6 * Copyright 2012-2023 Eric Biggers
8 * This file is free software; you can redistribute it and/or modify it under
9 * the terms of the GNU Lesser General Public License as published by the Free
10 * Software Foundation; either version 3 of the License, or (at your option) any
13 * This file is distributed in the hope that it will be useful, but WITHOUT
14 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
15 * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this file; if not, see https://www.gnu.org/licenses/.
26 #include "wimlib/assert.h"
27 #include "wimlib/blob_table.h"
28 #include "wimlib/dentry.h"
29 #include "wimlib/error.h"
30 #include "wimlib/metadata.h"
31 #include "wimlib/resource.h"
32 #include "wimlib/security.h"
33 #include "wimlib/write.h"
35 /* Fix the security ID for every inode to be either -1 or in bounds. */
37 fix_security_ids(struct wim_image_metadata *imd, const u32 num_entries)
39 struct wim_inode *inode;
40 unsigned long invalid_count = 0;
42 image_for_each_inode(inode, imd) {
43 if ((u32)inode->i_security_id >= num_entries) {
44 if (inode->i_security_id >= 0)
46 inode->i_security_id = -1;
50 WARNING("%lu inodes had invalid security IDs", invalid_count);
54 * Reads and parses a metadata resource for an image in the WIM file.
57 * Pointer to the image metadata structure for the image whose metadata
58 * resource we are reading. Its `metadata_blob' member specifies the blob
59 * table entry for the metadata resource. The rest of the image metadata
60 * entry will be filled in by this function.
63 * WIMLIB_ERR_SUCCESS (0)
64 * WIMLIB_ERR_INVALID_METADATA_RESOURCE
67 * WIMLIB_ERR_UNEXPECTED_END_OF_FILE
68 * WIMLIB_ERR_DECOMPRESSION
71 read_metadata_resource(struct wim_image_metadata *imd)
73 const struct blob_descriptor *metadata_blob;
76 u8 hash[SHA1_HASH_SIZE];
77 struct wim_security_data *sd;
78 struct wim_dentry *root;
80 metadata_blob = imd->metadata_blob;
83 * Prevent huge memory allocations when processing fuzzed files. The
84 * case of metadata resources is tough, since a metadata resource can
85 * legitimately decompress to many times the size of the WIM file
86 * itself, e.g. in the case of an image containing many empty files with
87 * similar long filenames. Arbitrarily choose 512x as a generous limit.
89 if (metadata_blob->blob_location == BLOB_IN_WIM &&
90 metadata_blob->rdesc->wim->file_size > 0 &&
91 metadata_blob->size / 512 > metadata_blob->rdesc->wim->file_size)
92 return WIMLIB_ERR_INVALID_METADATA_RESOURCE;
94 /* Read the metadata resource into memory. (It may be compressed.) */
95 ret = read_blob_into_alloc_buf(metadata_blob, &buf);
99 /* Checksum the metadata resource. */
100 sha1(buf, metadata_blob->size, hash);
101 if (!hashes_equal(metadata_blob->hash, hash)) {
102 ERROR("Metadata resource is corrupted "
103 "(invalid SHA-1 message digest)!");
104 ret = WIMLIB_ERR_INVALID_METADATA_RESOURCE;
108 /* Parse the metadata resource.
110 * Notes: The metadata resource consists of the security data, followed
111 * by the directory entry for the root directory, followed by all the
112 * other directory entries in the filesystem. The subdir offset field
113 * of each directory entry gives the start of its child entries from the
114 * beginning of the metadata resource. An end-of-directory is signaled
115 * by a directory entry of length '0', really of length 8, because
116 * that's how long the 'length' field is. */
118 ret = read_wim_security_data(buf, metadata_blob->size, &sd);
122 ret = read_dentry_tree(buf, metadata_blob->size, sd->total_length, &root);
124 goto out_free_security_data;
126 /* We have everything we need from the buffer now. */
130 /* Calculate and validate inodes. */
132 ret = dentry_tree_fix_inodes(root, &imd->inode_list);
134 goto out_free_dentry_tree;
136 fix_security_ids(imd, sd->num_entries);
138 /* Success; fill in the image_metadata structure. */
139 imd->root_dentry = root;
140 imd->security_data = sd;
141 INIT_LIST_HEAD(&imd->unhashed_blobs);
144 out_free_dentry_tree:
145 free_dentry_tree(root, NULL);
146 out_free_security_data:
147 free_wim_security_data(sd);
154 recalculate_security_data_length(struct wim_security_data *sd)
156 u32 total_length = sizeof(u64) * sd->num_entries + 2 * sizeof(u32);
157 for (u32 i = 0; i < sd->num_entries; i++)
158 total_length += sd->sizes[i];
159 sd->total_length = ALIGN(total_length, 8);
163 prepare_metadata_resource(WIMStruct *wim, int image,
164 u8 **buf_ret, size_t *len_ret)
170 struct wim_dentry *root;
172 struct wim_security_data *sd;
173 struct wim_image_metadata *imd;
175 ret = select_wim_image(wim, image);
179 imd = wim->image_metadata[image - 1];
181 root = imd->root_dentry;
182 sd = imd->security_data;
185 /* Empty image; create a dummy root. */
186 ret = new_filler_directory(&root);
189 imd->root_dentry = root;
192 /* The offset of the first child of the root dentry is equal to the
193 * total length of the security data, plus the total length of the root
194 * dentry, plus 8 bytes for an end-of-directory entry following the root
195 * dentry (shouldn't really be needed, but just in case...) */
196 recalculate_security_data_length(sd);
197 subdir_offset = sd->total_length + dentry_out_total_length(root) + 8;
199 /* Calculate the subdirectory offsets for the entire dentry tree. */
200 calculate_subdir_offsets(root, &subdir_offset);
202 /* Total length of the metadata resource (uncompressed). */
205 /* Allocate a buffer to contain the uncompressed metadata resource. */
207 if (likely(len == subdir_offset))
210 ERROR("Failed to allocate %"PRIu64" bytes for "
211 "metadata resource", subdir_offset);
212 return WIMLIB_ERR_NOMEM;
215 /* Write the security data into the resource buffer. */
216 p = write_wim_security_data(sd, buf);
218 /* Write the dentry tree into the resource buffer. */
219 p = write_dentry_tree(root, p);
221 /* We MUST have exactly filled the buffer; otherwise we calculated its
222 * size incorrectly or wrote the data incorrectly. */
223 wimlib_assert(p - buf == len);
231 write_metadata_resource(WIMStruct *wim, int image, int write_resource_flags)
236 struct wim_image_metadata *imd;
238 ret = prepare_metadata_resource(wim, image, &buf, &len);
242 imd = wim->image_metadata[image - 1];
244 /* Write the metadata resource to the output WIM using the proper
245 * compression type, in the process updating the blob descriptor for the
246 * metadata resource. */
247 ret = write_wim_resource_from_buffer(buf,
251 wim->out_compression_type,
253 &imd->metadata_blob->out_reshdr,
254 imd->metadata_blob->hash,
255 write_resource_flags);