pack-bitmap: fix header size check
[git] / archive-zip.c
1 /*
2  * Copyright (c) 2006 Rene Scharfe
3  */
4 #include "cache.h"
5 #include "config.h"
6 #include "archive.h"
7 #include "streaming.h"
8 #include "utf8.h"
9 #include "object-store.h"
10 #include "userdiff.h"
11 #include "xdiff-interface.h"
12
13 static int zip_date;
14 static int zip_time;
15
16 /* We only care about the "buf" part here. */
17 static struct strbuf zip_dir;
18
19 static uintmax_t zip_offset;
20 static uint64_t zip_dir_entries;
21
22 static unsigned int max_creator_version;
23
24 #define ZIP_STREAM      (1 <<  3)
25 #define ZIP_UTF8        (1 << 11)
26
27 enum zip_method {
28         ZIP_METHOD_STORE = 0,
29         ZIP_METHOD_DEFLATE = 8
30 };
31
32 struct zip_local_header {
33         unsigned char magic[4];
34         unsigned char version[2];
35         unsigned char flags[2];
36         unsigned char compression_method[2];
37         unsigned char mtime[2];
38         unsigned char mdate[2];
39         unsigned char crc32[4];
40         unsigned char compressed_size[4];
41         unsigned char size[4];
42         unsigned char filename_length[2];
43         unsigned char extra_length[2];
44         unsigned char _end[1];
45 };
46
47 struct zip_data_desc {
48         unsigned char magic[4];
49         unsigned char crc32[4];
50         unsigned char compressed_size[4];
51         unsigned char size[4];
52         unsigned char _end[1];
53 };
54
55 struct zip64_data_desc {
56         unsigned char magic[4];
57         unsigned char crc32[4];
58         unsigned char compressed_size[8];
59         unsigned char size[8];
60         unsigned char _end[1];
61 };
62
63 struct zip_dir_trailer {
64         unsigned char magic[4];
65         unsigned char disk[2];
66         unsigned char directory_start_disk[2];
67         unsigned char entries_on_this_disk[2];
68         unsigned char entries[2];
69         unsigned char size[4];
70         unsigned char offset[4];
71         unsigned char comment_length[2];
72         unsigned char _end[1];
73 };
74
75 struct zip_extra_mtime {
76         unsigned char magic[2];
77         unsigned char extra_size[2];
78         unsigned char flags[1];
79         unsigned char mtime[4];
80         unsigned char _end[1];
81 };
82
83 struct zip64_extra {
84         unsigned char magic[2];
85         unsigned char extra_size[2];
86         unsigned char size[8];
87         unsigned char compressed_size[8];
88         unsigned char _end[1];
89 };
90
91 struct zip64_dir_trailer {
92         unsigned char magic[4];
93         unsigned char record_size[8];
94         unsigned char creator_version[2];
95         unsigned char version[2];
96         unsigned char disk[4];
97         unsigned char directory_start_disk[4];
98         unsigned char entries_on_this_disk[8];
99         unsigned char entries[8];
100         unsigned char size[8];
101         unsigned char offset[8];
102         unsigned char _end[1];
103 };
104
105 struct zip64_dir_trailer_locator {
106         unsigned char magic[4];
107         unsigned char disk[4];
108         unsigned char offset[8];
109         unsigned char number_of_disks[4];
110         unsigned char _end[1];
111 };
112
113 /*
114  * On ARM, padding is added at the end of the struct, so a simple
115  * sizeof(struct ...) reports two bytes more than the payload size
116  * we're interested in.
117  */
118 #define ZIP_LOCAL_HEADER_SIZE   offsetof(struct zip_local_header, _end)
119 #define ZIP_DATA_DESC_SIZE      offsetof(struct zip_data_desc, _end)
120 #define ZIP64_DATA_DESC_SIZE    offsetof(struct zip64_data_desc, _end)
121 #define ZIP_DIR_HEADER_SIZE     offsetof(struct zip_dir_header, _end)
122 #define ZIP_DIR_TRAILER_SIZE    offsetof(struct zip_dir_trailer, _end)
123 #define ZIP_EXTRA_MTIME_SIZE    offsetof(struct zip_extra_mtime, _end)
124 #define ZIP_EXTRA_MTIME_PAYLOAD_SIZE \
125         (ZIP_EXTRA_MTIME_SIZE - offsetof(struct zip_extra_mtime, flags))
126 #define ZIP64_EXTRA_SIZE        offsetof(struct zip64_extra, _end)
127 #define ZIP64_EXTRA_PAYLOAD_SIZE \
128         (ZIP64_EXTRA_SIZE - offsetof(struct zip64_extra, size))
129 #define ZIP64_DIR_TRAILER_SIZE  offsetof(struct zip64_dir_trailer, _end)
130 #define ZIP64_DIR_TRAILER_RECORD_SIZE \
131         (ZIP64_DIR_TRAILER_SIZE - \
132          offsetof(struct zip64_dir_trailer, creator_version))
133 #define ZIP64_DIR_TRAILER_LOCATOR_SIZE \
134         offsetof(struct zip64_dir_trailer_locator, _end)
135
136 static void copy_le16(unsigned char *dest, unsigned int n)
137 {
138         dest[0] = 0xff & n;
139         dest[1] = 0xff & (n >> 010);
140 }
141
142 static void copy_le32(unsigned char *dest, unsigned int n)
143 {
144         dest[0] = 0xff & n;
145         dest[1] = 0xff & (n >> 010);
146         dest[2] = 0xff & (n >> 020);
147         dest[3] = 0xff & (n >> 030);
148 }
149
150 static void copy_le64(unsigned char *dest, uint64_t n)
151 {
152         dest[0] = 0xff & n;
153         dest[1] = 0xff & (n >> 010);
154         dest[2] = 0xff & (n >> 020);
155         dest[3] = 0xff & (n >> 030);
156         dest[4] = 0xff & (n >> 040);
157         dest[5] = 0xff & (n >> 050);
158         dest[6] = 0xff & (n >> 060);
159         dest[7] = 0xff & (n >> 070);
160 }
161
162 static uint64_t clamp_max(uint64_t n, uint64_t max, int *clamped)
163 {
164         if (n <= max)
165                 return n;
166         *clamped = 1;
167         return max;
168 }
169
170 static void copy_le16_clamp(unsigned char *dest, uint64_t n, int *clamped)
171 {
172         copy_le16(dest, clamp_max(n, 0xffff, clamped));
173 }
174
175 static void copy_le32_clamp(unsigned char *dest, uint64_t n, int *clamped)
176 {
177         copy_le32(dest, clamp_max(n, 0xffffffff, clamped));
178 }
179
180 static int strbuf_add_le(struct strbuf *sb, size_t size, uintmax_t n)
181 {
182         while (size-- > 0) {
183                 strbuf_addch(sb, n & 0xff);
184                 n >>= 8;
185         }
186         return -!!n;
187 }
188
189 static uint32_t clamp32(uintmax_t n)
190 {
191         const uintmax_t max = 0xffffffff;
192         return (n < max) ? n : max;
193 }
194
195 static void *zlib_deflate_raw(void *data, unsigned long size,
196                               int compression_level,
197                               unsigned long *compressed_size)
198 {
199         git_zstream stream;
200         unsigned long maxsize;
201         void *buffer;
202         int result;
203
204         git_deflate_init_raw(&stream, compression_level);
205         maxsize = git_deflate_bound(&stream, size);
206         buffer = xmalloc(maxsize);
207
208         stream.next_in = data;
209         stream.avail_in = size;
210         stream.next_out = buffer;
211         stream.avail_out = maxsize;
212
213         do {
214                 result = git_deflate(&stream, Z_FINISH);
215         } while (result == Z_OK);
216
217         if (result != Z_STREAM_END) {
218                 free(buffer);
219                 return NULL;
220         }
221
222         git_deflate_end(&stream);
223         *compressed_size = stream.total_out;
224
225         return buffer;
226 }
227
228 static void write_zip_data_desc(unsigned long size,
229                                 unsigned long compressed_size,
230                                 unsigned long crc)
231 {
232         if (size >= 0xffffffff || compressed_size >= 0xffffffff) {
233                 struct zip64_data_desc trailer;
234                 copy_le32(trailer.magic, 0x08074b50);
235                 copy_le32(trailer.crc32, crc);
236                 copy_le64(trailer.compressed_size, compressed_size);
237                 copy_le64(trailer.size, size);
238                 write_or_die(1, &trailer, ZIP64_DATA_DESC_SIZE);
239                 zip_offset += ZIP64_DATA_DESC_SIZE;
240         } else {
241                 struct zip_data_desc trailer;
242                 copy_le32(trailer.magic, 0x08074b50);
243                 copy_le32(trailer.crc32, crc);
244                 copy_le32(trailer.compressed_size, compressed_size);
245                 copy_le32(trailer.size, size);
246                 write_or_die(1, &trailer, ZIP_DATA_DESC_SIZE);
247                 zip_offset += ZIP_DATA_DESC_SIZE;
248         }
249 }
250
251 static void set_zip_header_data_desc(struct zip_local_header *header,
252                                      unsigned long size,
253                                      unsigned long compressed_size,
254                                      unsigned long crc)
255 {
256         copy_le32(header->crc32, crc);
257         copy_le32(header->compressed_size, compressed_size);
258         copy_le32(header->size, size);
259 }
260
261 static int has_only_ascii(const char *s)
262 {
263         for (;;) {
264                 int c = *s++;
265                 if (c == '\0')
266                         return 1;
267                 if (!isascii(c))
268                         return 0;
269         }
270 }
271
272 static int entry_is_binary(struct index_state *istate, const char *path,
273                            const void *buffer, size_t size)
274 {
275         struct userdiff_driver *driver = userdiff_find_by_path(istate, path);
276         if (!driver)
277                 driver = userdiff_find_by_name("default");
278         if (driver->binary != -1)
279                 return driver->binary;
280         return buffer_is_binary(buffer, size);
281 }
282
283 #define STREAM_BUFFER_SIZE (1024 * 16)
284
285 static int write_zip_entry(struct archiver_args *args,
286                            const struct object_id *oid,
287                            const char *path, size_t pathlen,
288                            unsigned int mode,
289                            void *buffer, unsigned long size)
290 {
291         struct zip_local_header header;
292         uintmax_t offset = zip_offset;
293         struct zip_extra_mtime extra;
294         struct zip64_extra extra64;
295         size_t header_extra_size = ZIP_EXTRA_MTIME_SIZE;
296         int need_zip64_extra = 0;
297         unsigned long attr2;
298         unsigned long compressed_size;
299         unsigned long crc;
300         enum zip_method method;
301         unsigned char *out;
302         void *deflated = NULL;
303         struct git_istream *stream = NULL;
304         unsigned long flags = 0;
305         int is_binary = -1;
306         const char *path_without_prefix = path + args->baselen;
307         unsigned int creator_version = 0;
308         unsigned int version_needed = 10;
309         size_t zip_dir_extra_size = ZIP_EXTRA_MTIME_SIZE;
310         size_t zip64_dir_extra_payload_size = 0;
311
312         crc = crc32(0, NULL, 0);
313
314         if (!has_only_ascii(path)) {
315                 if (is_utf8(path))
316                         flags |= ZIP_UTF8;
317                 else
318                         warning(_("path is not valid UTF-8: %s"), path);
319         }
320
321         if (pathlen > 0xffff) {
322                 return error(_("path too long (%d chars, SHA1: %s): %s"),
323                                 (int)pathlen, oid_to_hex(oid), path);
324         }
325
326         if (S_ISDIR(mode) || S_ISGITLINK(mode)) {
327                 method = ZIP_METHOD_STORE;
328                 attr2 = 16;
329                 out = NULL;
330                 compressed_size = 0;
331         } else if (S_ISREG(mode) || S_ISLNK(mode)) {
332                 method = ZIP_METHOD_STORE;
333                 attr2 = S_ISLNK(mode) ? ((mode | 0777) << 16) :
334                         (mode & 0111) ? ((mode) << 16) : 0;
335                 if (S_ISLNK(mode) || (mode & 0111))
336                         creator_version = 0x0317;
337                 if (S_ISREG(mode) && args->compression_level != 0 && size > 0)
338                         method = ZIP_METHOD_DEFLATE;
339
340                 if (!buffer) {
341                         enum object_type type;
342                         stream = open_istream(args->repo, oid, &type, &size,
343                                               NULL);
344                         if (!stream)
345                                 return error(_("cannot stream blob %s"),
346                                              oid_to_hex(oid));
347                         flags |= ZIP_STREAM;
348                         out = NULL;
349                 } else {
350                         crc = crc32(crc, buffer, size);
351                         is_binary = entry_is_binary(args->repo->index,
352                                                     path_without_prefix,
353                                                     buffer, size);
354                         out = buffer;
355                 }
356                 compressed_size = (method == ZIP_METHOD_STORE) ? size : 0;
357         } else {
358                 return error(_("unsupported file mode: 0%o (SHA1: %s)"), mode,
359                                 oid_to_hex(oid));
360         }
361
362         if (creator_version > max_creator_version)
363                 max_creator_version = creator_version;
364
365         if (buffer && method == ZIP_METHOD_DEFLATE) {
366                 out = deflated = zlib_deflate_raw(buffer, size,
367                                                   args->compression_level,
368                                                   &compressed_size);
369                 if (!out || compressed_size >= size) {
370                         out = buffer;
371                         method = ZIP_METHOD_STORE;
372                         compressed_size = size;
373                 }
374         }
375
376         copy_le16(extra.magic, 0x5455);
377         copy_le16(extra.extra_size, ZIP_EXTRA_MTIME_PAYLOAD_SIZE);
378         extra.flags[0] = 1;     /* just mtime */
379         copy_le32(extra.mtime, args->time);
380
381         if (size > 0xffffffff || compressed_size > 0xffffffff)
382                 need_zip64_extra = 1;
383         if (stream && size > 0x7fffffff)
384                 need_zip64_extra = 1;
385
386         if (need_zip64_extra)
387                 version_needed = 45;
388
389         copy_le32(header.magic, 0x04034b50);
390         copy_le16(header.version, version_needed);
391         copy_le16(header.flags, flags);
392         copy_le16(header.compression_method, method);
393         copy_le16(header.mtime, zip_time);
394         copy_le16(header.mdate, zip_date);
395         if (need_zip64_extra) {
396                 set_zip_header_data_desc(&header, 0xffffffff, 0xffffffff, crc);
397                 header_extra_size += ZIP64_EXTRA_SIZE;
398         } else {
399                 set_zip_header_data_desc(&header, size, compressed_size, crc);
400         }
401         copy_le16(header.filename_length, pathlen);
402         copy_le16(header.extra_length, header_extra_size);
403         write_or_die(1, &header, ZIP_LOCAL_HEADER_SIZE);
404         zip_offset += ZIP_LOCAL_HEADER_SIZE;
405         write_or_die(1, path, pathlen);
406         zip_offset += pathlen;
407         write_or_die(1, &extra, ZIP_EXTRA_MTIME_SIZE);
408         zip_offset += ZIP_EXTRA_MTIME_SIZE;
409         if (need_zip64_extra) {
410                 copy_le16(extra64.magic, 0x0001);
411                 copy_le16(extra64.extra_size, ZIP64_EXTRA_PAYLOAD_SIZE);
412                 copy_le64(extra64.size, size);
413                 copy_le64(extra64.compressed_size, compressed_size);
414                 write_or_die(1, &extra64, ZIP64_EXTRA_SIZE);
415                 zip_offset += ZIP64_EXTRA_SIZE;
416         }
417
418         if (stream && method == ZIP_METHOD_STORE) {
419                 unsigned char buf[STREAM_BUFFER_SIZE];
420                 ssize_t readlen;
421
422                 for (;;) {
423                         readlen = read_istream(stream, buf, sizeof(buf));
424                         if (readlen <= 0)
425                                 break;
426                         crc = crc32(crc, buf, readlen);
427                         if (is_binary == -1)
428                                 is_binary = entry_is_binary(args->repo->index,
429                                                             path_without_prefix,
430                                                             buf, readlen);
431                         write_or_die(1, buf, readlen);
432                 }
433                 close_istream(stream);
434                 if (readlen)
435                         return readlen;
436
437                 compressed_size = size;
438                 zip_offset += compressed_size;
439
440                 write_zip_data_desc(size, compressed_size, crc);
441         } else if (stream && method == ZIP_METHOD_DEFLATE) {
442                 unsigned char buf[STREAM_BUFFER_SIZE];
443                 ssize_t readlen;
444                 git_zstream zstream;
445                 int result;
446                 size_t out_len;
447                 unsigned char compressed[STREAM_BUFFER_SIZE * 2];
448
449                 git_deflate_init_raw(&zstream, args->compression_level);
450
451                 compressed_size = 0;
452                 zstream.next_out = compressed;
453                 zstream.avail_out = sizeof(compressed);
454
455                 for (;;) {
456                         readlen = read_istream(stream, buf, sizeof(buf));
457                         if (readlen <= 0)
458                                 break;
459                         crc = crc32(crc, buf, readlen);
460                         if (is_binary == -1)
461                                 is_binary = entry_is_binary(args->repo->index,
462                                                             path_without_prefix,
463                                                             buf, readlen);
464
465                         zstream.next_in = buf;
466                         zstream.avail_in = readlen;
467                         result = git_deflate(&zstream, 0);
468                         if (result != Z_OK)
469                                 die(_("deflate error (%d)"), result);
470                         out_len = zstream.next_out - compressed;
471
472                         if (out_len > 0) {
473                                 write_or_die(1, compressed, out_len);
474                                 compressed_size += out_len;
475                                 zstream.next_out = compressed;
476                                 zstream.avail_out = sizeof(compressed);
477                         }
478
479                 }
480                 close_istream(stream);
481                 if (readlen)
482                         return readlen;
483
484                 zstream.next_in = buf;
485                 zstream.avail_in = 0;
486                 result = git_deflate(&zstream, Z_FINISH);
487                 if (result != Z_STREAM_END)
488                         die("deflate error (%d)", result);
489
490                 git_deflate_end(&zstream);
491                 out_len = zstream.next_out - compressed;
492                 write_or_die(1, compressed, out_len);
493                 compressed_size += out_len;
494                 zip_offset += compressed_size;
495
496                 write_zip_data_desc(size, compressed_size, crc);
497         } else if (compressed_size > 0) {
498                 write_or_die(1, out, compressed_size);
499                 zip_offset += compressed_size;
500         }
501
502         free(deflated);
503
504         if (compressed_size > 0xffffffff || size > 0xffffffff ||
505             offset > 0xffffffff) {
506                 if (compressed_size >= 0xffffffff)
507                         zip64_dir_extra_payload_size += 8;
508                 if (size >= 0xffffffff)
509                         zip64_dir_extra_payload_size += 8;
510                 if (offset >= 0xffffffff)
511                         zip64_dir_extra_payload_size += 8;
512                 zip_dir_extra_size += 2 + 2 + zip64_dir_extra_payload_size;
513         }
514
515         strbuf_add_le(&zip_dir, 4, 0x02014b50); /* magic */
516         strbuf_add_le(&zip_dir, 2, creator_version);
517         strbuf_add_le(&zip_dir, 2, version_needed);
518         strbuf_add_le(&zip_dir, 2, flags);
519         strbuf_add_le(&zip_dir, 2, method);
520         strbuf_add_le(&zip_dir, 2, zip_time);
521         strbuf_add_le(&zip_dir, 2, zip_date);
522         strbuf_add_le(&zip_dir, 4, crc);
523         strbuf_add_le(&zip_dir, 4, clamp32(compressed_size));
524         strbuf_add_le(&zip_dir, 4, clamp32(size));
525         strbuf_add_le(&zip_dir, 2, pathlen);
526         strbuf_add_le(&zip_dir, 2, zip_dir_extra_size);
527         strbuf_add_le(&zip_dir, 2, 0);          /* comment length */
528         strbuf_add_le(&zip_dir, 2, 0);          /* disk */
529         strbuf_add_le(&zip_dir, 2, !is_binary);
530         strbuf_add_le(&zip_dir, 4, attr2);
531         strbuf_add_le(&zip_dir, 4, clamp32(offset));
532         strbuf_add(&zip_dir, path, pathlen);
533         strbuf_add(&zip_dir, &extra, ZIP_EXTRA_MTIME_SIZE);
534         if (zip64_dir_extra_payload_size) {
535                 strbuf_add_le(&zip_dir, 2, 0x0001);     /* magic */
536                 strbuf_add_le(&zip_dir, 2, zip64_dir_extra_payload_size);
537                 if (size >= 0xffffffff)
538                         strbuf_add_le(&zip_dir, 8, size);
539                 if (compressed_size >= 0xffffffff)
540                         strbuf_add_le(&zip_dir, 8, compressed_size);
541                 if (offset >= 0xffffffff)
542                         strbuf_add_le(&zip_dir, 8, offset);
543         }
544         zip_dir_entries++;
545
546         return 0;
547 }
548
549 static void write_zip64_trailer(void)
550 {
551         struct zip64_dir_trailer trailer64;
552         struct zip64_dir_trailer_locator locator64;
553
554         copy_le32(trailer64.magic, 0x06064b50);
555         copy_le64(trailer64.record_size, ZIP64_DIR_TRAILER_RECORD_SIZE);
556         copy_le16(trailer64.creator_version, max_creator_version);
557         copy_le16(trailer64.version, 45);
558         copy_le32(trailer64.disk, 0);
559         copy_le32(trailer64.directory_start_disk, 0);
560         copy_le64(trailer64.entries_on_this_disk, zip_dir_entries);
561         copy_le64(trailer64.entries, zip_dir_entries);
562         copy_le64(trailer64.size, zip_dir.len);
563         copy_le64(trailer64.offset, zip_offset);
564
565         copy_le32(locator64.magic, 0x07064b50);
566         copy_le32(locator64.disk, 0);
567         copy_le64(locator64.offset, zip_offset + zip_dir.len);
568         copy_le32(locator64.number_of_disks, 1);
569
570         write_or_die(1, &trailer64, ZIP64_DIR_TRAILER_SIZE);
571         write_or_die(1, &locator64, ZIP64_DIR_TRAILER_LOCATOR_SIZE);
572 }
573
574 static void write_zip_trailer(const struct object_id *oid)
575 {
576         struct zip_dir_trailer trailer;
577         int clamped = 0;
578
579         copy_le32(trailer.magic, 0x06054b50);
580         copy_le16(trailer.disk, 0);
581         copy_le16(trailer.directory_start_disk, 0);
582         copy_le16_clamp(trailer.entries_on_this_disk, zip_dir_entries,
583                         &clamped);
584         copy_le16_clamp(trailer.entries, zip_dir_entries, &clamped);
585         copy_le32(trailer.size, zip_dir.len);
586         copy_le32_clamp(trailer.offset, zip_offset, &clamped);
587         copy_le16(trailer.comment_length, oid ? the_hash_algo->hexsz : 0);
588
589         write_or_die(1, zip_dir.buf, zip_dir.len);
590         if (clamped)
591                 write_zip64_trailer();
592         write_or_die(1, &trailer, ZIP_DIR_TRAILER_SIZE);
593         if (oid)
594                 write_or_die(1, oid_to_hex(oid), the_hash_algo->hexsz);
595 }
596
597 static void dos_time(timestamp_t *timestamp, int *dos_date, int *dos_time)
598 {
599         time_t time;
600         struct tm tm;
601
602         if (date_overflows(*timestamp))
603                 die(_("timestamp too large for this system: %"PRItime),
604                     *timestamp);
605         time = (time_t)*timestamp;
606         localtime_r(&time, &tm);
607         *timestamp = time;
608
609         *dos_date = tm.tm_mday + (tm.tm_mon + 1) * 32 +
610                     (tm.tm_year + 1900 - 1980) * 512;
611         *dos_time = tm.tm_sec / 2 + tm.tm_min * 32 + tm.tm_hour * 2048;
612 }
613
614 static int archive_zip_config(const char *var, const char *value, void *data)
615 {
616         return userdiff_config(var, value);
617 }
618
619 static int write_zip_archive(const struct archiver *ar,
620                              struct archiver_args *args)
621 {
622         int err;
623
624         git_config(archive_zip_config, NULL);
625
626         dos_time(&args->time, &zip_date, &zip_time);
627
628         strbuf_init(&zip_dir, 0);
629
630         err = write_archive_entries(args, write_zip_entry);
631         if (!err)
632                 write_zip_trailer(args->commit_oid);
633
634         strbuf_release(&zip_dir);
635
636         return err;
637 }
638
639 static struct archiver zip_archiver = {
640         "zip",
641         write_zip_archive,
642         ARCHIVER_WANT_COMPRESSION_LEVELS|ARCHIVER_REMOTE
643 };
644
645 void init_zip_archiver(void)
646 {
647         register_archiver(&zip_archiver);
648 }