1 /*
2 * Copyright (C) 2009 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 // See imgdiff.c in this directory for a description of the patch file
18 // format.
19
20 #include <stdio.h>
21 #include <sys/cdefs.h>
22 #include <sys/stat.h>
23 #include <errno.h>
24 #include <malloc.h>
25 #include <unistd.h>
26 #include <string.h>
27
28 #include "zlib.h"
29 #include "mincrypt/sha.h"
30 #include "applypatch.h"
31 #include "imgdiff.h"
32 #include "utils.h"
33
34 /*
35 * Apply the patch given in 'patch_filename' to the source data given
36 * by (old_data, old_size). Write the patched output to the 'output'
37 * file, and update the SHA context with the output data as well.
38 * Return 0 on success.
39 */
ApplyImagePatch(const unsigned char * old_data,ssize_t old_size __unused,const Value * patch,SinkFn sink,void * token,SHA_CTX * ctx,const Value * bonus_data)40 int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size __unused,
41 const Value* patch,
42 SinkFn sink, void* token, SHA_CTX* ctx,
43 const Value* bonus_data) {
44 ssize_t pos = 12;
45 char* header = patch->data;
46 if (patch->size < 12) {
47 printf("patch too short to contain header\n");
48 return -1;
49 }
50
51 // IMGDIFF2 uses CHUNK_NORMAL, CHUNK_DEFLATE, and CHUNK_RAW.
52 // (IMGDIFF1, which is no longer supported, used CHUNK_NORMAL and
53 // CHUNK_GZIP.)
54 if (memcmp(header, "IMGDIFF2", 8) != 0) {
55 printf("corrupt patch file header (magic number)\n");
56 return -1;
57 }
58
59 int num_chunks = Read4(header+8);
60
61 int i;
62 for (i = 0; i < num_chunks; ++i) {
63 // each chunk's header record starts with 4 bytes.
64 if (pos + 4 > patch->size) {
65 printf("failed to read chunk %d record\n", i);
66 return -1;
67 }
68 int type = Read4(patch->data + pos);
69 pos += 4;
70
71 if (type == CHUNK_NORMAL) {
72 char* normal_header = patch->data + pos;
73 pos += 24;
74 if (pos > patch->size) {
75 printf("failed to read chunk %d normal header data\n", i);
76 return -1;
77 }
78
79 size_t src_start = Read8(normal_header);
80 size_t src_len = Read8(normal_header+8);
81 size_t patch_offset = Read8(normal_header+16);
82
83 ApplyBSDiffPatch(old_data + src_start, src_len,
84 patch, patch_offset, sink, token, ctx);
85 } else if (type == CHUNK_RAW) {
86 char* raw_header = patch->data + pos;
87 pos += 4;
88 if (pos > patch->size) {
89 printf("failed to read chunk %d raw header data\n", i);
90 return -1;
91 }
92
93 ssize_t data_len = Read4(raw_header);
94
95 if (pos + data_len > patch->size) {
96 printf("failed to read chunk %d raw data\n", i);
97 return -1;
98 }
99 if (ctx) SHA_update(ctx, patch->data + pos, data_len);
100 if (sink((unsigned char*)patch->data + pos,
101 data_len, token) != data_len) {
102 printf("failed to write chunk %d raw data\n", i);
103 return -1;
104 }
105 pos += data_len;
106 } else if (type == CHUNK_DEFLATE) {
107 // deflate chunks have an additional 60 bytes in their chunk header.
108 char* deflate_header = patch->data + pos;
109 pos += 60;
110 if (pos > patch->size) {
111 printf("failed to read chunk %d deflate header data\n", i);
112 return -1;
113 }
114
115 size_t src_start = Read8(deflate_header);
116 size_t src_len = Read8(deflate_header+8);
117 size_t patch_offset = Read8(deflate_header+16);
118 size_t expanded_len = Read8(deflate_header+24);
119 size_t target_len = Read8(deflate_header+32);
120 int level = Read4(deflate_header+40);
121 int method = Read4(deflate_header+44);
122 int windowBits = Read4(deflate_header+48);
123 int memLevel = Read4(deflate_header+52);
124 int strategy = Read4(deflate_header+56);
125
126 // Decompress the source data; the chunk header tells us exactly
127 // how big we expect it to be when decompressed.
128
129 // Note: expanded_len will include the bonus data size if
130 // the patch was constructed with bonus data. The
131 // deflation will come up 'bonus_size' bytes short; these
132 // must be appended from the bonus_data value.
133 size_t bonus_size = (i == 1 && bonus_data != NULL) ? bonus_data->size : 0;
134
135 unsigned char* expanded_source = malloc(expanded_len);
136 if (expanded_source == NULL) {
137 printf("failed to allocate %zu bytes for expanded_source\n",
138 expanded_len);
139 return -1;
140 }
141
142 z_stream strm;
143 strm.zalloc = Z_NULL;
144 strm.zfree = Z_NULL;
145 strm.opaque = Z_NULL;
146 strm.avail_in = src_len;
147 strm.next_in = (unsigned char*)(old_data + src_start);
148 strm.avail_out = expanded_len;
149 strm.next_out = expanded_source;
150
151 int ret;
152 ret = inflateInit2(&strm, -15);
153 if (ret != Z_OK) {
154 printf("failed to init source inflation: %d\n", ret);
155 return -1;
156 }
157
158 // Because we've provided enough room to accommodate the output
159 // data, we expect one call to inflate() to suffice.
160 ret = inflate(&strm, Z_SYNC_FLUSH);
161 if (ret != Z_STREAM_END) {
162 printf("source inflation returned %d\n", ret);
163 return -1;
164 }
165 // We should have filled the output buffer exactly, except
166 // for the bonus_size.
167 if (strm.avail_out != bonus_size) {
168 printf("source inflation short by %zu bytes\n", strm.avail_out-bonus_size);
169 return -1;
170 }
171 inflateEnd(&strm);
172
173 if (bonus_size) {
174 memcpy(expanded_source + (expanded_len - bonus_size),
175 bonus_data->data, bonus_size);
176 }
177
178 // Next, apply the bsdiff patch (in memory) to the uncompressed
179 // data.
180 unsigned char* uncompressed_target_data;
181 ssize_t uncompressed_target_size;
182 if (ApplyBSDiffPatchMem(expanded_source, expanded_len,
183 patch, patch_offset,
184 &uncompressed_target_data,
185 &uncompressed_target_size) != 0) {
186 return -1;
187 }
188
189 // Now compress the target data and append it to the output.
190
191 // we're done with the expanded_source data buffer, so we'll
192 // reuse that memory to receive the output of deflate.
193 unsigned char* temp_data = expanded_source;
194 ssize_t temp_size = expanded_len;
195 if (temp_size < 32768) {
196 // ... unless the buffer is too small, in which case we'll
197 // allocate a fresh one.
198 free(temp_data);
199 temp_data = malloc(32768);
200 temp_size = 32768;
201 }
202
203 // now the deflate stream
204 strm.zalloc = Z_NULL;
205 strm.zfree = Z_NULL;
206 strm.opaque = Z_NULL;
207 strm.avail_in = uncompressed_target_size;
208 strm.next_in = uncompressed_target_data;
209 ret = deflateInit2(&strm, level, method, windowBits, memLevel, strategy);
210 do {
211 strm.avail_out = temp_size;
212 strm.next_out = temp_data;
213 ret = deflate(&strm, Z_FINISH);
214 ssize_t have = temp_size - strm.avail_out;
215
216 if (sink(temp_data, have, token) != have) {
217 printf("failed to write %ld compressed bytes to output\n",
218 (long)have);
219 return -1;
220 }
221 if (ctx) SHA_update(ctx, temp_data, have);
222 } while (ret != Z_STREAM_END);
223 deflateEnd(&strm);
224
225 free(temp_data);
226 free(uncompressed_target_data);
227 } else {
228 printf("patch chunk %d is unknown type %d\n", i, type);
229 return -1;
230 }
231 }
232
233 return 0;
234 }
235