annotate src/lzfu.c @ 112:554e9a422778 stable-0-6-23

bump version to avoid cvs tagging mistake in fedora
author Carl Byington <carl@five-ten-sg.com>
date Thu, 04 Dec 2008 10:36:25 -0800
parents 582e927756d3
children 6395ced2b8b2
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
16
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
1 /*
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
2 This program is free software; you can redistribute it and/or modify
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
3 it under the terms of the GNU General Public License as published by
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
4 the Free Software Foundation; either version 2 of the License, or
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
5 (at your option) any later version.
16
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
6
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
7 You should have received a copy of the GNU General Public License
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
8 along with this program; if not, write to the Free Software Foundation,
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
9 Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
16
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
10 */
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
11
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
12 #include "define.h"
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
13 #include "libpst.h"
48
f66078abed38 more fixes for 64 bit format
carl
parents: 43
diff changeset
14
16
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
15 #include <sys/types.h>
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
16 #include <string.h>
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
17 #include <stdio.h>
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
18
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
19 #include "lzfu.h"
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
20
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
21 #define LZFU_COMPRESSED 0x75465a4c
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
22 #define LZFU_UNCOMPRESSED 0x414c454d
16
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
23
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
24 // initital dictionary
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
25 #define LZFU_INITDICT "{\\rtf1\\ansi\\mac\\deff0\\deftab720{\\fonttbl;}" \
41
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
26 "{\\f0\\fnil \\froman \\fswiss \\fmodern \\fscrip" \
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
27 "t \\fdecor MS Sans SerifSymbolArialTimes Ne" \
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
28 "w RomanCourier{\\colortbl\\red0\\green0\\blue0" \
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
29 "\r\n\\par \\pard\\plain\\f0\\fs20\\b\\i\\u\\tab" \
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
30 "\\tx"
16
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
31 // initial length of dictionary
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
32 #define LZFU_INITLENGTH 207
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
33
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
34 // header for compressed rtf
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
35 typedef struct _lzfuheader {
43
f6db1f060a95 start on outlook 2003 64 bit format
carl
parents: 41
diff changeset
36 uint32_t cbSize;
f6db1f060a95 start on outlook 2003 64 bit format
carl
parents: 41
diff changeset
37 uint32_t cbRawSize;
f6db1f060a95 start on outlook 2003 64 bit format
carl
parents: 41
diff changeset
38 uint32_t dwMagic;
f6db1f060a95 start on outlook 2003 64 bit format
carl
parents: 41
diff changeset
39 uint32_t dwCRC;
16
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
40 } lzfuheader;
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
41
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
42
79
56fa05fd5271 Patch from Robert Simpson for encryption type 2.
Carl Byington <carl@five-ten-sg.com>
parents: 78
diff changeset
43 char* lzfu_decompress(char* rtfcomp, uint32_t compsize, size_t *size) {
56fa05fd5271 Patch from Robert Simpson for encryption type 2.
Carl Byington <carl@five-ten-sg.com>
parents: 78
diff changeset
44 unsigned char dict[4096]; // the dictionary buffer
56fa05fd5271 Patch from Robert Simpson for encryption type 2.
Carl Byington <carl@five-ten-sg.com>
parents: 78
diff changeset
45 unsigned int dict_length = 0; // the dictionary pointer
56fa05fd5271 Patch from Robert Simpson for encryption type 2.
Carl Byington <carl@five-ten-sg.com>
parents: 78
diff changeset
46 lzfuheader lzfuhdr; // the header of the lzfu block
56fa05fd5271 Patch from Robert Simpson for encryption type 2.
Carl Byington <carl@five-ten-sg.com>
parents: 78
diff changeset
47 unsigned char flags; // 8 bits of flags (1=2byte block pointer into the dict, 0=1 byte literal)
56fa05fd5271 Patch from Robert Simpson for encryption type 2.
Carl Byington <carl@five-ten-sg.com>
parents: 78
diff changeset
48 unsigned char flag_mask; // look at one flag bit each time thru the loop
43
f6db1f060a95 start on outlook 2003 64 bit format
carl
parents: 41
diff changeset
49 uint32_t i;
79
56fa05fd5271 Patch from Robert Simpson for encryption type 2.
Carl Byington <carl@five-ten-sg.com>
parents: 78
diff changeset
50 char *out_buf;
43
f6db1f060a95 start on outlook 2003 64 bit format
carl
parents: 41
diff changeset
51 uint32_t out_ptr = 0;
f6db1f060a95 start on outlook 2003 64 bit format
carl
parents: 41
diff changeset
52 uint32_t out_size;
f6db1f060a95 start on outlook 2003 64 bit format
carl
parents: 41
diff changeset
53 uint32_t in_ptr;
f6db1f060a95 start on outlook 2003 64 bit format
carl
parents: 41
diff changeset
54 uint32_t in_size;
16
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
55
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
56 memcpy(dict, LZFU_INITDICT, LZFU_INITLENGTH);
79
56fa05fd5271 Patch from Robert Simpson for encryption type 2.
Carl Byington <carl@five-ten-sg.com>
parents: 78
diff changeset
57 memset(dict + LZFU_INITLENGTH, 0, sizeof(dict) - LZFU_INITLENGTH);
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
58 dict_length = LZFU_INITLENGTH;
79
56fa05fd5271 Patch from Robert Simpson for encryption type 2.
Carl Byington <carl@five-ten-sg.com>
parents: 78
diff changeset
59
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
60 memcpy(&lzfuhdr, rtfcomp, sizeof(lzfuhdr));
37
ddfb25318812 more valgrind fixes
carl
parents: 36
diff changeset
61 LE32_CPU(lzfuhdr.cbSize);
ddfb25318812 more valgrind fixes
carl
parents: 36
diff changeset
62 LE32_CPU(lzfuhdr.cbRawSize);
ddfb25318812 more valgrind fixes
carl
parents: 36
diff changeset
63 LE32_CPU(lzfuhdr.dwMagic);
ddfb25318812 more valgrind fixes
carl
parents: 36
diff changeset
64 LE32_CPU(lzfuhdr.dwCRC);
41
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
65 //printf("total size: %d\n", lzfuhdr.cbSize+4);
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
66 //printf("raw size : %d\n", lzfuhdr.cbRawSize);
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
67 //printf("compressed: %s\n", (lzfuhdr.dwMagic == LZFU_COMPRESSED ? "yes" : "no"));
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
68 //printf("CRC : %#x\n", lzfuhdr.dwCRC);
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
69 //printf("\n");
78
535075b4d261 Patch from Joachim Metz for debian packaging, and fix for incorrect length on lz decompression.
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
70 out_size = lzfuhdr.cbRawSize;
73
3cb02cb1e6cd Patch from Robert Simpson to fix doubly-linked list in the cache_ptr code, and allow arrays of unicode strings (without converting them).
Carl Byington <carl@five-ten-sg.com>
parents: 48
diff changeset
71 out_buf = (char*)xmalloc(out_size);
41
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
72 in_ptr = sizeof(lzfuhdr);
78
535075b4d261 Patch from Joachim Metz for debian packaging, and fix for incorrect length on lz decompression.
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
73 // Make sure to correct lzfuhdr.cbSize with 4 bytes before comparing
535075b4d261 Patch from Joachim Metz for debian packaging, and fix for incorrect length on lz decompression.
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
74 // to compsize
535075b4d261 Patch from Joachim Metz for debian packaging, and fix for incorrect length on lz decompression.
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
75 in_size = (lzfuhdr.cbSize + 4 < compsize) ? lzfuhdr.cbSize + 4 : compsize;
41
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
76 while (in_ptr < in_size) {
73
3cb02cb1e6cd Patch from Robert Simpson to fix doubly-linked list in the cache_ptr code, and allow arrays of unicode strings (without converting them).
Carl Byington <carl@five-ten-sg.com>
parents: 48
diff changeset
77 flags = (unsigned char)(rtfcomp[in_ptr++]);
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
78 flag_mask = 1;
41
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
79 while (flag_mask) {
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
80 if (flag_mask & flags) {
41
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
81 // two bytes available?
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
82 if (in_ptr+1 < in_size) {
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
83 // read 2 bytes from input
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
84 unsigned short int blkhdr, offset, length;
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
85 memcpy(&blkhdr, rtfcomp+in_ptr, 2);
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
86 LE16_CPU(blkhdr);
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
87 in_ptr += 2;
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
88 /* swap the upper and lower bytes of blkhdr */
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
89 blkhdr = (((blkhdr&0xFF00)>>8)+
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
90 ((blkhdr&0x00FF)<<8));
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
91 /* the offset is the first 12 bits of the 16 bit value */
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
92 offset = (blkhdr&0xFFF0)>>4;
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
93 /* the length of the dict entry are the last 4 bits */
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
94 length = (blkhdr&0x000F)+2;
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
95 // add the value we are about to print to the dictionary
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
96 for (i=0; i < length; i++) {
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
97 unsigned char c1;
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
98 c1 = dict[(offset+i)%4096];
79
56fa05fd5271 Patch from Robert Simpson for encryption type 2.
Carl Byington <carl@five-ten-sg.com>
parents: 78
diff changeset
99 dict[dict_length] = c1;
41
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
100 dict_length = (dict_length+1) % 4096;
73
3cb02cb1e6cd Patch from Robert Simpson to fix doubly-linked list in the cache_ptr code, and allow arrays of unicode strings (without converting them).
Carl Byington <carl@five-ten-sg.com>
parents: 48
diff changeset
101 if (out_ptr < out_size) out_buf[out_ptr++] = (char)c1;
78
535075b4d261 Patch from Joachim Metz for debian packaging, and fix for incorrect length on lz decompression.
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
102 // required for dictionary wrap around
535075b4d261 Patch from Joachim Metz for debian packaging, and fix for incorrect length on lz decompression.
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
103 // otherwise 0 byte values are referenced incorrectly
535075b4d261 Patch from Joachim Metz for debian packaging, and fix for incorrect length on lz decompression.
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
104 dict[dict_length] = 0;
41
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
105 }
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
106 }
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
107 } else {
41
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
108 // one byte available?
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
109 if (in_ptr < in_size) {
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
110 // uncompressed chunk (single byte)
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
111 char c1 = rtfcomp[in_ptr++];
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
112 dict[dict_length] = c1;
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
113 dict_length = (dict_length+1)%4096;
73
3cb02cb1e6cd Patch from Robert Simpson to fix doubly-linked list in the cache_ptr code, and allow arrays of unicode strings (without converting them).
Carl Byington <carl@five-ten-sg.com>
parents: 48
diff changeset
114 if (out_ptr < out_size) out_buf[out_ptr++] = (char)c1;
78
535075b4d261 Patch from Joachim Metz for debian packaging, and fix for incorrect length on lz decompression.
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
115 // required for dictionary wrap around
535075b4d261 Patch from Joachim Metz for debian packaging, and fix for incorrect length on lz decompression.
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
116 // otherwise 0 byte values are referenced incorrect
535075b4d261 Patch from Joachim Metz for debian packaging, and fix for incorrect length on lz decompression.
Carl Byington <carl@five-ten-sg.com>
parents: 73
diff changeset
117 dict[dict_length] = 0;
41
183ae993b9ad security fix for potential buffer overrun in lz decompress
carl
parents: 37
diff changeset
118 }
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
119 }
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
120 flag_mask <<= 1;
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
121 }
16
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
122 }
85
582e927756d3 Patch from Robert Simpson for file handle leak in error case.
Carl Byington <carl@five-ten-sg.com>
parents: 79
diff changeset
123 *size = out_ptr;
36
6fe121a971c9 valgrind fixes
carl
parents: 16
diff changeset
124 return out_buf;
16
c508ee15dfca switch to automake/autoconf
carl
parents:
diff changeset
125 }