root/lib/lzo/lzo1x_decompress_safe.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. lzo1x_decompress_safe

   1 // SPDX-License-Identifier: GPL-2.0-only
   2 /*
   3  *  LZO1X Decompressor from LZO
   4  *
   5  *  Copyright (C) 1996-2012 Markus F.X.J. Oberhumer <markus@oberhumer.com>
   6  *
   7  *  The full LZO package can be found at:
   8  *  http://www.oberhumer.com/opensource/lzo/
   9  *
  10  *  Changed for Linux kernel use by:
  11  *  Nitin Gupta <nitingupta910@gmail.com>
  12  *  Richard Purdie <rpurdie@openedhand.com>
  13  */
  14 
  15 #ifndef STATIC
  16 #include <linux/module.h>
  17 #include <linux/kernel.h>
  18 #endif
  19 #include <asm/unaligned.h>
  20 #include <linux/lzo.h>
  21 #include "lzodefs.h"
  22 
  23 #define HAVE_IP(x)      ((size_t)(ip_end - ip) >= (size_t)(x))
  24 #define HAVE_OP(x)      ((size_t)(op_end - op) >= (size_t)(x))
  25 #define NEED_IP(x)      if (!HAVE_IP(x)) goto input_overrun
  26 #define NEED_OP(x)      if (!HAVE_OP(x)) goto output_overrun
  27 #define TEST_LB(m_pos)  if ((m_pos) < out) goto lookbehind_overrun
  28 
  29 /* This MAX_255_COUNT is the maximum number of times we can add 255 to a base
  30  * count without overflowing an integer. The multiply will overflow when
  31  * multiplying 255 by more than MAXINT/255. The sum will overflow earlier
  32  * depending on the base count. Since the base count is taken from a u8
  33  * and a few bits, it is safe to assume that it will always be lower than
  34  * or equal to 2*255, thus we can always prevent any overflow by accepting
  35  * two less 255 steps. See Documentation/lzo.txt for more information.
  36  */
  37 #define MAX_255_COUNT      ((((size_t)~0) / 255) - 2)
  38 
  39 int lzo1x_decompress_safe(const unsigned char *in, size_t in_len,
  40                           unsigned char *out, size_t *out_len)
  41 {
  42         unsigned char *op;
  43         const unsigned char *ip;
  44         size_t t, next;
  45         size_t state = 0;
  46         const unsigned char *m_pos;
  47         const unsigned char * const ip_end = in + in_len;
  48         unsigned char * const op_end = out + *out_len;
  49 
  50         unsigned char bitstream_version;
  51 
  52         op = out;
  53         ip = in;
  54 
  55         if (unlikely(in_len < 3))
  56                 goto input_overrun;
  57 
  58         if (likely(in_len >= 5) && likely(*ip == 17)) {
  59                 bitstream_version = ip[1];
  60                 ip += 2;
  61         } else {
  62                 bitstream_version = 0;
  63         }
  64 
  65         if (*ip > 17) {
  66                 t = *ip++ - 17;
  67                 if (t < 4) {
  68                         next = t;
  69                         goto match_next;
  70                 }
  71                 goto copy_literal_run;
  72         }
  73 
  74         for (;;) {
  75                 t = *ip++;
  76                 if (t < 16) {
  77                         if (likely(state == 0)) {
  78                                 if (unlikely(t == 0)) {
  79                                         size_t offset;
  80                                         const unsigned char *ip_last = ip;
  81 
  82                                         while (unlikely(*ip == 0)) {
  83                                                 ip++;
  84                                                 NEED_IP(1);
  85                                         }
  86                                         offset = ip - ip_last;
  87                                         if (unlikely(offset > MAX_255_COUNT))
  88                                                 return LZO_E_ERROR;
  89 
  90                                         offset = (offset << 8) - offset;
  91                                         t += offset + 15 + *ip++;
  92                                 }
  93                                 t += 3;
  94 copy_literal_run:
  95 #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)
  96                                 if (likely(HAVE_IP(t + 15) && HAVE_OP(t + 15))) {
  97                                         const unsigned char *ie = ip + t;
  98                                         unsigned char *oe = op + t;
  99                                         do {
 100                                                 COPY8(op, ip);
 101                                                 op += 8;
 102                                                 ip += 8;
 103                                                 COPY8(op, ip);
 104                                                 op += 8;
 105                                                 ip += 8;
 106                                         } while (ip < ie);
 107                                         ip = ie;
 108                                         op = oe;
 109                                 } else
 110 #endif
 111                                 {
 112                                         NEED_OP(t);
 113                                         NEED_IP(t + 3);
 114                                         do {
 115                                                 *op++ = *ip++;
 116                                         } while (--t > 0);
 117                                 }
 118                                 state = 4;
 119                                 continue;
 120                         } else if (state != 4) {
 121                                 next = t & 3;
 122                                 m_pos = op - 1;
 123                                 m_pos -= t >> 2;
 124                                 m_pos -= *ip++ << 2;
 125                                 TEST_LB(m_pos);
 126                                 NEED_OP(2);
 127                                 op[0] = m_pos[0];
 128                                 op[1] = m_pos[1];
 129                                 op += 2;
 130                                 goto match_next;
 131                         } else {
 132                                 next = t & 3;
 133                                 m_pos = op - (1 + M2_MAX_OFFSET);
 134                                 m_pos -= t >> 2;
 135                                 m_pos -= *ip++ << 2;
 136                                 t = 3;
 137                         }
 138                 } else if (t >= 64) {
 139                         next = t & 3;
 140                         m_pos = op - 1;
 141                         m_pos -= (t >> 2) & 7;
 142                         m_pos -= *ip++ << 3;
 143                         t = (t >> 5) - 1 + (3 - 1);
 144                 } else if (t >= 32) {
 145                         t = (t & 31) + (3 - 1);
 146                         if (unlikely(t == 2)) {
 147                                 size_t offset;
 148                                 const unsigned char *ip_last = ip;
 149 
 150                                 while (unlikely(*ip == 0)) {
 151                                         ip++;
 152                                         NEED_IP(1);
 153                                 }
 154                                 offset = ip - ip_last;
 155                                 if (unlikely(offset > MAX_255_COUNT))
 156                                         return LZO_E_ERROR;
 157 
 158                                 offset = (offset << 8) - offset;
 159                                 t += offset + 31 + *ip++;
 160                                 NEED_IP(2);
 161                         }
 162                         m_pos = op - 1;
 163                         next = get_unaligned_le16(ip);
 164                         ip += 2;
 165                         m_pos -= next >> 2;
 166                         next &= 3;
 167                 } else {
 168                         NEED_IP(2);
 169                         next = get_unaligned_le16(ip);
 170                         if (((next & 0xfffc) == 0xfffc) &&
 171                             ((t & 0xf8) == 0x18) &&
 172                             likely(bitstream_version)) {
 173                                 NEED_IP(3);
 174                                 t &= 7;
 175                                 t |= ip[2] << 3;
 176                                 t += MIN_ZERO_RUN_LENGTH;
 177                                 NEED_OP(t);
 178                                 memset(op, 0, t);
 179                                 op += t;
 180                                 next &= 3;
 181                                 ip += 3;
 182                                 goto match_next;
 183                         } else {
 184                                 m_pos = op;
 185                                 m_pos -= (t & 8) << 11;
 186                                 t = (t & 7) + (3 - 1);
 187                                 if (unlikely(t == 2)) {
 188                                         size_t offset;
 189                                         const unsigned char *ip_last = ip;
 190 
 191                                         while (unlikely(*ip == 0)) {
 192                                                 ip++;
 193                                                 NEED_IP(1);
 194                                         }
 195                                         offset = ip - ip_last;
 196                                         if (unlikely(offset > MAX_255_COUNT))
 197                                                 return LZO_E_ERROR;
 198 
 199                                         offset = (offset << 8) - offset;
 200                                         t += offset + 7 + *ip++;
 201                                         NEED_IP(2);
 202                                         next = get_unaligned_le16(ip);
 203                                 }
 204                                 ip += 2;
 205                                 m_pos -= next >> 2;
 206                                 next &= 3;
 207                                 if (m_pos == op)
 208                                         goto eof_found;
 209                                 m_pos -= 0x4000;
 210                         }
 211                 }
 212                 TEST_LB(m_pos);
 213 #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)
 214                 if (op - m_pos >= 8) {
 215                         unsigned char *oe = op + t;
 216                         if (likely(HAVE_OP(t + 15))) {
 217                                 do {
 218                                         COPY8(op, m_pos);
 219                                         op += 8;
 220                                         m_pos += 8;
 221                                         COPY8(op, m_pos);
 222                                         op += 8;
 223                                         m_pos += 8;
 224                                 } while (op < oe);
 225                                 op = oe;
 226                                 if (HAVE_IP(6)) {
 227                                         state = next;
 228                                         COPY4(op, ip);
 229                                         op += next;
 230                                         ip += next;
 231                                         continue;
 232                                 }
 233                         } else {
 234                                 NEED_OP(t);
 235                                 do {
 236                                         *op++ = *m_pos++;
 237                                 } while (op < oe);
 238                         }
 239                 } else
 240 #endif
 241                 {
 242                         unsigned char *oe = op + t;
 243                         NEED_OP(t);
 244                         op[0] = m_pos[0];
 245                         op[1] = m_pos[1];
 246                         op += 2;
 247                         m_pos += 2;
 248                         do {
 249                                 *op++ = *m_pos++;
 250                         } while (op < oe);
 251                 }
 252 match_next:
 253                 state = next;
 254                 t = next;
 255 #if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)
 256                 if (likely(HAVE_IP(6) && HAVE_OP(4))) {
 257                         COPY4(op, ip);
 258                         op += t;
 259                         ip += t;
 260                 } else
 261 #endif
 262                 {
 263                         NEED_IP(t + 3);
 264                         NEED_OP(t);
 265                         while (t > 0) {
 266                                 *op++ = *ip++;
 267                                 t--;
 268                         }
 269                 }
 270         }
 271 
 272 eof_found:
 273         *out_len = op - out;
 274         return (t != 3       ? LZO_E_ERROR :
 275                 ip == ip_end ? LZO_E_OK :
 276                 ip <  ip_end ? LZO_E_INPUT_NOT_CONSUMED : LZO_E_INPUT_OVERRUN);
 277 
 278 input_overrun:
 279         *out_len = op - out;
 280         return LZO_E_INPUT_OVERRUN;
 281 
 282 output_overrun:
 283         *out_len = op - out;
 284         return LZO_E_OUTPUT_OVERRUN;
 285 
 286 lookbehind_overrun:
 287         *out_len = op - out;
 288         return LZO_E_LOOKBEHIND_OVERRUN;
 289 }
 290 #ifndef STATIC
 291 EXPORT_SYMBOL_GPL(lzo1x_decompress_safe);
 292 
 293 MODULE_LICENSE("GPL");
 294 MODULE_DESCRIPTION("LZO1X Decompressor");
 295 
 296 #endif

/* [<][>][^][v][top][bottom][index][help] */