libmspack 0.10.1.2 → 0.11.0

data/ext/libmspack/mspack/cabd.c

@@ -1,5 +1,5 @@
 /* This file is part of libmspack.
- * (C) 2003-2018 Stuart Caie.
+ * (C) 2003-2023 Stuart Caie.
  *
  * libmspack is free software; you can redistribute it and/or modify it under
  * the terms of the GNU Lesser General Public License (LGPL) version 2.1
@@ -76,7 +76,8 @@ static int cabd_read_headers(
   struct mspack_system *sys, struct mspack_file *fh,
   struct mscabd_cabinet_p *cab, off_t offset, int salvage, int quiet);
 static char *cabd_read_string(
-  struct mspack_system *sys, struct mspack_file *fh, int *error);
+  struct mspack_system *sys, struct mspack_file *fh, int permit_empty,
+  int *error);
 
 static struct mscabd_cabinet *cabd_search(
   struct mscab_decompressor *base, const char *filename);
@@ -394,17 +395,17 @@ static int cabd_read_headers(struct mspack_system *sys,
 
   /* read name and info of preceeding cabinet in set, if present */
   if (cab->base.flags & cfheadPREV_CABINET) {
-    cab->base.prevname = cabd_read_string(sys, fh, &err);
+    cab->base.prevname = cabd_read_string(sys, fh, 0, &err);
     if (err) return err;
-    cab->base.previnfo = cabd_read_string(sys, fh, &err);
+    cab->base.previnfo = cabd_read_string(sys, fh, 1, &err);
     if (err) return err;
   }
 
   /* read name and info of next cabinet in set, if present */
   if (cab->base.flags & cfheadNEXT_CABINET) {
-    cab->base.nextname = cabd_read_string(sys, fh, &err);
+    cab->base.nextname = cabd_read_string(sys, fh, 0, &err);
     if (err) return err;
-    cab->base.nextinfo = cabd_read_string(sys, fh, &err);
+    cab->base.nextinfo = cabd_read_string(sys, fh, 1, &err);
     if (err) return err;
   }
 
@@ -508,7 +509,7 @@ static int cabd_read_headers(struct mspack_system *sys,
     file->date_y = (x >> 9) + 1980;
 
     /* get filename */
-    file->filename = cabd_read_string(sys, fh, &err);
+    file->filename = cabd_read_string(sys, fh, 0, &err);
 
     /* if folder index or filename are bad, either skip it or fail */
     if (err || !file->folder) {
@@ -535,7 +536,8 @@ static int cabd_read_headers(struct mspack_system *sys,
 }
 
 static char *cabd_read_string(struct mspack_system *sys,
-                              struct mspack_file *fh, int *error)
+                              struct mspack_file *fh, int permit_empty,
+                              int *error)
 {
   off_t base = sys->tell(fh);
   char buf[256], *str;
@@ -549,8 +551,8 @@ static char *cabd_read_string(struct mspack_system *sys,
 
   /* search for a null terminator in the buffer */
   for (i = 0, ok = 0; i < len; i++) if (!buf[i]) { ok = 1; break; }
-  /* reject empty strings */
-  if (i == 0) ok = 0;
+  /* optionally reject empty strings */
+  if (i == 0 && !permit_empty) ok = 0;
 
   if (!ok) {
     *error = MSPACK_ERR_DATAFORMAT;
@@ -651,10 +653,10 @@ static int cabd_find(struct mscab_decompressor_p *self, unsigned char *buf,
   unsigned int cablen_u32 = 0, foffset_u32 = 0;
   int false_cabs = 0;
 
-#if !LARGEFILE_SUPPORT
+#if SIZEOF_OFF_T < 8
   /* detect 32-bit off_t overflow */
   if (flen < 0) {
-    sys->message(fh, largefile_msg);
+    sys->message(fh, "library not compiled to support large files.");
     return MSPACK_ERR_OK;
   }
 #endif
@@ -753,10 +755,10 @@ static int cabd_find(struct mscab_decompressor_p *self, unsigned char *buf,
             /* cause the search to restart after this cab's data. */
             offset = caboff + (off_t) cablen_u32;
 
-#if !LARGEFILE_SUPPORT
+#if SIZEOF_OFF_T < 8
             /* detect 32-bit off_t overflow */
             if (offset < caboff) {
-              sys->message(fh, largefile_msg);
+              sys->message(fh, "library not compiled to support large files.");
               return MSPACK_ERR_OK;
             }
 #endif        
@@ -1012,7 +1014,7 @@ static int cabd_extract(struct mscab_decompressor *base,
   struct mscabd_folder_p *fol;
   struct mspack_system *sys;
   struct mspack_file *fh;
-  off_t filelen;
+  unsigned int filelen;
 
   if (!self) return MSPACK_ERR_ARGS;
   if (!file) return self->error = MSPACK_ERR_ARGS;
@@ -1029,7 +1031,7 @@ static int cabd_extract(struct mscab_decompressor *base,
    * or in salvage mode reduce file length so it fits 2GB limit
    */
   filelen = file->length;
-  if (filelen > CAB_LENGTHMAX || (file->offset + filelen) > CAB_LENGTHMAX) {
+  if (filelen > (CAB_LENGTHMAX - file->offset)) {
     if (self->salvage) {
       filelen = CAB_LENGTHMAX - file->offset;
     }
@@ -1049,8 +1051,8 @@ static int cabd_extract(struct mscab_decompressor *base,
    * In salvage mode, don't assume block sizes, just try decoding
    */
   if (!self->salvage) {
-    off_t maxlen = fol->base.num_blocks * CAB_BLOCKMAX;
-    if ((file->offset + filelen) > maxlen) {
+    unsigned int maxlen = fol->base.num_blocks * CAB_BLOCKMAX;
+    if (file->offset > maxlen || filelen > (maxlen - file->offset)) {
       sys->message(NULL, "ERROR; file \"%s\" cannot be extracted, "
                    "cabinet set is incomplete", file->filename);
       return self->error = MSPACK_ERR_DECRUNCH;
@@ -1398,7 +1400,7 @@ static unsigned int cabd_checksum(unsigned char *data, unsigned int bytes,
   unsigned int len, ul = 0;
 
   for (len = bytes >> 2; len--; data += 4) {
-    cksum ^= ((data[0]) | (data[1]<<8) | (data[2]<<16) | (data[3]<<24));
+    cksum ^= EndGetI32(data);
   }
 
   switch (bytes & 3) {

data/ext/libmspack/mspack/chm.h

@@ -1,5 +1,5 @@
 /* This file is part of libmspack.
- * (C) 2003-2004 Stuart Caie.
+ * (C) 2003-2023 Stuart Caie.
  *
  * libmspack is free software; you can redistribute it and/or modify it under
  * the terms of the GNU Lesser General Public License (LGPL) version 2.1
@@ -104,7 +104,8 @@ struct mschm_compressor_p {
 /* CHM decompression definitions */
 struct mschmd_decompress_state {
   struct mschmd_header *chm;         /* CHM file being decompressed          */
-  off_t offset;                      /* uncompressed offset within folder    */
+  off_t length;                      /* uncompressed length of LZX stream    */
+  off_t offset;                      /* uncompressed offset within stream    */
   off_t inoffset;                    /* offset in input file                 */
   struct lzxd_stream *state;         /* LZX decompressor state               */
   struct mspack_system sys;          /* special I/O code for decompressor    */

data/ext/libmspack/mspack/chmd.c

@@ -1,5 +1,5 @@
 /* This file is part of libmspack.
- * (C) 2003-2018 Stuart Caie.
+ * (C) 2003-2023 Stuart Caie.
  *
  * libmspack is free software; you can redistribute it and/or modify it under
  * the terms of the GNU Lesser General Public License (LGPL) version 2.1
@@ -58,6 +58,8 @@ static int chmd_error(
 static int read_off64(
   off_t *var, unsigned char *mem, struct mspack_system *sys,
   struct mspack_file *fh);
+static off_t read_encint(
+  const unsigned char **p, const unsigned char *end, int *err);
 
 /* filenames of the system files used for decompression.
  * Content and ControlData are essential.
@@ -249,24 +251,15 @@ static const unsigned char guids[32] = {
   0x9E, 0x0C, 0x00, 0xA0, 0xC9, 0x22, 0xE6, 0xEC
 };
 
-/* reads an encoded integer into a variable; 7 bits of data per byte,
- * the high bit is used to indicate that there is another byte */
-#define READ_ENCINT(var) do {                   \
-    (var) = 0;                                  \
-    do {                                        \
-        if (p >= end) goto chunk_end;           \
-        (var) = ((var) << 7) | (*p & 0x7F);     \
-    } while (*p++ & 0x80);                      \
-} while (0)
-
 static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
                              struct mschmd_header *chm, int entire)
 {
-  unsigned int section, name_len, x, errors, num_chunks;
-  unsigned char buf[0x54], *chunk = NULL, *name, *p, *end;
+  unsigned int errors, num_chunks;
+  unsigned char buf[0x54], *chunk = NULL;
+  const unsigned char *name, *p, *end;
   struct mschmd_file *fi, *link = NULL;
-  off_t offset, length;
-  int num_entries;
+  off_t offset_hs0, filelen;
+  int num_entries, err = 0;
 
   /* initialise pointers */
   chm->files         = NULL;
@@ -312,7 +305,7 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
   /* chmhst3_OffsetCS0 does not exist in version 1 or 2 CHM files.
    * The offset will be corrected later, once HS1 is read.
    */
-  if (read_off64(&offset,           &buf[chmhst_OffsetHS0],  sys, fh) ||
+  if (read_off64(&offset_hs0,       &buf[chmhst_OffsetHS0],  sys, fh) ||
       read_off64(&chm->dir_offset,  &buf[chmhst_OffsetHS1],  sys, fh) ||
       read_off64(&chm->sec0.offset, &buf[chmhst3_OffsetCS0], sys, fh))
   {
@@ -320,7 +313,7 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
   }
 
   /* seek to header section 0 */
-  if (sys->seek(fh, offset, MSPACK_SYS_SEEK_START)) {
+  if (sys->seek(fh, offset_hs0, MSPACK_SYS_SEEK_START)) {
     return MSPACK_ERR_SEEK;
   }
 
@@ -332,6 +325,18 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
     return MSPACK_ERR_DATAFORMAT;
   }
 
+  /* compare declared CHM file size against actual size */
+  if (!mspack_sys_filelen(sys, fh, &filelen)) {
+    if (chm->length > filelen) {
+      sys->message(fh, "WARNING; file possibly truncated by %" LD " bytes",
+                   chm->length - filelen);
+    }
+    else if (chm->length < filelen) {
+      sys->message(fh, "WARNING; possible %" LD " extra bytes at end of file",
+                   filelen - chm->length);
+    }
+  }
+
   /* seek to header section 1 */
   if (sys->seek(fh, chm->dir_offset, MSPACK_SYS_SEEK_START)) {
     return MSPACK_ERR_SEEK;
@@ -412,12 +417,13 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
   }
 
   /* seek to the first PMGL chunk, and reduce the number of chunks to read */
-  if ((x = chm->first_pmgl) != 0) {
-    if (sys->seek(fh,(off_t) (x * chm->chunk_size), MSPACK_SYS_SEEK_CUR)) {
+  if (chm->first_pmgl != 0) {
+    off_t pmgl_offset = (off_t) chm->first_pmgl * (off_t) chm->chunk_size;
+    if (sys->seek(fh, pmgl_offset, MSPACK_SYS_SEEK_CUR)) {
       return MSPACK_ERR_SEEK;
     }
   }
-  num_chunks = chm->last_pmgl - x + 1;
+  num_chunks = chm->last_pmgl - chm->first_pmgl + 1;
 
   if (!(chunk = (unsigned char *) sys->alloc(sys, (size_t)chm->chunk_size))) {
     return MSPACK_ERR_NOMEMORY;
@@ -449,12 +455,15 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
     num_entries = EndGetI16(end);
 
     while (num_entries--) {
-      READ_ENCINT(name_len);
-      if (name_len > (unsigned int) (end - p)) goto chunk_end;
+      unsigned int name_len, section;
+      off_t offset, length;
+      name_len = read_encint(&p, end, &err);
+      if (err || (name_len > (unsigned int) (end - p))) goto encint_err;
       name = p; p += name_len;
-      READ_ENCINT(section);
-      READ_ENCINT(offset);
-      READ_ENCINT(length);
+      section = read_encint(&p, end, &err);
+      offset = read_encint(&p, end, &err);
+      length = read_encint(&p, end, &err);
+      if (err) goto encint_err;
 
       /* ignore blank or one-char (e.g. "/") filenames we'd return as blank */
       if (name_len < 2 || !name[0] || !name[1]) continue;
@@ -482,7 +491,7 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
                                      : (struct mschmd_section *) (&chm->sec1));
       fi->offset   = offset;
       fi->length   = length;
-      sys->copy(name, fi->filename, (size_t) name_len);
+      sys->copy((unsigned char *) name, fi->filename, (size_t) name_len);
       fi->filename[name_len] = '\0';
 
       if (name[0] == ':' && name[1] == ':') {
@@ -510,10 +519,10 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
     }
 
     /* this is reached either when num_entries runs out, or if
-     * reading data from the chunk reached a premature end of chunk */
-  chunk_end:
+     * an ENCINT is badly encoded */
+  encint_err:
     if (num_entries >= 0) {
-      D(("chunk ended before all entries could be read"))
+      D(("bad encint before all entries could be read"))
       errors++;
     }
 
@@ -572,7 +581,10 @@ static int chmd_fast_find(struct mschm_decompressor *base,
             }
 
             /* found result. loop around for next chunk if this is PMGI */
-            if (chunk[3] == 0x4C) break; else READ_ENCINT(n);
+            if (chunk[3] == 0x4C) break;
+
+            n = read_encint(&p, end, &err);
+            if (err) goto encint_err;
         }
     }
     else {
@@ -599,11 +611,12 @@ static int chmd_fast_find(struct mschm_decompressor *base,
 
     /* if we found a file, read it */
     if (result > 0) {
-        READ_ENCINT(sec);
+        sec = read_encint(&p, end, &err);
         f_ptr->section  = (sec == 0) ? (struct mschmd_section *) &chm->sec0
                                      : (struct mschmd_section *) &chm->sec1;
-        READ_ENCINT(f_ptr->offset);
-        READ_ENCINT(f_ptr->length);
+        f_ptr->offset = read_encint(&p, end, &err);
+        f_ptr->length = read_encint(&p, end, &err);
+        if (err) goto encint_err;
     }
     else if (result < 0) {
         err = MSPACK_ERR_DATAFORMAT;
@@ -612,8 +625,8 @@ static int chmd_fast_find(struct mschm_decompressor *base,
     sys->close(fh);
     return self->error = err;
 
- chunk_end:
-    D(("read beyond end of chunk entries"))
+ encint_err:
+    D(("bad encint in PGMI/PGML chunk"))
     sys->close(fh);
     return self->error = MSPACK_ERR_DATAFORMAT;
 }
@@ -697,7 +710,7 @@ static int search_chunk(struct mschmd_header *chm,
     const unsigned char *start, *end, *p;
     unsigned int qr_size, num_entries, qr_entries, qr_density, name_len;
     unsigned int L, R, M, fname_len, entries_off, is_pmgl;
-    int cmp;
+    int cmp, err = 0;
 
     fname_len = strlen(filename);
 
@@ -755,8 +768,8 @@ static int search_chunk(struct mschmd_header *chm,
 
             /* compare filename with entry QR points to */
             p = &chunk[entries_off + (M ? EndGetI16(start - (M << 1)) : 0)];
-            READ_ENCINT(name_len);
-            if (name_len > (unsigned int) (end - p)) goto chunk_end;
+            name_len = read_encint(&p, end, &err);
+            if (err || (name_len > (unsigned int) (end - p))) goto encint_err;
             cmp = compare(filename, (char *)p, fname_len, name_len);
 
             if (cmp == 0) break;
@@ -792,8 +805,8 @@ static int search_chunk(struct mschmd_header *chm,
      */
     *result = NULL;
     while (num_entries-- > 0) {
-        READ_ENCINT(name_len);
-        if (name_len > (unsigned int) (end - p)) goto chunk_end;
+        name_len = read_encint(&p, end, &err);
+        if (err || (name_len > (unsigned int) (end - p))) goto encint_err;
         cmp = compare(filename, (char *)p, fname_len, name_len);
         p += name_len;
 
@@ -810,21 +823,21 @@ static int search_chunk(struct mschmd_header *chm,
 
         /* read and ignore the rest of this entry */
         if (is_pmgl) {
-            READ_ENCINT(R); /* skip section */
-            READ_ENCINT(R); /* skip offset */
-            READ_ENCINT(R); /* skip length */
+            while (p < end && (*p++ & 0x80)); /* skip section ENCINT */
+            while (p < end && (*p++ & 0x80)); /* skip offset ENCINT */
+            while (p < end && (*p++ & 0x80)); /* skip length ENCINT */
         }
         else {
             *result = p; /* store potential final result */
-            READ_ENCINT(R); /* skip chunk number */
+            while (p < end && (*p++ & 0x80)); /* skip chunk number ENCINT */
         }
     }
 
      /* PMGL? not found. PMGI? maybe found */
      return (is_pmgl) ? 0 : (*result ? 1 : 0);
 
- chunk_end:
-    D(("reached end of chunk data while searching"))
+ encint_err:
+    D(("bad encint while searching"))
     return -1;
 }
 
@@ -938,14 +951,19 @@ static int chmd_extract(struct mschm_decompressor *base,
   switch (file->section->id) {
   case 0: /* Uncompressed section file */
     /* simple seek + copy */
-    if (sys->seek(self->d->infh, file->section->chm->sec0.offset
-                  + file->offset, MSPACK_SYS_SEEK_START))
+    if (sys->seek(self->d->infh, chm->sec0.offset + file->offset,
+                  MSPACK_SYS_SEEK_START))
     {
       self->error = MSPACK_ERR_SEEK;
     }
     else {
       unsigned char buf[512];
       off_t length = file->length;
+      off_t maxlen = chm->length - sys->tell(self->d->infh);
+      if (length > maxlen) {
+        sys->message(fh, "WARNING; file is %" LD " bytes longer than CHM file",
+                     length - maxlen);
+      }
       while (length > 0) {
         int run = sizeof(buf);
         if ((off_t)run > length) run = (int)length;
@@ -963,7 +981,7 @@ static int chmd_extract(struct mschm_decompressor *base,
     break;
 
   case 1: /* MSCompressed section file */
-    /* (re)initialise compression state if we it is not yet initialised,
+    /* (re)initialise compression state if not yet initialised,
      * or we have advanced too far and have to backtrack
      */
     if (!self->d->state || (file->offset < self->d->offset)) {
@@ -974,6 +992,12 @@ static int chmd_extract(struct mschm_decompressor *base,
       if (chmd_init_decomp(self, file)) break;
     }
 
+    /* check file offset is not impossible */
+    if (file->offset > self->d->length) {
+        self->error = MSPACK_ERR_DECRUNCH;
+        break;
+    }
+
     /* seek to input data */
     if (sys->seek(self->d->infh, self->d->inoffset, MSPACK_SYS_SEEK_START)) {
       self->error = MSPACK_ERR_SEEK;
@@ -988,8 +1012,15 @@ static int chmd_extract(struct mschm_decompressor *base,
 
     /* if getting to the correct offset was error free, unpack file */
     if (!self->error) {
+      off_t length = file->length;
+      off_t maxlen = self->d->length - file->offset;
+      if (length > maxlen) {
+        sys->message(fh, "WARNING; file is %" LD " bytes longer than "
+                     "compressed section", length - maxlen);
+        length = maxlen + 1; /* should decompress but still error out */
+      }
       self->d->outfh = fh;
-      self->error = lzxd_decompress(self->d->state, file->length);
+      self->error = lzxd_decompress(self->d->state, length);
     }
 
     /* save offset in input source stream, in case there is a section 0
@@ -1052,8 +1083,8 @@ static int chmd_init_decomp(struct mschm_decompressor_p *self,
   if (err) return self->error = err;
 
   /* read ControlData */
-  if (sec->control->length < lzxcd_SIZEOF) {
-    D(("ControlData file is too short"))
+  if (sec->control->length != lzxcd_SIZEOF) {
+    D(("ControlData file is wrong size"))
     return self->error = MSPACK_ERR_DATAFORMAT;
   }
   if (!(data = read_sys_file(self, sec->control))) {
@@ -1125,8 +1156,8 @@ static int chmd_init_decomp(struct mschm_decompressor_p *self,
     entry = 0;
     offset = 0;
     err = read_spaninfo(self, sec, &length);
+    if (err) return self->error = err;
   }
-  if (err) return self->error = err;
 
   /* get offset of compressed data stream:
    * = offset of uncompressed section from start of file
@@ -1136,6 +1167,7 @@ static int chmd_init_decomp(struct mschm_decompressor_p *self,
 
   /* set start offset and overall remaining stream length */
   self->d->offset = entry * LZX_FRAME_SIZE;
+  self->d->length = length;
   length -= self->d->offset;
 
   /* initialise LZX stream */
@@ -1172,6 +1204,11 @@ static int read_reset_table(struct mschm_decompressor_p *self,
         D(("ResetTable file is too short"))
         return 0;
     }
+    if (sec->rtable->length > 1000000) { /* arbitrary upper limit */
+        D(("ResetTable >1MB (%"LD"), report if genuine", sec->rtable->length))
+        return 0;
+    }
+
     if (!(data = read_sys_file(self, sec->rtable))) {
         D(("can't read reset table"))
         return 0;
@@ -1246,6 +1283,12 @@ static int read_spaninfo(struct mschm_decompressor_p *self,
         return MSPACK_ERR_DATAFORMAT;
     }
 
+    /* unconditionally set length here, because gcc -Wuninitialized isn't
+     * clever enough to recognise that read_sys_file() will always set
+     * self->error to a non-zero value if it returns NULL, and gcc warnings
+     * spook humans (even false positives) */
+    *length_ptr = 0;
+
     /* read the SpanInfo file */
     if (!(data = read_sys_file(self, sec->spaninfo))) {
         D(("can't read SpanInfo file"))
@@ -1364,14 +1407,51 @@ static int chmd_error(struct mschm_decompressor *base) {
 static int read_off64(off_t *var, unsigned char *mem,
                       struct mspack_system *sys, struct mspack_file *fh)
 {
-#if LARGEFILE_SUPPORT
+#if SIZEOF_OFF_T >= 8
     *var = EndGetI64(mem);
 #else
-    *var = EndGetI32(mem);
-    if ((*var & 0x80000000) || EndGetI32(mem+4)) {
-        sys->message(fh, (char *)largefile_msg);
+    if ((mem[3] & 0x80) | mem[4] | mem[5] | mem[6] | mem[7]) {
+        sys->message(fh, "library not compiled to support large files.");
         return 1;
     }
+    *var = EndGetI32(mem);
 #endif
     return 0;
 }
+
+#if SIZEOF_OFF_T >= 8
+  /* 63 bits allowed: 9 * 7 bits/byte, last byte must be 0x00-0x7F */
+# define ENCINT_MAX_BYTES 9
+# define ENCINT_BAD_LAST_BYTE 0x80
+#else
+  /* 31 bits allowed: 5 * 7 bits/byte, last byte must be 0x00-0x07 */
+# define ENCINT_MAX_BYTES 5
+# define ENCINT_BAD_LAST_BYTE 0xF1
+#endif
+
+/***************************************
+ * READ_ENCINT
+ ***************************************
+ * Reads an ENCINT from memory. If running on a system with a 32-bit off_t,
+ * ENCINTs up to 0x7FFFFFFF are accepted, values beyond that are an error.
+ */
+static off_t read_encint(const unsigned char **p, const unsigned char *end,
+                         int *err)
+{
+    off_t result = 0;
+    unsigned char c = 0x80;
+    int i = 0;
+    while ((c & 0x80) && (i++ < ENCINT_MAX_BYTES)) {
+        if (*p >= end) {
+            *err = 1;
+            return 0;
+        }
+        c = *(*p)++;
+        result = (result << 7) | (c & 0x7F);
+    }
+    if (i == ENCINT_MAX_BYTES && (c & ENCINT_BAD_LAST_BYTE)) {
+        *err = 1;
+        return 0;
+    }
+    return result;
+}

data/ext/libmspack/mspack/kwajd.c

@@ -1,5 +1,5 @@
 /* This file is part of libmspack.
- * (C) 2003-2011 Stuart Caie.
+ * (C) 2003-2023 Stuart Caie.
  *
  * KWAJ is a format very similar to SZDD. KWAJ method 3 (LZH) was
  * written by Jeff Johnson.
@@ -97,27 +97,30 @@ static struct mskwajd_header *kwajd_open(struct mskwaj_decompressor *base,
     struct mskwajd_header *hdr;
     struct mspack_system *sys;
     struct mspack_file *fh;
+    int err;
 
     if (!self) return NULL;
     sys = self->system;
 
-    fh  = sys->open(sys, filename, MSPACK_SYS_OPEN_READ);
-    hdr = (struct mskwajd_header *) sys->alloc(sys, sizeof(struct mskwajd_header_p));
-    if (fh && hdr) {
-        ((struct mskwajd_header_p *) hdr)->fh = fh;
-        self->error = kwajd_read_headers(sys, fh, hdr);
-    }
-    else {
-        if (!fh)  self->error = MSPACK_ERR_OPEN;
-        if (!hdr) self->error = MSPACK_ERR_NOMEMORY;
+    fh = sys->open(sys, filename, MSPACK_SYS_OPEN_READ);
+    if (!fh) {
+        self->error = MSPACK_ERR_OPEN;
+        return NULL;
     }
-    
-    if (self->error) {
-        if (fh) sys->close(fh);
-        sys->free(hdr);
-        hdr = NULL;
+
+    hdr = (struct mskwajd_header *) sys->alloc(sys, sizeof(struct mskwajd_header_p));
+    if (!hdr) {
+        sys->close(fh);
+        self->error = MSPACK_ERR_NOMEMORY;
+        return NULL;
     }
 
+    ((struct mskwajd_header_p *) hdr)->fh = fh;
+    if ((err = kwajd_read_headers(sys, fh, hdr))) {
+        kwajd_close(base, hdr);
+        self->error = err;
+        return NULL;
+    }
     return hdr;
 }
 
@@ -138,6 +141,8 @@ static void kwajd_close(struct mskwaj_decompressor *base,
     self->system->close(hdr_p->fh);
 
     /* free the memory associated */
+    self->system->free(hdr->filename);
+    self->system->free(hdr->extra);
     self->system->free(hdr);
 
     self->error = MSPACK_ERR_OK;
@@ -200,7 +205,7 @@ static int kwajd_read_headers(struct mspack_system *sys,
     if (hdr->headers & (MSKWAJ_HDR_HASFILENAME | MSKWAJ_HDR_HASFILEEXT)) {
         int len;
         /* allocate memory for maximum length filename */
-        char *fn = (char *) sys->alloc(sys, (size_t) 13);
+        char *fn = (char *) sys->alloc(sys, 13);
         if (!(hdr->filename = fn)) return MSPACK_ERR_NOMEMORY;
 
         /* copy filename if present */
@@ -236,7 +241,7 @@ static int kwajd_read_headers(struct mspack_system *sys,
     if (hdr->headers & MSKWAJ_HDR_HASEXTRATEXT) {
         if (sys->read(fh, &buf[0], 2) != 2) return MSPACK_ERR_READ;
         i = EndGetI16(&buf[0]);
-        hdr->extra = (char *) sys->alloc(sys, (size_t)i+1);
+        hdr->extra = (char *) sys->alloc(sys, i+1);
         if (! hdr->extra) return MSPACK_ERR_NOMEMORY;
         if (sys->read(fh, hdr->extra, i) != i) return MSPACK_ERR_READ;
         hdr->extra[i] = '\0';
@@ -280,7 +285,7 @@ static int kwajd_extract(struct mskwaj_decompressor *base,
         hdr->comp_type == MSKWAJ_COMP_XOR)
     {
         /* NONE is a straight copy. XOR is a copy xored with 0xFF */
-        unsigned char *buf = (unsigned char *) sys->alloc(sys, (size_t) KWAJ_INPUT_SIZE);
+        unsigned char *buf = (unsigned char *) sys->alloc(sys, KWAJ_INPUT_SIZE);
         if (buf) {
             int read, i;
             while ((read = sys->read(fh, buf, KWAJ_INPUT_SIZE)) > 0) {
@@ -301,7 +306,7 @@ static int kwajd_extract(struct mskwaj_decompressor *base,
     }
     else if (hdr->comp_type == MSKWAJ_COMP_SZDD) {
         self->error = lzss_decompress(sys, fh, outfh, KWAJ_INPUT_SIZE,
-                                      LZSS_MODE_EXPAND);
+                                      LZSS_MODE_QBASIC);
     }
     else if (hdr->comp_type == MSKWAJ_COMP_LZH) {
         struct kwajd_stream *lzh = lzh_init(sys, fh, outfh);
@@ -435,17 +440,14 @@ static struct kwajd_stream *lzh_init(struct mspack_system *sys,
 
 static int lzh_decompress(struct kwajd_stream *lzh)
 {
-    register unsigned int bit_buffer;
-    register int bits_left, i;
-    register unsigned short sym;
-    unsigned char *i_ptr, *i_end, lit_run = 0;
-    int j, pos = 0, len, offset, err;
-    unsigned int types[6];
+    DECLARE_HUFF_VARS;
+    unsigned int types[6], i, j, pos = 0, len, offset, lit_run = 0;
+    int err;
 
     /* reset global state */
     INIT_BITS;
     RESTORE_BITS;
-    memset(&lzh->window[0], LZSS_WINDOW_FILL, (size_t) LZSS_WINDOW_SIZE);
+    memset(&lzh->window[0], LZSS_WINDOW_FILL, LZSS_WINDOW_SIZE);
 
     /* read 6 encoding types (for byte alignment) but only 5 are needed */
     for (i = 0; i < 6; i++) READ_BITS_SAFE(types[i], 4);
@@ -501,9 +503,7 @@ static int lzh_read_lens(struct kwajd_stream *lzh,
                          unsigned int type, unsigned int numsyms,
                          unsigned char *lens)
 {
-    register unsigned int bit_buffer;
-    register int bits_left;
-    unsigned char *i_ptr, *i_end;
+    DECLARE_BIT_VARS;
     unsigned int i, c, sel;
     int err;