search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
liblzma: Prevent uninitialzed warning in mt stream encoder.
[xz/debian.git] / src / liblzma / common / block_buffer_encoder.c
bloba47342efd0f5c6b5ef5fe3198af2d3aadf6c3d8c
1 ///////////////////////////////////////////////////////////////////////////////
2 //
3 /// \file block_buffer_encoder.c
4 /// \brief Single-call .xz Block encoder
5 //
6 // Author: Lasse Collin
7 //
8 // This file has been put into the public domain.
9 // You can do whatever you want with this file.
10 //
11 ///////////////////////////////////////////////////////////////////////////////
12
13 #include "block_buffer_encoder.h"
14 #include "block_encoder.h"
15 #include "filter_encoder.h"
16 #include "lzma2_encoder.h"
17 #include "check.h"
18
19
20 /// Estimate the maximum size of the Block Header and Check fields for
21 /// a Block that uses LZMA2 uncompressed chunks. We could use
22 /// lzma_block_header_size() but this is simpler.
23 ///
24 /// Block Header Size + Block Flags + Compressed Size
25 /// + Uncompressed Size + Filter Flags for LZMA2 + CRC32 + Check
26 /// and round up to the next multiple of four to take Header Padding
27 /// into account.
28 #define HEADERS_BOUND ((1 + 1 + 2 * LZMA_VLI_BYTES_MAX + 3 + 4 \
29 + LZMA_CHECK_SIZE_MAX + 3) & ~3)
30
31
32 static uint64_t
33 lzma2_bound(uint64_t uncompressed_size)
34 {
35 // Prevent integer overflow in overhead calculation.
36 if (uncompressed_size > COMPRESSED_SIZE_MAX)
37 return 0;
38
39 // Calculate the exact overhead of the LZMA2 headers: Round
40 // uncompressed_size up to the next multiple of LZMA2_CHUNK_MAX,
41 // multiply by the size of per-chunk header, and add one byte for
42 // the end marker.
43 const uint64_t overhead = ((uncompressed_size + LZMA2_CHUNK_MAX - 1)
44 / LZMA2_CHUNK_MAX)
45 * LZMA2_HEADER_UNCOMPRESSED + 1;
46
47 // Catch the possible integer overflow.
48 if (COMPRESSED_SIZE_MAX - overhead < uncompressed_size)
49 return 0;
50
51 return uncompressed_size + overhead;
52 }
53
54
55 extern uint64_t
56 lzma_block_buffer_bound64(uint64_t uncompressed_size)
57 {
58 // If the data doesn't compress, we always use uncompressed
59 // LZMA2 chunks.
60 uint64_t lzma2_size = lzma2_bound(uncompressed_size);
61 if (lzma2_size == 0)
62 return 0;
63
64 // Take Block Padding into account.
65 lzma2_size = (lzma2_size + 3) & ~UINT64_C(3);
66
67 // No risk of integer overflow because lzma2_bound() already takes
68 // into account the size of the headers in the Block.
69 return HEADERS_BOUND + lzma2_size;
70 }
71
72
73 extern LZMA_API(size_t)
74 lzma_block_buffer_bound(size_t uncompressed_size)
75 {
76 uint64_t ret = lzma_block_buffer_bound64(uncompressed_size);
77
78 #if SIZE_MAX < UINT64_MAX
79 // Catch the possible integer overflow on 32-bit systems.
80 if (ret > SIZE_MAX)
81 return 0;
82 #endif
83
84 return ret;
85 }
86
87
88 static lzma_ret
89 block_encode_uncompressed(lzma_block *block, const uint8_t *in, size_t in_size,
90 uint8_t *out, size_t *out_pos, size_t out_size)
91 {
92 // Use LZMA2 uncompressed chunks. We wouldn't need a dictionary at
93 // all, but LZMA2 always requires a dictionary, so use the minimum
94 // value to minimize memory usage of the decoder.
95 lzma_options_lzma lzma2 = {
96 .dict_size = LZMA_DICT_SIZE_MIN,
97 };
98
99 lzma_filter filters[2];
100 filters[0].id = LZMA_FILTER_LZMA2;
101 filters[0].options = &lzma2;
102 filters[1].id = LZMA_VLI_UNKNOWN;
103
104 // Set the above filter options to *block temporarily so that we can
105 // encode the Block Header.
106 lzma_filter *filters_orig = block->filters;
107 block->filters = filters;
108
109 if (lzma_block_header_size(block) != LZMA_OK) {
110 block->filters = filters_orig;
111 return LZMA_PROG_ERROR;
112 }
113
114 // Check that there's enough output space. The caller has already
115 // set block->compressed_size to what lzma2_bound() has returned,
116 // so we can reuse that value. We know that compressed_size is a
117 // known valid VLI and header_size is a small value so their sum
118 // will never overflow.
119 assert(block->compressed_size == lzma2_bound(in_size));
120 if (out_size - *out_pos
121 < block->header_size + block->compressed_size) {
122 block->filters = filters_orig;
123 return LZMA_BUF_ERROR;
124 }
125
126 if (lzma_block_header_encode(block, out + *out_pos) != LZMA_OK) {
127 block->filters = filters_orig;
128 return LZMA_PROG_ERROR;
129 }
130
131 block->filters = filters_orig;
132 *out_pos += block->header_size;
133
134 // Encode the data using LZMA2 uncompressed chunks.
135 size_t in_pos = 0;
136 uint8_t control = 0x01; // Dictionary reset
137
138 while (in_pos < in_size) {
139 // Control byte: Indicate uncompressed chunk, of which
140 // the first resets the dictionary.
141 out[(*out_pos)++] = control;
142 control = 0x02; // No dictionary reset
143
144 // Size of the uncompressed chunk
145 const size_t copy_size
146 = my_min(in_size - in_pos, LZMA2_CHUNK_MAX);
147 out[(*out_pos)++] = (copy_size - 1) >> 8;
148 out[(*out_pos)++] = (copy_size - 1) & 0xFF;
149
150 // The actual data
151 assert(*out_pos + copy_size <= out_size);
152 memcpy(out + *out_pos, in + in_pos, copy_size);
153
154 in_pos += copy_size;
155 *out_pos += copy_size;
156 }
157
158 // End marker
159 out[(*out_pos)++] = 0x00;
160 assert(*out_pos <= out_size);
161
162 return LZMA_OK;
163 }
164
165
166 static lzma_ret
167 block_encode_normal(lzma_block *block, const lzma_allocator *allocator,
168 const uint8_t *in, size_t in_size,
169 uint8_t *out, size_t *out_pos, size_t out_size)
170 {
171 // Find out the size of the Block Header.
172 return_if_error(lzma_block_header_size(block));
173
174 // Reserve space for the Block Header and skip it for now.
175 if (out_size - *out_pos <= block->header_size)
176 return LZMA_BUF_ERROR;
177
178 const size_t out_start = *out_pos;
179 *out_pos += block->header_size;
180
181 // Limit out_size so that we stop encoding if the output would grow
182 // bigger than what uncompressed Block would be.
183 if (out_size - *out_pos > block->compressed_size)
184 out_size = *out_pos + block->compressed_size;
185
186 // TODO: In many common cases this could be optimized to use
187 // significantly less memory.
188 lzma_next_coder raw_encoder = LZMA_NEXT_CODER_INIT;
189 lzma_ret ret = lzma_raw_encoder_init(
190 &raw_encoder, allocator, block->filters);
191
192 if (ret == LZMA_OK) {
193 size_t in_pos = 0;
194 ret = raw_encoder.code(raw_encoder.coder, allocator,
195 in, &in_pos, in_size, out, out_pos, out_size,
196 LZMA_FINISH);
197 }
198
199 // NOTE: This needs to be run even if lzma_raw_encoder_init() failed.
200 lzma_next_end(&raw_encoder, allocator);
201
202 if (ret == LZMA_STREAM_END) {
203 // Compression was successful. Write the Block Header.
204 block->compressed_size
205 = *out_pos - (out_start + block->header_size);
206 ret = lzma_block_header_encode(block, out + out_start);
207 if (ret != LZMA_OK)
208 ret = LZMA_PROG_ERROR;
209
210 } else if (ret == LZMA_OK) {
211 // Output buffer became full.
212 ret = LZMA_BUF_ERROR;
213 }
214
215 // Reset *out_pos if something went wrong.
216 if (ret != LZMA_OK)
217 *out_pos = out_start;
218
219 return ret;
220 }
221
222
223 static lzma_ret
224 block_buffer_encode(lzma_block *block, const lzma_allocator *allocator,
225 const uint8_t *in, size_t in_size,
226 uint8_t *out, size_t *out_pos, size_t out_size,
227 bool try_to_compress)
228 {
229 // Validate the arguments.
230 if (block == NULL || (in == NULL && in_size != 0) || out == NULL
231 || out_pos == NULL || *out_pos > out_size)
232 return LZMA_PROG_ERROR;
233
234 // The contents of the structure may depend on the version so
235 // check the version before validating the contents of *block.
236 if (block->version > 1)
237 return LZMA_OPTIONS_ERROR;
238
239 if ((unsigned int)(block->check) > LZMA_CHECK_ID_MAX
240 || (try_to_compress && block->filters == NULL))
241 return LZMA_PROG_ERROR;
242
243 if (!lzma_check_is_supported(block->check))
244 return LZMA_UNSUPPORTED_CHECK;
245
246 // Size of a Block has to be a multiple of four, so limit the size
247 // here already. This way we don't need to check it again when adding
248 // Block Padding.
249 out_size -= (out_size - *out_pos) & 3;
250
251 // Get the size of the Check field.
252 const size_t check_size = lzma_check_size(block->check);
253 assert(check_size != UINT32_MAX);
254
255 // Reserve space for the Check field.
256 if (out_size - *out_pos <= check_size)
257 return LZMA_BUF_ERROR;
258
259 out_size -= check_size;
260
261 // Initialize block->uncompressed_size and calculate the worst-case
262 // value for block->compressed_size.
263 block->uncompressed_size = in_size;
264 block->compressed_size = lzma2_bound(in_size);
265 if (block->compressed_size == 0)
266 return LZMA_DATA_ERROR;
267
268 // Do the actual compression.
269 lzma_ret ret = LZMA_BUF_ERROR;
270 if (try_to_compress)
271 ret = block_encode_normal(block, allocator,
272 in, in_size, out, out_pos, out_size);
273
274 if (ret != LZMA_OK) {
275 // If the error was something else than output buffer
276 // becoming full, return the error now.
277 if (ret != LZMA_BUF_ERROR)
278 return ret;
279
280 // The data was uncompressible (at least with the options
281 // given to us) or the output buffer was too small. Use the
282 // uncompressed chunks of LZMA2 to wrap the data into a valid
283 // Block. If we haven't been given enough output space, even
284 // this may fail.
285 return_if_error(block_encode_uncompressed(block, in, in_size,
286 out, out_pos, out_size));
287 }
288
289 assert(*out_pos <= out_size);
290
291 // Block Padding. No buffer overflow here, because we already adjusted
292 // out_size so that (out_size - out_start) is a multiple of four.
293 // Thus, if the buffer is full, the loop body can never run.
294 for (size_t i = (size_t)(block->compressed_size); i & 3; ++i) {
295 assert(*out_pos < out_size);
296 out[(*out_pos)++] = 0x00;
297 }
298
299 // If there's no Check field, we are done now.
300 if (check_size > 0) {
301 // Calculate the integrity check. We reserved space for
302 // the Check field earlier so we don't need to check for
303 // available output space here.
304 lzma_check_state check;
305 lzma_check_init(&check, block->check);
306 lzma_check_update(&check, block->check, in, in_size);
307 lzma_check_finish(&check, block->check);
308
309 memcpy(block->raw_check, check.buffer.u8, check_size);
310 memcpy(out + *out_pos, check.buffer.u8, check_size);
311 *out_pos += check_size;
312 }
313
314 return LZMA_OK;
315 }
316
317
318 extern LZMA_API(lzma_ret)
319 lzma_block_buffer_encode(lzma_block *block, const lzma_allocator *allocator,
320 const uint8_t *in, size_t in_size,
321 uint8_t *out, size_t *out_pos, size_t out_size)
322 {
323 return block_buffer_encode(block, allocator,
324 in, in_size, out, out_pos, out_size, true);
325 }
326
327
328 #ifdef HAVE_SYMBOL_VERSIONS_LINUX
329 // This is for compatibility with binaries linked against liblzma that
330 // has been patched with xz-5.2.2-compat-libs.patch from RHEL/CentOS 7.
331 LZMA_SYMVER_API("lzma_block_uncomp_encode@XZ_5.2.2",
332 lzma_ret, lzma_block_uncomp_encode_522)(lzma_block *block,
333 const uint8_t *in, size_t in_size,
334 uint8_t *out, size_t *out_pos, size_t out_size)
335 lzma_nothrow lzma_attr_warn_unused_result
336 __attribute__((__alias__("lzma_block_uncomp_encode_52")));
337
338 LZMA_SYMVER_API("lzma_block_uncomp_encode@@XZ_5.2",
339 lzma_ret, lzma_block_uncomp_encode_52)(lzma_block *block,
340 const uint8_t *in, size_t in_size,
341 uint8_t *out, size_t *out_pos, size_t out_size)
342 lzma_nothrow lzma_attr_warn_unused_result;
343
344 #define lzma_block_uncomp_encode lzma_block_uncomp_encode_52
345 #endif
346 extern LZMA_API(lzma_ret)
347 lzma_block_uncomp_encode(lzma_block *block,
348 const uint8_t *in, size_t in_size,
349 uint8_t *out, size_t *out_pos, size_t out_size)
350 {
351 // It won't allocate any memory from heap so no need
352 // for lzma_allocator.
353 return block_buffer_encode(block, NULL,
354 in, in_size, out, out_pos, out_size, false);
355 }
XZ Utils for Debian