0) {
sha1tostr(sha1, sha1str);
sha1tostr(header + 68, expected_sha1str);
errx(1, "new hash mismatch: %s != %s",
sha1str, expected_sha1str);
}
/* Write the new file */
if(((fd=open(argv[2],O_CREAT|O_TRUNC|O_WRONLY,0644))<0) ||
(write(fd,new,newsize)!=newsize) || (close(fd)==-1))
err(1,"open/write/close(%s)",argv[2]);
free(new);
free(old);
return 0;
}