1
2
3
4
5
6
7
8
9
10
11
12#include <linux/zutil.h>
13#include "inftrees.h"
14#include "inflate.h"
15#include "inffast.h"
16#include "infutil.h"
17
18
19#ifdef CONFIG_ZLIB_DFLTCC
20# include "../zlib_dfltcc/dfltcc.h"
21#else
22#define INFLATE_RESET_HOOK(strm) do {} while (0)
23#define INFLATE_TYPEDO_HOOK(strm, flush) do {} while (0)
24#define INFLATE_NEED_UPDATEWINDOW(strm) 1
25#define INFLATE_NEED_CHECKSUM(strm) 1
26#endif
27
28int zlib_inflate_workspacesize(void)
29{
30 return sizeof(struct inflate_workspace);
31}
32
33int zlib_inflateReset(z_streamp strm)
34{
35 struct inflate_state *state;
36
37 if (strm == NULL || strm->state == NULL) return Z_STREAM_ERROR;
38 state = (struct inflate_state *)strm->state;
39 strm->total_in = strm->total_out = state->total = 0;
40 strm->msg = NULL;
41 strm->adler = 1;
42 state->mode = HEAD;
43 state->last = 0;
44 state->havedict = 0;
45 state->dmax = 32768U;
46 state->hold = 0;
47 state->bits = 0;
48 state->lencode = state->distcode = state->next = state->codes;
49
50
51 state->wsize = 1U << state->wbits;
52 state->write = 0;
53 state->whave = 0;
54
55 INFLATE_RESET_HOOK(strm);
56 return Z_OK;
57}
58
59int zlib_inflateInit2(z_streamp strm, int windowBits)
60{
61 struct inflate_state *state;
62
63 if (strm == NULL) return Z_STREAM_ERROR;
64 strm->msg = NULL;
65
66 state = &WS(strm)->inflate_state;
67 strm->state = (struct internal_state *)state;
68
69 if (windowBits < 0) {
70 state->wrap = 0;
71 windowBits = -windowBits;
72 }
73 else {
74 state->wrap = (windowBits >> 4) + 1;
75 }
76 if (windowBits < 8 || windowBits > 15) {
77 return Z_STREAM_ERROR;
78 }
79 state->wbits = (unsigned)windowBits;
80#ifdef CONFIG_ZLIB_DFLTCC
81
82
83
84
85 state->window = PTR_ALIGN(&WS(strm)->working_window[0], PAGE_SIZE);
86#else
87 state->window = &WS(strm)->working_window[0];
88#endif
89
90 return zlib_inflateReset(strm);
91}
92
93
94
95
96
97static void zlib_fixedtables(struct inflate_state *state)
98{
99# include "inffixed.h"
100 state->lencode = lenfix;
101 state->lenbits = 9;
102 state->distcode = distfix;
103 state->distbits = 5;
104}
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120static void zlib_updatewindow(z_streamp strm, unsigned out)
121{
122 struct inflate_state *state;
123 unsigned copy, dist;
124
125 state = (struct inflate_state *)strm->state;
126
127
128 copy = out - strm->avail_out;
129 if (copy >= state->wsize) {
130 memcpy(state->window, strm->next_out - state->wsize, state->wsize);
131 state->write = 0;
132 state->whave = state->wsize;
133 }
134 else {
135 dist = state->wsize - state->write;
136 if (dist > copy) dist = copy;
137 memcpy(state->window + state->write, strm->next_out - copy, dist);
138 copy -= dist;
139 if (copy) {
140 memcpy(state->window, strm->next_out - copy, copy);
141 state->write = copy;
142 state->whave = state->wsize;
143 }
144 else {
145 state->write += dist;
146 if (state->write == state->wsize) state->write = 0;
147 if (state->whave < state->wsize) state->whave += dist;
148 }
149 }
150}
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165static int zlib_inflateSyncPacket(z_streamp strm)
166{
167 struct inflate_state *state;
168
169 if (strm == NULL || strm->state == NULL) return Z_STREAM_ERROR;
170 state = (struct inflate_state *)strm->state;
171
172 if (state->mode == STORED && state->bits == 0) {
173 state->mode = TYPE;
174 return Z_OK;
175 }
176 return Z_DATA_ERROR;
177}
178
179
180
181
182#define UPDATE(check, buf, len) zlib_adler32(check, buf, len)
183
184
185#define LOAD() \
186 do { \
187 put = strm->next_out; \
188 left = strm->avail_out; \
189 next = strm->next_in; \
190 have = strm->avail_in; \
191 hold = state->hold; \
192 bits = state->bits; \
193 } while (0)
194
195
196#define RESTORE() \
197 do { \
198 strm->next_out = put; \
199 strm->avail_out = left; \
200 strm->next_in = next; \
201 strm->avail_in = have; \
202 state->hold = hold; \
203 state->bits = bits; \
204 } while (0)
205
206
207#define INITBITS() \
208 do { \
209 hold = 0; \
210 bits = 0; \
211 } while (0)
212
213
214
215#define PULLBYTE() \
216 do { \
217 if (have == 0) goto inf_leave; \
218 have--; \
219 hold += (unsigned long)(*next++) << bits; \
220 bits += 8; \
221 } while (0)
222
223
224
225#define NEEDBITS(n) \
226 do { \
227 while (bits < (unsigned)(n)) \
228 PULLBYTE(); \
229 } while (0)
230
231
232#define BITS(n) \
233 ((unsigned)hold & ((1U << (n)) - 1))
234
235
236#define DROPBITS(n) \
237 do { \
238 hold >>= (n); \
239 bits -= (unsigned)(n); \
240 } while (0)
241
242
243#define BYTEBITS() \
244 do { \
245 hold >>= bits & 7; \
246 bits -= bits & 7; \
247 } while (0)
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331int zlib_inflate(z_streamp strm, int flush)
332{
333 struct inflate_state *state;
334 const unsigned char *next;
335 unsigned char *put;
336 unsigned have, left;
337 unsigned long hold;
338 unsigned bits;
339 unsigned in, out;
340 unsigned copy;
341 unsigned char *from;
342 code this;
343 code last;
344 unsigned len;
345 int ret;
346 static const unsigned short order[19] =
347 {16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
348
349
350
351
352 if (strm == NULL || strm->state == NULL ||
353 (strm->next_in == NULL && strm->avail_in != 0))
354 return Z_STREAM_ERROR;
355
356 state = (struct inflate_state *)strm->state;
357
358 if (state->mode == TYPE) state->mode = TYPEDO;
359 LOAD();
360 in = have;
361 out = left;
362 ret = Z_OK;
363 for (;;)
364 switch (state->mode) {
365 case HEAD:
366 if (state->wrap == 0) {
367 state->mode = TYPEDO;
368 break;
369 }
370 NEEDBITS(16);
371 if (
372 ((BITS(8) << 8) + (hold >> 8)) % 31) {
373 strm->msg = (char *)"incorrect header check";
374 state->mode = BAD;
375 break;
376 }
377 if (BITS(4) != Z_DEFLATED) {
378 strm->msg = (char *)"unknown compression method";
379 state->mode = BAD;
380 break;
381 }
382 DROPBITS(4);
383 len = BITS(4) + 8;
384 if (len > state->wbits) {
385 strm->msg = (char *)"invalid window size";
386 state->mode = BAD;
387 break;
388 }
389 state->dmax = 1U << len;
390 strm->adler = state->check = zlib_adler32(0L, NULL, 0);
391 state->mode = hold & 0x200 ? DICTID : TYPE;
392 INITBITS();
393 break;
394 case DICTID:
395 NEEDBITS(32);
396 strm->adler = state->check = REVERSE(hold);
397 INITBITS();
398 state->mode = DICT;
399 fallthrough;
400 case DICT:
401 if (state->havedict == 0) {
402 RESTORE();
403 return Z_NEED_DICT;
404 }
405 strm->adler = state->check = zlib_adler32(0L, NULL, 0);
406 state->mode = TYPE;
407 fallthrough;
408 case TYPE:
409 if (flush == Z_BLOCK) goto inf_leave;
410 fallthrough;
411 case TYPEDO:
412 INFLATE_TYPEDO_HOOK(strm, flush);
413 if (state->last) {
414 BYTEBITS();
415 state->mode = CHECK;
416 break;
417 }
418 NEEDBITS(3);
419 state->last = BITS(1);
420 DROPBITS(1);
421 switch (BITS(2)) {
422 case 0:
423 state->mode = STORED;
424 break;
425 case 1:
426 zlib_fixedtables(state);
427 state->mode = LEN;
428 break;
429 case 2:
430 state->mode = TABLE;
431 break;
432 case 3:
433 strm->msg = (char *)"invalid block type";
434 state->mode = BAD;
435 }
436 DROPBITS(2);
437 break;
438 case STORED:
439 BYTEBITS();
440 NEEDBITS(32);
441 if ((hold & 0xffff) != ((hold >> 16) ^ 0xffff)) {
442 strm->msg = (char *)"invalid stored block lengths";
443 state->mode = BAD;
444 break;
445 }
446 state->length = (unsigned)hold & 0xffff;
447 INITBITS();
448 state->mode = COPY;
449 fallthrough;
450 case COPY:
451 copy = state->length;
452 if (copy) {
453 if (copy > have) copy = have;
454 if (copy > left) copy = left;
455 if (copy == 0) goto inf_leave;
456 memcpy(put, next, copy);
457 have -= copy;
458 next += copy;
459 left -= copy;
460 put += copy;
461 state->length -= copy;
462 break;
463 }
464 state->mode = TYPE;
465 break;
466 case TABLE:
467 NEEDBITS(14);
468 state->nlen = BITS(5) + 257;
469 DROPBITS(5);
470 state->ndist = BITS(5) + 1;
471 DROPBITS(5);
472 state->ncode = BITS(4) + 4;
473 DROPBITS(4);
474#ifndef PKZIP_BUG_WORKAROUND
475 if (state->nlen > 286 || state->ndist > 30) {
476 strm->msg = (char *)"too many length or distance symbols";
477 state->mode = BAD;
478 break;
479 }
480#endif
481 state->have = 0;
482 state->mode = LENLENS;
483 fallthrough;
484 case LENLENS:
485 while (state->have < state->ncode) {
486 NEEDBITS(3);
487 state->lens[order[state->have++]] = (unsigned short)BITS(3);
488 DROPBITS(3);
489 }
490 while (state->have < 19)
491 state->lens[order[state->have++]] = 0;
492 state->next = state->codes;
493 state->lencode = (code const *)(state->next);
494 state->lenbits = 7;
495 ret = zlib_inflate_table(CODES, state->lens, 19, &(state->next),
496 &(state->lenbits), state->work);
497 if (ret) {
498 strm->msg = (char *)"invalid code lengths set";
499 state->mode = BAD;
500 break;
501 }
502 state->have = 0;
503 state->mode = CODELENS;
504 fallthrough;
505 case CODELENS:
506 while (state->have < state->nlen + state->ndist) {
507 for (;;) {
508 this = state->lencode[BITS(state->lenbits)];
509 if ((unsigned)(this.bits) <= bits) break;
510 PULLBYTE();
511 }
512 if (this.val < 16) {
513 NEEDBITS(this.bits);
514 DROPBITS(this.bits);
515 state->lens[state->have++] = this.val;
516 }
517 else {
518 if (this.val == 16) {
519 NEEDBITS(this.bits + 2);
520 DROPBITS(this.bits);
521 if (state->have == 0) {
522 strm->msg = (char *)"invalid bit length repeat";
523 state->mode = BAD;
524 break;
525 }
526 len = state->lens[state->have - 1];
527 copy = 3 + BITS(2);
528 DROPBITS(2);
529 }
530 else if (this.val == 17) {
531 NEEDBITS(this.bits + 3);
532 DROPBITS(this.bits);
533 len = 0;
534 copy = 3 + BITS(3);
535 DROPBITS(3);
536 }
537 else {
538 NEEDBITS(this.bits + 7);
539 DROPBITS(this.bits);
540 len = 0;
541 copy = 11 + BITS(7);
542 DROPBITS(7);
543 }
544 if (state->have + copy > state->nlen + state->ndist) {
545 strm->msg = (char *)"invalid bit length repeat";
546 state->mode = BAD;
547 break;
548 }
549 while (copy--)
550 state->lens[state->have++] = (unsigned short)len;
551 }
552 }
553
554
555 if (state->mode == BAD) break;
556
557
558 state->next = state->codes;
559 state->lencode = (code const *)(state->next);
560 state->lenbits = 9;
561 ret = zlib_inflate_table(LENS, state->lens, state->nlen, &(state->next),
562 &(state->lenbits), state->work);
563 if (ret) {
564 strm->msg = (char *)"invalid literal/lengths set";
565 state->mode = BAD;
566 break;
567 }
568 state->distcode = (code const *)(state->next);
569 state->distbits = 6;
570 ret = zlib_inflate_table(DISTS, state->lens + state->nlen, state->ndist,
571 &(state->next), &(state->distbits), state->work);
572 if (ret) {
573 strm->msg = (char *)"invalid distances set";
574 state->mode = BAD;
575 break;
576 }
577 state->mode = LEN;
578 fallthrough;
579 case LEN:
580 if (have >= 6 && left >= 258) {
581 RESTORE();
582 inflate_fast(strm, out);
583 LOAD();
584 break;
585 }
586 for (;;) {
587 this = state->lencode[BITS(state->lenbits)];
588 if ((unsigned)(this.bits) <= bits) break;
589 PULLBYTE();
590 }
591 if (this.op && (this.op & 0xf0) == 0) {
592 last = this;
593 for (;;) {
594 this = state->lencode[last.val +
595 (BITS(last.bits + last.op) >> last.bits)];
596 if ((unsigned)(last.bits + this.bits) <= bits) break;
597 PULLBYTE();
598 }
599 DROPBITS(last.bits);
600 }
601 DROPBITS(this.bits);
602 state->length = (unsigned)this.val;
603 if ((int)(this.op) == 0) {
604 state->mode = LIT;
605 break;
606 }
607 if (this.op & 32) {
608 state->mode = TYPE;
609 break;
610 }
611 if (this.op & 64) {
612 strm->msg = (char *)"invalid literal/length code";
613 state->mode = BAD;
614 break;
615 }
616 state->extra = (unsigned)(this.op) & 15;
617 state->mode = LENEXT;
618 fallthrough;
619 case LENEXT:
620 if (state->extra) {
621 NEEDBITS(state->extra);
622 state->length += BITS(state->extra);
623 DROPBITS(state->extra);
624 }
625 state->mode = DIST;
626 fallthrough;
627 case DIST:
628 for (;;) {
629 this = state->distcode[BITS(state->distbits)];
630 if ((unsigned)(this.bits) <= bits) break;
631 PULLBYTE();
632 }
633 if ((this.op & 0xf0) == 0) {
634 last = this;
635 for (;;) {
636 this = state->distcode[last.val +
637 (BITS(last.bits + last.op) >> last.bits)];
638 if ((unsigned)(last.bits + this.bits) <= bits) break;
639 PULLBYTE();
640 }
641 DROPBITS(last.bits);
642 }
643 DROPBITS(this.bits);
644 if (this.op & 64) {
645 strm->msg = (char *)"invalid distance code";
646 state->mode = BAD;
647 break;
648 }
649 state->offset = (unsigned)this.val;
650 state->extra = (unsigned)(this.op) & 15;
651 state->mode = DISTEXT;
652 fallthrough;
653 case DISTEXT:
654 if (state->extra) {
655 NEEDBITS(state->extra);
656 state->offset += BITS(state->extra);
657 DROPBITS(state->extra);
658 }
659#ifdef INFLATE_STRICT
660 if (state->offset > state->dmax) {
661 strm->msg = (char *)"invalid distance too far back";
662 state->mode = BAD;
663 break;
664 }
665#endif
666 if (state->offset > state->whave + out - left) {
667 strm->msg = (char *)"invalid distance too far back";
668 state->mode = BAD;
669 break;
670 }
671 state->mode = MATCH;
672 fallthrough;
673 case MATCH:
674 if (left == 0) goto inf_leave;
675 copy = out - left;
676 if (state->offset > copy) {
677 copy = state->offset - copy;
678 if (copy > state->write) {
679 copy -= state->write;
680 from = state->window + (state->wsize - copy);
681 }
682 else
683 from = state->window + (state->write - copy);
684 if (copy > state->length) copy = state->length;
685 }
686 else {
687 from = put - state->offset;
688 copy = state->length;
689 }
690 if (copy > left) copy = left;
691 left -= copy;
692 state->length -= copy;
693 do {
694 *put++ = *from++;
695 } while (--copy);
696 if (state->length == 0) state->mode = LEN;
697 break;
698 case LIT:
699 if (left == 0) goto inf_leave;
700 *put++ = (unsigned char)(state->length);
701 left--;
702 state->mode = LEN;
703 break;
704 case CHECK:
705 if (state->wrap) {
706 NEEDBITS(32);
707 out -= left;
708 strm->total_out += out;
709 state->total += out;
710 if (INFLATE_NEED_CHECKSUM(strm) && out)
711 strm->adler = state->check =
712 UPDATE(state->check, put - out, out);
713 out = left;
714 if ((
715 REVERSE(hold)) != state->check) {
716 strm->msg = (char *)"incorrect data check";
717 state->mode = BAD;
718 break;
719 }
720 INITBITS();
721 }
722 state->mode = DONE;
723 fallthrough;
724 case DONE:
725 ret = Z_STREAM_END;
726 goto inf_leave;
727 case BAD:
728 ret = Z_DATA_ERROR;
729 goto inf_leave;
730 case MEM:
731 return Z_MEM_ERROR;
732 case SYNC:
733 default:
734 return Z_STREAM_ERROR;
735 }
736
737
738
739
740
741
742 inf_leave:
743 RESTORE();
744 if (INFLATE_NEED_UPDATEWINDOW(strm) &&
745 (state->wsize || (state->mode < CHECK && out != strm->avail_out)))
746 zlib_updatewindow(strm, out);
747
748 in -= strm->avail_in;
749 out -= strm->avail_out;
750 strm->total_in += in;
751 strm->total_out += out;
752 state->total += out;
753 if (INFLATE_NEED_CHECKSUM(strm) && state->wrap && out)
754 strm->adler = state->check =
755 UPDATE(state->check, strm->next_out - out, out);
756
757 strm->data_type = state->bits + (state->last ? 64 : 0) +
758 (state->mode == TYPE ? 128 : 0);
759
760 if (flush == Z_PACKET_FLUSH && ret == Z_OK &&
761 strm->avail_out != 0 && strm->avail_in == 0)
762 return zlib_inflateSyncPacket(strm);
763
764 if (((in == 0 && out == 0) || flush == Z_FINISH) && ret == Z_OK)
765 ret = Z_BUF_ERROR;
766
767 return ret;
768}
769
770int zlib_inflateEnd(z_streamp strm)
771{
772 if (strm == NULL || strm->state == NULL)
773 return Z_STREAM_ERROR;
774 return Z_OK;
775}
776
777
778
779
780
781
782
783
784
785int zlib_inflateIncomp(z_stream *z)
786{
787 struct inflate_state *state = (struct inflate_state *)z->state;
788 Byte *saved_no = z->next_out;
789 uInt saved_ao = z->avail_out;
790
791 if (state->mode != TYPE && state->mode != HEAD)
792 return Z_DATA_ERROR;
793
794
795 z->avail_out = 0;
796 z->next_out = (unsigned char*)z->next_in + z->avail_in;
797
798 zlib_updatewindow(z, z->avail_in);
799
800
801 z->avail_out = saved_ao;
802 z->next_out = saved_no;
803
804 z->adler = state->check =
805 UPDATE(state->check, z->next_in, z->avail_in);
806
807 z->total_out += z->avail_in;
808 z->total_in += z->avail_in;
809 z->next_in += z->avail_in;
810 state->total += z->avail_in;
811 z->avail_in = 0;
812
813 return Z_OK;
814}
815