int applypatch(const char* source_filename,
const char* target_filename,
const char* target_sha1_str,
size_t target_size,
int num_patches,
char** const patch_sha1_str,
Value** patch_data) {
printf("\napplying patch to %s\n", source_filename);
if (target_filename[0] == '-' &&
target_filename[1] == '\0') {
target_filename = source_filename;
}
uint8_t target_sha1[SHA_DIGEST_SIZE];
if (ParseSha1(target_sha1_str, target_sha1) != 0) {
printf("failed to parse tgt-sha1 \"%s\"\n", target_sha1_str);
return 1;
}
FileContents copy_file;
FileContents source_file;
const Value* source_patch_value = NULL;
const Value* copy_patch_value = NULL;
int made_copy = 0;
// We try to load the target file into the source_file object.
if (LoadFileContents(target_filename, &source_file,
RETOUCH_DO_MASK) == 0) {
if (memcmp(source_file.sha1, target_sha1, SHA_DIGEST_SIZE) == 0) {
// The early-exit case: the patch was already applied, this file
// has the desired hash, nothing for us to do.
printf("\"%s\" is already target; no patch needed\n",
target_filename);
return 0;
}
}
if (source_file.data == NULL ||
(target_filename != source_filename &&
strcmp(target_filename, source_filename) != 0)) {
// Need to load the source file: either we failed to load the
// target file, or we did but it's different from the source file.
free(source_file.data);
LoadFileContents(source_filename, &source_file,
RETOUCH_DO_MASK);
}
if (source_file.data != NULL) {
int to_use = FindMatchingPatch(source_file.sha1,
patch_sha1_str, num_patches);
if (to_use >= 0) {
source_patch_value = patch_data[to_use];
}
}
if (source_patch_value == NULL) {
free(source_file.data);
printf("source file is bad; trying copy\n");
if (LoadFileContents(CACHE_TEMP_SOURCE, ©_file,
RETOUCH_DO_MASK) < 0) {
// fail.
printf("failed to read copy file\n");
return 1;
}
int to_use = FindMatchingPatch(copy_file.sha1,
patch_sha1_str, num_patches);
if (to_use >= 0) {
copy_patch_value = patch_data[to_use];
}
if (copy_patch_value == NULL) {
// fail.
printf("copy file doesn't match source SHA-1s either\n");
return 1;
}
}
int retry = 1;
SHA_CTX ctx;
int output;
MemorySinkInfo msi;
FileContents* source_to_use;
char* outname;
// assume that target_filename (eg "/system/app/Foo.apk") is located
// on the same filesystem as its top-level directory ("/system").
// We need something that exists for calling statfs().
char target_fs[strlen(target_filename)+1];
char* slash = strchr(target_filename+1, '/');
if (slash != NULL) {
int count = slash - target_filename;
strncpy(target_fs, target_filename, count);
target_fs[count] = '\0';
} else {
strcpy(target_fs, target_filename);
}
do {
// Is there enough room in the target filesystem to hold the patched
// file?
if (strncmp(target_filename, "EMMC:", 5) == 0) {
// If the target is a partition, we're actually going to
// write the output to /tmp and then copy it to the
// partition. statfs() always returns 0 blocks free for
// /tmp, so instead we'll just assume that /tmp has enough
// space to hold the file.
// We still write the original source to cache, in case
// the partition write is interrupted.
if (MakeFreeSpaceOnCache(source_file.size) < 0) {
printf("not enough free space on /cache\n");
return 1;
}
if (SaveFileContents(CACHE_TEMP_SOURCE, source_file) < 0) {
printf("failed to back up source file\n");
return 1;
}
made_copy = 1;
retry = 0;
} else {
int enough_space = 0;
if (retry > 0) {
size_t free_space = FreeSpaceForFile(target_fs);
enough_space =
(free_space > (256 << 10)) && // 256k (two-block) minimum
(free_space > (target_size * 3 / 2)); // 50% margin of error
printf("target %ld bytes; free space %ld bytes; retry %d; enough %d\n",
(long)target_size, (long)free_space, retry, enough_space);
}
if (!enough_space) {
retry = 0;
}
if (!enough_space && source_patch_value != NULL) {
// Using the original source, but not enough free space. First
// copy the source file to cache, then delete it from the original
// location.
if (strncmp(source_filename, "EMMC:", 5) == 0) {
// It's impossible to free space on the target filesystem by
// deleting the source if the source is a partition. If
// we're ever in a state where we need to do this, fail.
printf("not enough free space for target but source "
"is partition\n");
return 1;
}
if (MakeFreeSpaceOnCache(source_file.size) < 0) {
printf("not enough free space on /cache\n");
return 1;
}
if (SaveFileContents(CACHE_TEMP_SOURCE, source_file) < 0) {
printf("failed to back up source file\n");
return 1;
}
made_copy = 1;
unlink(source_filename);
size_t free_space = FreeSpaceForFile(target_fs);
printf("(now %ld bytes free for target)\n", (long)free_space);
}
}
const Value* patch;
if (source_patch_value != NULL) {
source_to_use = &source_file;
patch = source_patch_value;
} else {
source_to_use = ©_file;
patch = copy_patch_value;
}
if (patch->type != VAL_BLOB) {
printf("patch is not a blob\n");
return 1;
}
SinkFn sink = NULL;
void* token = NULL;
output = -1;
outname = NULL;
if (strncmp(target_filename, "EMMC:", 5) == 0) {
// We store the decoded output in memory.
msi.buffer = malloc(target_size);
if (msi.buffer == NULL) {
printf("failed to alloc %ld bytes for output\n",
(long)target_size);
return 1;
}
msi.pos = 0;
msi.size = target_size;
sink = MemorySink;
token = &msi;
} else {
// We write the decoded output to "<tgt-file>.patch".
outname = (char*)malloc(strlen(target_filename) + 10);
strcpy(outname, target_filename);
strcat(outname, ".patch");
output = open(outname, O_WRONLY | O_CREAT | O_TRUNC | O_SYNC,
S_IRUSR | S_IWUSR);
if (output < 0) {
printf("failed to open output file %s: %s\n",
outname, strerror(errno));
return 1;
}
sink = FileSink;
token = &output;
}
char* header = patch->data;
ssize_t header_bytes_read = patch->size;
SHA_init(&ctx);
int result;
if (header_bytes_read >= 8 &&
memcmp(header, "BSDIFF40", 8) == 0) {
result = ApplyBSDiffPatch(source_to_use->data, source_to_use->size,
patch, 0, sink, token, &ctx);
} else if (header_bytes_read >= 8 &&
memcmp(header, "IMGDIFF2", 8) == 0) {
result = ApplyImagePatch(source_to_use->data, source_to_use->size,
patch, sink, token, &ctx);
} else {
printf("Unknown patch file format\n");
return 1;
}
if (output >= 0) {
fsync(output);
close(output);
}
if (result != 0) {
if (retry == 0) {
printf("applying patch failed\n");
return result != 0;
} else {
printf("applying patch failed; retrying\n");
}
if (outname != NULL) {
unlink(outname);
}
} else {
// succeeded; no need to retry
break;
}
} while (retry-- > 0);
const uint8_t* current_target_sha1 = SHA_final(&ctx);
if (memcmp(current_target_sha1, target_sha1, SHA_DIGEST_SIZE) != 0) {
printf("patch did not produce expected sha1\n");
return 1;
}
if (output < 0) {
// Copy the temp file to the partition.
if (WriteToPartition(msi.buffer, msi.pos, target_filename) != 0) {
printf("write of patched data to %s failed\n", target_filename);
return 1;
}
free(msi.buffer);
} else {
// Give the .patch file the same owner, group, and mode of the
// original source file.
if (chmod(outname, source_to_use->st.st_mode) != 0) {
printf("chmod of \"%s\" failed: %s\n", outname, strerror(errno));
return 1;
}
if (chown(outname, source_to_use->st.st_uid,
source_to_use->st.st_gid) != 0) {
printf("chown of \"%s\" failed: %s\n", outname, strerror(errno));
return 1;
}
// Finally, rename the .patch file to replace the target file.
if (rename(outname, target_filename) != 0) {
printf("rename of .patch to \"%s\" failed: %s\n",
target_filename, strerror(errno));
return 1;
}
}
// If this run of applypatch created the copy, and we're here, we
// can delete it.
if (made_copy) unlink(CACHE_TEMP_SOURCE);
// Success!
return 0;
}
int applypatch(int argc, char** argv) {
if (argc < 2) {
return 2;
}
if (strncmp(argv[1], "-l", 3) == 0) {
return ShowLicenses();
}
if (strncmp(argv[1], "-c", 3) == 0) {
return CheckMode(argc, argv);
}
if (strncmp(argv[1], "-s", 3) == 0) {
if (argc != 3) {
return 2;
}
size_t bytes = strtol(argv[2], NULL, 10);
if (MakeFreeSpaceOnCache(bytes) < 0) {
printf("unable to make %ld bytes available on /cache\n", (long)bytes);
return 1;
} else {
return 0;
}
}
uint8_t target_sha1[SHA_DIGEST_SIZE];
const char* source_filename = argv[1];
const char* target_filename = argv[2];
if (target_filename[0] == '-' &&
target_filename[1] == '\0') {
target_filename = source_filename;
}
if (ParseSha1(argv[3], target_sha1) != 0) {
fprintf(stderr, "failed to parse tgt-sha1 \"%s\"\n", argv[3]);
return 1;
}
unsigned long target_size = strtoul(argv[4], NULL, 0);
int num_patches;
Patch* patches;
if (ParseShaArgs(argc-5, argv+5, &patches, &num_patches) < 0) { return 1; }
FileContents copy_file;
FileContents source_file;
const char* source_patch_filename = NULL;
const char* copy_patch_filename = NULL;
int made_copy = 0;
// We try to load the target file into the source_file object.
if (LoadFileContents(target_filename, &source_file) == 0) {
if (memcmp(source_file.sha1, target_sha1, SHA_DIGEST_SIZE) == 0) {
// The early-exit case: the patch was already applied, this file
// has the desired hash, nothing for us to do.
fprintf(stderr, "\"%s\" is already target; no patch needed\n",
target_filename);
return 0;
}
}
if (source_file.data == NULL ||
(target_filename != source_filename &&
strcmp(target_filename, source_filename) != 0)) {
// Need to load the source file: either we failed to load the
// target file, or we did but it's different from the source file.
free(source_file.data);
LoadFileContents(source_filename, &source_file);
}
if (source_file.data != NULL) {
const Patch* to_use =
FindMatchingPatch(source_file.sha1, patches, num_patches);
if (to_use != NULL) {
source_patch_filename = to_use->patch_filename;
}
}
if (source_patch_filename == NULL) {
free(source_file.data);
fprintf(stderr, "source file is bad; trying copy\n");
if (LoadFileContents(CACHE_TEMP_SOURCE, ©_file) < 0) {
// fail.
fprintf(stderr, "failed to read copy file\n");
return 1;
}
const Patch* to_use =
FindMatchingPatch(copy_file.sha1, patches, num_patches);
if (to_use != NULL) {
copy_patch_filename = to_use->patch_filename;
}
if (copy_patch_filename == NULL) {
// fail.
fprintf(stderr, "copy file doesn't match source SHA-1s either\n");
return 1;
}
}
// Is there enough room in the target filesystem to hold the patched
// file?
if (strncmp(target_filename, "MTD:", 4) == 0) {
// If the target is an MTD partition, we're actually going to
// write the output to /tmp and then copy it to the partition.
// statfs() always returns 0 blocks free for /tmp, so instead
// we'll just assume that /tmp has enough space to hold the file.
// We still write the original source to cache, in case the MTD
// write is interrupted.
if (MakeFreeSpaceOnCache(source_file.size) < 0) {
fprintf(stderr, "not enough free space on /cache\n");
return 1;
}
if (SaveFileContents(CACHE_TEMP_SOURCE, source_file) < 0) {
fprintf(stderr, "failed to back up source file\n");
return 1;
}
made_copy = 1;
} else {
// assume that target_filename (eg "/system/app/Foo.apk") is located
// on the same filesystem as its top-level directory ("/system").
// We need something that exists for calling statfs().
char* target_fs = strdup(target_filename);
char* slash = strchr(target_fs+1, '/');
if (slash != NULL) {
*slash = '\0';
}
size_t free_space = FreeSpaceForFile(target_fs);
int enough_space =
free_space > (target_size * 3 / 2); // 50% margin of error
printf("target %ld bytes; free space %ld bytes; enough %d\n",
(long)target_size, (long)free_space, enough_space);
if (!enough_space && source_patch_filename != NULL) {
// Using the original source, but not enough free space. First
// copy the source file to cache, then delete it from the original
// location.
if (strncmp(source_filename, "MTD:", 4) == 0) {
// It's impossible to free space on the target filesystem by
// deleting the source if the source is an MTD partition. If
// we're ever in a state where we need to do this, fail.
fprintf(stderr, "not enough free space for target but source is MTD\n");
return 1;
}
if (MakeFreeSpaceOnCache(source_file.size) < 0) {
fprintf(stderr, "not enough free space on /cache\n");
return 1;
}
if (SaveFileContents(CACHE_TEMP_SOURCE, source_file) < 0) {
fprintf(stderr, "failed to back up source file\n");
return 1;
}
made_copy = 1;
unlink(source_filename);
size_t free_space = FreeSpaceForFile(target_fs);
printf("(now %ld bytes free for target)\n", (long)free_space);
}
}
FileContents* source_to_use;
const char* patch_filename;
if (source_patch_filename != NULL) {
source_to_use = &source_file;
patch_filename = source_patch_filename;
} else {
source_to_use = ©_file;
patch_filename = copy_patch_filename;
}
char* outname = NULL;
FILE* output = NULL;
MemorySinkInfo msi;
SinkFn sink = NULL;
void* token = NULL;
if (strncmp(target_filename, "MTD:", 4) == 0) {
// We store the decoded output in memory.
msi.buffer = malloc(target_size);
if (msi.buffer == NULL) {
fprintf(stderr, "failed to alloc %ld bytes for output\n",
(long)target_size);
return 1;
}
msi.pos = 0;
msi.size = target_size;
sink = MemorySink;
token = &msi;
} else {
// We write the decoded output to "<tgt-file>.patch".
outname = (char*)malloc(strlen(target_filename) + 10);
strcpy(outname, target_filename);
strcat(outname, ".patch");
output = fopen(outname, "wb");
if (output == NULL) {
fprintf(stderr, "failed to open output file %s: %s\n",
outname, strerror(errno));
return 1;
}
sink = FileSink;
token = output;
}
#define MAX_HEADER_LENGTH 8
unsigned char header[MAX_HEADER_LENGTH];
FILE* patchf = fopen(patch_filename, "rb");
if (patchf == NULL) {
fprintf(stderr, "failed to open patch file %s: %s\n",
patch_filename, strerror(errno));
return 1;
}
int header_bytes_read = fread(header, 1, MAX_HEADER_LENGTH, patchf);
fclose(patchf);
SHA_CTX ctx;
SHA_init(&ctx);
if (header_bytes_read >= 4 &&
header[0] == 0xd6 && header[1] == 0xc3 &&
header[2] == 0xc4 && header[3] == 0) {
// xdelta3 patches begin "VCD" (with the high bits set) followed
// by a zero byte (the version number).
fprintf(stderr, "error: xdelta3 patches no longer supported\n");
return 1;
} else if (header_bytes_read >= 8 &&
memcmp(header, "BSDIFF40", 8) == 0) {
int result = ApplyBSDiffPatch(source_to_use->data, source_to_use->size,
patch_filename, 0, sink, token, &ctx);
if (result != 0) {
fprintf(stderr, "ApplyBSDiffPatch failed\n");
return result;
}
} else if (header_bytes_read >= 8 &&
memcmp(header, "IMGDIFF", 7) == 0 &&
(header[7] == '1' || header[7] == '2')) {
int result = ApplyImagePatch(source_to_use->data, source_to_use->size,
patch_filename, sink, token, &ctx);
if (result != 0) {
fprintf(stderr, "ApplyImagePatch failed\n");
return result;
}
} else {
fprintf(stderr, "Unknown patch file format\n");
return 1;
}
if (output != NULL) {
fflush(output);
fsync(fileno(output));
fclose(output);
}
const uint8_t* current_target_sha1 = SHA_final(&ctx);
if (memcmp(current_target_sha1, target_sha1, SHA_DIGEST_SIZE) != 0) {
fprintf(stderr, "patch did not produce expected sha1\n");
return 1;
}
if (output == NULL) {
// Copy the temp file to the MTD partition.
if (WriteToMTDPartition(msi.buffer, msi.pos, target_filename) != 0) {
fprintf(stderr, "write of patched data to %s failed\n", target_filename);
return 1;
}
free(msi.buffer);
} else {
// Give the .patch file the same owner, group, and mode of the
// original source file.
if (chmod(outname, source_to_use->st.st_mode) != 0) {
fprintf(stderr, "chmod of \"%s\" failed: %s\n", outname, strerror(errno));
return 1;
}
if (chown(outname, source_to_use->st.st_uid,
source_to_use->st.st_gid) != 0) {
fprintf(stderr, "chown of \"%s\" failed: %s\n", outname, strerror(errno));
return 1;
}
// Finally, rename the .patch file to replace the target file.
if (rename(outname, target_filename) != 0) {
fprintf(stderr, "rename of .patch to \"%s\" failed: %s\n",
target_filename, strerror(errno));
return 1;
}
}
// If this run of applypatch created the copy, and we're here, we
// can delete it.
if (made_copy) unlink(CACHE_TEMP_SOURCE);
// Success!
return 0;
}
/*
* Apply the patch given in 'patch_filename' to the source data given
* by (old_data, old_size). Write the patched output to the 'output'
* file, and update the SHA context with the output data as well.
* Return 0 on success.
*/
int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size,
const char* patch_filename,
SinkFn sink, void* token, SHA_CTX* ctx) {
FILE* f;
if ((f = fopen(patch_filename, "rb")) == NULL) {
printf("failed to open patch file\n");
return -1;
}
unsigned char header[12];
if (fread(header, 1, 12, f) != 12) {
printf("failed to read patch file header\n");
return -1;
}
// IMGDIFF1 uses CHUNK_NORMAL and CHUNK_GZIP.
// IMGDIFF2 uses CHUNK_NORMAL, CHUNK_DEFLATE, and CHUNK_RAW.
if (memcmp(header, "IMGDIFF", 7) != 0 ||
(header[7] != '1' && header[7] != '2')) {
printf("corrupt patch file header (magic number)\n");
return -1;
}
int num_chunks = Read4(header+8);
int i;
for (i = 0; i < num_chunks; ++i) {
// each chunk's header record starts with 4 bytes.
unsigned char chunk[4];
if (fread(chunk, 1, 4, f) != 4) {
printf("failed to read chunk %d record\n", i);
return -1;
}
int type = Read4(chunk);
if (type == CHUNK_NORMAL) {
unsigned char normal_header[24];
if (fread(normal_header, 1, 24, f) != 24) {
printf("failed to read chunk %d normal header data\n", i);
return -1;
}
size_t src_start = Read8(normal_header);
size_t src_len = Read8(normal_header+8);
size_t patch_offset = Read8(normal_header+16);
printf("CHUNK %d: normal patch offset %d\n", i, patch_offset);
ApplyBSDiffPatch(old_data + src_start, src_len,
patch_filename, patch_offset,
sink, token, ctx);
} else if (type == CHUNK_GZIP) {
// This branch is basically a duplicate of the CHUNK_DEFLATE
// branch, with a bit of extra processing for the gzip header
// and footer. I've avoided factoring the common code out since
// this branch will just be deleted when we drop support for
// IMGDIFF1.
// gzip chunks have an additional 64 + gzip_header_len + 8 bytes
// in their chunk header.
unsigned char* gzip = malloc(64);
if (fread(gzip, 1, 64, f) != 64) {
printf("failed to read chunk %d initial gzip header data\n",
i);
return -1;
}
size_t gzip_header_len = Read4(gzip+60);
gzip = realloc(gzip, 64 + gzip_header_len + 8);
if (fread(gzip+64, 1, gzip_header_len+8, f) != gzip_header_len+8) {
printf("failed to read chunk %d remaining gzip header data\n",
i);
return -1;
}
size_t src_start = Read8(gzip);
size_t src_len = Read8(gzip+8);
size_t patch_offset = Read8(gzip+16);
size_t expanded_len = Read8(gzip+24);
size_t target_len = Read8(gzip+32);
int gz_level = Read4(gzip+40);
int gz_method = Read4(gzip+44);
int gz_windowBits = Read4(gzip+48);
int gz_memLevel = Read4(gzip+52);
int gz_strategy = Read4(gzip+56);
printf("CHUNK %d: gzip patch offset %d\n", i, patch_offset);
// Decompress the source data; the chunk header tells us exactly
// how big we expect it to be when decompressed.
unsigned char* expanded_source = malloc(expanded_len);
if (expanded_source == NULL) {
printf("failed to allocate %d bytes for expanded_source\n",
expanded_len);
return -1;
}
z_stream strm;
strm.zalloc = Z_NULL;
strm.zfree = Z_NULL;
strm.opaque = Z_NULL;
strm.avail_in = src_len - (gzip_header_len + 8);
strm.next_in = (unsigned char*)(old_data + src_start + gzip_header_len);
strm.avail_out = expanded_len;
strm.next_out = expanded_source;
int ret;
ret = inflateInit2(&strm, -15);
if (ret != Z_OK) {
printf("failed to init source inflation: %d\n", ret);
return -1;
}
// Because we've provided enough room to accommodate the output
// data, we expect one call to inflate() to suffice.
ret = inflate(&strm, Z_SYNC_FLUSH);
if (ret != Z_STREAM_END) {
printf("source inflation returned %d\n", ret);
return -1;
}
// We should have filled the output buffer exactly.
if (strm.avail_out != 0) {
printf("source inflation short by %d bytes\n", strm.avail_out);
return -1;
}
inflateEnd(&strm);
// Next, apply the bsdiff patch (in memory) to the uncompressed
// data.
unsigned char* uncompressed_target_data;
ssize_t uncompressed_target_size;
if (ApplyBSDiffPatchMem(expanded_source, expanded_len,
patch_filename, patch_offset,
&uncompressed_target_data,
&uncompressed_target_size) != 0) {
return -1;
}
// Now compress the target data and append it to the output.
// start with the gzip header.
sink(gzip+64, gzip_header_len, token);
SHA_update(ctx, gzip+64, gzip_header_len);
// we're done with the expanded_source data buffer, so we'll
// reuse that memory to receive the output of deflate.
unsigned char* temp_data = expanded_source;
ssize_t temp_size = expanded_len;
if (temp_size < 32768) {
// ... unless the buffer is too small, in which case we'll
// allocate a fresh one.
free(temp_data);
temp_data = malloc(32768);
temp_size = 32768;
}
// now the deflate stream
strm.zalloc = Z_NULL;
strm.zfree = Z_NULL;
strm.opaque = Z_NULL;
strm.avail_in = uncompressed_target_size;
strm.next_in = uncompressed_target_data;
ret = deflateInit2(&strm, gz_level, gz_method, gz_windowBits,
gz_memLevel, gz_strategy);
do {
strm.avail_out = temp_size;
strm.next_out = temp_data;
ret = deflate(&strm, Z_FINISH);
size_t have = temp_size - strm.avail_out;
if (sink(temp_data, have, token) != have) {
printf("failed to write %d compressed bytes to output\n",
have);
return -1;
}
SHA_update(ctx, temp_data, have);
} while (ret != Z_STREAM_END);
deflateEnd(&strm);
// lastly, the gzip footer.
sink(gzip+64+gzip_header_len, 8, token);
SHA_update(ctx, gzip+64+gzip_header_len, 8);
free(temp_data);
free(uncompressed_target_data);
free(gzip);
} else if (type == CHUNK_RAW) {
unsigned char raw_header[4];
if (fread(raw_header, 1, 4, f) != 4) {
printf("failed to read chunk %d raw header data\n", i);
return -1;
}
size_t data_len = Read4(raw_header);
printf("CHUNK %d: raw data %d\n", i, data_len);
unsigned char* temp = malloc(data_len);
if (fread(temp, 1, data_len, f) != data_len) {
printf("failed to read chunk %d raw data\n", i);
return -1;
}
SHA_update(ctx, temp, data_len);
if (sink(temp, data_len, token) != data_len) {
printf("failed to write chunk %d raw data\n", i);
return -1;
}
} else if (type == CHUNK_DEFLATE) {
// deflate chunks have an additional 60 bytes in their chunk header.
unsigned char deflate_header[60];
if (fread(deflate_header, 1, 60, f) != 60) {
printf("failed to read chunk %d deflate header data\n", i);
return -1;
}
size_t src_start = Read8(deflate_header);
size_t src_len = Read8(deflate_header+8);
size_t patch_offset = Read8(deflate_header+16);
size_t expanded_len = Read8(deflate_header+24);
size_t target_len = Read8(deflate_header+32);
int level = Read4(deflate_header+40);
int method = Read4(deflate_header+44);
int windowBits = Read4(deflate_header+48);
int memLevel = Read4(deflate_header+52);
int strategy = Read4(deflate_header+56);
printf("CHUNK %d: deflate patch offset %d\n", i, patch_offset);
// Decompress the source data; the chunk header tells us exactly
// how big we expect it to be when decompressed.
unsigned char* expanded_source = malloc(expanded_len);
if (expanded_source == NULL) {
printf("failed to allocate %d bytes for expanded_source\n",
expanded_len);
return -1;
}
z_stream strm;
strm.zalloc = Z_NULL;
strm.zfree = Z_NULL;
strm.opaque = Z_NULL;
strm.avail_in = src_len;
strm.next_in = (unsigned char*)(old_data + src_start);
strm.avail_out = expanded_len;
strm.next_out = expanded_source;
int ret;
ret = inflateInit2(&strm, -15);
if (ret != Z_OK) {
printf("failed to init source inflation: %d\n", ret);
return -1;
}
// Because we've provided enough room to accommodate the output
// data, we expect one call to inflate() to suffice.
ret = inflate(&strm, Z_SYNC_FLUSH);
if (ret != Z_STREAM_END) {
printf("source inflation returned %d\n", ret);
return -1;
}
// We should have filled the output buffer exactly.
if (strm.avail_out != 0) {
printf("source inflation short by %d bytes\n", strm.avail_out);
return -1;
}
inflateEnd(&strm);
// Next, apply the bsdiff patch (in memory) to the uncompressed
// data.
unsigned char* uncompressed_target_data;
ssize_t uncompressed_target_size;
if (ApplyBSDiffPatchMem(expanded_source, expanded_len,
patch_filename, patch_offset,
&uncompressed_target_data,
&uncompressed_target_size) != 0) {
return -1;
}
// Now compress the target data and append it to the output.
// we're done with the expanded_source data buffer, so we'll
// reuse that memory to receive the output of deflate.
unsigned char* temp_data = expanded_source;
ssize_t temp_size = expanded_len;
if (temp_size < 32768) {
// ... unless the buffer is too small, in which case we'll
// allocate a fresh one.
free(temp_data);
temp_data = malloc(32768);
temp_size = 32768;
}
// now the deflate stream
strm.zalloc = Z_NULL;
strm.zfree = Z_NULL;
strm.opaque = Z_NULL;
strm.avail_in = uncompressed_target_size;
strm.next_in = uncompressed_target_data;
ret = deflateInit2(&strm, level, method, windowBits, memLevel, strategy);
do {
strm.avail_out = temp_size;
strm.next_out = temp_data;
ret = deflate(&strm, Z_FINISH);
size_t have = temp_size - strm.avail_out;
if (sink(temp_data, have, token) != have) {
printf("failed to write %d compressed bytes to output\n",
have);
return -1;
}
SHA_update(ctx, temp_data, have);
} while (ret != Z_STREAM_END);
deflateEnd(&strm);
free(temp_data);
free(uncompressed_target_data);
} else {
printf("patch chunk %d is unknown type %d\n", i, type);
return -1;
}
}
return 0;
}
/*
* Apply the patch given in 'patch_filename' to the source data given
* by (old_data, old_size). Write the patched output to the 'output'
* file, and update the SHA context with the output data as well.
* Return 0 on success.
*/
int ApplyImagePatch(const unsigned char* old_data, ssize_t old_size,
const Value* patch,
SinkFn sink, void* token, SHA_CTX* ctx,
const Value* bonus_data) {
ssize_t pos = 12;
char* header = patch->data;
if (patch->size < 12) {
printf("patch too short to contain header\n");
return -1;
}
// IMGDIFF2 uses CHUNK_NORMAL, CHUNK_DEFLATE, and CHUNK_RAW.
// (IMGDIFF1, which is no longer supported, used CHUNK_NORMAL and
// CHUNK_GZIP.)
if (memcmp(header, "IMGDIFF2", 8) != 0) {
printf("corrupt patch file header (magic number)\n");
return -1;
}
int num_chunks = Read4(header+8);
int i;
for (i = 0; i < num_chunks; ++i) {
// each chunk's header record starts with 4 bytes.
if (pos + 4 > patch->size) {
printf("failed to read chunk %d record\n", i);
return -1;
}
int type = Read4(patch->data + pos);
pos += 4;
if (type == CHUNK_NORMAL) {
char* normal_header = patch->data + pos;
pos += 24;
if (pos > patch->size) {
printf("failed to read chunk %d normal header data\n", i);
return -1;
}
size_t src_start = Read8(normal_header);
size_t src_len = Read8(normal_header+8);
size_t patch_offset = Read8(normal_header+16);
ApplyBSDiffPatch(old_data + src_start, src_len,
patch, patch_offset, sink, token, ctx);
} else if (type == CHUNK_RAW) {
char* raw_header = patch->data + pos;
pos += 4;
if (pos > patch->size) {
printf("failed to read chunk %d raw header data\n", i);
return -1;
}
ssize_t data_len = Read4(raw_header);
if (pos + data_len > patch->size) {
printf("failed to read chunk %d raw data\n", i);
return -1;
}
SHA_update(ctx, patch->data + pos, data_len);
if (sink((unsigned char*)patch->data + pos,
data_len, token) != data_len) {
printf("failed to write chunk %d raw data\n", i);
return -1;
}
pos += data_len;
} else if (type == CHUNK_DEFLATE) {
// deflate chunks have an additional 60 bytes in their chunk header.
char* deflate_header = patch->data + pos;
pos += 60;
if (pos > patch->size) {
printf("failed to read chunk %d deflate header data\n", i);
return -1;
}
size_t src_start = Read8(deflate_header);
size_t src_len = Read8(deflate_header+8);
size_t patch_offset = Read8(deflate_header+16);
size_t expanded_len = Read8(deflate_header+24);
size_t target_len = Read8(deflate_header+32);
int level = Read4(deflate_header+40);
int method = Read4(deflate_header+44);
int windowBits = Read4(deflate_header+48);
int memLevel = Read4(deflate_header+52);
int strategy = Read4(deflate_header+56);
// Decompress the source data; the chunk header tells us exactly
// how big we expect it to be when decompressed.
// Note: expanded_len will include the bonus data size if
// the patch was constructed with bonus data. The
// deflation will come up 'bonus_size' bytes short; these
// must be appended from the bonus_data value.
size_t bonus_size = (i == 1 && bonus_data != NULL) ? bonus_data->size : 0;
unsigned char* expanded_source = malloc(expanded_len);
if (expanded_source == NULL) {
printf("failed to allocate %d bytes for expanded_source\n",
expanded_len);
return -1;
}
z_stream strm;
strm.zalloc = Z_NULL;
strm.zfree = Z_NULL;
strm.opaque = Z_NULL;
strm.avail_in = src_len;
strm.next_in = (unsigned char*)(old_data + src_start);
strm.avail_out = expanded_len;
strm.next_out = expanded_source;
int ret;
ret = inflateInit2(&strm, -15);
if (ret != Z_OK) {
printf("failed to init source inflation: %d\n", ret);
return -1;
}
// Because we've provided enough room to accommodate the output
// data, we expect one call to inflate() to suffice.
ret = inflate(&strm, Z_SYNC_FLUSH);
if (ret != Z_STREAM_END) {
printf("source inflation returned %d\n", ret);
return -1;
}
// We should have filled the output buffer exactly, except
// for the bonus_size.
if (strm.avail_out != bonus_size) {
printf("source inflation short by %zu bytes\n", strm.avail_out-bonus_size);
return -1;
}
inflateEnd(&strm);
if (bonus_size) {
memcpy(expanded_source + (expanded_len - bonus_size),
bonus_data->data, bonus_size);
}
// Next, apply the bsdiff patch (in memory) to the uncompressed
// data.
unsigned char* uncompressed_target_data;
ssize_t uncompressed_target_size;
if (ApplyBSDiffPatchMem(expanded_source, expanded_len,
patch, patch_offset,
&uncompressed_target_data,
&uncompressed_target_size) != 0) {
return -1;
}
// Now compress the target data and append it to the output.
// we're done with the expanded_source data buffer, so we'll
// reuse that memory to receive the output of deflate.
unsigned char* temp_data = expanded_source;
ssize_t temp_size = expanded_len;
if (temp_size < 32768) {
// ... unless the buffer is too small, in which case we'll
// allocate a fresh one.
free(temp_data);
temp_data = malloc(32768);
temp_size = 32768;
}
// now the deflate stream
strm.zalloc = Z_NULL;
strm.zfree = Z_NULL;
strm.opaque = Z_NULL;
strm.avail_in = uncompressed_target_size;
strm.next_in = uncompressed_target_data;
ret = deflateInit2(&strm, level, method, windowBits, memLevel, strategy);
do {
strm.avail_out = temp_size;
strm.next_out = temp_data;
ret = deflate(&strm, Z_FINISH);
ssize_t have = temp_size - strm.avail_out;
if (sink(temp_data, have, token) != have) {
printf("failed to write %ld compressed bytes to output\n",
(long)have);
return -1;
}
SHA_update(ctx, temp_data, have);
} while (ret != Z_STREAM_END);
deflateEnd(&strm);
free(temp_data);
free(uncompressed_target_data);
} else {
printf("patch chunk %d is unknown type %d\n", i, type);
return -1;
}
}
return 0;
}
Value* BlockImageUpdateFn(const char* name, State* state, int argc, Expr* argv[]) {
Value* blockdev_filename;
Value* transfer_list_value;
char* transfer_list = NULL;
Value* new_data_fn;
Value* patch_data_fn;
bool success = false;
if (ReadValueArgs(state, argv, 4, &blockdev_filename, &transfer_list_value,
&new_data_fn, &patch_data_fn) < 0) {
return NULL;
}
if (blockdev_filename->type != VAL_STRING) {
ErrorAbort(state, "blockdev_filename argument to %s must be string", name);
goto done;
}
if (transfer_list_value->type != VAL_BLOB) {
ErrorAbort(state, "transfer_list argument to %s must be blob", name);
goto done;
}
if (new_data_fn->type != VAL_STRING) {
ErrorAbort(state, "new_data_fn argument to %s must be string", name);
goto done;
}
if (patch_data_fn->type != VAL_STRING) {
ErrorAbort(state, "patch_data_fn argument to %s must be string", name);
goto done;
}
UpdaterInfo* ui = (UpdaterInfo*)(state->cookie);
FILE* cmd_pipe = ui->cmd_pipe;
ZipArchive* za = ((UpdaterInfo*)(state->cookie))->package_zip;
const ZipEntry* patch_entry = mzFindZipEntry(za, patch_data_fn->data);
if (patch_entry == NULL) {
ErrorAbort(state, "%s(): no file \"%s\" in package", name, patch_data_fn->data);
goto done;
}
uint8_t* patch_start = ((UpdaterInfo*)(state->cookie))->package_zip_addr +
mzGetZipEntryOffset(patch_entry);
const ZipEntry* new_entry = mzFindZipEntry(za, new_data_fn->data);
if (new_entry == NULL) {
ErrorAbort(state, "%s(): no file \"%s\" in package", name, new_data_fn->data);
goto done;
}
// The transfer list is a text file containing commands to
// transfer data from one place to another on the target
// partition. We parse it and execute the commands in order:
//
// zero [rangeset]
// - fill the indicated blocks with zeros
//
// new [rangeset]
// - fill the blocks with data read from the new_data file
//
// bsdiff patchstart patchlen [src rangeset] [tgt rangeset]
// imgdiff patchstart patchlen [src rangeset] [tgt rangeset]
// - read the source blocks, apply a patch, write result to
// target blocks. bsdiff or imgdiff specifies the type of
// patch.
//
// move [src rangeset] [tgt rangeset]
// - copy data from source blocks to target blocks (no patch
// needed; rangesets are the same size)
//
// erase [rangeset]
// - mark the given blocks as empty
//
// The creator of the transfer list will guarantee that no block
// is read (ie, used as the source for a patch or move) after it
// has been written.
//
// Within one command the source and target ranges may overlap so
// in general we need to read the entire source into memory before
// writing anything to the target blocks.
//
// All the patch data is concatenated into one patch_data file in
// the update package. It must be stored uncompressed because we
// memory-map it in directly from the archive. (Since patches are
// already compressed, we lose very little by not compressing
// their concatenation.)
pthread_t new_data_thread;
NewThreadInfo nti;
nti.za = za;
nti.entry = new_entry;
nti.rss = NULL;
pthread_mutex_init(&nti.mu, NULL);
pthread_cond_init(&nti.cv, NULL);
pthread_attr_t attr;
pthread_attr_init(&attr);
pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE);
pthread_create(&new_data_thread, &attr, unzip_new_data, &nti);
int i, j;
char* linesave;
char* wordsave;
int fd = open(blockdev_filename->data, O_RDWR);
if (fd < 0) {
ErrorAbort(state, "failed to open %s: %s", blockdev_filename->data, strerror(errno));
goto done;
}
char* line;
char* word;
// The data in transfer_list_value is not necessarily
// null-terminated, so we need to copy it to a new buffer and add
// the null that strtok_r will need.
transfer_list = malloc(transfer_list_value->size+1);
if (transfer_list == NULL) {
fprintf(stderr, "failed to allocate %zd bytes for transfer list\n",
transfer_list_value->size+1);
exit(1);
}
memcpy(transfer_list, transfer_list_value->data, transfer_list_value->size);
transfer_list[transfer_list_value->size] = '\0';
line = strtok_r(transfer_list, "\n", &linesave);
// first line in transfer list is the version number; currently
// there's only version 1.
if (strcmp(line, "1") != 0) {
ErrorAbort(state, "unexpected transfer list version [%s]\n", line);
goto done;
}
// second line in transfer list is the total number of blocks we
// expect to write.
line = strtok_r(NULL, "\n", &linesave);
int total_blocks = strtol(line, NULL, 0);
// shouldn't happen, but avoid divide by zero.
if (total_blocks == 0) ++total_blocks;
int blocks_so_far = 0;
uint8_t* buffer = NULL;
size_t buffer_alloc = 0;
// third and subsequent lines are all individual transfer commands.
for (line = strtok_r(NULL, "\n", &linesave); line;
line = strtok_r(NULL, "\n", &linesave)) {
char* style;
style = strtok_r(line, " ", &wordsave);
if (strcmp("move", style) == 0) {
word = strtok_r(NULL, " ", &wordsave);
RangeSet* src = parse_range(word);
word = strtok_r(NULL, " ", &wordsave);
RangeSet* tgt = parse_range(word);
printf(" moving %d blocks\n", src->size);
allocate(src->size * BLOCKSIZE, &buffer, &buffer_alloc);
size_t p = 0;
for (i = 0; i < src->count; ++i) {
check_lseek(fd, (off64_t)src->pos[i*2] * BLOCKSIZE, SEEK_SET);
size_t sz = (src->pos[i*2+1] - src->pos[i*2]) * BLOCKSIZE;
readblock(fd, buffer+p, sz);
p += sz;
}
p = 0;
for (i = 0; i < tgt->count; ++i) {
check_lseek(fd, (off64_t)tgt->pos[i*2] * BLOCKSIZE, SEEK_SET);
size_t sz = (tgt->pos[i*2+1] - tgt->pos[i*2]) * BLOCKSIZE;
writeblock(fd, buffer+p, sz);
p += sz;
}
blocks_so_far += tgt->size;
fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks);
fflush(cmd_pipe);
free(src);
free(tgt);
} else if (strcmp("zero", style) == 0 ||
(DEBUG_ERASE && strcmp("erase", style) == 0)) {
word = strtok_r(NULL, " ", &wordsave);
RangeSet* tgt = parse_range(word);
printf(" zeroing %d blocks\n", tgt->size);
allocate(BLOCKSIZE, &buffer, &buffer_alloc);
memset(buffer, 0, BLOCKSIZE);
for (i = 0; i < tgt->count; ++i) {
check_lseek(fd, (off64_t)tgt->pos[i*2] * BLOCKSIZE, SEEK_SET);
for (j = tgt->pos[i*2]; j < tgt->pos[i*2+1]; ++j) {
writeblock(fd, buffer, BLOCKSIZE);
}
}
if (style[0] == 'z') { // "zero" but not "erase"
blocks_so_far += tgt->size;
fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks);
fflush(cmd_pipe);
}
free(tgt);
} else if (strcmp("new", style) == 0) {
word = strtok_r(NULL, " ", &wordsave);
RangeSet* tgt = parse_range(word);
printf(" writing %d blocks of new data\n", tgt->size);
RangeSinkState rss;
rss.fd = fd;
rss.tgt = tgt;
rss.p_block = 0;
rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE;
check_lseek(fd, (off64_t)tgt->pos[0] * BLOCKSIZE, SEEK_SET);
pthread_mutex_lock(&nti.mu);
nti.rss = &rss;
pthread_cond_broadcast(&nti.cv);
while (nti.rss) {
pthread_cond_wait(&nti.cv, &nti.mu);
}
pthread_mutex_unlock(&nti.mu);
blocks_so_far += tgt->size;
fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks);
fflush(cmd_pipe);
free(tgt);
} else if (strcmp("bsdiff", style) == 0 ||
strcmp("imgdiff", style) == 0) {
word = strtok_r(NULL, " ", &wordsave);
size_t patch_offset = strtoul(word, NULL, 0);
word = strtok_r(NULL, " ", &wordsave);
size_t patch_len = strtoul(word, NULL, 0);
word = strtok_r(NULL, " ", &wordsave);
RangeSet* src = parse_range(word);
word = strtok_r(NULL, " ", &wordsave);
RangeSet* tgt = parse_range(word);
printf(" patching %d blocks to %d\n", src->size, tgt->size);
// Read the source into memory.
allocate(src->size * BLOCKSIZE, &buffer, &buffer_alloc);
size_t p = 0;
for (i = 0; i < src->count; ++i) {
check_lseek(fd, (off64_t)src->pos[i*2] * BLOCKSIZE, SEEK_SET);
size_t sz = (src->pos[i*2+1] - src->pos[i*2]) * BLOCKSIZE;
readblock(fd, buffer+p, sz);
p += sz;
}
Value patch_value;
patch_value.type = VAL_BLOB;
patch_value.size = patch_len;
patch_value.data = (char*)(patch_start + patch_offset);
RangeSinkState rss;
rss.fd = fd;
rss.tgt = tgt;
rss.p_block = 0;
rss.p_remain = (tgt->pos[1] - tgt->pos[0]) * BLOCKSIZE;
check_lseek(fd, (off64_t)tgt->pos[0] * BLOCKSIZE, SEEK_SET);
if (style[0] == 'i') { // imgdiff
ApplyImagePatch(buffer, src->size * BLOCKSIZE,
&patch_value,
&RangeSinkWrite, &rss, NULL, NULL);
} else {
ApplyBSDiffPatch(buffer, src->size * BLOCKSIZE,
&patch_value, 0,
&RangeSinkWrite, &rss, NULL);
}
// We expect the output of the patcher to fill the tgt ranges exactly.
if (rss.p_block != tgt->count || rss.p_remain != 0) {
fprintf(stderr, "range sink underrun?\n");
}
blocks_so_far += tgt->size;
fprintf(cmd_pipe, "set_progress %.4f\n", (double)blocks_so_far / total_blocks);
fflush(cmd_pipe);
free(src);
free(tgt);
} else if (!DEBUG_ERASE && strcmp("erase", style) == 0) {
struct stat st;
if (fstat(fd, &st) == 0 && S_ISBLK(st.st_mode)) {
word = strtok_r(NULL, " ", &wordsave);
RangeSet* tgt = parse_range(word);
printf(" erasing %d blocks\n", tgt->size);
for (i = 0; i < tgt->count; ++i) {
uint64_t range[2];
// offset in bytes
range[0] = tgt->pos[i*2] * (uint64_t)BLOCKSIZE;
// len in bytes
range[1] = (tgt->pos[i*2+1] - tgt->pos[i*2]) * (uint64_t)BLOCKSIZE;
if (ioctl(fd, BLKDISCARD, &range) < 0) {
printf(" blkdiscard failed: %s\n", strerror(errno));
}
}
free(tgt);
} else {
printf(" ignoring erase (not block device)\n");
}
} else {
fprintf(stderr, "unknown transfer style \"%s\"\n", style);
exit(1);
}
}
pthread_join(new_data_thread, NULL);
success = true;
free(buffer);
printf("wrote %d blocks; expected %d\n", blocks_so_far, total_blocks);
printf("max alloc needed was %zu\n", buffer_alloc);
done:
free(transfer_list);
FreeValue(blockdev_filename);
FreeValue(transfer_list_value);
FreeValue(new_data_fn);
FreeValue(patch_data_fn);
return StringValue(success ? strdup("t") : strdup(""));
}
static int GenerateTarget(FileContents* source_file,
const Value* source_patch_value,
FileContents* copy_file,
const Value* copy_patch_value,
const char* source_filename,
const char* target_filename,
const uint8_t target_sha1[SHA_DIGEST_SIZE],
size_t target_size,
const Value* bonus_data) {
int retry = 1;
SHA_CTX ctx;
int output;
MemorySinkInfo msi;
FileContents* source_to_use;
char* outname;
int made_copy = 0;
// assume that target_filename (eg "/system/app/Foo.apk") is located
// on the same filesystem as its top-level directory ("/system").
// We need something that exists for calling statfs().
char target_fs[strlen(target_filename)+1];
char* slash = strchr(target_filename+1, '/');
if (slash != NULL) {
int count = slash - target_filename;
strncpy(target_fs, target_filename, count);
target_fs[count] = '\0';
} else {
strcpy(target_fs, target_filename);
}
do {
// Is there enough room in the target filesystem to hold the patched
// file?
if (strncmp(target_filename, "MTD:", 4) == 0 ||
strncmp(target_filename, "EMMC:", 5) == 0) {
// If the target is a partition, we're actually going to
// write the output to /tmp and then copy it to the
// partition. statfs() always returns 0 blocks free for
// /tmp, so instead we'll just assume that /tmp has enough
// space to hold the file.
// We still write the original source to cache, in case
// the partition write is interrupted.
if (MakeFreeSpaceOnCache(source_file->size) < 0) {
printf("not enough free space on /cache\n");
return 1;
}
if (SaveFileContents(CACHE_TEMP_SOURCE, source_file) < 0) {
printf("failed to back up source file\n");
return 1;
}
made_copy = 1;
retry = 0;
} else {
int enough_space = 0;
if (retry > 0) {
size_t free_space = FreeSpaceForFile(target_fs);
enough_space =
(free_space > (256 << 10)) && // 256k (two-block) minimum
(free_space > (target_size * 3 / 2)); // 50% margin of error
if (!enough_space) {
printf("target %zu bytes; free space %zu bytes; retry %d; enough %d\n",
target_size, free_space, retry, enough_space);
}
}
if (!enough_space) {
retry = 0;
}
if (!enough_space && source_patch_value != NULL) {
// Using the original source, but not enough free space. First
// copy the source file to cache, then delete it from the original
// location.
if (strncmp(source_filename, "MTD:", 4) == 0 ||
strncmp(source_filename, "EMMC:", 5) == 0) {
// It's impossible to free space on the target filesystem by
// deleting the source if the source is a partition. If
// we're ever in a state where we need to do this, fail.
printf("not enough free space for target but source is partition\n");
return 1;
}
if (MakeFreeSpaceOnCache(source_file->size) < 0) {
printf("not enough free space on /cache\n");
return 1;
}
if (SaveFileContents(CACHE_TEMP_SOURCE, source_file) < 0) {
printf("failed to back up source file\n");
return 1;
}
made_copy = 1;
unlink(source_filename);
size_t free_space = FreeSpaceForFile(target_fs);
printf("(now %zu bytes free for target) ", free_space);
}
}
const Value* patch;
if (source_patch_value != NULL) {
source_to_use = source_file;
patch = source_patch_value;
} else {
source_to_use = copy_file;
patch = copy_patch_value;
}
if (patch->type != VAL_BLOB) {
printf("patch is not a blob\n");
return 1;
}
SinkFn sink = NULL;
void* token = NULL;
output = -1;
outname = NULL;
if (strncmp(target_filename, "MTD:", 4) == 0 ||
strncmp(target_filename, "EMMC:", 5) == 0) {
// We store the decoded output in memory.
msi.buffer = reinterpret_cast<unsigned char*>(malloc(target_size));
if (msi.buffer == NULL) {
printf("failed to alloc %zu bytes for output\n", target_size);
return 1;
}
msi.pos = 0;
msi.size = target_size;
sink = MemorySink;
token = &msi;
} else {
// We write the decoded output to "<tgt-file>.patch".
outname = reinterpret_cast<char*>(malloc(strlen(target_filename) + 10));
strcpy(outname, target_filename);
strcat(outname, ".patch");
output = open(outname, O_WRONLY | O_CREAT | O_TRUNC | O_SYNC, S_IRUSR | S_IWUSR);
if (output < 0) {
printf("failed to open output file %s: %s\n",
outname, strerror(errno));
return 1;
}
sink = FileSink;
token = &output;
}
char* header = patch->data;
ssize_t header_bytes_read = patch->size;
SHA_init(&ctx);
int result;
if (header_bytes_read >= 8 &&
memcmp(header, "BSDIFF40", 8) == 0) {
result = ApplyBSDiffPatch(source_to_use->data, source_to_use->size,
patch, 0, sink, token, &ctx);
} else if (header_bytes_read >= 8 &&
memcmp(header, "IMGDIFF2", 8) == 0) {
result = ApplyImagePatch(source_to_use->data, source_to_use->size,
patch, sink, token, &ctx, bonus_data);
} else {
printf("Unknown patch file format\n");
return 1;
}
if (output >= 0) {
if (fsync(output) != 0) {
printf("failed to fsync file \"%s\" (%s)\n", outname, strerror(errno));
result = 1;
}
if (close(output) != 0) {
printf("failed to close file \"%s\" (%s)\n", outname, strerror(errno));
result = 1;
}
}
if (result != 0) {
if (retry == 0) {
printf("applying patch failed\n");
return result != 0;
} else {
printf("applying patch failed; retrying\n");
}
if (outname != NULL) {
unlink(outname);
}
} else {
// succeeded; no need to retry
break;
}
} while (retry-- > 0);
const uint8_t* current_target_sha1 = SHA_final(&ctx);
if (memcmp(current_target_sha1, target_sha1, SHA_DIGEST_SIZE) != 0) {
printf("patch did not produce expected sha1\n");
return 1;
} else {
printf("now %s\n", short_sha1(target_sha1).c_str());
}
if (output < 0) {
// Copy the temp file to the partition.
if (WriteToPartition(msi.buffer, msi.pos, target_filename) != 0) {
printf("write of patched data to %s failed\n", target_filename);
return 1;
}
free(msi.buffer);
} else {
// Give the .patch file the same owner, group, and mode of the
// original source file.
if (chmod(outname, source_to_use->st.st_mode) != 0) {
printf("chmod of \"%s\" failed: %s\n", outname, strerror(errno));
return 1;
}
if (chown(outname, source_to_use->st.st_uid, source_to_use->st.st_gid) != 0) {
printf("chown of \"%s\" failed: %s\n", outname, strerror(errno));
return 1;
}
// Finally, rename the .patch file to replace the target file.
if (rename(outname, target_filename) != 0) {
printf("rename of .patch to \"%s\" failed: %s\n", target_filename, strerror(errno));
return 1;
}
}
// If this run of applypatch created the copy, and we're here, we
// can delete it.
if (made_copy) {
unlink(CACHE_TEMP_SOURCE);
}
// Success!
return 0;
}
