/* * Copyright (C) 2008 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include #include #include #include #include #include #include #include #include "mincrypt/sha.h" #include "applypatch.h" // Read a file into memory; store it and its associated metadata in // *file. Return 0 on success. int LoadFileContents(const char* filename, FileContents* file) { file->data = NULL; if (stat(filename, &file->st) != 0) { fprintf(stderr, "failed to stat \"%s\": %s\n", filename, strerror(errno)); return -1; } file->size = file->st.st_size; file->data = malloc(file->size); FILE* f = fopen(filename, "rb"); if (f == NULL) { fprintf(stderr, "failed to open \"%s\": %s\n", filename, strerror(errno)); free(file->data); return -1; } size_t bytes_read = fread(file->data, 1, file->size, f); if (bytes_read != file->size) { fprintf(stderr, "short read of \"%s\" (%d bytes of %d)\n", filename, bytes_read, file->size); free(file->data); return -1; } fclose(f); SHA(file->data, file->size, file->sha1); return 0; } // Save the contents of the given FileContents object under the given // filename. Return 0 on success. int SaveFileContents(const char* filename, FileContents file) { FILE* f = fopen(filename, "wb"); if (f == NULL) { fprintf(stderr, "failed to open \"%s\" for write: %s\n", filename, strerror(errno)); return -1; } size_t bytes_written = fwrite(file.data, 1, file.size, f); if (bytes_written != file.size) { fprintf(stderr, "short write of \"%s\" (%d bytes of %d)\n", filename, bytes_written, file.size); return -1; } fflush(f); fsync(fileno(f)); fclose(f); if (chmod(filename, file.st.st_mode) != 0) { fprintf(stderr, "chmod of \"%s\" failed: %s\n", filename, strerror(errno)); return -1; } if (chown(filename, file.st.st_uid, file.st.st_gid) != 0) { fprintf(stderr, "chown of \"%s\" failed: %s\n", filename, strerror(errno)); return -1; } return 0; } // Take a string 'str' of 40 hex digits and parse it into the 20 // byte array 'digest'. 'str' may contain only the digest or be of // the form ":". Return 0 on success, -1 on any // error. int ParseSha1(const char* str, uint8_t* digest) { int i; const char* ps = str; uint8_t* pd = digest; for (i = 0; i < SHA_DIGEST_SIZE * 2; ++i, ++ps) { int digit; if (*ps >= '0' && *ps <= '9') { digit = *ps - '0'; } else if (*ps >= 'a' && *ps <= 'f') { digit = *ps - 'a' + 10; } else if (*ps >= 'A' && *ps <= 'F') { digit = *ps - 'A' + 10; } else { return -1; } if (i % 2 == 0) { *pd = digit << 4; } else { *pd |= digit; ++pd; } } if (*ps != '\0' && *ps != ':') return -1; return 0; } // Parse arguments (which should be of the form "" or // ":" into the array *patches, returning the number // of Patch objects in *num_patches. Return 0 on success. int ParseShaArgs(int argc, char** argv, Patch** patches, int* num_patches) { *num_patches = argc; *patches = malloc(*num_patches * sizeof(Patch)); int i; for (i = 0; i < *num_patches; ++i) { if (ParseSha1(argv[i], (*patches)[i].sha1) != 0) { fprintf(stderr, "failed to parse sha1 \"%s\"\n", argv[i]); return -1; } if (argv[i][SHA_DIGEST_SIZE*2] == '\0') { (*patches)[i].patch_filename = NULL; } else if (argv[i][SHA_DIGEST_SIZE*2] == ':') { (*patches)[i].patch_filename = argv[i] + (SHA_DIGEST_SIZE*2+1); } else { fprintf(stderr, "failed to parse filename \"%s\"\n", argv[i]); return -1; } } return 0; } // Search an array of Patch objects for one matching the given sha1. // Return the Patch object on success, or NULL if no match is found. const Patch* FindMatchingPatch(uint8_t* sha1, Patch* patches, int num_patches) { int i; for (i = 0; i < num_patches; ++i) { if (memcmp(patches[i].sha1, sha1, SHA_DIGEST_SIZE) == 0) { return patches+i; } } return NULL; } // Returns 0 if the contents of the file (argv[2]) or the cached file // match any of the sha1's on the command line (argv[3:]). Returns // nonzero otherwise. int CheckMode(int argc, char** argv) { if (argc < 3) { fprintf(stderr, "no filename given\n"); return 2; } int num_patches; Patch* patches; if (ParseShaArgs(argc-3, argv+3, &patches, &num_patches) != 0) { return 1; } FileContents file; file.data = NULL; if (LoadFileContents(argv[2], &file) != 0 || FindMatchingPatch(file.sha1, patches, num_patches) == NULL) { fprintf(stderr, "file \"%s\" doesn't have any of expected " "sha1 sums; checking cache\n", argv[2]); free(file.data); // If the source file is missing or corrupted, it might be because // we were killed in the middle of patching it. A copy of it // should have been made in CACHE_TEMP_SOURCE. If that file // exists and matches the sha1 we're looking for, the check still // passes. if (LoadFileContents(CACHE_TEMP_SOURCE, &file) != 0) { fprintf(stderr, "failed to load cache file\n"); return 1; } if (FindMatchingPatch(file.sha1, patches, num_patches) == NULL) { fprintf(stderr, "cache bits don't match any sha1 for \"%s\"\n", argv[2]); return 1; } } free(file.data); return 0; } int ShowLicenses() { ShowBSDiffLicense(); return 0; } // Return the amount of free space (in bytes) on the filesystem // containing filename. filename must exist. Return -1 on error. size_t FreeSpaceForFile(const char* filename) { struct statfs sf; if (statfs(filename, &sf) != 0) { fprintf(stderr, "failed to statfs %s: %s\n", filename, strerror(errno)); return -1; } return sf.f_bsize * sf.f_bfree; } // This program applies binary patches to files in a way that is safe // (the original file is not touched until we have the desired // replacement for it) and idempotent (it's okay to run this program // multiple times). // // - if the sha1 hash of is , does nothing and exits // successfully. // // - otherwise, if the sha1 hash of is , applies the // bsdiff to to produce a new file (the type of patch // is automatically detected from the file header). If that new // file has sha1 hash , moves it to replace , and // exits successfully. // // - otherwise, or if any error is encountered, exits with non-zero // status. int main(int argc, char** argv) { if (argc < 2) { usage: fprintf(stderr, "usage: %s

[: ...]\n" " or %s -c [ ...]\n" " or %s -s \n" " or %s -l\n", argv[0], argv[0], argv[0], argv[0]); return 1; } if (strncmp(argv[1], "-l", 3) == 0) { return ShowLicenses(); } if (strncmp(argv[1], "-c", 3) == 0) { return CheckMode(argc, argv); } if (strncmp(argv[1], "-s", 3) == 0) { if (argc != 3) { goto usage; } size_t bytes = strtol(argv[2], NULL, 10); if (MakeFreeSpaceOnCache(bytes) < 0) { printf("unable to make %ld bytes available on /cache\n", (long)bytes); return 1; } else { return 0; } } uint8_t target_sha1[SHA_DIGEST_SIZE]; const char* source_filename = argv[1]; // assume that source_filename (eg "/system/app/Foo.apk") is located // on the same filesystem as its top-level directory ("/system"). // We need something that exists for calling statfs(). char* source_fs = strdup(argv[1]); char* slash = strchr(source_fs+1, '/'); if (slash != NULL) { *slash = '\0'; } if (ParseSha1(argv[2], target_sha1) != 0) { fprintf(stderr, "failed to parse tgt-sha1 \"%s\"\n", argv[2]); return 1; } unsigned long target_size = strtoul(argv[3], NULL, 0); int num_patches; Patch* patches; if (ParseShaArgs(argc-4, argv+4, &patches, &num_patches) < 0) { return 1; } FileContents copy_file; FileContents source_file; const char* source_patch_filename = NULL; const char* copy_patch_filename = NULL; int made_copy = 0; if (LoadFileContents(source_filename, &source_file) == 0) { if (memcmp(source_file.sha1, target_sha1, SHA_DIGEST_SIZE) == 0) { // The early-exit case: the patch was already applied, this file // has the desired hash, nothing for us to do. fprintf(stderr, "\"%s\" is already target; no patch needed\n", source_filename); return 0; } const Patch* to_use = FindMatchingPatch(source_file.sha1, patches, num_patches); if (to_use != NULL) { source_patch_filename = to_use->patch_filename; } } if (source_patch_filename == NULL) { free(source_file.data); fprintf(stderr, "source file is bad; trying copy\n"); if (LoadFileContents(CACHE_TEMP_SOURCE, ©_file) < 0) { // fail. fprintf(stderr, "failed to read copy file\n"); return 1; } const Patch* to_use = FindMatchingPatch(copy_file.sha1, patches, num_patches); if (to_use != NULL) { copy_patch_filename = to_use->patch_filename; } if (copy_patch_filename == NULL) { // fail. fprintf(stderr, "copy file doesn't match source SHA-1s either\n"); return 1; } } // Is there enough room in the target filesystem to hold the patched file? size_t free_space = FreeSpaceForFile(source_fs); int enough_space = free_space > (target_size * 3 / 2); // 50% margin of error printf("target %ld bytes; free space %ld bytes; enough %d\n", (long)target_size, (long)free_space, enough_space); if (!enough_space && source_patch_filename != NULL) { // Using the original source, but not enough free space. First // copy the source file to cache, then delete it from the original // location. if (MakeFreeSpaceOnCache(source_file.size) < 0) { fprintf(stderr, "not enough free space on /cache\n"); return 1; } if (SaveFileContents(CACHE_TEMP_SOURCE, source_file) < 0) { fprintf(stderr, "failed to back up source file\n"); return 1; } made_copy = 1; unlink(source_filename); size_t free_space = FreeSpaceForFile(source_fs); printf("(now %ld bytes free for source)\n", (long)free_space); } FileContents* source_to_use; const char* patch_filename; if (source_patch_filename != NULL) { source_to_use = &source_file; patch_filename = source_patch_filename; } else { source_to_use = ©_file; patch_filename = copy_patch_filename; } // We write the decoded output to ".patch". char* outname = (char*)malloc(strlen(source_filename) + 10); strcpy(outname, source_filename); strcat(outname, ".patch"); FILE* output = fopen(outname, "wb"); if (output == NULL) { fprintf(stderr, "failed to patch file %s: %s\n", source_filename, strerror(errno)); return 1; } #define MAX_HEADER_LENGTH 8 unsigned char header[MAX_HEADER_LENGTH]; FILE* patchf = fopen(patch_filename, "rb"); if (patchf == NULL) { fprintf(stderr, "failed to open patch file %s: %s\n", patch_filename, strerror(errno)); return 1; } int header_bytes_read = fread(header, 1, MAX_HEADER_LENGTH, patchf); fclose(patchf); SHA_CTX ctx; SHA_init(&ctx); if (header_bytes_read >= 4 && header[0] == 0xd6 && header[1] == 0xc3 && header[2] == 0xc4 && header[3] == 0) { // xdelta3 patches begin "VCD" (with the high bits set) followed // by a zero byte (the version number). fprintf(stderr, "error: xdelta3 patches no longer supported\n"); return 1; } else if (header_bytes_read >= 8 && memcmp(header, "BSDIFF40", 8) == 0) { int result = ApplyBSDiffPatch(source_to_use->data, source_to_use->size, patch_filename, output, &ctx); if (result != 0) { fprintf(stderr, "ApplyBSDiffPatch failed\n"); return result; } } else { fprintf(stderr, "Unknown patch file format"); return 1; } fflush(output); fsync(fileno(output)); fclose(output); const uint8_t* current_target_sha1 = SHA_final(&ctx); if (memcmp(current_target_sha1, target_sha1, SHA_DIGEST_SIZE) != 0) { fprintf(stderr, "patch did not produce expected sha1\n"); return 1; } // Give the .patch file the same owner, group, and mode of the // original source file. if (chmod(outname, source_to_use->st.st_mode) != 0) { fprintf(stderr, "chmod of \"%s\" failed: %s\n", outname, strerror(errno)); return 1; } if (chown(outname, source_to_use->st.st_uid, source_to_use->st.st_gid) != 0) { fprintf(stderr, "chown of \"%s\" failed: %s\n", outname, strerror(errno)); return 1; } // Finally, rename the .patch file to replace the original source file. if (rename(outname, source_filename) != 0) { fprintf(stderr, "rename of .patch to \"%s\" failed: %s\n", source_filename, strerror(errno)); return 1; } // If this run of applypatch created the copy, and we're here, we // can delete it. if (made_copy) unlink(CACHE_TEMP_SOURCE); // Success! return 0; }