1 /* $NetBSD: cdf.c,v 1.18 2019/05/22 17:26:05 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 2008 Christos Zoulas 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 * POSSIBILITY OF SUCH DAMAGE. 27 */ 28 /* 29 * Parse Composite Document Files, the format used in Microsoft Office 30 * document files before they switched to zipped XML. 31 * Info from: http://sc.openoffice.org/compdocfileformat.pdf 32 * 33 * N.B. This is the "Composite Document File" format, and not the 34 * "Compound Document Format", nor the "Channel Definition Format". 35 */ 36 37 #include "file.h" 38 39 #ifndef lint 40 #if 0 41 FILE_RCSID("@(#)$File: cdf.c,v 1.114 2019/02/20 02:35:27 christos Exp $") 42 #else 43 __RCSID("$NetBSD: cdf.c,v 1.18 2019/05/22 17:26:05 christos Exp $"); 44 #endif 45 #endif 46 47 #include <assert.h> 48 #ifdef CDF_DEBUG 49 #include <err.h> 50 #endif 51 #include <stdlib.h> 52 #include <unistd.h> 53 #include <string.h> 54 #include <time.h> 55 #include <ctype.h> 56 #include <limits.h> 57 58 #ifndef EFTYPE 59 #define EFTYPE EINVAL 60 #endif 61 62 #include "cdf.h" 63 64 #ifdef CDF_DEBUG 65 #define DPRINTF(a) printf a, fflush(stdout) 66 #else 67 #define DPRINTF(a) 68 #endif 69 70 static union { 71 char s[4]; 72 uint32_t u; 73 } cdf_bo; 74 75 #define NEED_SWAP (cdf_bo.u == CAST(uint32_t, 0x01020304)) 76 77 #define CDF_TOLE8(x) \ 78 (CAST(uint64_t, NEED_SWAP ? _cdf_tole8(x) : CAST(uint64_t, x))) 79 #define CDF_TOLE4(x) \ 80 (CAST(uint32_t, NEED_SWAP ? _cdf_tole4(x) : CAST(uint32_t, x))) 81 #define CDF_TOLE2(x) \ 82 (CAST(uint16_t, NEED_SWAP ? _cdf_tole2(x) : CAST(uint16_t, x))) 83 #define CDF_TOLE(x) (/*CONSTCOND*/sizeof(x) == 2 ? \ 84 CDF_TOLE2(CAST(uint16_t, x)) : \ 85 (/*CONSTCOND*/sizeof(x) == 4 ? \ 86 CDF_TOLE4(CAST(uint32_t, x)) : \ 87 CDF_TOLE8(CAST(uint64_t, x)))) 88 #define CDF_GETUINT32(x, y) cdf_getuint32(x, y) 89 90 #define CDF_MALLOC(n) cdf_malloc(__FILE__, __LINE__, (n)) 91 #define CDF_REALLOC(p, n) cdf_realloc(__FILE__, __LINE__, (p), (n)) 92 #define CDF_CALLOC(n, u) cdf_calloc(__FILE__, __LINE__, (n), (u)) 93 94 95 /*ARGSUSED*/ 96 static void * 97 cdf_malloc(const char *file __attribute__((__unused__)), 98 size_t line __attribute__((__unused__)), size_t n) 99 { 100 DPRINTF(("%s,%" SIZE_T_FORMAT "u: %s %" SIZE_T_FORMAT "u\n", 101 file, line, __func__, n)); 102 return malloc(n); 103 } 104 105 /*ARGSUSED*/ 106 static void * 107 cdf_realloc(const char *file __attribute__((__unused__)), 108 size_t line __attribute__((__unused__)), void *p, size_t n) 109 { 110 DPRINTF(("%s,%" SIZE_T_FORMAT "u: %s %" SIZE_T_FORMAT "u\n", 111 file, line, __func__, n)); 112 return realloc(p, n); 113 } 114 115 /*ARGSUSED*/ 116 static void * 117 cdf_calloc(const char *file __attribute__((__unused__)), 118 size_t line __attribute__((__unused__)), size_t n, size_t u) 119 { 120 DPRINTF(("%s,%" SIZE_T_FORMAT "u: %s %" SIZE_T_FORMAT "u %" 121 SIZE_T_FORMAT "u\n", file, line, __func__, n, u)); 122 return calloc(n, u); 123 } 124 125 /* 126 * swap a short 127 */ 128 static uint16_t 129 _cdf_tole2(uint16_t sv) 130 { 131 uint16_t rv; 132 uint8_t *s = RCAST(uint8_t *, RCAST(void *, &sv)); 133 uint8_t *d = RCAST(uint8_t *, RCAST(void *, &rv)); 134 d[0] = s[1]; 135 d[1] = s[0]; 136 return rv; 137 } 138 139 /* 140 * swap an int 141 */ 142 static uint32_t 143 _cdf_tole4(uint32_t sv) 144 { 145 uint32_t rv; 146 uint8_t *s = RCAST(uint8_t *, RCAST(void *, &sv)); 147 uint8_t *d = RCAST(uint8_t *, RCAST(void *, &rv)); 148 d[0] = s[3]; 149 d[1] = s[2]; 150 d[2] = s[1]; 151 d[3] = s[0]; 152 return rv; 153 } 154 155 /* 156 * swap a quad 157 */ 158 static uint64_t 159 _cdf_tole8(uint64_t sv) 160 { 161 uint64_t rv; 162 uint8_t *s = RCAST(uint8_t *, RCAST(void *, &sv)); 163 uint8_t *d = RCAST(uint8_t *, RCAST(void *, &rv)); 164 d[0] = s[7]; 165 d[1] = s[6]; 166 d[2] = s[5]; 167 d[3] = s[4]; 168 d[4] = s[3]; 169 d[5] = s[2]; 170 d[6] = s[1]; 171 d[7] = s[0]; 172 return rv; 173 } 174 175 /* 176 * grab a uint32_t from a possibly unaligned address, and return it in 177 * the native host order. 178 */ 179 static uint32_t 180 cdf_getuint32(const uint8_t *p, size_t offs) 181 { 182 uint32_t rv; 183 (void)memcpy(&rv, p + offs * sizeof(uint32_t), sizeof(rv)); 184 return CDF_TOLE4(rv); 185 } 186 187 #define CDF_UNPACK(a) \ 188 (void)memcpy(&(a), &buf[len], sizeof(a)), len += sizeof(a) 189 #define CDF_UNPACKA(a) \ 190 (void)memcpy((a), &buf[len], sizeof(a)), len += sizeof(a) 191 192 uint16_t 193 cdf_tole2(uint16_t sv) 194 { 195 return CDF_TOLE2(sv); 196 } 197 198 uint32_t 199 cdf_tole4(uint32_t sv) 200 { 201 return CDF_TOLE4(sv); 202 } 203 204 uint64_t 205 cdf_tole8(uint64_t sv) 206 { 207 return CDF_TOLE8(sv); 208 } 209 210 void 211 cdf_swap_header(cdf_header_t *h) 212 { 213 size_t i; 214 215 h->h_magic = CDF_TOLE8(h->h_magic); 216 h->h_uuid[0] = CDF_TOLE8(h->h_uuid[0]); 217 h->h_uuid[1] = CDF_TOLE8(h->h_uuid[1]); 218 h->h_revision = CDF_TOLE2(h->h_revision); 219 h->h_version = CDF_TOLE2(h->h_version); 220 h->h_byte_order = CDF_TOLE2(h->h_byte_order); 221 h->h_sec_size_p2 = CDF_TOLE2(h->h_sec_size_p2); 222 h->h_short_sec_size_p2 = CDF_TOLE2(h->h_short_sec_size_p2); 223 h->h_num_sectors_in_sat = CDF_TOLE4(h->h_num_sectors_in_sat); 224 h->h_secid_first_directory = CDF_TOLE4(h->h_secid_first_directory); 225 h->h_min_size_standard_stream = 226 CDF_TOLE4(h->h_min_size_standard_stream); 227 h->h_secid_first_sector_in_short_sat = 228 CDF_TOLE4(CAST(uint32_t, h->h_secid_first_sector_in_short_sat)); 229 h->h_num_sectors_in_short_sat = 230 CDF_TOLE4(h->h_num_sectors_in_short_sat); 231 h->h_secid_first_sector_in_master_sat = 232 CDF_TOLE4(CAST(uint32_t, h->h_secid_first_sector_in_master_sat)); 233 h->h_num_sectors_in_master_sat = 234 CDF_TOLE4(h->h_num_sectors_in_master_sat); 235 for (i = 0; i < __arraycount(h->h_master_sat); i++) { 236 h->h_master_sat[i] = 237 CDF_TOLE4(CAST(uint32_t, h->h_master_sat[i])); 238 } 239 } 240 241 void 242 cdf_unpack_header(cdf_header_t *h, char *buf) 243 { 244 size_t i; 245 size_t len = 0; 246 247 CDF_UNPACK(h->h_magic); 248 CDF_UNPACKA(h->h_uuid); 249 CDF_UNPACK(h->h_revision); 250 CDF_UNPACK(h->h_version); 251 CDF_UNPACK(h->h_byte_order); 252 CDF_UNPACK(h->h_sec_size_p2); 253 CDF_UNPACK(h->h_short_sec_size_p2); 254 CDF_UNPACKA(h->h_unused0); 255 CDF_UNPACK(h->h_num_sectors_in_sat); 256 CDF_UNPACK(h->h_secid_first_directory); 257 CDF_UNPACKA(h->h_unused1); 258 CDF_UNPACK(h->h_min_size_standard_stream); 259 CDF_UNPACK(h->h_secid_first_sector_in_short_sat); 260 CDF_UNPACK(h->h_num_sectors_in_short_sat); 261 CDF_UNPACK(h->h_secid_first_sector_in_master_sat); 262 CDF_UNPACK(h->h_num_sectors_in_master_sat); 263 for (i = 0; i < __arraycount(h->h_master_sat); i++) 264 CDF_UNPACK(h->h_master_sat[i]); 265 } 266 267 void 268 cdf_swap_dir(cdf_directory_t *d) 269 { 270 d->d_namelen = CDF_TOLE2(d->d_namelen); 271 d->d_left_child = CDF_TOLE4(CAST(uint32_t, d->d_left_child)); 272 d->d_right_child = CDF_TOLE4(CAST(uint32_t, d->d_right_child)); 273 d->d_storage = CDF_TOLE4(CAST(uint32_t, d->d_storage)); 274 d->d_storage_uuid[0] = CDF_TOLE8(d->d_storage_uuid[0]); 275 d->d_storage_uuid[1] = CDF_TOLE8(d->d_storage_uuid[1]); 276 d->d_flags = CDF_TOLE4(d->d_flags); 277 d->d_created = CDF_TOLE8(CAST(uint64_t, d->d_created)); 278 d->d_modified = CDF_TOLE8(CAST(uint64_t, d->d_modified)); 279 d->d_stream_first_sector = CDF_TOLE4( 280 CAST(uint32_t, d->d_stream_first_sector)); 281 d->d_size = CDF_TOLE4(d->d_size); 282 } 283 284 void 285 cdf_swap_class(cdf_classid_t *d) 286 { 287 d->cl_dword = CDF_TOLE4(d->cl_dword); 288 d->cl_word[0] = CDF_TOLE2(d->cl_word[0]); 289 d->cl_word[1] = CDF_TOLE2(d->cl_word[1]); 290 } 291 292 void 293 cdf_unpack_dir(cdf_directory_t *d, char *buf) 294 { 295 size_t len = 0; 296 297 CDF_UNPACKA(d->d_name); 298 CDF_UNPACK(d->d_namelen); 299 CDF_UNPACK(d->d_type); 300 CDF_UNPACK(d->d_color); 301 CDF_UNPACK(d->d_left_child); 302 CDF_UNPACK(d->d_right_child); 303 CDF_UNPACK(d->d_storage); 304 CDF_UNPACKA(d->d_storage_uuid); 305 CDF_UNPACK(d->d_flags); 306 CDF_UNPACK(d->d_created); 307 CDF_UNPACK(d->d_modified); 308 CDF_UNPACK(d->d_stream_first_sector); 309 CDF_UNPACK(d->d_size); 310 CDF_UNPACK(d->d_unused0); 311 } 312 313 int 314 cdf_zero_stream(cdf_stream_t *scn) 315 { 316 scn->sst_len = 0; 317 scn->sst_dirlen = 0; 318 scn->sst_ss = 0; 319 free(scn->sst_tab); 320 scn->sst_tab = NULL; 321 return -1; 322 } 323 324 static size_t 325 cdf_check_stream(const cdf_stream_t *sst, const cdf_header_t *h) 326 { 327 size_t ss = sst->sst_dirlen < h->h_min_size_standard_stream ? 328 CDF_SHORT_SEC_SIZE(h) : CDF_SEC_SIZE(h); 329 assert(ss == sst->sst_ss); 330 return sst->sst_ss; 331 } 332 333 static int 334 cdf_check_stream_offset(const cdf_stream_t *sst, const cdf_header_t *h, 335 const void *p, size_t tail, int line) 336 { 337 const char *b = RCAST(const char *, sst->sst_tab); 338 const char *e = RCAST(const char *, p) + tail; 339 size_t ss = cdf_check_stream(sst, h); 340 /*LINTED*/(void)&line; 341 if (e >= b && CAST(size_t, e - b) <= ss * sst->sst_len) 342 return 0; 343 DPRINTF(("%d: offset begin %p < end %p || %" SIZE_T_FORMAT "u" 344 " > %" SIZE_T_FORMAT "u [%" SIZE_T_FORMAT "u %" 345 SIZE_T_FORMAT "u]\n", line, b, e, (size_t)(e - b), 346 ss * sst->sst_len, ss, sst->sst_len)); 347 errno = EFTYPE; 348 return -1; 349 } 350 351 static ssize_t 352 cdf_read(const cdf_info_t *info, off_t off, void *buf, size_t len) 353 { 354 size_t siz = CAST(size_t, off + len); 355 356 if (CAST(off_t, off + len) != CAST(off_t, siz)) 357 goto out; 358 359 if (info->i_buf != NULL && info->i_len >= siz) { 360 (void)memcpy(buf, &info->i_buf[off], len); 361 return CAST(ssize_t, len); 362 } 363 364 if (info->i_fd == -1) 365 goto out; 366 367 if (pread(info->i_fd, buf, len, off) != CAST(ssize_t, len)) 368 return -1; 369 370 return CAST(ssize_t, len); 371 out: 372 errno = EINVAL; 373 return -1; 374 } 375 376 int 377 cdf_read_header(const cdf_info_t *info, cdf_header_t *h) 378 { 379 char buf[512]; 380 381 (void)memcpy(cdf_bo.s, "\01\02\03\04", 4); 382 if (cdf_read(info, CAST(off_t, 0), buf, sizeof(buf)) == -1) 383 return -1; 384 cdf_unpack_header(h, buf); 385 cdf_swap_header(h); 386 if (h->h_magic != CDF_MAGIC) { 387 DPRINTF(("Bad magic %#" INT64_T_FORMAT "x != %#" 388 INT64_T_FORMAT "x\n", 389 (unsigned long long)h->h_magic, 390 (unsigned long long)CDF_MAGIC)); 391 goto out; 392 } 393 if (h->h_sec_size_p2 > 20) { 394 DPRINTF(("Bad sector size %hu\n", h->h_sec_size_p2)); 395 goto out; 396 } 397 if (h->h_short_sec_size_p2 > 20) { 398 DPRINTF(("Bad short sector size %hu\n", 399 h->h_short_sec_size_p2)); 400 goto out; 401 } 402 return 0; 403 out: 404 errno = EFTYPE; 405 return -1; 406 } 407 408 409 ssize_t 410 cdf_read_sector(const cdf_info_t *info, void *buf, size_t offs, size_t len, 411 const cdf_header_t *h, cdf_secid_t id) 412 { 413 size_t ss = CDF_SEC_SIZE(h); 414 size_t pos = CDF_SEC_POS(h, id); 415 assert(ss == len); 416 return cdf_read(info, CAST(off_t, pos), RCAST(char *, buf) + offs, len); 417 } 418 419 ssize_t 420 cdf_read_short_sector(const cdf_stream_t *sst, void *buf, size_t offs, 421 size_t len, const cdf_header_t *h, cdf_secid_t id) 422 { 423 size_t ss = CDF_SHORT_SEC_SIZE(h); 424 size_t pos = CDF_SHORT_SEC_POS(h, id); 425 assert(ss == len); 426 if (pos + len > CDF_SEC_SIZE(h) * sst->sst_len) { 427 DPRINTF(("Out of bounds read %" SIZE_T_FORMAT "u > %" 428 SIZE_T_FORMAT "u\n", 429 pos + len, CDF_SEC_SIZE(h) * sst->sst_len)); 430 goto out; 431 } 432 (void)memcpy(RCAST(char *, buf) + offs, 433 RCAST(const char *, sst->sst_tab) + pos, len); 434 return len; 435 out: 436 errno = EFTYPE; 437 return -1; 438 } 439 440 /* 441 * Read the sector allocation table. 442 */ 443 int 444 cdf_read_sat(const cdf_info_t *info, cdf_header_t *h, cdf_sat_t *sat) 445 { 446 size_t i, j, k; 447 size_t ss = CDF_SEC_SIZE(h); 448 cdf_secid_t *msa, mid, sec; 449 size_t nsatpersec = (ss / sizeof(mid)) - 1; 450 451 for (i = 0; i < __arraycount(h->h_master_sat); i++) 452 if (h->h_master_sat[i] == CDF_SECID_FREE) 453 break; 454 455 #define CDF_SEC_LIMIT (UINT32_MAX / (64 * ss)) 456 if ((nsatpersec > 0 && 457 h->h_num_sectors_in_master_sat > CDF_SEC_LIMIT / nsatpersec) || 458 i > CDF_SEC_LIMIT) { 459 DPRINTF(("Number of sectors in master SAT too big %u %" 460 SIZE_T_FORMAT "u\n", h->h_num_sectors_in_master_sat, i)); 461 errno = EFTYPE; 462 return -1; 463 } 464 465 sat->sat_len = h->h_num_sectors_in_master_sat * nsatpersec + i; 466 DPRINTF(("sat_len = %" SIZE_T_FORMAT "u ss = %" SIZE_T_FORMAT "u\n", 467 sat->sat_len, ss)); 468 if ((sat->sat_tab = CAST(cdf_secid_t *, CDF_CALLOC(sat->sat_len, ss))) 469 == NULL) 470 return -1; 471 472 for (i = 0; i < __arraycount(h->h_master_sat); i++) { 473 if (h->h_master_sat[i] < 0) 474 break; 475 if (cdf_read_sector(info, sat->sat_tab, ss * i, ss, h, 476 h->h_master_sat[i]) != CAST(ssize_t, ss)) { 477 DPRINTF(("Reading sector %d", h->h_master_sat[i])); 478 goto out1; 479 } 480 } 481 482 if ((msa = CAST(cdf_secid_t *, CDF_CALLOC(1, ss))) == NULL) 483 goto out1; 484 485 mid = h->h_secid_first_sector_in_master_sat; 486 for (j = 0; j < h->h_num_sectors_in_master_sat; j++) { 487 if (mid < 0) 488 goto out; 489 if (j >= CDF_LOOP_LIMIT) { 490 DPRINTF(("Reading master sector loop limit")); 491 goto out3; 492 } 493 if (cdf_read_sector(info, msa, 0, ss, h, mid) != 494 CAST(ssize_t, ss)) { 495 DPRINTF(("Reading master sector %d", mid)); 496 goto out2; 497 } 498 for (k = 0; k < nsatpersec; k++, i++) { 499 sec = CDF_TOLE4(CAST(uint32_t, msa[k])); 500 if (sec < 0) 501 goto out; 502 if (i >= sat->sat_len) { 503 DPRINTF(("Out of bounds reading MSA %" 504 SIZE_T_FORMAT "u >= %" SIZE_T_FORMAT "u", 505 i, sat->sat_len)); 506 goto out3; 507 } 508 if (cdf_read_sector(info, sat->sat_tab, ss * i, ss, h, 509 sec) != CAST(ssize_t, ss)) { 510 DPRINTF(("Reading sector %d", 511 CDF_TOLE4(msa[k]))); 512 goto out2; 513 } 514 } 515 mid = CDF_TOLE4(CAST(uint32_t, msa[nsatpersec])); 516 } 517 out: 518 sat->sat_len = i; 519 free(msa); 520 return 0; 521 out3: 522 errno = EFTYPE; 523 out2: 524 free(msa); 525 out1: 526 free(sat->sat_tab); 527 return -1; 528 } 529 530 size_t 531 cdf_count_chain(const cdf_sat_t *sat, cdf_secid_t sid, size_t size) 532 { 533 size_t i, j; 534 cdf_secid_t maxsector = CAST(cdf_secid_t, (sat->sat_len * size) 535 / sizeof(maxsector)); 536 537 DPRINTF(("Chain:")); 538 if (sid == CDF_SECID_END_OF_CHAIN) { 539 /* 0-length chain. */ 540 DPRINTF((" empty\n")); 541 return 0; 542 } 543 544 for (j = i = 0; sid >= 0; i++, j++) { 545 DPRINTF((" %d", sid)); 546 if (j >= CDF_LOOP_LIMIT) { 547 DPRINTF(("Counting chain loop limit")); 548 goto out; 549 } 550 if (sid >= maxsector) { 551 DPRINTF(("Sector %d >= %d\n", sid, maxsector)); 552 goto out; 553 } 554 sid = CDF_TOLE4(CAST(uint32_t, sat->sat_tab[sid])); 555 } 556 if (i == 0) { 557 DPRINTF((" none, sid: %d\n", sid)); 558 goto out; 559 560 } 561 DPRINTF(("\n")); 562 return i; 563 out: 564 errno = EFTYPE; 565 return CAST(size_t, -1); 566 } 567 568 int 569 cdf_read_long_sector_chain(const cdf_info_t *info, const cdf_header_t *h, 570 const cdf_sat_t *sat, cdf_secid_t sid, size_t len, cdf_stream_t *scn) 571 { 572 size_t ss = CDF_SEC_SIZE(h), i, j; 573 ssize_t nr; 574 scn->sst_tab = NULL; 575 scn->sst_len = cdf_count_chain(sat, sid, ss); 576 scn->sst_dirlen = MAX(h->h_min_size_standard_stream, len); 577 scn->sst_ss = ss; 578 579 if (sid == CDF_SECID_END_OF_CHAIN || len == 0) 580 return cdf_zero_stream(scn); 581 582 if (scn->sst_len == CAST(size_t, -1)) 583 goto out; 584 585 scn->sst_tab = CDF_CALLOC(scn->sst_len, ss); 586 if (scn->sst_tab == NULL) 587 return cdf_zero_stream(scn); 588 589 for (j = i = 0; sid >= 0; i++, j++) { 590 if (j >= CDF_LOOP_LIMIT) { 591 DPRINTF(("Read long sector chain loop limit")); 592 goto out; 593 } 594 if (i >= scn->sst_len) { 595 DPRINTF(("Out of bounds reading long sector chain " 596 "%" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n", i, 597 scn->sst_len)); 598 goto out; 599 } 600 if ((nr = cdf_read_sector(info, scn->sst_tab, i * ss, ss, h, 601 sid)) != CAST(ssize_t, ss)) { 602 if (i == scn->sst_len - 1 && nr > 0) { 603 /* Last sector might be truncated */ 604 return 0; 605 } 606 DPRINTF(("Reading long sector chain %d", sid)); 607 goto out; 608 } 609 sid = CDF_TOLE4(CAST(uint32_t, sat->sat_tab[sid])); 610 } 611 return 0; 612 out: 613 errno = EFTYPE; 614 return cdf_zero_stream(scn); 615 } 616 617 int 618 cdf_read_short_sector_chain(const cdf_header_t *h, 619 const cdf_sat_t *ssat, const cdf_stream_t *sst, 620 cdf_secid_t sid, size_t len, cdf_stream_t *scn) 621 { 622 size_t ss = CDF_SHORT_SEC_SIZE(h), i, j; 623 scn->sst_tab = NULL; 624 scn->sst_len = cdf_count_chain(ssat, sid, CDF_SEC_SIZE(h)); 625 scn->sst_dirlen = len; 626 scn->sst_ss = ss; 627 628 if (scn->sst_len == CAST(size_t, -1)) 629 goto out; 630 631 scn->sst_tab = CDF_CALLOC(scn->sst_len, ss); 632 if (scn->sst_tab == NULL) 633 return cdf_zero_stream(scn); 634 635 for (j = i = 0; sid >= 0; i++, j++) { 636 if (j >= CDF_LOOP_LIMIT) { 637 DPRINTF(("Read short sector chain loop limit")); 638 goto out; 639 } 640 if (i >= scn->sst_len) { 641 DPRINTF(("Out of bounds reading short sector chain " 642 "%" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n", 643 i, scn->sst_len)); 644 goto out; 645 } 646 if (cdf_read_short_sector(sst, scn->sst_tab, i * ss, ss, h, 647 sid) != CAST(ssize_t, ss)) { 648 DPRINTF(("Reading short sector chain %d", sid)); 649 goto out; 650 } 651 sid = CDF_TOLE4(CAST(uint32_t, ssat->sat_tab[sid])); 652 } 653 return 0; 654 out: 655 errno = EFTYPE; 656 return cdf_zero_stream(scn); 657 } 658 659 int 660 cdf_read_sector_chain(const cdf_info_t *info, const cdf_header_t *h, 661 const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, 662 cdf_secid_t sid, size_t len, cdf_stream_t *scn) 663 { 664 665 if (len < h->h_min_size_standard_stream && sst->sst_tab != NULL) 666 return cdf_read_short_sector_chain(h, ssat, sst, sid, len, 667 scn); 668 else 669 return cdf_read_long_sector_chain(info, h, sat, sid, len, scn); 670 } 671 672 int 673 cdf_read_dir(const cdf_info_t *info, const cdf_header_t *h, 674 const cdf_sat_t *sat, cdf_dir_t *dir) 675 { 676 size_t i, j; 677 size_t ss = CDF_SEC_SIZE(h), ns, nd; 678 char *buf; 679 cdf_secid_t sid = h->h_secid_first_directory; 680 681 ns = cdf_count_chain(sat, sid, ss); 682 if (ns == CAST(size_t, -1)) 683 return -1; 684 685 nd = ss / CDF_DIRECTORY_SIZE; 686 687 dir->dir_len = ns * nd; 688 dir->dir_tab = CAST(cdf_directory_t *, 689 CDF_CALLOC(dir->dir_len, sizeof(dir->dir_tab[0]))); 690 if (dir->dir_tab == NULL) 691 return -1; 692 693 if ((buf = CAST(char *, CDF_MALLOC(ss))) == NULL) { 694 free(dir->dir_tab); 695 return -1; 696 } 697 698 for (j = i = 0; i < ns; i++, j++) { 699 if (j >= CDF_LOOP_LIMIT) { 700 DPRINTF(("Read dir loop limit")); 701 goto out; 702 } 703 if (cdf_read_sector(info, buf, 0, ss, h, sid) != 704 CAST(ssize_t, ss)) { 705 DPRINTF(("Reading directory sector %d", sid)); 706 goto out; 707 } 708 for (j = 0; j < nd; j++) { 709 cdf_unpack_dir(&dir->dir_tab[i * nd + j], 710 &buf[j * CDF_DIRECTORY_SIZE]); 711 } 712 sid = CDF_TOLE4(CAST(uint32_t, sat->sat_tab[sid])); 713 } 714 if (NEED_SWAP) 715 for (i = 0; i < dir->dir_len; i++) 716 cdf_swap_dir(&dir->dir_tab[i]); 717 free(buf); 718 return 0; 719 out: 720 free(dir->dir_tab); 721 free(buf); 722 errno = EFTYPE; 723 return -1; 724 } 725 726 727 int 728 cdf_read_ssat(const cdf_info_t *info, const cdf_header_t *h, 729 const cdf_sat_t *sat, cdf_sat_t *ssat) 730 { 731 size_t i, j; 732 size_t ss = CDF_SEC_SIZE(h); 733 cdf_secid_t sid = h->h_secid_first_sector_in_short_sat; 734 735 ssat->sat_tab = NULL; 736 ssat->sat_len = cdf_count_chain(sat, sid, ss); 737 if (ssat->sat_len == CAST(size_t, -1)) 738 goto out; 739 740 ssat->sat_tab = CAST(cdf_secid_t *, CDF_CALLOC(ssat->sat_len, ss)); 741 if (ssat->sat_tab == NULL) 742 goto out1; 743 744 for (j = i = 0; sid >= 0; i++, j++) { 745 if (j >= CDF_LOOP_LIMIT) { 746 DPRINTF(("Read short sat sector loop limit")); 747 goto out; 748 } 749 if (i >= ssat->sat_len) { 750 DPRINTF(("Out of bounds reading short sector chain " 751 "%" SIZE_T_FORMAT "u > %" SIZE_T_FORMAT "u\n", i, 752 ssat->sat_len)); 753 goto out; 754 } 755 if (cdf_read_sector(info, ssat->sat_tab, i * ss, ss, h, sid) != 756 CAST(ssize_t, ss)) { 757 DPRINTF(("Reading short sat sector %d", sid)); 758 goto out1; 759 } 760 sid = CDF_TOLE4(CAST(uint32_t, sat->sat_tab[sid])); 761 } 762 return 0; 763 out: 764 errno = EFTYPE; 765 out1: 766 free(ssat->sat_tab); 767 return -1; 768 } 769 770 int 771 cdf_read_short_stream(const cdf_info_t *info, const cdf_header_t *h, 772 const cdf_sat_t *sat, const cdf_dir_t *dir, cdf_stream_t *scn, 773 const cdf_directory_t **root) 774 { 775 size_t i; 776 const cdf_directory_t *d; 777 778 *root = NULL; 779 for (i = 0; i < dir->dir_len; i++) 780 if (dir->dir_tab[i].d_type == CDF_DIR_TYPE_ROOT_STORAGE) 781 break; 782 783 /* If the it is not there, just fake it; some docs don't have it */ 784 if (i == dir->dir_len) { 785 DPRINTF(("Cannot find root storage dir\n")); 786 goto out; 787 } 788 d = &dir->dir_tab[i]; 789 *root = d; 790 791 /* If the it is not there, just fake it; some docs don't have it */ 792 if (d->d_stream_first_sector < 0) { 793 DPRINTF(("No first secror in dir\n")); 794 goto out; 795 } 796 797 return cdf_read_long_sector_chain(info, h, sat, 798 d->d_stream_first_sector, d->d_size, scn); 799 out: 800 scn->sst_tab = NULL; 801 (void)cdf_zero_stream(scn); 802 return 0; 803 } 804 805 static int 806 cdf_namecmp(const char *d, const uint16_t *s, size_t l) 807 { 808 for (; l--; d++, s++) 809 if (*d != CDF_TOLE2(*s)) 810 return CAST(unsigned char, *d) - CDF_TOLE2(*s); 811 return 0; 812 } 813 814 int 815 cdf_read_doc_summary_info(const cdf_info_t *info, const cdf_header_t *h, 816 const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, 817 const cdf_dir_t *dir, cdf_stream_t *scn) 818 { 819 return cdf_read_user_stream(info, h, sat, ssat, sst, dir, 820 "\05DocumentSummaryInformation", scn); 821 } 822 823 int 824 cdf_read_summary_info(const cdf_info_t *info, const cdf_header_t *h, 825 const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, 826 const cdf_dir_t *dir, cdf_stream_t *scn) 827 { 828 return cdf_read_user_stream(info, h, sat, ssat, sst, dir, 829 "\05SummaryInformation", scn); 830 } 831 832 int 833 cdf_read_user_stream(const cdf_info_t *info, const cdf_header_t *h, 834 const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, 835 const cdf_dir_t *dir, const char *name, cdf_stream_t *scn) 836 { 837 const cdf_directory_t *d; 838 int i = cdf_find_stream(dir, name, CDF_DIR_TYPE_USER_STREAM); 839 840 if (i <= 0) { 841 memset(scn, 0, sizeof(*scn)); 842 return -1; 843 } 844 845 d = &dir->dir_tab[i - 1]; 846 return cdf_read_sector_chain(info, h, sat, ssat, sst, 847 d->d_stream_first_sector, d->d_size, scn); 848 } 849 850 int 851 cdf_find_stream(const cdf_dir_t *dir, const char *name, int type) 852 { 853 size_t i, name_len = strlen(name) + 1; 854 855 for (i = dir->dir_len; i > 0; i--) 856 if (dir->dir_tab[i - 1].d_type == type && 857 cdf_namecmp(name, dir->dir_tab[i - 1].d_name, name_len) 858 == 0) 859 break; 860 if (i > 0) 861 return CAST(int, i); 862 863 DPRINTF(("Cannot find type %d `%s'\n", type, name)); 864 errno = ESRCH; 865 return 0; 866 } 867 868 #define CDF_SHLEN_LIMIT (UINT32_MAX / 64) 869 #define CDF_PROP_LIMIT (UINT32_MAX / (64 * sizeof(cdf_property_info_t))) 870 871 static const void * 872 cdf_offset(const void *p, size_t l) 873 { 874 return CAST(const void *, CAST(const uint8_t *, p) + l); 875 } 876 877 static const uint8_t * 878 cdf_get_property_info_pos(const cdf_stream_t *sst, const cdf_header_t *h, 879 const uint8_t *p, const uint8_t *e, size_t i) 880 { 881 size_t tail = (i << 1) + 1; 882 size_t ofs; 883 const uint8_t *q; 884 885 if (p >= e) { 886 DPRINTF(("Past end %p < %p\n", e, p)); 887 return NULL; 888 } 889 if (cdf_check_stream_offset(sst, h, p, (tail + 1) * sizeof(uint32_t), 890 __LINE__) == -1) 891 return NULL; 892 ofs = CDF_GETUINT32(p, tail); 893 q = CAST(const uint8_t *, cdf_offset(CAST(const void *, p), 894 ofs - 2 * sizeof(uint32_t))); 895 896 if (q < p) { 897 DPRINTF(("Wrapped around %p < %p\n", q, p)); 898 return NULL; 899 } 900 901 if (q >= e) { 902 DPRINTF(("Ran off the end %p >= %p\n", q, e)); 903 return NULL; 904 } 905 return q; 906 } 907 908 static cdf_property_info_t * 909 cdf_grow_info(cdf_property_info_t **info, size_t *maxcount, size_t incr) 910 { 911 cdf_property_info_t *inp; 912 size_t newcount = *maxcount + incr; 913 914 if (newcount > CDF_PROP_LIMIT) { 915 DPRINTF(("exceeded property limit %" SIZE_T_FORMAT "u > %" 916 SIZE_T_FORMAT "u\n", newcount, CDF_PROP_LIMIT)); 917 goto out; 918 } 919 inp = CAST(cdf_property_info_t *, 920 CDF_REALLOC(*info, newcount * sizeof(*inp))); 921 if (inp == NULL) 922 goto out; 923 924 *info = inp; 925 *maxcount = newcount; 926 return inp; 927 out: 928 free(*info); 929 *maxcount = 0; 930 *info = NULL; 931 return NULL; 932 } 933 934 static int 935 cdf_copy_info(cdf_property_info_t *inp, const void *p, const void *e, 936 size_t len) 937 { 938 if (inp->pi_type & CDF_VECTOR) 939 return 0; 940 941 if (CAST(size_t, CAST(const char *, e) - CAST(const char *, p)) < len) 942 return 0; 943 944 (void)memcpy(&inp->pi_val, p, len); 945 946 switch (len) { 947 case 2: 948 inp->pi_u16 = CDF_TOLE2(inp->pi_u16); 949 break; 950 case 4: 951 inp->pi_u32 = CDF_TOLE4(inp->pi_u32); 952 break; 953 case 8: 954 inp->pi_u64 = CDF_TOLE8(inp->pi_u64); 955 break; 956 default: 957 abort(); 958 } 959 return 1; 960 } 961 962 int 963 cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, 964 uint32_t offs, cdf_property_info_t **info, size_t *count, size_t *maxcount) 965 { 966 const cdf_section_header_t *shp; 967 cdf_section_header_t sh; 968 const uint8_t *p, *q, *e; 969 size_t i, o4, nelements, j, slen, left; 970 cdf_property_info_t *inp; 971 972 if (offs > UINT32_MAX / 4) { 973 errno = EFTYPE; 974 goto out; 975 } 976 shp = CAST(const cdf_section_header_t *, 977 cdf_offset(sst->sst_tab, offs)); 978 if (cdf_check_stream_offset(sst, h, shp, sizeof(*shp), __LINE__) == -1) 979 goto out; 980 sh.sh_len = CDF_TOLE4(shp->sh_len); 981 if (sh.sh_len > CDF_SHLEN_LIMIT) { 982 errno = EFTYPE; 983 goto out; 984 } 985 986 if (cdf_check_stream_offset(sst, h, shp, sh.sh_len, __LINE__) == -1) 987 goto out; 988 989 sh.sh_properties = CDF_TOLE4(shp->sh_properties); 990 DPRINTF(("section len: %u properties %u\n", sh.sh_len, 991 sh.sh_properties)); 992 if (sh.sh_properties > CDF_PROP_LIMIT) 993 goto out; 994 inp = cdf_grow_info(info, maxcount, sh.sh_properties); 995 if (inp == NULL) 996 goto out; 997 inp += *count; 998 *count += sh.sh_properties; 999 p = CAST(const uint8_t *, cdf_offset(sst->sst_tab, offs + sizeof(sh))); 1000 e = CAST(const uint8_t *, cdf_offset(shp, sh.sh_len)); 1001 if (p >= e || cdf_check_stream_offset(sst, h, e, 0, __LINE__) == -1) 1002 goto out; 1003 1004 for (i = 0; i < sh.sh_properties; i++) { 1005 if ((q = cdf_get_property_info_pos(sst, h, p, e, i)) == NULL) 1006 goto out; 1007 inp[i].pi_id = CDF_GETUINT32(p, i << 1); 1008 left = CAST(size_t, e - q); 1009 if (left < sizeof(uint32_t)) { 1010 DPRINTF(("short info (no type)_\n")); 1011 goto out; 1012 } 1013 inp[i].pi_type = CDF_GETUINT32(q, 0); 1014 DPRINTF(("%" SIZE_T_FORMAT "u) id=%#x type=%#x offs=%#tx,%#x\n", 1015 i, inp[i].pi_id, inp[i].pi_type, q - p, offs)); 1016 if (inp[i].pi_type & CDF_VECTOR) { 1017 if (left < sizeof(uint32_t) * 2) { 1018 DPRINTF(("missing CDF_VECTOR length\n")); 1019 goto out; 1020 } 1021 nelements = CDF_GETUINT32(q, 1); 1022 if (nelements == 0) { 1023 DPRINTF(("CDF_VECTOR with nelements == 0\n")); 1024 goto out; 1025 } 1026 slen = 2; 1027 } else { 1028 nelements = 1; 1029 slen = 1; 1030 } 1031 o4 = slen * sizeof(uint32_t); 1032 if (inp[i].pi_type & (CDF_ARRAY|CDF_BYREF|CDF_RESERVED)) 1033 goto unknown; 1034 switch (inp[i].pi_type & CDF_TYPEMASK) { 1035 case CDF_NULL: 1036 case CDF_EMPTY: 1037 break; 1038 case CDF_SIGNED16: 1039 if (!cdf_copy_info(&inp[i], &q[o4], e, sizeof(int16_t))) 1040 goto unknown; 1041 break; 1042 case CDF_SIGNED32: 1043 case CDF_BOOL: 1044 case CDF_UNSIGNED32: 1045 case CDF_FLOAT: 1046 if (!cdf_copy_info(&inp[i], &q[o4], e, sizeof(int32_t))) 1047 goto unknown; 1048 break; 1049 case CDF_SIGNED64: 1050 case CDF_UNSIGNED64: 1051 case CDF_DOUBLE: 1052 case CDF_FILETIME: 1053 if (!cdf_copy_info(&inp[i], &q[o4], e, sizeof(int64_t))) 1054 goto unknown; 1055 break; 1056 case CDF_LENGTH32_STRING: 1057 case CDF_LENGTH32_WSTRING: 1058 if (nelements > 1) { 1059 size_t nelem = inp - *info; 1060 inp = cdf_grow_info(info, maxcount, nelements); 1061 if (inp == NULL) 1062 goto out; 1063 inp += nelem; 1064 } 1065 DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n", 1066 nelements)); 1067 for (j = 0; j < nelements && i < sh.sh_properties; 1068 j++, i++) 1069 { 1070 uint32_t l; 1071 1072 if (o4 + sizeof(uint32_t) > left) 1073 goto out; 1074 1075 l = CDF_GETUINT32(q, slen); 1076 o4 += sizeof(uint32_t); 1077 if (o4 + l > left) 1078 goto out; 1079 1080 inp[i].pi_str.s_len = l; 1081 inp[i].pi_str.s_buf = CAST(const char *, 1082 CAST(const void *, &q[o4])); 1083 1084 DPRINTF(("o=%" SIZE_T_FORMAT "u l=%d(%" 1085 SIZE_T_FORMAT "u), t=%" SIZE_T_FORMAT 1086 "u s=%s\n", o4, l, CDF_ROUND(l, sizeof(l)), 1087 left, inp[i].pi_str.s_buf)); 1088 1089 if (l & 1) 1090 l++; 1091 1092 slen += l >> 1; 1093 o4 = slen * sizeof(uint32_t); 1094 } 1095 i--; 1096 break; 1097 case CDF_CLIPBOARD: 1098 if (inp[i].pi_type & CDF_VECTOR) 1099 goto unknown; 1100 break; 1101 default: 1102 unknown: 1103 memset(&inp[i].pi_val, 0, sizeof(inp[i].pi_val)); 1104 DPRINTF(("Don't know how to deal with %#x\n", 1105 inp[i].pi_type)); 1106 break; 1107 } 1108 } 1109 return 0; 1110 out: 1111 free(*info); 1112 *info = NULL; 1113 *count = 0; 1114 *maxcount = 0; 1115 errno = EFTYPE; 1116 return -1; 1117 } 1118 1119 int 1120 cdf_unpack_summary_info(const cdf_stream_t *sst, const cdf_header_t *h, 1121 cdf_summary_info_header_t *ssi, cdf_property_info_t **info, size_t *count) 1122 { 1123 size_t maxcount; 1124 const cdf_summary_info_header_t *si = 1125 CAST(const cdf_summary_info_header_t *, sst->sst_tab); 1126 const cdf_section_declaration_t *sd = 1127 CAST(const cdf_section_declaration_t *, RCAST(const void *, 1128 RCAST(const char *, sst->sst_tab) 1129 + CDF_SECTION_DECLARATION_OFFSET)); 1130 1131 if (cdf_check_stream_offset(sst, h, si, sizeof(*si), __LINE__) == -1 || 1132 cdf_check_stream_offset(sst, h, sd, sizeof(*sd), __LINE__) == -1) 1133 return -1; 1134 ssi->si_byte_order = CDF_TOLE2(si->si_byte_order); 1135 ssi->si_os_version = CDF_TOLE2(si->si_os_version); 1136 ssi->si_os = CDF_TOLE2(si->si_os); 1137 ssi->si_class = si->si_class; 1138 cdf_swap_class(&ssi->si_class); 1139 ssi->si_count = CDF_TOLE4(si->si_count); 1140 *count = 0; 1141 maxcount = 0; 1142 *info = NULL; 1143 if (cdf_read_property_info(sst, h, CDF_TOLE4(sd->sd_offset), info, 1144 count, &maxcount) == -1) 1145 return -1; 1146 return 0; 1147 } 1148 1149 1150 #define extract_catalog_field(t, f, l) \ 1151 if (b + l + sizeof(cep->f) > eb) { \ 1152 cep->ce_namlen = 0; \ 1153 break; \ 1154 } \ 1155 memcpy(&cep->f, b + (l), sizeof(cep->f)); \ 1156 ce[i].f = CAST(t, CDF_TOLE(cep->f)) 1157 1158 int 1159 cdf_unpack_catalog(const cdf_header_t *h, const cdf_stream_t *sst, 1160 cdf_catalog_t **cat) 1161 { 1162 size_t ss = cdf_check_stream(sst, h); 1163 const char *b = CAST(const char *, sst->sst_tab); 1164 const char *nb, *eb = b + ss * sst->sst_len; 1165 size_t nr, i, j, k; 1166 cdf_catalog_entry_t *ce; 1167 uint16_t reclen; 1168 const uint16_t *np; 1169 1170 for (nr = 0;; nr++) { 1171 memcpy(&reclen, b, sizeof(reclen)); 1172 reclen = CDF_TOLE2(reclen); 1173 if (reclen == 0) 1174 break; 1175 b += reclen; 1176 if (b > eb) 1177 break; 1178 } 1179 if (nr == 0) 1180 return -1; 1181 nr--; 1182 *cat = CAST(cdf_catalog_t *, 1183 CDF_MALLOC(sizeof(cdf_catalog_t) + nr * sizeof(*ce))); 1184 if (*cat == NULL) 1185 return -1; 1186 ce = (*cat)->cat_e; 1187 memset(ce, 0, nr * sizeof(*ce)); 1188 b = CAST(const char *, sst->sst_tab); 1189 for (j = i = 0; i < nr; b += reclen) { 1190 cdf_catalog_entry_t *cep = &ce[j]; 1191 uint16_t rlen; 1192 1193 extract_catalog_field(uint16_t, ce_namlen, 0); 1194 extract_catalog_field(uint16_t, ce_num, 4); 1195 extract_catalog_field(uint64_t, ce_timestamp, 8); 1196 reclen = cep->ce_namlen; 1197 1198 if (reclen < 14) { 1199 cep->ce_namlen = 0; 1200 continue; 1201 } 1202 1203 cep->ce_namlen = __arraycount(cep->ce_name) - 1; 1204 rlen = reclen - 14; 1205 if (cep->ce_namlen > rlen) 1206 cep->ce_namlen = rlen; 1207 1208 np = CAST(const uint16_t *, CAST(const void *, (b + 16))); 1209 nb = CAST(const char *, CAST(const void *, 1210 (np + cep->ce_namlen))); 1211 if (nb > eb) { 1212 cep->ce_namlen = 0; 1213 break; 1214 } 1215 1216 for (k = 0; k < cep->ce_namlen; k++) 1217 cep->ce_name[k] = np[k]; /* XXX: CDF_TOLE2? */ 1218 cep->ce_name[cep->ce_namlen] = 0; 1219 j = i; 1220 i++; 1221 } 1222 (*cat)->cat_num = j; 1223 return 0; 1224 } 1225 1226 int 1227 cdf_print_classid(char *buf, size_t buflen, const cdf_classid_t *id) 1228 { 1229 return snprintf(buf, buflen, "%.8x-%.4x-%.4x-%.2x%.2x-" 1230 "%.2x%.2x%.2x%.2x%.2x%.2x", id->cl_dword, id->cl_word[0], 1231 id->cl_word[1], id->cl_two[0], id->cl_two[1], id->cl_six[0], 1232 id->cl_six[1], id->cl_six[2], id->cl_six[3], id->cl_six[4], 1233 id->cl_six[5]); 1234 } 1235 1236 static const struct { 1237 uint32_t v; 1238 const char *n; 1239 } vn[] = { 1240 { CDF_PROPERTY_CODE_PAGE, "Code page" }, 1241 { CDF_PROPERTY_TITLE, "Title" }, 1242 { CDF_PROPERTY_SUBJECT, "Subject" }, 1243 { CDF_PROPERTY_AUTHOR, "Author" }, 1244 { CDF_PROPERTY_KEYWORDS, "Keywords" }, 1245 { CDF_PROPERTY_COMMENTS, "Comments" }, 1246 { CDF_PROPERTY_TEMPLATE, "Template" }, 1247 { CDF_PROPERTY_LAST_SAVED_BY, "Last Saved By" }, 1248 { CDF_PROPERTY_REVISION_NUMBER, "Revision Number" }, 1249 { CDF_PROPERTY_TOTAL_EDITING_TIME, "Total Editing Time" }, 1250 { CDF_PROPERTY_LAST_PRINTED, "Last Printed" }, 1251 { CDF_PROPERTY_CREATE_TIME, "Create Time/Date" }, 1252 { CDF_PROPERTY_LAST_SAVED_TIME, "Last Saved Time/Date" }, 1253 { CDF_PROPERTY_NUMBER_OF_PAGES, "Number of Pages" }, 1254 { CDF_PROPERTY_NUMBER_OF_WORDS, "Number of Words" }, 1255 { CDF_PROPERTY_NUMBER_OF_CHARACTERS, "Number of Characters" }, 1256 { CDF_PROPERTY_THUMBNAIL, "Thumbnail" }, 1257 { CDF_PROPERTY_NAME_OF_APPLICATION, "Name of Creating Application" }, 1258 { CDF_PROPERTY_SECURITY, "Security" }, 1259 { CDF_PROPERTY_LOCALE_ID, "Locale ID" }, 1260 }; 1261 1262 int 1263 cdf_print_property_name(char *buf, size_t bufsiz, uint32_t p) 1264 { 1265 size_t i; 1266 1267 for (i = 0; i < __arraycount(vn); i++) 1268 if (vn[i].v == p) 1269 return snprintf(buf, bufsiz, "%s", vn[i].n); 1270 return snprintf(buf, bufsiz, "%#x", p); 1271 } 1272 1273 int 1274 cdf_print_elapsed_time(char *buf, size_t bufsiz, cdf_timestamp_t ts) 1275 { 1276 int len = 0; 1277 int days, hours, mins, secs; 1278 1279 ts /= CDF_TIME_PREC; 1280 secs = CAST(int, ts % 60); 1281 ts /= 60; 1282 mins = CAST(int, ts % 60); 1283 ts /= 60; 1284 hours = CAST(int, ts % 24); 1285 ts /= 24; 1286 days = CAST(int, ts); 1287 1288 if (days) { 1289 len += snprintf(buf + len, bufsiz - len, "%dd+", days); 1290 if (CAST(size_t, len) >= bufsiz) 1291 return len; 1292 } 1293 1294 if (days || hours) { 1295 len += snprintf(buf + len, bufsiz - len, "%.2d:", hours); 1296 if (CAST(size_t, len) >= bufsiz) 1297 return len; 1298 } 1299 1300 len += snprintf(buf + len, bufsiz - len, "%.2d:", mins); 1301 if (CAST(size_t, len) >= bufsiz) 1302 return len; 1303 1304 len += snprintf(buf + len, bufsiz - len, "%.2d", secs); 1305 return len; 1306 } 1307 1308 char * 1309 cdf_u16tos8(char *buf, size_t len, const uint16_t *p) 1310 { 1311 size_t i; 1312 for (i = 0; i < len && p[i]; i++) 1313 buf[i] = CAST(char, p[i]); 1314 buf[i] = '\0'; 1315 return buf; 1316 } 1317 1318 #ifdef CDF_DEBUG 1319 void 1320 cdf_dump_header(const cdf_header_t *h) 1321 { 1322 size_t i; 1323 1324 #define DUMP(a, b) (void)fprintf(stderr, "%40.40s = " a "\n", # b, h->h_ ## b) 1325 #define DUMP2(a, b) (void)fprintf(stderr, "%40.40s = " a " (" a ")\n", # b, \ 1326 h->h_ ## b, 1 << h->h_ ## b) 1327 DUMP("%d", revision); 1328 DUMP("%d", version); 1329 DUMP("%#x", byte_order); 1330 DUMP2("%d", sec_size_p2); 1331 DUMP2("%d", short_sec_size_p2); 1332 DUMP("%d", num_sectors_in_sat); 1333 DUMP("%d", secid_first_directory); 1334 DUMP("%d", min_size_standard_stream); 1335 DUMP("%d", secid_first_sector_in_short_sat); 1336 DUMP("%d", num_sectors_in_short_sat); 1337 DUMP("%d", secid_first_sector_in_master_sat); 1338 DUMP("%d", num_sectors_in_master_sat); 1339 for (i = 0; i < __arraycount(h->h_master_sat); i++) { 1340 if (h->h_master_sat[i] == CDF_SECID_FREE) 1341 break; 1342 (void)fprintf(stderr, "%35.35s[%.3" SIZE_T_FORMAT "u] = %d\n", 1343 "master_sat", i, h->h_master_sat[i]); 1344 } 1345 } 1346 1347 void 1348 cdf_dump_sat(const char *prefix, const cdf_sat_t *sat, size_t size) 1349 { 1350 size_t i, j, s = size / sizeof(cdf_secid_t); 1351 1352 for (i = 0; i < sat->sat_len; i++) { 1353 (void)fprintf(stderr, "%s[%" SIZE_T_FORMAT "u]:\n%.6" 1354 SIZE_T_FORMAT "u: ", prefix, i, i * s); 1355 for (j = 0; j < s; j++) { 1356 (void)fprintf(stderr, "%5d, ", 1357 CDF_TOLE4(sat->sat_tab[s * i + j])); 1358 if ((j + 1) % 10 == 0) 1359 (void)fprintf(stderr, "\n%.6" SIZE_T_FORMAT 1360 "u: ", i * s + j + 1); 1361 } 1362 (void)fprintf(stderr, "\n"); 1363 } 1364 } 1365 1366 void 1367 cdf_dump(const void *v, size_t len) 1368 { 1369 size_t i, j; 1370 const unsigned char *p = v; 1371 char abuf[16]; 1372 1373 (void)fprintf(stderr, "%.4x: ", 0); 1374 for (i = 0, j = 0; i < len; i++, p++) { 1375 (void)fprintf(stderr, "%.2x ", *p); 1376 abuf[j++] = isprint(*p) ? *p : '.'; 1377 if (j == 16) { 1378 j = 0; 1379 abuf[15] = '\0'; 1380 (void)fprintf(stderr, "%s\n%.4" SIZE_T_FORMAT "x: ", 1381 abuf, i + 1); 1382 } 1383 } 1384 (void)fprintf(stderr, "\n"); 1385 } 1386 1387 void 1388 cdf_dump_stream(const cdf_stream_t *sst) 1389 { 1390 size_t ss = sst->sst_ss; 1391 cdf_dump(sst->sst_tab, ss * sst->sst_len); 1392 } 1393 1394 void 1395 cdf_dump_dir(const cdf_info_t *info, const cdf_header_t *h, 1396 const cdf_sat_t *sat, const cdf_sat_t *ssat, const cdf_stream_t *sst, 1397 const cdf_dir_t *dir) 1398 { 1399 size_t i, j; 1400 cdf_directory_t *d; 1401 char name[__arraycount(d->d_name)]; 1402 cdf_stream_t scn; 1403 struct timespec ts; 1404 1405 static const char *types[] = { "empty", "user storage", 1406 "user stream", "lockbytes", "property", "root storage" }; 1407 1408 for (i = 0; i < dir->dir_len; i++) { 1409 char buf[26]; 1410 d = &dir->dir_tab[i]; 1411 for (j = 0; j < sizeof(name); j++) 1412 name[j] = (char)CDF_TOLE2(d->d_name[j]); 1413 (void)fprintf(stderr, "Directory %" SIZE_T_FORMAT "u: %s\n", 1414 i, name); 1415 if (d->d_type < __arraycount(types)) 1416 (void)fprintf(stderr, "Type: %s\n", types[d->d_type]); 1417 else 1418 (void)fprintf(stderr, "Type: %d\n", d->d_type); 1419 (void)fprintf(stderr, "Color: %s\n", 1420 d->d_color ? "black" : "red"); 1421 (void)fprintf(stderr, "Left child: %d\n", d->d_left_child); 1422 (void)fprintf(stderr, "Right child: %d\n", d->d_right_child); 1423 (void)fprintf(stderr, "Flags: %#x\n", d->d_flags); 1424 cdf_timestamp_to_timespec(&ts, d->d_created); 1425 (void)fprintf(stderr, "Created %s", cdf_ctime(&ts.tv_sec, buf)); 1426 cdf_timestamp_to_timespec(&ts, d->d_modified); 1427 (void)fprintf(stderr, "Modified %s", 1428 cdf_ctime(&ts.tv_sec, buf)); 1429 (void)fprintf(stderr, "Stream %d\n", d->d_stream_first_sector); 1430 (void)fprintf(stderr, "Size %d\n", d->d_size); 1431 switch (d->d_type) { 1432 case CDF_DIR_TYPE_USER_STORAGE: 1433 (void)fprintf(stderr, "Storage: %d\n", d->d_storage); 1434 break; 1435 case CDF_DIR_TYPE_USER_STREAM: 1436 if (sst == NULL) 1437 break; 1438 if (cdf_read_sector_chain(info, h, sat, ssat, sst, 1439 d->d_stream_first_sector, d->d_size, &scn) == -1) { 1440 warn("Can't read stream for %s at %d len %d", 1441 name, d->d_stream_first_sector, d->d_size); 1442 break; 1443 } 1444 cdf_dump_stream(&scn); 1445 free(scn.sst_tab); 1446 break; 1447 default: 1448 break; 1449 } 1450 1451 } 1452 } 1453 1454 void 1455 cdf_dump_property_info(const cdf_property_info_t *info, size_t count) 1456 { 1457 cdf_timestamp_t tp; 1458 struct timespec ts; 1459 char buf[64]; 1460 size_t i, j; 1461 1462 for (i = 0; i < count; i++) { 1463 cdf_print_property_name(buf, sizeof(buf), info[i].pi_id); 1464 (void)fprintf(stderr, "%" SIZE_T_FORMAT "u) %s: ", i, buf); 1465 switch (info[i].pi_type) { 1466 case CDF_NULL: 1467 break; 1468 case CDF_SIGNED16: 1469 (void)fprintf(stderr, "signed 16 [%hd]\n", 1470 info[i].pi_s16); 1471 break; 1472 case CDF_SIGNED32: 1473 (void)fprintf(stderr, "signed 32 [%d]\n", 1474 info[i].pi_s32); 1475 break; 1476 case CDF_UNSIGNED32: 1477 (void)fprintf(stderr, "unsigned 32 [%u]\n", 1478 info[i].pi_u32); 1479 break; 1480 case CDF_FLOAT: 1481 (void)fprintf(stderr, "float [%g]\n", 1482 info[i].pi_f); 1483 break; 1484 case CDF_DOUBLE: 1485 (void)fprintf(stderr, "double [%g]\n", 1486 info[i].pi_d); 1487 break; 1488 case CDF_LENGTH32_STRING: 1489 (void)fprintf(stderr, "string %u [%.*s]\n", 1490 info[i].pi_str.s_len, 1491 info[i].pi_str.s_len, info[i].pi_str.s_buf); 1492 break; 1493 case CDF_LENGTH32_WSTRING: 1494 (void)fprintf(stderr, "string %u [", 1495 info[i].pi_str.s_len); 1496 for (j = 0; j < info[i].pi_str.s_len - 1; j++) 1497 (void)fputc(info[i].pi_str.s_buf[j << 1], stderr); 1498 (void)fprintf(stderr, "]\n"); 1499 break; 1500 case CDF_FILETIME: 1501 tp = info[i].pi_tp; 1502 if (tp < 1000000000000000LL) { 1503 cdf_print_elapsed_time(buf, sizeof(buf), tp); 1504 (void)fprintf(stderr, "timestamp %s\n", buf); 1505 } else { 1506 char tbuf[26]; 1507 cdf_timestamp_to_timespec(&ts, tp); 1508 (void)fprintf(stderr, "timestamp %s", 1509 cdf_ctime(&ts.tv_sec, tbuf)); 1510 } 1511 break; 1512 case CDF_CLIPBOARD: 1513 (void)fprintf(stderr, "CLIPBOARD %u\n", info[i].pi_u32); 1514 break; 1515 default: 1516 DPRINTF(("Don't know how to deal with %#x\n", 1517 info[i].pi_type)); 1518 break; 1519 } 1520 } 1521 } 1522 1523 1524 void 1525 cdf_dump_summary_info(const cdf_header_t *h, const cdf_stream_t *sst) 1526 { 1527 char buf[128]; 1528 cdf_summary_info_header_t ssi; 1529 cdf_property_info_t *info; 1530 size_t count; 1531 1532 (void)&h; 1533 if (cdf_unpack_summary_info(sst, h, &ssi, &info, &count) == -1) 1534 return; 1535 (void)fprintf(stderr, "Endian: %#x\n", ssi.si_byte_order); 1536 (void)fprintf(stderr, "Os Version %d.%d\n", ssi.si_os_version & 0xff, 1537 ssi.si_os_version >> 8); 1538 (void)fprintf(stderr, "Os %d\n", ssi.si_os); 1539 cdf_print_classid(buf, sizeof(buf), &ssi.si_class); 1540 (void)fprintf(stderr, "Class %s\n", buf); 1541 (void)fprintf(stderr, "Count %d\n", ssi.si_count); 1542 cdf_dump_property_info(info, count); 1543 free(info); 1544 } 1545 1546 1547 void 1548 cdf_dump_catalog(const cdf_header_t *h, const cdf_stream_t *sst) 1549 { 1550 cdf_catalog_t *cat; 1551 cdf_unpack_catalog(h, sst, &cat); 1552 const cdf_catalog_entry_t *ce = cat->cat_e; 1553 struct timespec ts; 1554 char tbuf[64], sbuf[256]; 1555 size_t i; 1556 1557 printf("Catalog:\n"); 1558 for (i = 0; i < cat->cat_num; i++) { 1559 cdf_timestamp_to_timespec(&ts, ce[i].ce_timestamp); 1560 printf("\t%d %s %s", ce[i].ce_num, 1561 cdf_u16tos8(sbuf, ce[i].ce_namlen, ce[i].ce_name), 1562 cdf_ctime(&ts.tv_sec, tbuf)); 1563 } 1564 free(cat); 1565 } 1566 1567 #endif 1568 1569 #ifdef TEST 1570 int 1571 main(int argc, char *argv[]) 1572 { 1573 int i; 1574 cdf_header_t h; 1575 cdf_sat_t sat, ssat; 1576 cdf_stream_t sst, scn; 1577 cdf_dir_t dir; 1578 cdf_info_t info; 1579 const cdf_directory_t *root; 1580 #ifdef __linux__ 1581 #define getprogname() __progname 1582 extern char *__progname; 1583 #endif 1584 if (argc < 2) { 1585 (void)fprintf(stderr, "Usage: %s <filename>\n", getprogname()); 1586 return -1; 1587 } 1588 1589 info.i_buf = NULL; 1590 info.i_len = 0; 1591 for (i = 1; i < argc; i++) { 1592 if ((info.i_fd = open(argv[1], O_RDONLY)) == -1) 1593 err(EXIT_FAILURE, "Cannot open `%s'", argv[1]); 1594 1595 if (cdf_read_header(&info, &h) == -1) 1596 err(EXIT_FAILURE, "Cannot read header"); 1597 #ifdef CDF_DEBUG 1598 cdf_dump_header(&h); 1599 #endif 1600 1601 if (cdf_read_sat(&info, &h, &sat) == -1) 1602 err(EXIT_FAILURE, "Cannot read sat"); 1603 #ifdef CDF_DEBUG 1604 cdf_dump_sat("SAT", &sat, CDF_SEC_SIZE(&h)); 1605 #endif 1606 1607 if (cdf_read_ssat(&info, &h, &sat, &ssat) == -1) 1608 err(EXIT_FAILURE, "Cannot read ssat"); 1609 #ifdef CDF_DEBUG 1610 cdf_dump_sat("SSAT", &ssat, CDF_SHORT_SEC_SIZE(&h)); 1611 #endif 1612 1613 if (cdf_read_dir(&info, &h, &sat, &dir) == -1) 1614 err(EXIT_FAILURE, "Cannot read dir"); 1615 1616 if (cdf_read_short_stream(&info, &h, &sat, &dir, &sst, &root) 1617 == -1) 1618 err(EXIT_FAILURE, "Cannot read short stream"); 1619 #ifdef CDF_DEBUG 1620 cdf_dump_stream(&sst); 1621 #endif 1622 1623 #ifdef CDF_DEBUG 1624 cdf_dump_dir(&info, &h, &sat, &ssat, &sst, &dir); 1625 #endif 1626 1627 1628 if (cdf_read_summary_info(&info, &h, &sat, &ssat, &sst, &dir, 1629 &scn) == -1) 1630 warn("Cannot read summary info"); 1631 #ifdef CDF_DEBUG 1632 else 1633 cdf_dump_summary_info(&h, &scn); 1634 #endif 1635 if (cdf_read_user_stream(&info, &h, &sat, &ssat, &sst, 1636 &dir, "Catalog", &scn) == -1) 1637 warn("Cannot read catalog"); 1638 #ifdef CDF_DEBUG 1639 else 1640 cdf_dump_catalog(&h, &scn); 1641 #endif 1642 1643 (void)close(info.i_fd); 1644 } 1645 1646 return 0; 1647 } 1648 #endif 1649