1 /*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include "unflatten/BinaryResourceParser.h"
18
19 #include <algorithm>
20 #include <map>
21 #include <string>
22
23 #include "android-base/logging.h"
24 #include "android-base/macros.h"
25 #include "android-base/stringprintf.h"
26 #include "androidfw/ResourceTypes.h"
27 #include "androidfw/TypeWrappers.h"
28
29 #include "ResourceTable.h"
30 #include "ResourceUtils.h"
31 #include "ResourceValues.h"
32 #include "Source.h"
33 #include "ValueVisitor.h"
34 #include "unflatten/ResChunkPullParser.h"
35 #include "util/Util.h"
36
37 namespace aapt {
38
39 using namespace android;
40
41 using android::base::StringPrintf;
42
43 namespace {
44
45 /*
46 * Visitor that converts a reference's resource ID to a resource name,
47 * given a mapping from resource ID to resource name.
48 */
49 class ReferenceIdToNameVisitor : public ValueVisitor {
50 public:
51 using ValueVisitor::Visit;
52
ReferenceIdToNameVisitor(const std::map<ResourceId,ResourceName> * mapping)53 explicit ReferenceIdToNameVisitor(
54 const std::map<ResourceId, ResourceName>* mapping)
55 : mapping_(mapping) {
56 CHECK(mapping_ != nullptr);
57 }
58
Visit(Reference * reference)59 void Visit(Reference* reference) override {
60 if (!reference->id || !reference->id.value().is_valid()) {
61 return;
62 }
63
64 ResourceId id = reference->id.value();
65 auto cache_iter = mapping_->find(id);
66 if (cache_iter != mapping_->end()) {
67 reference->name = cache_iter->second;
68 }
69 }
70
71 private:
72 DISALLOW_COPY_AND_ASSIGN(ReferenceIdToNameVisitor);
73
74 const std::map<ResourceId, ResourceName>* mapping_;
75 };
76
77 } // namespace
78
BinaryResourceParser(IAaptContext * context,ResourceTable * table,const Source & source,const void * data,size_t len,io::IFileCollection * files)79 BinaryResourceParser::BinaryResourceParser(IAaptContext* context, ResourceTable* table,
80 const Source& source, const void* data, size_t len,
81 io::IFileCollection* files)
82 : context_(context),
83 table_(table),
84 source_(source),
85 data_(data),
86 data_len_(len),
87 files_(files) {
88 }
89
Parse()90 bool BinaryResourceParser::Parse() {
91 ResChunkPullParser parser(data_, data_len_);
92
93 if (!ResChunkPullParser::IsGoodEvent(parser.Next())) {
94 context_->GetDiagnostics()->Error(DiagMessage(source_)
95 << "corrupt resources.arsc: " << parser.error());
96 return false;
97 }
98
99 if (parser.chunk()->type != android::RES_TABLE_TYPE) {
100 context_->GetDiagnostics()->Error(DiagMessage(source_)
101 << StringPrintf("unknown chunk of type 0x%02x",
102 (int)parser.chunk()->type));
103 return false;
104 }
105
106 if (!ParseTable(parser.chunk())) {
107 return false;
108 }
109
110 if (parser.Next() != ResChunkPullParser::Event::kEndDocument) {
111 if (parser.event() == ResChunkPullParser::Event::kBadDocument) {
112 context_->GetDiagnostics()->Warn(
113 DiagMessage(source_) << "invalid chunk trailing RES_TABLE_TYPE: " << parser.error());
114 } else {
115 context_->GetDiagnostics()->Warn(
116 DiagMessage(source_) << StringPrintf(
117 "unexpected chunk of type 0x%02x trailing RES_TABLE_TYPE",
118 (int)parser.chunk()->type));
119 }
120 }
121 return true;
122 }
123
124 /**
125 * Parses the resource table, which contains all the packages, types, and
126 * entries.
127 */
ParseTable(const ResChunk_header * chunk)128 bool BinaryResourceParser::ParseTable(const ResChunk_header* chunk) {
129 const ResTable_header* table_header = ConvertTo<ResTable_header>(chunk);
130 if (!table_header) {
131 context_->GetDiagnostics()->Error(DiagMessage(source_)
132 << "corrupt ResTable_header chunk");
133 return false;
134 }
135
136 ResChunkPullParser parser(GetChunkData(&table_header->header),
137 GetChunkDataLen(&table_header->header));
138 while (ResChunkPullParser::IsGoodEvent(parser.Next())) {
139 switch (util::DeviceToHost16(parser.chunk()->type)) {
140 case android::RES_STRING_POOL_TYPE:
141 if (value_pool_.getError() == NO_INIT) {
142 status_t err = value_pool_.setTo(
143 parser.chunk(), util::DeviceToHost32(parser.chunk()->size));
144 if (err != NO_ERROR) {
145 context_->GetDiagnostics()->Error(
146 DiagMessage(source_) << "corrupt string pool in ResTable: "
147 << value_pool_.getError());
148 return false;
149 }
150
151 // Reserve some space for the strings we are going to add.
152 table_->string_pool.HintWillAdd(value_pool_.size(),
153 value_pool_.styleCount());
154 } else {
155 context_->GetDiagnostics()->Warn(
156 DiagMessage(source_) << "unexpected string pool in ResTable");
157 }
158 break;
159
160 case android::RES_TABLE_PACKAGE_TYPE:
161 if (!ParsePackage(parser.chunk())) {
162 return false;
163 }
164 break;
165
166 default:
167 context_->GetDiagnostics()->Warn(
168 DiagMessage(source_)
169 << "unexpected chunk type "
170 << (int)util::DeviceToHost16(parser.chunk()->type));
171 break;
172 }
173 }
174
175 if (parser.event() == ResChunkPullParser::Event::kBadDocument) {
176 context_->GetDiagnostics()->Error(
177 DiagMessage(source_) << "corrupt resource table: " << parser.error());
178 return false;
179 }
180 return true;
181 }
182
ParsePackage(const ResChunk_header * chunk)183 bool BinaryResourceParser::ParsePackage(const ResChunk_header* chunk) {
184 constexpr size_t kMinPackageSize =
185 sizeof(ResTable_package) - sizeof(ResTable_package::typeIdOffset);
186 const ResTable_package* package_header = ConvertTo<ResTable_package, kMinPackageSize>(chunk);
187 if (!package_header) {
188 context_->GetDiagnostics()->Error(DiagMessage(source_) << "corrupt ResTable_package chunk");
189 return false;
190 }
191
192 uint32_t package_id = util::DeviceToHost32(package_header->id);
193 if (package_id > std::numeric_limits<uint8_t>::max()) {
194 context_->GetDiagnostics()->Error(
195 DiagMessage(source_) << "package ID is too big (" << package_id << ")");
196 return false;
197 }
198
199 // Extract the package name.
200 size_t len = strnlen16((const char16_t*)package_header->name,
201 arraysize(package_header->name));
202 std::u16string package_name;
203 package_name.resize(len);
204 for (size_t i = 0; i < len; i++) {
205 package_name[i] = util::DeviceToHost16(package_header->name[i]);
206 }
207
208 ResourceTablePackage* package = table_->CreatePackage(
209 util::Utf16ToUtf8(package_name), static_cast<uint8_t>(package_id));
210 if (!package) {
211 context_->GetDiagnostics()->Error(
212 DiagMessage(source_) << "incompatible package '" << package_name
213 << "' with ID " << package_id);
214 return false;
215 }
216
217 // There can be multiple packages in a table, so
218 // clear the type and key pool in case they were set from a previous package.
219 type_pool_.uninit();
220 key_pool_.uninit();
221
222 ResChunkPullParser parser(GetChunkData(&package_header->header),
223 GetChunkDataLen(&package_header->header));
224 while (ResChunkPullParser::IsGoodEvent(parser.Next())) {
225 switch (util::DeviceToHost16(parser.chunk()->type)) {
226 case android::RES_STRING_POOL_TYPE:
227 if (type_pool_.getError() == NO_INIT) {
228 status_t err = type_pool_.setTo(
229 parser.chunk(), util::DeviceToHost32(parser.chunk()->size));
230 if (err != NO_ERROR) {
231 context_->GetDiagnostics()->Error(DiagMessage(source_)
232 << "corrupt type string pool in "
233 << "ResTable_package: "
234 << type_pool_.getError());
235 return false;
236 }
237 } else if (key_pool_.getError() == NO_INIT) {
238 status_t err = key_pool_.setTo(
239 parser.chunk(), util::DeviceToHost32(parser.chunk()->size));
240 if (err != NO_ERROR) {
241 context_->GetDiagnostics()->Error(DiagMessage(source_)
242 << "corrupt key string pool in "
243 << "ResTable_package: "
244 << key_pool_.getError());
245 return false;
246 }
247 } else {
248 context_->GetDiagnostics()->Warn(DiagMessage(source_)
249 << "unexpected string pool");
250 }
251 break;
252
253 case android::RES_TABLE_TYPE_SPEC_TYPE:
254 if (!ParseTypeSpec(parser.chunk())) {
255 return false;
256 }
257 break;
258
259 case android::RES_TABLE_TYPE_TYPE:
260 if (!ParseType(package, parser.chunk())) {
261 return false;
262 }
263 break;
264
265 case android::RES_TABLE_LIBRARY_TYPE:
266 if (!ParseLibrary(parser.chunk())) {
267 return false;
268 }
269 break;
270
271 default:
272 context_->GetDiagnostics()->Warn(
273 DiagMessage(source_)
274 << "unexpected chunk type "
275 << (int)util::DeviceToHost16(parser.chunk()->type));
276 break;
277 }
278 }
279
280 if (parser.event() == ResChunkPullParser::Event::kBadDocument) {
281 context_->GetDiagnostics()->Error(
282 DiagMessage(source_) << "corrupt ResTable_package: " << parser.error());
283 return false;
284 }
285
286 // Now go through the table and change local resource ID references to
287 // symbolic references.
288 ReferenceIdToNameVisitor visitor(&id_index_);
289 VisitAllValuesInTable(table_, &visitor);
290 return true;
291 }
292
ParseTypeSpec(const ResChunk_header * chunk)293 bool BinaryResourceParser::ParseTypeSpec(const ResChunk_header* chunk) {
294 if (type_pool_.getError() != NO_ERROR) {
295 context_->GetDiagnostics()->Error(DiagMessage(source_)
296 << "missing type string pool");
297 return false;
298 }
299
300 const ResTable_typeSpec* type_spec = ConvertTo<ResTable_typeSpec>(chunk);
301 if (!type_spec) {
302 context_->GetDiagnostics()->Error(DiagMessage(source_)
303 << "corrupt ResTable_typeSpec chunk");
304 return false;
305 }
306
307 if (type_spec->id == 0) {
308 context_->GetDiagnostics()->Error(DiagMessage(source_)
309 << "ResTable_typeSpec has invalid id: "
310 << type_spec->id);
311 return false;
312 }
313 return true;
314 }
315
ParseType(const ResourceTablePackage * package,const ResChunk_header * chunk)316 bool BinaryResourceParser::ParseType(const ResourceTablePackage* package,
317 const ResChunk_header* chunk) {
318 if (type_pool_.getError() != NO_ERROR) {
319 context_->GetDiagnostics()->Error(DiagMessage(source_)
320 << "missing type string pool");
321 return false;
322 }
323
324 if (key_pool_.getError() != NO_ERROR) {
325 context_->GetDiagnostics()->Error(DiagMessage(source_)
326 << "missing key string pool");
327 return false;
328 }
329
330 // Specify a manual size, because ResTable_type contains ResTable_config, which changes
331 // a lot and has its own code to handle variable size.
332 const ResTable_type* type = ConvertTo<ResTable_type, kResTableTypeMinSize>(chunk);
333 if (!type) {
334 context_->GetDiagnostics()->Error(DiagMessage(source_)
335 << "corrupt ResTable_type chunk");
336 return false;
337 }
338
339 if (type->id == 0) {
340 context_->GetDiagnostics()->Error(DiagMessage(source_)
341 << "ResTable_type has invalid id: "
342 << (int)type->id);
343 return false;
344 }
345
346 ConfigDescription config;
347 config.copyFromDtoH(type->config);
348
349 const std::string type_str = util::GetString(type_pool_, type->id - 1);
350
351 const ResourceType* parsed_type = ParseResourceType(type_str);
352 if (!parsed_type) {
353 context_->GetDiagnostics()->Error(
354 DiagMessage(source_) << "invalid type name '" << type_str
355 << "' for type with ID " << (int)type->id);
356 return false;
357 }
358
359 TypeVariant tv(type);
360 for (auto it = tv.beginEntries(); it != tv.endEntries(); ++it) {
361 const ResTable_entry* entry = *it;
362 if (!entry) {
363 continue;
364 }
365
366 const ResourceName name(
367 package->name, *parsed_type,
368 util::GetString(key_pool_, util::DeviceToHost32(entry->key.index)));
369
370 const ResourceId res_id(package->id.value(), type->id,
371 static_cast<uint16_t>(it.index()));
372
373 std::unique_ptr<Value> resource_value;
374 if (entry->flags & ResTable_entry::FLAG_COMPLEX) {
375 const ResTable_map_entry* mapEntry = static_cast<const ResTable_map_entry*>(entry);
376
377 // TODO(adamlesinski): Check that the entry count is valid.
378 resource_value = ParseMapEntry(name, config, mapEntry);
379 } else {
380 const Res_value* value =
381 (const Res_value*)((const uint8_t*)entry + util::DeviceToHost32(entry->size));
382 resource_value = ParseValue(name, config, *value);
383 }
384
385 if (!resource_value) {
386 context_->GetDiagnostics()->Error(
387 DiagMessage(source_) << "failed to parse value for resource " << name
388 << " (" << res_id << ") with configuration '"
389 << config << "'");
390 return false;
391 }
392
393 if (!table_->AddResourceAllowMangled(name, res_id, config, {}, std::move(resource_value),
394 context_->GetDiagnostics())) {
395 return false;
396 }
397
398 if ((entry->flags & ResTable_entry::FLAG_PUBLIC) != 0) {
399 Symbol symbol;
400 symbol.state = SymbolState::kPublic;
401 symbol.source = source_.WithLine(0);
402 if (!table_->SetSymbolStateAllowMangled(name, res_id, symbol, context_->GetDiagnostics())) {
403 return false;
404 }
405 }
406
407 // Add this resource name->id mapping to the index so
408 // that we can resolve all ID references to name references.
409 auto cache_iter = id_index_.find(res_id);
410 if (cache_iter == id_index_.end()) {
411 id_index_.insert({res_id, name});
412 }
413 }
414 return true;
415 }
416
ParseLibrary(const ResChunk_header * chunk)417 bool BinaryResourceParser::ParseLibrary(const ResChunk_header* chunk) {
418 DynamicRefTable dynamic_ref_table;
419 if (dynamic_ref_table.load(reinterpret_cast<const ResTable_lib_header*>(chunk)) != NO_ERROR) {
420 return false;
421 }
422
423 const KeyedVector<String16, uint8_t>& entries = dynamic_ref_table.entries();
424 const size_t count = entries.size();
425 for (size_t i = 0; i < count; i++) {
426 table_->included_packages_[entries.valueAt(i)] =
427 util::Utf16ToUtf8(StringPiece16(entries.keyAt(i).string()));
428 }
429 return true;
430 }
431
ParseValue(const ResourceNameRef & name,const ConfigDescription & config,const android::Res_value & value)432 std::unique_ptr<Item> BinaryResourceParser::ParseValue(const ResourceNameRef& name,
433 const ConfigDescription& config,
434 const android::Res_value& value) {
435 std::unique_ptr<Item> item = ResourceUtils::ParseBinaryResValue(name.type, config, value_pool_,
436 value, &table_->string_pool);
437 if (files_ != nullptr && item != nullptr) {
438 FileReference* file_ref = ValueCast<FileReference>(item.get());
439 if (file_ref != nullptr) {
440 file_ref->file = files_->FindFile(*file_ref->path);
441 if (file_ref->file == nullptr) {
442 context_->GetDiagnostics()->Warn(DiagMessage() << "resource " << name << " for config '"
443 << config << "' is a file reference to '"
444 << *file_ref->path
445 << "' but no such path exists");
446 }
447 }
448 }
449 return item;
450 }
451
ParseMapEntry(const ResourceNameRef & name,const ConfigDescription & config,const ResTable_map_entry * map)452 std::unique_ptr<Value> BinaryResourceParser::ParseMapEntry(
453 const ResourceNameRef& name, const ConfigDescription& config,
454 const ResTable_map_entry* map) {
455 switch (name.type) {
456 case ResourceType::kStyle:
457 return ParseStyle(name, config, map);
458 case ResourceType::kAttrPrivate:
459 // fallthrough
460 case ResourceType::kAttr:
461 return ParseAttr(name, config, map);
462 case ResourceType::kArray:
463 return ParseArray(name, config, map);
464 case ResourceType::kPlurals:
465 return ParsePlural(name, config, map);
466 case ResourceType::kId:
467 // Special case: An ID is not a bag, but some apps have defined the auto-generated
468 // IDs that come from declaring an enum value in an attribute as an empty map...
469 // We can ignore the value here.
470 return util::make_unique<Id>();
471 default:
472 context_->GetDiagnostics()->Error(DiagMessage() << "illegal map type '" << ToString(name.type)
473 << "' (" << (int)name.type << ")");
474 break;
475 }
476 return {};
477 }
478
ParseStyle(const ResourceNameRef & name,const ConfigDescription & config,const ResTable_map_entry * map)479 std::unique_ptr<Style> BinaryResourceParser::ParseStyle(
480 const ResourceNameRef& name, const ConfigDescription& config,
481 const ResTable_map_entry* map) {
482 std::unique_ptr<Style> style = util::make_unique<Style>();
483 if (util::DeviceToHost32(map->parent.ident) != 0) {
484 // The parent is a regular reference to a resource.
485 style->parent = Reference(util::DeviceToHost32(map->parent.ident));
486 }
487
488 for (const ResTable_map& map_entry : map) {
489 if (Res_INTERNALID(util::DeviceToHost32(map_entry.name.ident))) {
490 continue;
491 }
492
493 Style::Entry style_entry;
494 style_entry.key = Reference(util::DeviceToHost32(map_entry.name.ident));
495 style_entry.value = ParseValue(name, config, map_entry.value);
496 if (!style_entry.value) {
497 return {};
498 }
499 style->entries.push_back(std::move(style_entry));
500 }
501 return style;
502 }
503
ParseAttr(const ResourceNameRef & name,const ConfigDescription & config,const ResTable_map_entry * map)504 std::unique_ptr<Attribute> BinaryResourceParser::ParseAttr(
505 const ResourceNameRef& name, const ConfigDescription& config,
506 const ResTable_map_entry* map) {
507 const bool is_weak =
508 (util::DeviceToHost16(map->flags) & ResTable_entry::FLAG_WEAK) != 0;
509 std::unique_ptr<Attribute> attr = util::make_unique<Attribute>(is_weak);
510
511 // First we must discover what type of attribute this is. Find the type mask.
512 auto type_mask_iter =
513 std::find_if(begin(map), end(map), [](const ResTable_map& entry) -> bool {
514 return util::DeviceToHost32(entry.name.ident) ==
515 ResTable_map::ATTR_TYPE;
516 });
517
518 if (type_mask_iter != end(map)) {
519 attr->type_mask = util::DeviceToHost32(type_mask_iter->value.data);
520 }
521
522 for (const ResTable_map& map_entry : map) {
523 if (Res_INTERNALID(util::DeviceToHost32(map_entry.name.ident))) {
524 switch (util::DeviceToHost32(map_entry.name.ident)) {
525 case ResTable_map::ATTR_MIN:
526 attr->min_int = static_cast<int32_t>(map_entry.value.data);
527 break;
528 case ResTable_map::ATTR_MAX:
529 attr->max_int = static_cast<int32_t>(map_entry.value.data);
530 break;
531 }
532 continue;
533 }
534
535 if (attr->type_mask &
536 (ResTable_map::TYPE_ENUM | ResTable_map::TYPE_FLAGS)) {
537 Attribute::Symbol symbol;
538 symbol.value = util::DeviceToHost32(map_entry.value.data);
539 symbol.symbol = Reference(util::DeviceToHost32(map_entry.name.ident));
540 attr->symbols.push_back(std::move(symbol));
541 }
542 }
543
544 // TODO(adamlesinski): Find i80n, attributes.
545 return attr;
546 }
547
ParseArray(const ResourceNameRef & name,const ConfigDescription & config,const ResTable_map_entry * map)548 std::unique_ptr<Array> BinaryResourceParser::ParseArray(
549 const ResourceNameRef& name, const ConfigDescription& config,
550 const ResTable_map_entry* map) {
551 std::unique_ptr<Array> array = util::make_unique<Array>();
552 for (const ResTable_map& map_entry : map) {
553 array->items.push_back(ParseValue(name, config, map_entry.value));
554 }
555 return array;
556 }
557
ParsePlural(const ResourceNameRef & name,const ConfigDescription & config,const ResTable_map_entry * map)558 std::unique_ptr<Plural> BinaryResourceParser::ParsePlural(
559 const ResourceNameRef& name, const ConfigDescription& config,
560 const ResTable_map_entry* map) {
561 std::unique_ptr<Plural> plural = util::make_unique<Plural>();
562 for (const ResTable_map& map_entry : map) {
563 std::unique_ptr<Item> item = ParseValue(name, config, map_entry.value);
564 if (!item) {
565 return {};
566 }
567
568 switch (util::DeviceToHost32(map_entry.name.ident)) {
569 case ResTable_map::ATTR_ZERO:
570 plural->values[Plural::Zero] = std::move(item);
571 break;
572 case ResTable_map::ATTR_ONE:
573 plural->values[Plural::One] = std::move(item);
574 break;
575 case ResTable_map::ATTR_TWO:
576 plural->values[Plural::Two] = std::move(item);
577 break;
578 case ResTable_map::ATTR_FEW:
579 plural->values[Plural::Few] = std::move(item);
580 break;
581 case ResTable_map::ATTR_MANY:
582 plural->values[Plural::Many] = std::move(item);
583 break;
584 case ResTable_map::ATTR_OTHER:
585 plural->values[Plural::Other] = std::move(item);
586 break;
587 }
588 }
589 return plural;
590 }
591
592 } // namespace aapt
593