1 /*
2 * Copyright (C) 2019 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #define TRACE_TAG ADB
18
19 #include "apk_archive.h"
20
21 #include <inttypes.h>
22
23 #include "adb_trace.h"
24 #include "sysdeps.h"
25
26 #include <android-base/endian.h>
27 #include <android-base/mapped_file.h>
28
29 #include <openssl/md5.h>
30
31 constexpr uint16_t kCompressStored = 0;
32
33 // mask value that signifies that the entry has a DD
34 static const uint32_t kGPBDDFlagMask = 0x0008;
35
36 namespace {
37 struct FileRegion {
FileRegion__anon842425ec0111::FileRegion38 FileRegion(borrowed_fd fd, off64_t offset, size_t length)
39 : mapped_(android::base::MappedFile::FromOsHandle(adb_get_os_handle(fd), offset, length,
40 PROT_READ)) {
41 if (mapped_ != nullptr) {
42 return;
43 }
44
45 // Mapped file failed, falling back to pread.
46 buffer_.resize(length);
47 if (auto err = adb_pread(fd.get(), buffer_.data(), length, offset); size_t(err) != length) {
48 fprintf(stderr, "Unable to read %lld bytes at offset %" PRId64 " \n",
49 static_cast<long long>(length), offset);
50 buffer_.clear();
51 return;
52 }
53 }
54
data__anon842425ec0111::FileRegion55 const char* data() const { return mapped_ ? mapped_->data() : buffer_.data(); }
size__anon842425ec0111::FileRegion56 size_t size() const { return mapped_ ? mapped_->size() : buffer_.size(); }
57
58 private:
59 FileRegion() = default;
60 DISALLOW_COPY_AND_ASSIGN(FileRegion);
61
62 std::unique_ptr<android::base::MappedFile> mapped_;
63 std::string buffer_;
64 };
65 } // namespace
66
67 using com::android::fastdeploy::APKDump;
68
ApkArchive(const std::string & path)69 ApkArchive::ApkArchive(const std::string& path) : path_(path), size_(0) {
70 fd_.reset(adb_open(path_.c_str(), O_RDONLY));
71 if (fd_ == -1) {
72 fprintf(stderr, "Unable to open file '%s'\n", path_.c_str());
73 return;
74 }
75
76 struct stat st;
77 if (stat(path_.c_str(), &st) == -1) {
78 fprintf(stderr, "Unable to stat file '%s'\n", path_.c_str());
79 return;
80 }
81 size_ = st.st_size;
82 }
83
~ApkArchive()84 ApkArchive::~ApkArchive() {}
85
ExtractMetadata()86 APKDump ApkArchive::ExtractMetadata() {
87 D("ExtractMetadata");
88 if (!ready()) {
89 return {};
90 }
91
92 Location cdLoc = GetCDLocation();
93 if (!cdLoc.valid) {
94 return {};
95 }
96
97 APKDump dump;
98 dump.set_absolute_path(path_);
99 dump.set_cd(ReadMetadata(cdLoc));
100
101 Location sigLoc = GetSignatureLocation(cdLoc.offset);
102 if (sigLoc.valid) {
103 dump.set_signature(ReadMetadata(sigLoc));
104 }
105 return dump;
106 }
107
FindEndOfCDRecord() const108 off_t ApkArchive::FindEndOfCDRecord() const {
109 constexpr int endOfCDSignature = 0x06054b50;
110 constexpr off_t endOfCDMinSize = 22;
111 constexpr off_t endOfCDMaxSize = 65535 + endOfCDMinSize;
112
113 auto sizeToRead = std::min(size_, endOfCDMaxSize);
114 auto readOffset = size_ - sizeToRead;
115 FileRegion mapped(fd_, readOffset, sizeToRead);
116
117 // Start scanning from the end
118 auto* start = mapped.data();
119 auto* cursor = start + mapped.size() - sizeof(endOfCDSignature);
120
121 // Search for End of Central Directory record signature.
122 while (cursor >= start) {
123 if (*(int32_t*)cursor == endOfCDSignature) {
124 return readOffset + (cursor - start);
125 }
126 cursor--;
127 }
128 return -1;
129 }
130
FindCDRecord(const char * cursor)131 ApkArchive::Location ApkArchive::FindCDRecord(const char* cursor) {
132 struct ecdr_t {
133 int32_t signature;
134 uint16_t diskNumber;
135 uint16_t numDisk;
136 uint16_t diskEntries;
137 uint16_t numEntries;
138 uint32_t crSize;
139 uint32_t offsetToCdHeader;
140 uint16_t commentSize;
141 uint8_t comment[0];
142 } __attribute__((packed));
143 ecdr_t* header = (ecdr_t*)cursor;
144
145 Location location;
146 location.offset = header->offsetToCdHeader;
147 location.size = header->crSize;
148 location.valid = true;
149 return location;
150 }
151
GetCDLocation()152 ApkArchive::Location ApkArchive::GetCDLocation() {
153 constexpr off_t cdEntryHeaderSizeBytes = 22;
154 Location location;
155
156 // Find End of Central Directory Record
157 off_t eocdRecord = FindEndOfCDRecord();
158 if (eocdRecord < 0) {
159 fprintf(stderr, "Unable to find End of Central Directory record in file '%s'\n",
160 path_.c_str());
161 return location;
162 }
163
164 // Find Central Directory Record
165 FileRegion mapped(fd_, eocdRecord, cdEntryHeaderSizeBytes);
166 location = FindCDRecord(mapped.data());
167 if (!location.valid) {
168 fprintf(stderr, "Unable to find Central Directory File Header in file '%s'\n",
169 path_.c_str());
170 return location;
171 }
172
173 return location;
174 }
175
GetSignatureLocation(off_t cdRecordOffset)176 ApkArchive::Location ApkArchive::GetSignatureLocation(off_t cdRecordOffset) {
177 Location location;
178
179 // Signature constants.
180 constexpr off_t endOfSignatureSize = 24;
181 off_t signatureOffset = cdRecordOffset - endOfSignatureSize;
182 if (signatureOffset < 0) {
183 fprintf(stderr, "Unable to find signature in file '%s'\n", path_.c_str());
184 return location;
185 }
186
187 FileRegion mapped(fd_, signatureOffset, endOfSignatureSize);
188
189 uint64_t signatureSize = *(uint64_t*)mapped.data();
190 auto* signature = mapped.data() + sizeof(signatureSize);
191 // Check if there is a v2/v3 Signature block here.
192 if (memcmp(signature, "APK Sig Block 42", 16)) {
193 return location;
194 }
195
196 // This is likely a signature block.
197 location.size = signatureSize;
198 location.offset = cdRecordOffset - location.size - 8;
199 location.valid = true;
200
201 return location;
202 }
203
ReadMetadata(Location loc) const204 std::string ApkArchive::ReadMetadata(Location loc) const {
205 FileRegion mapped(fd_, loc.offset, loc.size);
206 return {mapped.data(), mapped.size()};
207 }
208
ParseCentralDirectoryRecord(const char * input,size_t size,std::string * md5Hash,int64_t * localFileHeaderOffset,int64_t * dataSize)209 size_t ApkArchive::ParseCentralDirectoryRecord(const char* input, size_t size, std::string* md5Hash,
210 int64_t* localFileHeaderOffset, int64_t* dataSize) {
211 // A structure representing the fixed length fields for a single
212 // record in the central directory of the archive. In addition to
213 // the fixed length fields listed here, each central directory
214 // record contains a variable length "file_name" and "extra_field"
215 // whose lengths are given by |file_name_length| and |extra_field_length|
216 // respectively.
217 static constexpr int kCDFileHeaderMagic = 0x02014b50;
218 struct CentralDirectoryRecord {
219 // The start of record signature. Must be |kSignature|.
220 uint32_t record_signature;
221 // Source tool version. Top byte gives source OS.
222 uint16_t version_made_by;
223 // Tool version. Ignored by this implementation.
224 uint16_t version_needed;
225 // The "general purpose bit flags" for this entry. The only
226 // flag value that we currently check for is the "data descriptor"
227 // flag.
228 uint16_t gpb_flags;
229 // The compression method for this entry, one of |kCompressStored|
230 // and |kCompressDeflated|.
231 uint16_t compression_method;
232 // The file modification time and date for this entry.
233 uint16_t last_mod_time;
234 uint16_t last_mod_date;
235 // The CRC-32 checksum for this entry.
236 uint32_t crc32;
237 // The compressed size (in bytes) of this entry.
238 uint32_t compressed_size;
239 // The uncompressed size (in bytes) of this entry.
240 uint32_t uncompressed_size;
241 // The length of the entry file name in bytes. The file name
242 // will appear immediately after this record.
243 uint16_t file_name_length;
244 // The length of the extra field info (in bytes). This data
245 // will appear immediately after the entry file name.
246 uint16_t extra_field_length;
247 // The length of the entry comment (in bytes). This data will
248 // appear immediately after the extra field.
249 uint16_t comment_length;
250 // The start disk for this entry. Ignored by this implementation).
251 uint16_t file_start_disk;
252 // File attributes. Ignored by this implementation.
253 uint16_t internal_file_attributes;
254 // File attributes. For archives created on Unix, the top bits are the
255 // mode.
256 uint32_t external_file_attributes;
257 // The offset to the local file header for this entry, from the
258 // beginning of this archive.
259 uint32_t local_file_header_offset;
260
261 private:
262 CentralDirectoryRecord() = default;
263 DISALLOW_COPY_AND_ASSIGN(CentralDirectoryRecord);
264 } __attribute__((packed));
265
266 const CentralDirectoryRecord* cdr;
267 if (size < sizeof(*cdr)) {
268 return 0;
269 }
270
271 auto begin = input;
272 cdr = reinterpret_cast<const CentralDirectoryRecord*>(begin);
273 if (cdr->record_signature != kCDFileHeaderMagic) {
274 fprintf(stderr, "Invalid Central Directory Record signature\n");
275 return 0;
276 }
277 auto end = begin + sizeof(*cdr) + cdr->file_name_length + cdr->extra_field_length +
278 cdr->comment_length;
279
280 uint8_t md5Digest[MD5_DIGEST_LENGTH];
281 MD5((const unsigned char*)begin, end - begin, md5Digest);
282 md5Hash->assign((const char*)md5Digest, sizeof(md5Digest));
283
284 *localFileHeaderOffset = cdr->local_file_header_offset;
285 *dataSize = (cdr->compression_method == kCompressStored) ? cdr->uncompressed_size
286 : cdr->compressed_size;
287
288 return end - begin;
289 }
290
CalculateLocalFileEntrySize(int64_t localFileHeaderOffset,int64_t dataSize) const291 size_t ApkArchive::CalculateLocalFileEntrySize(int64_t localFileHeaderOffset,
292 int64_t dataSize) const {
293 // The local file header for a given entry. This duplicates information
294 // present in the central directory of the archive. It is an error for
295 // the information here to be different from the central directory
296 // information for a given entry.
297 static constexpr int kLocalFileHeaderMagic = 0x04034b50;
298 struct LocalFileHeader {
299 // The local file header signature, must be |kSignature|.
300 uint32_t lfh_signature;
301 // Tool version. Ignored by this implementation.
302 uint16_t version_needed;
303 // The "general purpose bit flags" for this entry. The only
304 // flag value that we currently check for is the "data descriptor"
305 // flag.
306 uint16_t gpb_flags;
307 // The compression method for this entry, one of |kCompressStored|
308 // and |kCompressDeflated|.
309 uint16_t compression_method;
310 // The file modification time and date for this entry.
311 uint16_t last_mod_time;
312 uint16_t last_mod_date;
313 // The CRC-32 checksum for this entry.
314 uint32_t crc32;
315 // The compressed size (in bytes) of this entry.
316 uint32_t compressed_size;
317 // The uncompressed size (in bytes) of this entry.
318 uint32_t uncompressed_size;
319 // The length of the entry file name in bytes. The file name
320 // will appear immediately after this record.
321 uint16_t file_name_length;
322 // The length of the extra field info (in bytes). This data
323 // will appear immediately after the entry file name.
324 uint16_t extra_field_length;
325
326 private:
327 LocalFileHeader() = default;
328 DISALLOW_COPY_AND_ASSIGN(LocalFileHeader);
329 } __attribute__((packed));
330 static constexpr int kLocalFileHeaderSize = sizeof(LocalFileHeader);
331 CHECK(ready()) << path_;
332
333 const LocalFileHeader* lfh;
334 if (localFileHeaderOffset + kLocalFileHeaderSize > size_) {
335 fprintf(stderr,
336 "Invalid Local File Header offset in file '%s' at offset %lld, file size %lld\n",
337 path_.c_str(), static_cast<long long>(localFileHeaderOffset),
338 static_cast<long long>(size_));
339 return 0;
340 }
341
342 FileRegion lfhMapped(fd_, localFileHeaderOffset, sizeof(LocalFileHeader));
343 lfh = reinterpret_cast<const LocalFileHeader*>(lfhMapped.data());
344 if (lfh->lfh_signature != kLocalFileHeaderMagic) {
345 fprintf(stderr, "Invalid Local File Header signature in file '%s' at offset %lld\n",
346 path_.c_str(), static_cast<long long>(localFileHeaderOffset));
347 return 0;
348 }
349
350 // The *optional* data descriptor start signature.
351 static constexpr int kOptionalDataDescriptorMagic = 0x08074b50;
352 struct DataDescriptor {
353 // CRC-32 checksum of the entry.
354 uint32_t crc32;
355 // Compressed size of the entry.
356 uint32_t compressed_size;
357 // Uncompressed size of the entry.
358 uint32_t uncompressed_size;
359
360 private:
361 DataDescriptor() = default;
362 DISALLOW_COPY_AND_ASSIGN(DataDescriptor);
363 } __attribute__((packed));
364 static constexpr int kDataDescriptorSize = sizeof(DataDescriptor);
365
366 off_t ddOffset = localFileHeaderOffset + kLocalFileHeaderSize + lfh->file_name_length +
367 lfh->extra_field_length + dataSize;
368 int64_t ddSize = 0;
369
370 int64_t localDataSize;
371 if (lfh->gpb_flags & kGPBDDFlagMask) {
372 // There is trailing data descriptor.
373 const DataDescriptor* dd;
374
375 if (ddOffset + int(sizeof(uint32_t)) > size_) {
376 fprintf(stderr,
377 "Error reading trailing data descriptor signature in file '%s' at offset %lld, "
378 "file size %lld\n",
379 path_.c_str(), static_cast<long long>(ddOffset), static_cast<long long>(size_));
380 return 0;
381 }
382
383 FileRegion ddMapped(fd_, ddOffset, sizeof(uint32_t) + sizeof(DataDescriptor));
384
385 off_t localDDOffset = 0;
386 if (kOptionalDataDescriptorMagic == *(uint32_t*)ddMapped.data()) {
387 ddOffset += sizeof(uint32_t);
388 localDDOffset += sizeof(uint32_t);
389 ddSize += sizeof(uint32_t);
390 }
391 if (ddOffset + kDataDescriptorSize > size_) {
392 fprintf(stderr,
393 "Error reading trailing data descriptor in file '%s' at offset %lld, file size "
394 "%lld\n",
395 path_.c_str(), static_cast<long long>(ddOffset), static_cast<long long>(size_));
396 return 0;
397 }
398
399 dd = reinterpret_cast<const DataDescriptor*>(ddMapped.data() + localDDOffset);
400 localDataSize = (lfh->compression_method == kCompressStored) ? dd->uncompressed_size
401 : dd->compressed_size;
402 ddSize += sizeof(*dd);
403 } else {
404 localDataSize = (lfh->compression_method == kCompressStored) ? lfh->uncompressed_size
405 : lfh->compressed_size;
406 }
407 if (localDataSize != dataSize) {
408 fprintf(stderr,
409 "Data sizes mismatch in file '%s' at offset %lld, CDr: %lld vs LHR/DD: %lld\n",
410 path_.c_str(), static_cast<long long>(localFileHeaderOffset),
411 static_cast<long long>(dataSize), static_cast<long long>(localDataSize));
412 return 0;
413 }
414
415 return kLocalFileHeaderSize + lfh->file_name_length + lfh->extra_field_length + dataSize +
416 ddSize;
417 }
418