3 * Extract data from `tar' archives
5 * (c) 2018 Straylight/Edgeware
8 /*----- Licensing notice --------------------------------------------------*
10 * This file is part of the Trivial IP Encryption (TrIPE) Android app.
12 * TrIPE is free software: you can redistribute it and/or modify it under
13 * the terms of the GNU General Public License as published by the Free
14 * Software Foundation; either version 3 of the License, or (at your
15 * option) any later version.
17 * TrIPE is distributed in the hope that it will be useful, but WITHOUT
18 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
19 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
22 * You should have received a copy of the GNU General Public License
23 * along with TrIPE. If not, see <https://www.gnu.org/licenses/>.
26 package uk.org.distorted.tripe;
28 /*----- Imports -----------------------------------------------------------*/
30 import java.io.{Closeable, InputStream};
31 import java.nio.ByteBuffer;
32 import java.nio.charset.Charset;
33 import java.util.Date;
36 import sys.FileInfo.{Value, FIFO, CHR, DIR, BLK, REG, LNK, HDLNK, UNK};
38 /*----- Main code ---------------------------------------------------------*/
40 class TarFormatError(msg: String) extends Exception(msg);
43 /* Honestly, I'd rather just have `TarFile#Entry', but Scala doesn't permit
44 * the trait inheritance circularity. So this is a cardboard cutout
48 /* Basic facts about the entry. */
58 /* Type predicates (intentionally like `FileInfo'). */
59 def isfifo: Boolean = rawtyp == '6';
60 def ischr: Boolean = rawtyp == '3';
61 def isdir: Boolean = rawtyp == '5';
62 def isblk: Boolean = rawtyp == '4';
63 def isreg: Boolean = rawtyp match {
64 case 0 | '0' | '7' => true
67 def islnk: Boolean = rawtyp == '2';
68 def issock: Boolean = false;
69 def ishardlink: Boolean = rawtyp == '1';
71 def typ: FileInfo.Value = rawtyp match {
72 case 0 | '0' | '7' => REG
82 def verbose: String = {
83 /* Encode information about this tar header as a string. */
85 val sb = new StringBuilder;
87 /* First, the type code. */
89 case 0 | '0' | '7' => '-'
99 /* Then the permissions bits. Ugh, the permissions bits. */
100 def perm(s: Int, r: Int, w: Int, x: Int, schar: Char, Schar: Char) {
101 sb += (if ((mode&r) != 0) 'r' else '-');
102 sb += (if ((mode&w) != 0) 'w' else '-');
103 sb += (if ((mode&s) != 0)
104 if ((mode&x) != 0) schar else Schar;
106 if ((mode&x) != 0) 'x' else '-');
108 perm(0x800, 0x100, 0x080, 0x040, 's', 'S');
109 perm(0x400, 0x020, 0x010, 0x008, 's', 'S');
110 perm(0x200, 0x004, 0x002, 0x001, 't', 'T');
112 /* And the rest, which is easy. */
113 sb ++= f" $uid%8d $gid%8d $size%12d $mtime%tFT%<tT%<tz $name%s";
119 override def toString(): String = s"${getClass.getName}($verbose)";
121 def stream: InputStream;
122 def withStream[T](body: InputStream => T): T = {
125 finally { s.close(); }
129 class TarFile(in: InputStream)
130 extends LookaheadIterator[TarEntry] with Closeable { tar =>
132 /* Tokens are just objects, meaningful only for their identity. */
133 private[TarFile] class Token;
135 /* Some useful state. */
136 private[TarFile] var offset: Long = 0; // current byte offset
137 private[this] var lockp = false; // locked by open entry?
138 private[this] var locktok = new Token; // active lock token
139 private[this] var nexthdr: Long = 0; // byte offset of next header
140 private[this] val hdr = new Array[Byte](512); // header under consideration
142 /* Making sure we clean up properly. */
143 override def close() { in.close(); }
144 override protected def finalize() { super.finalize(); close(); }
146 private[this] def eoferr()
147 { throw new TarFormatError(s"unexpected EOF (at $offset)"); }
149 /* Locking machinery.
151 * We work from a primitive `InputStream' which we can't seek. From this,
152 * we must be able to extract file contents, as an `InputStream', and parse
153 * file headers. We'll be badly lost if we lose track of where we are in
156 * So, there's a lock, which can be held by at most one actor at a time:
157 * either the `TarFile' itself, while it's (hopefully) reading a header
158 * block, or by the `Stream' object which lets the caller read an
159 * individual entry's content. Furthermore, if we start activating the
160 * per-entry streams out of order, we'll get confused about where we're
161 * meant to be, so there's also a `token' which represents a participant's
162 * right to claim the lock. The `TarFile' itself has special privileges
163 * and doesn't need a token, but the per-entry streams do, and only the
164 * stream associated with the most recently-read header is allowed to claim
168 private[this] def lock() {
169 /* Claim exclusive use of the input stream. */
171 if (lockp) throw new IllegalArgumentException("tarfile lock still held");
175 private[TarFile] def lock(tok: Token) {
176 /* Claim exclusive use of the input stream, passing a token. */
179 throw new IllegalArgumentException("stale lock token");
183 private[TarFile] def unlock() {
184 /* Release the input stream so someone else can have a go. */
191 /* Doing I/O on the input stream.
193 * Our `Stream' object sneakily grabs single bytes from the input. Given
194 * the way Scala works, we can't prevent that, so roll with it.
197 private[TarFile] def read(buf: Array[Byte], start: Int, len: Int) {
198 /* Read input data into the indicated region of the buffer. Short reads
199 * are diagnosed as errors. Advances the cursor.
203 val limit = start + len;
205 val n = in.read(buf, pos, limit - pos);
207 pos += n; offset += n;
211 private[TarFile] def skip(len: Long) {
212 /* Skip ahead LEN bytes in the archive. (The int/long discrepancy
213 * matches Java's bizarre `InputStream' protocol.)
218 val n = in.skip(remain);
220 if (n > 0) { remain -= n; offset += n; }
222 /* It's hard to work out whether this means we've hit EOF or not. It
223 * seems best to check. We must have at least one byte left to skip
224 * or we wouldn't have started this iteration, so try to read that.
225 * If that works, then there's more stuff available and skipping
226 * isn't working, so start to read buffers and discard them.
229 if (in.read() == -1) eoferr();
230 remain -= 1; offset += 1;
232 /* Ugh. So, buffers it is then. */
233 val buf = new Array[Byte]((remain min 4096).toInt);
234 while (remain >= buf.length) {
235 val n = (remain min buf.length).toInt;
243 private[TarFile] class Stream(end: Long, tok: Token) extends InputStream {
244 /* An input stream for a single archive entry's content. */
246 /* Claim the lock. If we're stale, this won't work. */
248 private[this] var open = true;
250 private[this] def checkopen() {
251 /* Complain if the stream is closed. */
253 if (!lockp) throw new IllegalArgumentException("stream is closed");
256 override def read(): Int = {
257 /* Read one byte. Don't know why there isn't a default implementation
262 if (offset >= end) -1
265 if (b == -1) eoferr();
271 override def read(buf: Array[Byte], start: Int, len: Int): Int = {
275 if (offset >= end) -1
277 var n = (len.toLong min (end - offset)).toInt;
278 tar.read(buf, start, n);
283 override def close() {
284 /* Release the lock. */
286 if (open) { unlock(); open = false; }
290 private[this] class Entry(val name: String, val size: Long,
291 val rawtyp: Char, val mode: Int,
293 val uid: Int, val gid: Int,
295 end: Long, tok: Token)
297 /* See `TarEntry' for why we have this silliness. Most of the work is in
298 * the constructor above.
301 lazy val stream: InputStream = new Stream(end, tok);
304 /* Utilities for parsing archive-entry header blocks. */
306 private[this] def string(off: Int, len: Int): String = {
307 /* Parse a string from the block header. POSIX.1-2008 says that header
308 * fields should be ISO/IEC 646, but strange things can turn up
309 * especially in filenames. I'm going to translate strings according to
310 * the local character set, because that will map most easily if a
311 * program tries to write out files from the archive with their
315 /* First, find the null terminator, if there is one. Scala doesn't make
316 * this especially easy. Rustle up a view to limit the search.
318 val bview = hdr.view(off, off + len);
319 val n = bview.indexOf(0) match {
324 /* And then decode the relevant portion of the orignal buffer. */
325 val dec = Charset.defaultCharset.newDecoder;
326 val in = ByteBuffer.wrap(hdr, off, n);
327 dec.decode(in).toString
330 private[this] def number(off: Int, len: Int, max: Long): Long = {
331 /* Parse a number from the block header. POSIX.1-2008 says that numbers
332 * are in octal and terminated by space or nul.
335 var n = 0l; // accumulate the value
336 for (i <- off until off + len) {
339 /* See if we're done now. */
340 if (b == ' ' || b == 0) return n;
341 else if (b < '0' || b > '7')
342 throw new TarFormatError(s"bad octal digit (at ${offset + off + i})");
344 /* Convert to a digit. */
347 /* Check for overflow -- without overflowing.
349 * Write max 8 N + M. We overflow if 8 n + m > 8 N + M, i.e., 8 n >
350 * 8 N + (M - m), so n > N + (M - m)/8. This last calculation is a
351 * little fraught because Scala has the wrong semantics when dividing
354 if (n > max/8 + (8 + max%8 - m)/8 - 1)
355 throw new TarFormatError(s"number out of range (at ${offset + off})");
357 /* Accumulate and go round again. */
363 override protected def fetch(): Option[TarEntry] = {
364 /* Collect the next archive header and return it as a file entry. */
366 /* Make sure that we can actually do this. */
367 withCleaner { clean =>
368 lock(); clean { unlock(); }
370 /* Skip ahead to the next header. */
371 skip(nexthdr - offset);
373 /* Read the header. The end of the archive is marked by two zero
374 * blocks, so the archive is broken if there isn't at least one here.
379 /* If the block is entirely zero-filled then declare this file at an
380 * end. No good can come from checking the next block.
382 if (hdr.forall(_ == 0)) return None;
384 /* Verify the checksum. Pay attention because Java's bytes are
385 * (idiotically) signed.
387 var ck: Int = 8*' '; // pretend chksum field is spaces
388 for (i <- 0 until 148) ck += hdr(i)&0xff;
389 for (i <- 156 until 512) ck += hdr(i)&0xff;
390 val wantck = number(148, 8, 0x20000);
392 throw new TarFormatError(
393 s"invalid checksum $ck /= $wantck (at $nexthdr)");
396 /* Fetch the `magic' and `version' fields. If this is a proper POSIX
397 * `ustar' file then special processing will apply.
399 val magic = string(257, 6);
400 val version = string(263, 2);
401 val posixp = magic == "ustar" && version == "00";
403 /* Figure out this entry's name. If this is a POSIX archive, then part
404 * of the name is stashed at the end of the header because of old, bad
405 * decisions. But don't look there unless we're sure because old GNU
406 * `tar' used that space for other things.
409 val tail = string(0, 100);
410 if (!posixp || hdr(345) == 0) tail
412 val prefix = string(345, 155);
417 /* Read some other easy stuff. */
418 val mode = number(100, 8, 0xfff).toInt;
419 val uid = number(108, 8, Int.MaxValue).toInt;
420 val gid = number(116, 8, Int.MaxValue).toInt;
421 val typ = hdr(156).toChar;
422 val mtime = number(136, 12, Long.MaxValue);
424 /* The size is irrelevant, and possibly even misleading, for some entry
425 * types. We're not interested, for example, in systems where
426 * directories need to be preallocated.
428 val size = typ match {
429 case '1' | '2' | '3' | '4' | '5' | '6' => 0
430 case _ => number(124, 12, Long.MaxValue)
433 /* Maybe fetch the link name. */
434 val link = typ match {
435 case '1' | '2' => string(157, 100)
439 /* Figure out where the next header ought to be. */
440 nexthdr = (offset + size + 511)& -512;
442 /* Return the finished archive entry. */
443 Some(new Entry(name, size, typ, mode,
444 new Date(1000*mtime), uid, gid, link,
445 offset + size, locktok));
451 * for (e <- TarFile(new GZIPInputStream(tarball.open())); if e.isreg)
452 * e withStream { in =>
453 * val h = java.security.MessageDigest.getInstance("SHA-256");
454 * for ((buf, n) <- in.blocks) h.update(b, 0, n);
455 * val hex = new String(h.digest flatMap { _.formatted("%02x") });
456 * println("s$hex ${e.name}");
460 /*----- That's all, folks -------------------------------------------------*/
~mdw / tripe-android / blob