Adam Lesinski | 7ad1110 | 2016-10-28 16:39:15 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2016 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Adam Lesinski | da431a2 | 2016-12-29 16:08:16 -0500 | [diff] [blame] | 17 | #include "androidfw/Chunk.h" |
Adam Lesinski | 7ad1110 | 2016-10-28 16:39:15 -0700 | [diff] [blame] | 18 | |
| 19 | #include "android-base/logging.h" |
| 20 | |
| 21 | namespace android { |
| 22 | |
| 23 | Chunk ChunkIterator::Next() { |
| 24 | CHECK(len_ != 0) << "called Next() after last chunk"; |
| 25 | |
| 26 | const ResChunk_header* this_chunk = next_chunk_; |
| 27 | |
| 28 | // We've already checked the values of this_chunk, so safely increment. |
| 29 | next_chunk_ = reinterpret_cast<const ResChunk_header*>( |
| 30 | reinterpret_cast<const uint8_t*>(this_chunk) + dtohl(this_chunk->size)); |
| 31 | len_ -= dtohl(this_chunk->size); |
| 32 | |
| 33 | if (len_ != 0) { |
| 34 | // Prepare the next chunk. |
Todd Kennedy | 28e663c | 2018-07-12 13:15:54 -0700 | [diff] [blame] | 35 | if (VerifyNextChunkNonFatal()) { |
| 36 | VerifyNextChunk(); |
| 37 | } |
Adam Lesinski | 7ad1110 | 2016-10-28 16:39:15 -0700 | [diff] [blame] | 38 | } |
| 39 | return Chunk(this_chunk); |
| 40 | } |
| 41 | |
Todd Kennedy | 28e663c | 2018-07-12 13:15:54 -0700 | [diff] [blame] | 42 | // TODO(b/111401637) remove this and have full resource file verification |
| 43 | // Returns false if there was an error. |
| 44 | bool ChunkIterator::VerifyNextChunkNonFatal() { |
| 45 | if (len_ < sizeof(ResChunk_header)) { |
| 46 | last_error_ = "not enough space for header"; |
| 47 | last_error_was_fatal_ = false; |
| 48 | return false; |
| 49 | } |
| 50 | const size_t size = dtohl(next_chunk_->size); |
| 51 | if (size > len_) { |
| 52 | last_error_ = "chunk size is bigger than given data"; |
| 53 | last_error_was_fatal_ = false; |
| 54 | return false; |
| 55 | } |
| 56 | return true; |
| 57 | } |
| 58 | |
Adam Lesinski | 7ad1110 | 2016-10-28 16:39:15 -0700 | [diff] [blame] | 59 | // Returns false if there was an error. |
| 60 | bool ChunkIterator::VerifyNextChunk() { |
| 61 | const uintptr_t header_start = reinterpret_cast<uintptr_t>(next_chunk_); |
| 62 | |
| 63 | // This data must be 4-byte aligned, since we directly |
| 64 | // access 32-bit words, which must be aligned on |
| 65 | // certain architectures. |
| 66 | if (header_start & 0x03) { |
| 67 | last_error_ = "header not aligned on 4-byte boundary"; |
| 68 | return false; |
| 69 | } |
| 70 | |
| 71 | if (len_ < sizeof(ResChunk_header)) { |
| 72 | last_error_ = "not enough space for header"; |
| 73 | return false; |
| 74 | } |
| 75 | |
| 76 | const size_t header_size = dtohs(next_chunk_->headerSize); |
| 77 | const size_t size = dtohl(next_chunk_->size); |
| 78 | if (header_size < sizeof(ResChunk_header)) { |
| 79 | last_error_ = "header size too small"; |
| 80 | return false; |
| 81 | } |
| 82 | |
| 83 | if (header_size > size) { |
| 84 | last_error_ = "header size is larger than entire chunk"; |
| 85 | return false; |
| 86 | } |
| 87 | |
| 88 | if (size > len_) { |
| 89 | last_error_ = "chunk size is bigger than given data"; |
| 90 | return false; |
| 91 | } |
| 92 | |
| 93 | if ((size | header_size) & 0x03) { |
| 94 | last_error_ = "header sizes are not aligned on 4-byte boundary"; |
| 95 | return false; |
| 96 | } |
| 97 | return true; |
| 98 | } |
| 99 | |
| 100 | } // namespace android |