vm: fix a null dereference on out-of-memory
[minix.git] / lib / libz / gzread.c
blobe33998117e388383fcd5b400a35b0c2eddb97300
1 /* gzread.c -- zlib functions for reading gzip files
2 * Copyright (C) 2004, 2005, 2010 Mark Adler
3 * For conditions of distribution and use, see copyright notice in zlib.h
4 */
6 #include <unistd.h>
8 #include "gzguts.h"
10 /* Local functions */
11 local int gz_load OF((gz_statep, unsigned char *, unsigned, unsigned *));
12 local int gz_avail OF((gz_statep));
13 local int gz_next4 OF((gz_statep, unsigned long *));
14 local int gz_head OF((gz_statep));
15 local int gz_decomp OF((gz_statep));
16 local int gz_make OF((gz_statep));
17 local int gz_skip OF((gz_statep, z_off64_t));
19 /* Use read() to load a buffer -- return -1 on error, otherwise 0. Read from
20 state->fd, and update state->eof, state->err, and state->msg as appropriate.
21 This function needs to loop on read(), since read() is not guaranteed to
22 read the number of bytes requested, depending on the type of descriptor. */
23 local int gz_load(state, buf, len, have)
24 gz_statep state;
25 unsigned char *buf;
26 unsigned len;
27 unsigned *have;
29 int ret;
31 *have = 0;
32 do {
33 ret = read(state->fd, buf + *have, len - *have);
34 if (ret <= 0)
35 break;
36 *have += ret;
37 } while (*have < len);
38 if (ret < 0) {
39 gz_error(state, Z_ERRNO, zstrerror());
40 return -1;
42 if (ret == 0)
43 state->eof = 1;
44 return 0;
47 /* Load up input buffer and set eof flag if last data loaded -- return -1 on
48 error, 0 otherwise. Note that the eof flag is set when the end of the input
49 file is reached, even though there may be unused data in the buffer. Once
50 that data has been used, no more attempts will be made to read the file.
51 gz_avail() assumes that strm->avail_in == 0. */
52 local int gz_avail(state)
53 gz_statep state;
55 z_streamp strm = &(state->strm);
57 if (state->err != Z_OK)
58 return -1;
59 if (state->eof == 0) {
60 if (gz_load(state, state->in, state->size,
61 (unsigned *)&(strm->avail_in)) == -1)
62 return -1;
63 strm->next_in = state->in;
65 return 0;
68 /* Get next byte from input, or -1 if end or error. */
69 #define NEXT() ((strm->avail_in == 0 && gz_avail(state) == -1) ? -1 : \
70 (strm->avail_in == 0 ? -1 : \
71 (strm->avail_in--, *(strm->next_in)++)))
73 /* Get a four-byte little-endian integer and return 0 on success and the value
74 in *ret. Otherwise -1 is returned and *ret is not modified. */
75 local int gz_next4(state, ret)
76 gz_statep state;
77 unsigned long *ret;
79 int ch;
80 unsigned long val;
81 z_streamp strm = &(state->strm);
83 val = NEXT();
84 val += (unsigned)NEXT() << 8;
85 val += (unsigned long)NEXT() << 16;
86 ch = NEXT();
87 if (ch == -1)
88 return -1;
89 val += (unsigned long)ch << 24;
90 *ret = val;
91 return 0;
94 /* Look for gzip header, set up for inflate or copy. state->have must be zero.
95 If this is the first time in, allocate required memory. state->how will be
96 left unchanged if there is no more input data available, will be set to COPY
97 if there is no gzip header and direct copying will be performed, or it will
98 be set to GZIP for decompression, and the gzip header will be skipped so
99 that the next available input data is the raw deflate stream. If direct
100 copying, then leftover input data from the input buffer will be copied to
101 the output buffer. In that case, all further file reads will be directly to
102 either the output buffer or a user buffer. If decompressing, the inflate
103 state and the check value will be initialized. gz_head() will return 0 on
104 success or -1 on failure. Failures may include read errors or gzip header
105 errors. */
106 local int gz_head(state)
107 gz_statep state;
109 z_streamp strm = &(state->strm);
110 int flags;
111 unsigned len;
113 /* allocate read buffers and inflate memory */
114 if (state->size == 0) {
115 /* allocate buffers */
116 state->in = malloc(state->want);
117 state->out = malloc(state->want << 1);
118 if (state->in == NULL || state->out == NULL) {
119 if (state->out != NULL)
120 free(state->out);
121 if (state->in != NULL)
122 free(state->in);
123 gz_error(state, Z_MEM_ERROR, "out of memory");
124 return -1;
126 state->size = state->want;
128 /* allocate inflate memory */
129 state->strm.zalloc = Z_NULL;
130 state->strm.zfree = Z_NULL;
131 state->strm.opaque = Z_NULL;
132 state->strm.avail_in = 0;
133 state->strm.next_in = Z_NULL;
134 if (inflateInit2(&(state->strm), -15) != Z_OK) { /* raw inflate */
135 free(state->out);
136 free(state->in);
137 state->size = 0;
138 gz_error(state, Z_MEM_ERROR, "out of memory");
139 return -1;
143 /* get some data in the input buffer */
144 if (strm->avail_in == 0) {
145 if (gz_avail(state) == -1)
146 return -1;
147 if (strm->avail_in == 0)
148 return 0;
151 /* look for the gzip magic header bytes 31 and 139 */
152 if (strm->next_in[0] == 31) {
153 strm->avail_in--;
154 strm->next_in++;
155 if (strm->avail_in == 0 && gz_avail(state) == -1)
156 return -1;
157 if (strm->avail_in && strm->next_in[0] == 139) {
158 /* we have a gzip header, woo hoo! */
159 strm->avail_in--;
160 strm->next_in++;
162 /* skip rest of header */
163 if (NEXT() != 8) { /* compression method */
164 gz_error(state, Z_DATA_ERROR, "unknown compression method");
165 return -1;
167 flags = NEXT();
168 if (flags & 0xe0) { /* reserved flag bits */
169 gz_error(state, Z_DATA_ERROR, "unknown header flags set");
170 return -1;
172 (void) NEXT(); /* modification time */
173 (void) NEXT();
174 (void) NEXT();
175 (void) NEXT();
176 (void) NEXT(); /* extra flags */
177 (void) NEXT(); /* operating system */
178 if (flags & 4) { /* extra field */
179 len = (unsigned)NEXT();
180 len += (unsigned)NEXT() << 8;
181 while (len--)
182 if (NEXT() < 0)
183 break;
185 if (flags & 8) /* file name */
186 while (NEXT() > 0)
188 if (flags & 16) /* comment */
189 while (NEXT() > 0)
191 if (flags & 2) { /* header crc */
192 (void) NEXT();
193 (void) NEXT();
195 /* an unexpected end of file is not checked for here -- it will be
196 noticed on the first request for uncompressed data */
198 /* set up for decompression */
199 inflateReset(strm);
200 strm->adler = crc32(0L, Z_NULL, 0);
201 state->how = GZIP;
202 state->direct = 0;
203 return 0;
205 else {
206 /* not a gzip file -- save first byte (31) and fall to raw i/o */
207 state->out[0] = 31;
208 state->have = 1;
212 /* doing raw i/o, save start of raw data for seeking, copy any leftover
213 input to output -- this assumes that the output buffer is larger than
214 the input buffer, which also assures space for gzungetc() */
215 state->raw = state->pos;
216 state->next = state->out;
217 if (strm->avail_in) {
218 memcpy(state->next + state->have, strm->next_in, strm->avail_in);
219 state->have += strm->avail_in;
220 strm->avail_in = 0;
222 state->how = COPY;
223 state->direct = 1;
224 return 0;
227 /* Decompress from input to the provided next_out and avail_out in the state.
228 If the end of the compressed data is reached, then verify the gzip trailer
229 check value and length (modulo 2^32). state->have and state->next are set
230 to point to the just decompressed data, and the crc is updated. If the
231 trailer is verified, state->how is reset to LOOK to look for the next gzip
232 stream or raw data, once state->have is depleted. Returns 0 on success, -1
233 on failure. Failures may include invalid compressed data or a failed gzip
234 trailer verification. */
235 local int gz_decomp(state)
236 gz_statep state;
238 int ret;
239 unsigned had;
240 unsigned long crc, len;
241 z_streamp strm = &(state->strm);
243 /* fill output buffer up to end of deflate stream */
244 had = strm->avail_out;
245 do {
246 /* get more input for inflate() */
247 if (strm->avail_in == 0 && gz_avail(state) == -1)
248 return -1;
249 if (strm->avail_in == 0) {
250 gz_error(state, Z_DATA_ERROR, "unexpected end of file");
251 return -1;
254 /* decompress and handle errors */
255 ret = inflate(strm, Z_NO_FLUSH);
256 if (ret == Z_STREAM_ERROR || ret == Z_NEED_DICT) {
257 gz_error(state, Z_STREAM_ERROR,
258 "internal error: inflate stream corrupt");
259 return -1;
261 if (ret == Z_MEM_ERROR) {
262 gz_error(state, Z_MEM_ERROR, "out of memory");
263 return -1;
265 if (ret == Z_DATA_ERROR) { /* deflate stream invalid */
266 gz_error(state, Z_DATA_ERROR,
267 strm->msg == NULL ? "compressed data error" : strm->msg);
268 return -1;
270 } while (strm->avail_out && ret != Z_STREAM_END);
272 /* update available output and crc check value */
273 state->have = had - strm->avail_out;
274 state->next = strm->next_out - state->have;
275 strm->adler = crc32(strm->adler, state->next, state->have);
277 /* check gzip trailer if at end of deflate stream */
278 if (ret == Z_STREAM_END) {
279 if (gz_next4(state, &crc) == -1 || gz_next4(state, &len) == -1) {
280 gz_error(state, Z_DATA_ERROR, "unexpected end of file");
281 return -1;
283 if (crc != strm->adler) {
284 gz_error(state, Z_DATA_ERROR, "incorrect data check");
285 return -1;
287 if (len != (strm->total_out & 0xffffffffL)) {
288 gz_error(state, Z_DATA_ERROR, "incorrect length check");
289 return -1;
291 state->how = LOOK; /* ready for next stream, once have is 0 (leave
292 state->direct unchanged to remember how) */
295 /* good decompression */
296 return 0;
299 /* Make data and put in the output buffer. Assumes that state->have == 0.
300 Data is either copied from the input file or decompressed from the input
301 file depending on state->how. If state->how is LOOK, then a gzip header is
302 looked for (and skipped if found) to determine wither to copy or decompress.
303 Returns -1 on error, otherwise 0. gz_make() will leave state->have as COPY
304 or GZIP unless the end of the input file has been reached and all data has
305 been processed. */
306 local int gz_make(state)
307 gz_statep state;
309 z_streamp strm = &(state->strm);
311 if (state->how == LOOK) { /* look for gzip header */
312 if (gz_head(state) == -1)
313 return -1;
314 if (state->have) /* got some data from gz_head() */
315 return 0;
317 if (state->how == COPY) { /* straight copy */
318 if (gz_load(state, state->out, state->size << 1, &(state->have)) == -1)
319 return -1;
320 state->next = state->out;
322 else if (state->how == GZIP) { /* decompress */
323 strm->avail_out = state->size << 1;
324 strm->next_out = state->out;
325 if (gz_decomp(state) == -1)
326 return -1;
328 return 0;
331 /* Skip len uncompressed bytes of output. Return -1 on error, 0 on success. */
332 local int gz_skip(state, len)
333 gz_statep state;
334 z_off64_t len;
336 unsigned n;
338 /* skip over len bytes or reach end-of-file, whichever comes first */
339 while (len)
340 /* skip over whatever is in output buffer */
341 if (state->have) {
342 n = GT_OFF(state->have) || (z_off64_t)state->have > len ?
343 (unsigned)len : state->have;
344 state->have -= n;
345 state->next += n;
346 state->pos += n;
347 len -= n;
350 /* output buffer empty -- return if we're at the end of the input */
351 else if (state->eof && state->strm.avail_in == 0)
352 break;
354 /* need more data to skip -- load up output buffer */
355 else {
356 /* get more output, looking for header if required */
357 if (gz_make(state) == -1)
358 return -1;
360 return 0;
363 /* -- see zlib.h -- */
364 int ZEXPORT gzread(file, buf, len)
365 gzFile file;
366 voidp buf;
367 unsigned len;
369 unsigned got, n;
370 gz_statep state;
371 z_streamp strm;
373 /* get internal structure */
374 if (file == NULL)
375 return -1;
376 state = (gz_statep)file;
377 strm = &(state->strm);
379 /* check that we're reading and that there's no error */
380 if (state->mode != GZ_READ || state->err != Z_OK)
381 return -1;
383 /* since an int is returned, make sure len fits in one, otherwise return
384 with an error (this avoids the flaw in the interface) */
385 if ((int)len < 0) {
386 gz_error(state, Z_BUF_ERROR, "requested length does not fit in int");
387 return -1;
390 /* if len is zero, avoid unnecessary operations */
391 if (len == 0)
392 return 0;
394 /* process a skip request */
395 if (state->seek) {
396 state->seek = 0;
397 if (gz_skip(state, state->skip) == -1)
398 return -1;
401 /* get len bytes to buf, or less than len if at the end */
402 got = 0;
403 do {
404 /* first just try copying data from the output buffer */
405 if (state->have) {
406 n = state->have > len ? len : state->have;
407 memcpy(buf, state->next, n);
408 state->next += n;
409 state->have -= n;
412 /* output buffer empty -- return if we're at the end of the input */
413 else if (state->eof && strm->avail_in == 0)
414 break;
416 /* need output data -- for small len or new stream load up our output
417 buffer */
418 else if (state->how == LOOK || len < (state->size << 1)) {
419 /* get more output, looking for header if required */
420 if (gz_make(state) == -1)
421 return -1;
422 continue; /* no progress yet -- go back to memcpy() above */
423 /* the copy above assures that we will leave with space in the
424 output buffer, allowing at least one gzungetc() to succeed */
427 /* large len -- read directly into user buffer */
428 else if (state->how == COPY) { /* read directly */
429 if (gz_load(state, buf, len, &n) == -1)
430 return -1;
433 /* large len -- decompress directly into user buffer */
434 else { /* state->how == GZIP */
435 strm->avail_out = len;
436 strm->next_out = buf;
437 if (gz_decomp(state) == -1)
438 return -1;
439 n = state->have;
440 state->have = 0;
443 /* update progress */
444 len -= n;
445 buf = (char *)buf + n;
446 got += n;
447 state->pos += n;
448 } while (len);
450 /* return number of bytes read into user buffer (will fit in int) */
451 return (int)got;
454 /* -- see zlib.h -- */
455 int ZEXPORT gzgetc(file)
456 gzFile file;
458 int ret;
459 unsigned char buf[1];
460 gz_statep state;
462 /* get internal structure */
463 if (file == NULL)
464 return -1;
465 state = (gz_statep)file;
467 /* check that we're reading and that there's no error */
468 if (state->mode != GZ_READ || state->err != Z_OK)
469 return -1;
471 /* try output buffer (no need to check for skip request) */
472 if (state->have) {
473 state->have--;
474 state->pos++;
475 return *(state->next)++;
478 /* nothing there -- try gzread() */
479 ret = gzread(file, buf, 1);
480 return ret < 1 ? -1 : buf[0];
483 /* -- see zlib.h -- */
484 int ZEXPORT gzungetc(c, file)
485 int c;
486 gzFile file;
488 gz_statep state;
490 /* get internal structure */
491 if (file == NULL)
492 return -1;
493 state = (gz_statep)file;
495 /* check that we're reading and that there's no error */
496 if (state->mode != GZ_READ || state->err != Z_OK)
497 return -1;
499 /* process a skip request */
500 if (state->seek) {
501 state->seek = 0;
502 if (gz_skip(state, state->skip) == -1)
503 return -1;
506 /* can't push EOF */
507 if (c < 0)
508 return -1;
510 /* if output buffer empty, put byte at end (allows more pushing) */
511 if (state->have == 0) {
512 state->have = 1;
513 state->next = state->out + (state->size << 1) - 1;
514 state->next[0] = c;
515 state->pos--;
516 return c;
519 /* if no room, give up (must have already done a gzungetc()) */
520 if (state->have == (state->size << 1)) {
521 gz_error(state, Z_BUF_ERROR, "out of room to push characters");
522 return -1;
525 /* slide output data if needed and insert byte before existing data */
526 if (state->next == state->out) {
527 unsigned char *src = state->out + state->have;
528 unsigned char *dest = state->out + (state->size << 1);
529 while (src > state->out)
530 *--dest = *--src;
531 state->next = dest;
533 state->have++;
534 state->next--;
535 state->next[0] = c;
536 state->pos--;
537 return c;
540 /* -- see zlib.h -- */
541 char * ZEXPORT gzgets(file, buf, len)
542 gzFile file;
543 char *buf;
544 int len;
546 unsigned left, n;
547 char *str;
548 unsigned char *eol;
549 gz_statep state;
551 /* check parameters and get internal structure */
552 if (file == NULL || buf == NULL || len < 1)
553 return NULL;
554 state = (gz_statep)file;
556 /* check that we're reading and that there's no error */
557 if (state->mode != GZ_READ || state->err != Z_OK)
558 return NULL;
560 /* process a skip request */
561 if (state->seek) {
562 state->seek = 0;
563 if (gz_skip(state, state->skip) == -1)
564 return NULL;
567 /* copy output bytes up to new line or len - 1, whichever comes first --
568 append a terminating zero to the string (we don't check for a zero in
569 the contents, let the user worry about that) */
570 str = buf;
571 left = (unsigned)len - 1;
572 if (left) do {
573 /* assure that something is in the output buffer */
574 if (state->have == 0) {
575 if (gz_make(state) == -1)
576 return NULL; /* error */
577 if (state->have == 0) { /* end of file */
578 if (buf == str) /* got bupkus */
579 return NULL;
580 break; /* got something -- return it */
584 /* look for end-of-line in current output buffer */
585 n = state->have > left ? left : state->have;
586 eol = memchr(state->next, '\n', n);
587 if (eol != NULL)
588 n = (unsigned)(eol - state->next) + 1;
590 /* copy through end-of-line, or remainder if not found */
591 memcpy(buf, state->next, n);
592 state->have -= n;
593 state->next += n;
594 state->pos += n;
595 left -= n;
596 buf += n;
597 } while (left && eol == NULL);
599 /* found end-of-line or out of space -- terminate string and return it */
600 buf[0] = 0;
601 return str;
604 /* -- see zlib.h -- */
605 int ZEXPORT gzdirect(file)
606 gzFile file;
608 gz_statep state;
610 /* get internal structure */
611 if (file == NULL)
612 return 0;
613 state = (gz_statep)file;
615 /* check that we're reading */
616 if (state->mode != GZ_READ)
617 return 0;
619 /* if the state is not known, but we can find out, then do so (this is
620 mainly for right after a gzopen() or gzdopen()) */
621 if (state->how == LOOK && state->have == 0)
622 (void)gz_head(state);
624 /* return 1 if reading direct, 0 if decompressing a gzip stream */
625 return state->direct;
628 /* -- see zlib.h -- */
629 int ZEXPORT gzclose_r(file)
630 gzFile file;
632 int ret;
633 gz_statep state;
635 /* get internal structure */
636 if (file == NULL)
637 return Z_STREAM_ERROR;
638 state = (gz_statep)file;
640 /* check that we're reading */
641 if (state->mode != GZ_READ)
642 return Z_STREAM_ERROR;
644 /* free memory and close file */
645 if (state->size) {
646 inflateEnd(&(state->strm));
647 free(state->out);
648 free(state->in);
650 gz_error(state, Z_OK, NULL);
651 free(state->path);
652 ret = close(state->fd);
653 free(state);
654 return ret ? Z_ERRNO : Z_OK;