bool WINAPI SFileOpenArchive(
const char * szMpqName,
DWORD dwPriority,
DWORD dwFlags,
HANDLE * phMpq)
{
TFileStream * pStream = NULL; // Open file stream
TMPQArchive * ha = NULL; // Archive handle
ULONGLONG FileSize = 0; // Size of the file
int nError = ERROR_SUCCESS;
// Verify the parameters
if (szMpqName == NULL || *szMpqName == 0 || phMpq == NULL)
nError = ERROR_INVALID_PARAMETER;
// One time initialization of MPQ cryptography
InitializeMpqCryptography();
dwPriority = dwPriority;
// Open the MPQ archive file
if (nError == ERROR_SUCCESS)
{
if (!(dwFlags & MPQ_OPEN_ENCRYPTED))
{
pStream = FileStream_OpenFile(szMpqName, (dwFlags & MPQ_OPEN_READ_ONLY) ? false : true);
if (pStream == NULL)
nError = GetLastError();
}
else
{
pStream = FileStream_OpenEncrypted(szMpqName);
if (pStream == NULL)
nError = GetLastError();
}
}
// Allocate the MPQhandle
if (nError == ERROR_SUCCESS)
{
FileStream_GetSize(pStream, FileSize);
if ((ha = ALLOCMEM(TMPQArchive, 1)) == NULL)
nError = ERROR_NOT_ENOUGH_MEMORY;
}
// Initialize handle structure and allocate structure for MPQ header
if (nError == ERROR_SUCCESS)
{
memset(ha, 0, sizeof(TMPQArchive));
ha->pStream = pStream;
pStream = NULL;
// Remember if the archive is open for write
if (ha->pStream->StreamFlags & (STREAM_FLAG_READ_ONLY | STREAM_FLAG_ENCRYPTED_FILE))
ha->dwFlags |= MPQ_FLAG_READ_ONLY;
// Also remember if we shall check sector CRCs when reading file
if (dwFlags & MPQ_OPEN_CHECK_SECTOR_CRC)
ha->dwFlags |= MPQ_FLAG_CHECK_SECTOR_CRC;
}
// Find the offset of MPQ header within the file
if (nError == ERROR_SUCCESS)
{
ULONGLONG SearchPos = 0;
DWORD dwHeaderID;
while (SearchPos < FileSize)
{
DWORD dwBytesAvailable = MPQ_HEADER_SIZE_V4;
// Cut the bytes available, if needed
if ((FileSize - SearchPos) < MPQ_HEADER_SIZE_V4)
dwBytesAvailable = (DWORD)(FileSize - SearchPos);
// Read the eventual MPQ header
if (!FileStream_Read(ha->pStream, &SearchPos, ha->HeaderData, dwBytesAvailable))
{
nError = GetLastError();
break;
}
// There are AVI files from Warcraft III with 'MPQ' extension.
if (SearchPos == 0 && IsAviFile(ha->HeaderData))
{
nError = ERROR_AVI_FILE;
break;
}
// If there is the MPQ user data signature, process it
dwHeaderID = BSWAP_INT32_UNSIGNED(*(LPDWORD)ha->HeaderData);
if (dwHeaderID == ID_MPQ_USERDATA && ha->pUserData == NULL)
{
// Ignore the MPQ user data completely if the caller wants to open the MPQ as V1.0
if ((dwFlags & MPQ_OPEN_FORCE_MPQ_V1) == 0)
{
// Fill the user data header
ha->pUserData = &ha->UserData;
memcpy(ha->pUserData, ha->HeaderData, sizeof(TMPQUserData));
BSWAP_TMPQUSERDATA(ha->pUserData);
// Remember the position of the user data and continue search
ha->UserDataPos = SearchPos;
SearchPos += ha->pUserData->dwHeaderOffs;
continue;
}
}
// There must be MPQ header signature
if (dwHeaderID == ID_MPQ)
{
// Save the position where the MPQ header has been found
if (ha->pUserData == NULL)
ha->UserDataPos = SearchPos;
ha->pHeader = (TMPQHeader *)ha->HeaderData;
ha->MpqPos = SearchPos;
// Now convert the header to version 4
BSWAP_TMPQHEADER(ha->pHeader);
ConvertMpqHeaderToFormat4(ha, FileSize, dwFlags);
break;
}
// Move to the next possible offset
SearchPos += 0x200;
}
// If we haven't found MPQ header in the file, it's an error
if (ha->pHeader == NULL)
nError = ERROR_BAD_FORMAT;
}
// Fix table positions according to format
if (nError == ERROR_SUCCESS)
{
// W3x Map Protectors use the fact that War3's Storm.dll ignores the MPQ user data,
// and probably ignores the MPQ format version as well. The trick is to
// fake MPQ format 2, with an improper hi-word position of hash table and block table
// We can overcome such protectors by forcing opening the archive as MPQ v 1.0
if (dwFlags & MPQ_OPEN_FORCE_MPQ_V1)
{
ha->pHeader->wFormatVersion = MPQ_FORMAT_VERSION_1;
ha->pHeader->dwHeaderSize = MPQ_HEADER_SIZE_V1;
ha->dwFlags |= MPQ_FLAG_READ_ONLY;
ha->pUserData = NULL;
}
// Both MPQ_OPEN_NO_LISTFILE or MPQ_OPEN_NO_ATTRIBUTES trigger read only mode
if (dwFlags & (MPQ_OPEN_NO_LISTFILE | MPQ_OPEN_NO_ATTRIBUTES))
ha->dwFlags |= MPQ_FLAG_READ_ONLY;
// Set the size of file sector
ha->dwSectorSize = (0x200 << ha->pHeader->wSectorSize);
// Verify if any of the tables doesn't start beyond the end of the file
nError = VerifyMpqTablePositions(ha, FileSize);
}
// Read the hash table.
// "interface.MPQ.part" in trial version of World of Warcraft
// has compressed block table and hash table.
if (nError == ERROR_SUCCESS)
{
//
// Note: We will not check if the hash table is properly decrypted.
// Some MPQ protectors corrupt the hash table by rewriting part of it.
// Hash table, the way how it works, allows arbitrary values for unused entries.
//
nError = LoadHashTable(ha);
}
// Read Het and Bet tables, if they are present
if (nError == ERROR_SUCCESS)
{
nError = LoadHetAndBetTable(ha);
if (ha->pHetTable || ha->pBetTable)
ha->dwFlags |= MPQ_FLAG_READ_ONLY;
}
// Now, build the file table. It will be built by combining
// the block table, hi-block table, (attributes) and (listfile).
if (nError == ERROR_SUCCESS)
{
nError = BuildFileTable(ha, FileSize);
}
// Verify the block table, if no kind of protection was detected
if (nError == ERROR_SUCCESS && (ha->dwFlags & MPQ_FLAG_PROTECTED) == 0)
{
TFileEntry * pFileTableEnd = ha->pFileTable + ha->pHeader->dwBlockTableSize;
TFileEntry * pFileEntry = ha->pFileTable;
// ULONGLONG ArchiveSize = 0;
ULONGLONG RawFilePos;
// Parse all file entries
for (pFileEntry = ha->pFileTable; pFileEntry < pFileTableEnd; pFileEntry++)
{
// If that file entry is valid, check the file position
if (pFileEntry->dwFlags & MPQ_FILE_EXISTS)
{
// Get the 64-bit file position,
// relative to the begin of the file
RawFilePos = ha->MpqPos + pFileEntry->ByteOffset;
// Begin of the file must be within range
if (RawFilePos > FileSize)
{
nError = ERROR_FILE_CORRUPT;
break;
}
// End of the file must be within range
RawFilePos += pFileEntry->dwCmpSize;
if (RawFilePos > FileSize)
{
nError = ERROR_FILE_CORRUPT;
break;
}
// Also, we remember end of the file
// if (RawFilePos > ArchiveSize)
// ArchiveSize = RawFilePos;
}
}
}
// Load the "(attributes)" file and merge it to the file table
if (nError == ERROR_SUCCESS && (dwFlags & MPQ_OPEN_NO_ATTRIBUTES) == 0)
{
// Ignore result of the operation. (attributes) is optional.
SAttrLoadAttributes(ha);
}
// Load the internal listfile and include it to the file table
if (nError == ERROR_SUCCESS && (dwFlags & MPQ_OPEN_NO_LISTFILE) == 0)
{
// Ignore result of the operation. (listfile) is optional.
SFileAddListFile((HANDLE)ha, NULL);
}
// Test the indexes from BET and BET table
#ifdef __STORMLIB_TEST__
if (nError == ERROR_SUCCESS)
{
TestNewHashBlockTables(ha);
}
#endif
// Cleanup and exit
if (nError != ERROR_SUCCESS)
{
FileStream_Close(pStream);
FreeMPQArchive(ha);
SetLastError(nError);
ha = NULL;
}
*phMpq = ha;
return (nError == ERROR_SUCCESS);
}
BOOL SFileOpenArchiveEx(
const char * szMpqName,
DWORD dwPriority,
DWORD dwFlags,
HANDLE * phMPQ,
DWORD dwAccessMode)
{
LARGE_INTEGER TempPos;
TMPQArchive * ha = NULL; // Archive handle
HANDLE hFile = INVALID_HANDLE_VALUE;// Opened archive file handle
DWORD dwMaxBlockIndex = 0; // Maximum value of block entry
DWORD dwBlockTableSize = 0; // Block table size.
DWORD dwTransferred; // Number of bytes read
DWORD dwBytes = 0; // Number of bytes to read
int nError = ERROR_SUCCESS;
// Check the right parameters
if(nError == ERROR_SUCCESS)
{
if(szMpqName == NULL || *szMpqName == 0 || phMPQ == NULL)
nError = ERROR_INVALID_PARAMETER;
}
// Ensure that StormBuffer is allocated
if(nError == ERROR_SUCCESS)
nError = PrepareStormBuffer();
// Open the MPQ archive file
if(nError == ERROR_SUCCESS)
{
hFile = CreateFile(szMpqName, dwAccessMode, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);
if(hFile == INVALID_HANDLE_VALUE)
nError = GetLastError();
}
// Allocate the MPQhandle
if(nError == ERROR_SUCCESS)
{
if((ha = ALLOCMEM(TMPQArchive, 1)) == NULL)
nError = ERROR_NOT_ENOUGH_MEMORY;
}
// Initialize handle structure and allocate structure for MPQ header
if(nError == ERROR_SUCCESS)
{
memset(ha, 0, sizeof(TMPQArchive));
strncpy(ha->szFileName, szMpqName, strlen(szMpqName));
ha->hFile = hFile;
ha->dwPriority = dwPriority;
ha->pHeader = &ha->Header;
ha->pListFile = NULL;
hFile = INVALID_HANDLE_VALUE;
}
// Find the offset of MPQ header within the file
if(nError == ERROR_SUCCESS)
{
LARGE_INTEGER SearchPos = {0};
LARGE_INTEGER MpqPos = {0};
DWORD dwHeaderID;
for(;;)
{
// Invalidate the MPQ ID and read the eventual header
SetFilePointer(ha->hFile, MpqPos.LowPart, &MpqPos.HighPart, FILE_BEGIN);
ReadFile(ha->hFile, ha->pHeader, sizeof(TMPQHeader2), &dwTransferred, NULL);
dwHeaderID = BSWAP_INT32_UNSIGNED(ha->pHeader->dwID);
// Special check : Some MPQs are actually AVI files, only with
// changed extension.
if(MpqPos.QuadPart == 0 && IsAviFile(ha->pHeader))
{
nError = ERROR_AVI_FILE;
break;
}
// If different number of bytes read, break the loop
if(dwTransferred != sizeof(TMPQHeader2))
{
nError = ERROR_BAD_FORMAT;
break;
}
// If there is the MPQ shunt signature, process it
if(dwHeaderID == ID_MPQ_SHUNT && ha->pShunt == NULL)
{
// Fill the shunt header
ha->ShuntPos = MpqPos;
ha->pShunt = &ha->Shunt;
memcpy(ha->pShunt, ha->pHeader, sizeof(TMPQShunt));
BSWAP_TMPQSHUNT(ha->pShunt);
// Set the MPQ pos and repeat the search
MpqPos.QuadPart = SearchPos.QuadPart + ha->pShunt->dwHeaderPos;
continue;
}
// There must be MPQ header signature
if(dwHeaderID == ID_MPQ)
{
BSWAP_TMPQHEADER(ha->pHeader);
// Save the position where the MPQ header has been found
ha->MpqPos = MpqPos;
// If valid signature has been found, break the loop
if(ha->pHeader->wFormatVersion == MPQ_FORMAT_VERSION_1)
{
// W3M Map Protectors set some garbage value into the "dwHeaderSize"
// field of MPQ header. This value is apparently ignored by Storm.dll
if(ha->pHeader->dwHeaderSize != sizeof(TMPQHeader) &&
ha->pHeader->dwHeaderSize != sizeof(TMPQHeader2))
{
ha->dwFlags |= MPQ_FLAG_PROTECTED;
ha->pHeader->dwHeaderSize = sizeof(TMPQHeader);
}
if(ha->pHeader->dwHashTablePos < ha->pHeader->dwArchiveSize &&
ha->pHeader->dwBlockTablePos < ha->pHeader->dwArchiveSize)
{
break;
}
}
if(ha->pHeader->wFormatVersion == MPQ_FORMAT_VERSION_2)
{
break;
}
nError = ERROR_NOT_SUPPORTED;
break;
}
// If a MPQ shunt already has been found,
// and no MPQ header was at potision pointed by the shunt,
// then the archive is corrupt
if(ha->pShunt != NULL)
{
nError = ERROR_BAD_FORMAT;
break;
}
// Move to the next possible offset
SearchPos.QuadPart += 0x200;
MpqPos = SearchPos;
}
}
// Relocate tables position
if(nError == ERROR_SUCCESS)
{
// Clear the fields not supported in older formats
if(ha->pHeader->wFormatVersion < MPQ_FORMAT_VERSION_2)
{
ha->pHeader->ExtBlockTablePos.QuadPart = 0;
ha->pHeader->wBlockTablePosHigh = 0;
ha->pHeader->wHashTablePosHigh = 0;
}
ha->dwBlockSize = (0x200 << ha->pHeader->wBlockSize);
nError = RelocateMpqTablePositions(ha);
}
// Allocate buffers
if(nError == ERROR_SUCCESS)
{
//
// Note that the block table should be as large as the hash table
// (For later file additions).
//
// I have found a MPQ which has the block table larger than
// the hash table. We should avoid buffer overruns caused by that.
//
dwBlockTableSize = max(ha->pHeader->dwHashTableSize, ha->pHeader->dwBlockTableSize);
ha->pHashTable = ALLOCMEM(TMPQHash, ha->pHeader->dwHashTableSize);
ha->pBlockTable = ALLOCMEM(TMPQBlock, dwBlockTableSize);
ha->pExtBlockTable = ALLOCMEM(TMPQBlockEx, dwBlockTableSize);
ha->pbBlockBuffer = ALLOCMEM(BYTE, ha->dwBlockSize);
if(!ha->pHashTable || !ha->pBlockTable || !ha->pExtBlockTable || !ha->pbBlockBuffer)
nError = ERROR_NOT_ENOUGH_MEMORY;
}
// Read the hash table into memory
if(nError == ERROR_SUCCESS)
{
dwBytes = ha->pHeader->dwHashTableSize * sizeof(TMPQHash);
SetFilePointer(ha->hFile, ha->HashTablePos.LowPart, &ha->HashTablePos.HighPart, FILE_BEGIN);
ReadFile(ha->hFile, ha->pHashTable, dwBytes, &dwTransferred, NULL);
if(dwTransferred != dwBytes)
nError = ERROR_FILE_CORRUPT;
}
// Decrypt hash table and check if it is correctly decrypted
if(nError == ERROR_SUCCESS)
{
TMPQHash * pHashEnd = ha->pHashTable + ha->pHeader->dwHashTableSize;
TMPQHash * pHash;
// We have to convert the hash table from LittleEndian
BSWAP_ARRAY32_UNSIGNED((DWORD *)ha->pHashTable, (dwBytes / sizeof(DWORD)));
DecryptHashTable((DWORD *)ha->pHashTable, (BYTE *)"(hash table)", (ha->pHeader->dwHashTableSize * 4));
// Check hash table if is correctly decrypted
for(pHash = ha->pHashTable; pHash < pHashEnd; pHash++)
{
// Note: Some MPQs from World of Warcraft have wPlatform set to 0x0100.
// If not free or deleted hash entry, check for valid values
if(pHash->dwBlockIndex < HASH_ENTRY_DELETED)
{
// The block index should not be larger than size of the block table
if(pHash->dwBlockIndex > ha->pHeader->dwBlockTableSize)
{
nError = ERROR_BAD_FORMAT;
break;
}
// Remember the highest block table entry
if(pHash->dwBlockIndex > dwMaxBlockIndex)
dwMaxBlockIndex = pHash->dwBlockIndex;
}
}
}
// Now, read the block table
if(nError == ERROR_SUCCESS)
{
memset(ha->pBlockTable, 0, dwBlockTableSize * sizeof(TMPQBlock));
dwBytes = ha->pHeader->dwBlockTableSize * sizeof(TMPQBlock);
SetFilePointer(ha->hFile, ha->BlockTablePos.LowPart, &ha->BlockTablePos.HighPart, FILE_BEGIN);
ReadFile(ha->hFile, ha->pBlockTable, dwBytes, &dwTransferred, NULL);
// We have to convert every DWORD in ha->block from LittleEndian
BSWAP_ARRAY32_UNSIGNED((DWORD *)ha->pBlockTable, dwBytes / sizeof(DWORD));
if(dwTransferred != dwBytes)
nError = ERROR_FILE_CORRUPT;
}
// Decrypt block table.
// Some MPQs don't have Decrypted block table, e.g. cracked Diablo version
// We have to check if block table is really encrypted
if(nError == ERROR_SUCCESS)
{
TMPQBlock * pBlockEnd = ha->pBlockTable + ha->pHeader->dwBlockTableSize;
TMPQBlock * pBlock = ha->pBlockTable;
BOOL bBlockTableEncrypted = FALSE;
// Verify all blocks entries in the table
// The loop usually stops at the first entry
while(pBlock < pBlockEnd)
{
// The lower 8 bits of the MPQ flags are always zero.
// Note that this may change in next MPQ versions
if(pBlock->dwFlags & 0x000000FF)
{
bBlockTableEncrypted = TRUE;
break;
}
// Move to the next block table entry
pBlock++;
}
if(bBlockTableEncrypted)
{
DecryptBlockTable((DWORD *)ha->pBlockTable,
(BYTE *)"(block table)",
(ha->pHeader->dwBlockTableSize * 4));
}
}
// Now, read the extended block table.
// For V1 archives, we still will maintain the extended block table
// (it will be filled with zeros)
// TODO: Test with >4GB
if(nError == ERROR_SUCCESS)
{
memset(ha->pExtBlockTable, 0, dwBlockTableSize * sizeof(TMPQBlockEx));
if(ha->pHeader->ExtBlockTablePos.QuadPart != 0)
{
dwBytes = ha->pHeader->dwBlockTableSize * sizeof(TMPQBlockEx);
SetFilePointer(ha->hFile,
ha->ExtBlockTablePos.LowPart,
&ha->ExtBlockTablePos.HighPart,
FILE_BEGIN);
ReadFile(ha->hFile, ha->pExtBlockTable, dwBytes, &dwTransferred, NULL);
// We have to convert every DWORD in ha->block from LittleEndian
BSWAP_ARRAY16_UNSIGNED((USHORT *)ha->pExtBlockTable, dwBytes / sizeof(USHORT));
// The extended block table is not encrypted (so far)
if(dwTransferred != dwBytes)
nError = ERROR_FILE_CORRUPT;
}
}
// Verify the both block tables (If the MPQ file is not protected)
if(nError == ERROR_SUCCESS && (ha->dwFlags & MPQ_FLAG_PROTECTED) == 0)
{
TMPQBlockEx * pBlockEx = ha->pExtBlockTable;
TMPQBlock * pBlockEnd = ha->pBlockTable + dwMaxBlockIndex + 1;
TMPQBlock * pBlock = ha->pBlockTable;
// If the MPQ file is not protected,
// we will check if all sizes in the block table is correct.
// Note that we will not relocate the block table (change from previous versions)
for(; pBlock < pBlockEnd; pBlock++, pBlockEx++)
{
if(pBlock->dwFlags & MPQ_FILE_EXISTS)
{
// Get the 64-bit file position
TempPos.HighPart = pBlockEx->wFilePosHigh;
TempPos.LowPart = pBlock->dwFilePos;
if(TempPos.QuadPart > ha->MpqSize.QuadPart || pBlock->dwCSize > ha->MpqSize.QuadPart)
{
nError = ERROR_BAD_FORMAT;
break;
}
}
}
}
// If the user didn't specified otherwise,
// include the internal listfile to the TMPQArchive structure
if((dwFlags & MPQ_OPEN_NO_LISTFILE) == 0)
{
if(nError == ERROR_SUCCESS)
SListFileCreateListFile(ha);
// Add the internal listfile
if(nError == ERROR_SUCCESS)
SFileAddListFile((HANDLE)ha, NULL);
}
// Cleanup and exit
if(nError != ERROR_SUCCESS)
{
FreeMPQArchive(ha);
if(hFile != INVALID_HANDLE_VALUE)
CloseHandle(hFile);
SetLastError(nError);
}
else
{
if(pFirstOpen == NULL)
pFirstOpen = ha;
}
*phMPQ = ha;
return (nError == ERROR_SUCCESS);
}
bool WINAPI SFileOpenArchive(
const TCHAR * szMpqName,
DWORD dwPriority,
DWORD dwFlags,
HANDLE * phMpq)
{
TMPQUserData * pUserData;
TFileStream * pStream = NULL; // Open file stream
TMPQArchive * ha = NULL; // Archive handle
TFileEntry * pFileEntry;
ULONGLONG FileSize = 0; // Size of the file
LPBYTE pbHeaderBuffer = NULL; // Buffer for searching MPQ header
DWORD dwStreamFlags = (dwFlags & STREAM_FLAGS_MASK);
bool bIsWarcraft3Map = false;
int nError = ERROR_SUCCESS;
// Verify the parameters
if(szMpqName == NULL || *szMpqName == 0 || phMpq == NULL)
{
SetLastError(ERROR_INVALID_PARAMETER);
return false;
}
// One time initialization of MPQ cryptography
InitializeMpqCryptography();
dwPriority = dwPriority;
// If not forcing MPQ v 1.0, also use file bitmap
dwStreamFlags |= (dwFlags & MPQ_OPEN_FORCE_MPQ_V1) ? 0 : STREAM_FLAG_USE_BITMAP;
// Open the MPQ archive file
pStream = FileStream_OpenFile(szMpqName, dwStreamFlags);
if(pStream == NULL)
return false;
// Check the file size. There must be at least 0x20 bytes
if(nError == ERROR_SUCCESS)
{
FileStream_GetSize(pStream, &FileSize);
if(FileSize < MPQ_HEADER_SIZE_V1)
nError = ERROR_BAD_FORMAT;
}
// Allocate the MPQhandle
if(nError == ERROR_SUCCESS)
{
if((ha = STORM_ALLOC(TMPQArchive, 1)) == NULL)
nError = ERROR_NOT_ENOUGH_MEMORY;
}
// Allocate buffer for searching MPQ header
if(nError == ERROR_SUCCESS)
{
pbHeaderBuffer = STORM_ALLOC(BYTE, HEADER_SEARCH_BUFFER_SIZE);
if(pbHeaderBuffer == NULL)
nError = ERROR_NOT_ENOUGH_MEMORY;
}
// Find the position of MPQ header
if(nError == ERROR_SUCCESS)
{
ULONGLONG SearchOffset = 0;
ULONGLONG EndOfSearch = FileSize;
DWORD dwStrmFlags = 0;
DWORD dwHeaderSize;
DWORD dwHeaderID;
bool bSearchComplete = false;
memset(ha, 0, sizeof(TMPQArchive));
ha->pfnHashString = HashStringSlash;
ha->pStream = pStream;
pStream = NULL;
// Set the archive read only if the stream is read-only
FileStream_GetFlags(ha->pStream, &dwStrmFlags);
ha->dwFlags |= (dwStrmFlags & STREAM_FLAG_READ_ONLY) ? MPQ_FLAG_READ_ONLY : 0;
// Also remember if we shall check sector CRCs when reading file
ha->dwFlags |= (dwFlags & MPQ_OPEN_CHECK_SECTOR_CRC) ? MPQ_FLAG_CHECK_SECTOR_CRC : 0;
// Also remember if this MPQ is a patch
ha->dwFlags |= (dwFlags & MPQ_OPEN_PATCH) ? MPQ_FLAG_PATCH : 0;
// Limit the header searching to about 130 MB of data
if(EndOfSearch > 0x08000000)
EndOfSearch = 0x08000000;
// Find the offset of MPQ header within the file
while(bSearchComplete == false && SearchOffset < EndOfSearch)
{
// Always read at least 0x1000 bytes for performance.
// This is what Storm.dll (2002) does.
DWORD dwBytesAvailable = HEADER_SEARCH_BUFFER_SIZE;
DWORD dwInBufferOffset = 0;
// Cut the bytes available, if needed
if((FileSize - SearchOffset) < HEADER_SEARCH_BUFFER_SIZE)
dwBytesAvailable = (DWORD)(FileSize - SearchOffset);
// Read the eventual MPQ header
if(!FileStream_Read(ha->pStream, &SearchOffset, pbHeaderBuffer, dwBytesAvailable))
{
nError = GetLastError();
break;
}
// There are AVI files from Warcraft III with 'MPQ' extension.
if(SearchOffset == 0)
{
if(IsAviFile((DWORD *)pbHeaderBuffer))
{
nError = ERROR_AVI_FILE;
break;
}
bIsWarcraft3Map = IsWarcraft3Map((DWORD *)pbHeaderBuffer);
}
// Search the header buffer
while(dwInBufferOffset < dwBytesAvailable)
{
// Copy the data from the potential header buffer to the MPQ header
memcpy(ha->HeaderData, pbHeaderBuffer + dwInBufferOffset, sizeof(ha->HeaderData));
// If there is the MPQ user data, process it
// Note that Warcraft III does not check for user data, which is abused by many map protectors
dwHeaderID = BSWAP_INT32_UNSIGNED(ha->HeaderData[0]);
if(bIsWarcraft3Map == false && (dwFlags & MPQ_OPEN_FORCE_MPQ_V1) == 0)
{
if(ha->pUserData == NULL && dwHeaderID == ID_MPQ_USERDATA)
{
// Verify if this looks like a valid user data
pUserData = IsValidMpqUserData(SearchOffset, FileSize, ha->HeaderData);
if(pUserData != NULL)
{
// Fill the user data header
ha->UserDataPos = SearchOffset;
ha->pUserData = &ha->UserData;
memcpy(ha->pUserData, pUserData, sizeof(TMPQUserData));
// Continue searching from that position
SearchOffset += ha->pUserData->dwHeaderOffs;
break;
}
}
}
// There must be MPQ header signature. Note that STORM.dll from Warcraft III actually
// tests the MPQ header size. It must be at least 0x20 bytes in order to load it
// Abused by Spazzler Map protector. Note that the size check is not present
// in Storm.dll v 1.00, so Diablo I code would load the MPQ anyway.
dwHeaderSize = BSWAP_INT32_UNSIGNED(ha->HeaderData[1]);
if(dwHeaderID == ID_MPQ && dwHeaderSize >= MPQ_HEADER_SIZE_V1)
{
// Now convert the header to version 4
nError = ConvertMpqHeaderToFormat4(ha, SearchOffset, FileSize, dwFlags);
bSearchComplete = true;
break;
}
// Check for MPK archives (Longwu Online - MPQ fork)
if(dwHeaderID == ID_MPK)
{
// Now convert the MPK header to MPQ Header version 4
nError = ConvertMpkHeaderToFormat4(ha, FileSize, dwFlags);
bSearchComplete = true;
break;
}
// If searching for the MPQ header is disabled, return an error
if(dwFlags & MPQ_OPEN_NO_HEADER_SEARCH)
{
nError = ERROR_NOT_SUPPORTED;
bSearchComplete = true;
break;
}
// Move the pointers
SearchOffset += 0x200;
dwInBufferOffset += 0x200;
}
}
// Did we identify one of the supported headers?
if(nError == ERROR_SUCCESS)
{
// Set the user data position to the MPQ header, if none
if(ha->pUserData == NULL)
ha->UserDataPos = SearchOffset;
// Set the position of the MPQ header
ha->pHeader = (TMPQHeader *)ha->HeaderData;
ha->MpqPos = SearchOffset;
ha->FileSize = FileSize;
// Sector size must be nonzero.
if(SearchOffset >= FileSize || ha->pHeader->wSectorSize == 0)
nError = ERROR_BAD_FORMAT;
}
}
// Fix table positions according to format
if(nError == ERROR_SUCCESS)
{
// Dump the header
// DumpMpqHeader(ha->pHeader);
// W3x Map Protectors use the fact that War3's Storm.dll ignores the MPQ user data,
// and ignores the MPQ format version as well. The trick is to
// fake MPQ format 2, with an improper hi-word position of hash table and block table
// We can overcome such protectors by forcing opening the archive as MPQ v 1.0
if(dwFlags & MPQ_OPEN_FORCE_MPQ_V1)
{
ha->pHeader->wFormatVersion = MPQ_FORMAT_VERSION_1;
ha->pHeader->dwHeaderSize = MPQ_HEADER_SIZE_V1;
ha->dwFlags |= MPQ_FLAG_READ_ONLY;
ha->pUserData = NULL;
}
// Both MPQ_OPEN_NO_LISTFILE or MPQ_OPEN_NO_ATTRIBUTES trigger read only mode
if(dwFlags & (MPQ_OPEN_NO_LISTFILE | MPQ_OPEN_NO_ATTRIBUTES))
ha->dwFlags |= MPQ_FLAG_READ_ONLY;
// Remember whether whis is a map for Warcraft III
if(bIsWarcraft3Map)
ha->dwFlags |= MPQ_FLAG_WAR3_MAP;
// Set the size of file sector
ha->dwSectorSize = (0x200 << ha->pHeader->wSectorSize);
// Verify if any of the tables doesn't start beyond the end of the file
nError = VerifyMpqTablePositions(ha, FileSize);
}
// Read the hash table. Ignore the result, as hash table is no longer required
// Read HET table. Ignore the result, as HET table is no longer required
if(nError == ERROR_SUCCESS)
{
nError = LoadAnyHashTable(ha);
}
// Now, build the file table. It will be built by combining
// the block table, BET table, hi-block table, (attributes) and (listfile).
if(nError == ERROR_SUCCESS)
{
nError = BuildFileTable(ha);
}
// Load the internal listfile and include it to the file table
if(nError == ERROR_SUCCESS && (dwFlags & MPQ_OPEN_NO_LISTFILE) == 0)
{
// Quick check for (listfile)
pFileEntry = GetFileEntryLocale(ha, LISTFILE_NAME, LANG_NEUTRAL);
if(pFileEntry != NULL)
{
// Ignore result of the operation. (listfile) is optional.
SFileAddListFile((HANDLE)ha, NULL);
ha->dwFileFlags1 = pFileEntry->dwFlags;
}
}
// Load the "(attributes)" file and merge it to the file table
if(nError == ERROR_SUCCESS && (dwFlags & MPQ_OPEN_NO_ATTRIBUTES) == 0 && (ha->dwFlags & MPQ_FLAG_BLOCK_TABLE_CUT) == 0)
{
// Quick check for (attributes)
pFileEntry = GetFileEntryLocale(ha, ATTRIBUTES_NAME, LANG_NEUTRAL);
if(pFileEntry != NULL)
{
// Ignore result of the operation. (attributes) is optional.
SAttrLoadAttributes(ha);
ha->dwFileFlags2 = pFileEntry->dwFlags;
}
}
// Remember whether the archive has weak signature. Only for MPQs format 1.0.
if(nError == ERROR_SUCCESS)
{
// Quick check for (signature)
pFileEntry = GetFileEntryLocale(ha, SIGNATURE_NAME, LANG_NEUTRAL);
if(pFileEntry != NULL)
{
// Just remember that the archive is weak-signed
assert((pFileEntry->dwFlags & MPQ_FILE_EXISTS) != 0);
ha->dwFileFlags3 = pFileEntry->dwFlags;
}
// Finally, set the MPQ_FLAG_READ_ONLY if the MPQ was found malformed
ha->dwFlags |= (ha->dwFlags & MPQ_FLAG_MALFORMED) ? MPQ_FLAG_READ_ONLY : 0;
}
// Cleanup and exit
if(nError != ERROR_SUCCESS)
{
FileStream_Close(pStream);
FreeArchiveHandle(ha);
SetLastError(nError);
ha = NULL;
}
// Free the header buffer
if(pbHeaderBuffer != NULL)
STORM_FREE(pbHeaderBuffer);
if(phMpq != NULL)
*phMpq = ha;
return (nError == ERROR_SUCCESS);
}
bool WINAPI SFileOpenArchive(
const TCHAR * szMpqName,
DWORD dwPriority,
DWORD dwFlags,
HANDLE * phMpq)
{
TMPQUserData * pUserData;
TFileStream * pStream = NULL; // Open file stream
TMPQArchive * ha = NULL; // Archive handle
TFileEntry * pFileEntry;
ULONGLONG FileSize = 0; // Size of the file
int nError = ERROR_SUCCESS;
// Verify the parameters
if(szMpqName == NULL || *szMpqName == 0 || phMpq == NULL)
nError = ERROR_INVALID_PARAMETER;
// One time initialization of MPQ cryptography
InitializeMpqCryptography();
dwPriority = dwPriority;
// Open the MPQ archive file
if(nError == ERROR_SUCCESS)
{
DWORD dwStreamFlags = (dwFlags & STREAM_FLAGS_MASK);
// If not forcing MPQ v 1.0, also use file bitmap
dwStreamFlags |= (dwFlags & MPQ_OPEN_FORCE_MPQ_V1) ? 0 : STREAM_FLAG_USE_BITMAP;
// Initialize the stream
pStream = FileStream_OpenFile(szMpqName, dwStreamFlags);
if(pStream == NULL)
nError = GetLastError();
}
// Check the file size. There must be at least 0x20 bytes
if(nError == ERROR_SUCCESS)
{
FileStream_GetSize(pStream, &FileSize);
if(FileSize < MPQ_HEADER_SIZE_V1)
nError = ERROR_BAD_FORMAT;
}
// Allocate the MPQhandle
if(nError == ERROR_SUCCESS)
{
if((ha = STORM_ALLOC(TMPQArchive, 1)) == NULL)
nError = ERROR_NOT_ENOUGH_MEMORY;
}
// Initialize handle structure and allocate structure for MPQ header
if(nError == ERROR_SUCCESS)
{
ULONGLONG SearchOffset = 0;
DWORD dwStreamFlags = 0;
DWORD dwHeaderSize;
DWORD dwHeaderID;
memset(ha, 0, sizeof(TMPQArchive));
ha->pfnHashString = HashString;
ha->pStream = pStream;
pStream = NULL;
// Set the archive read only if the stream is read-only
FileStream_GetFlags(ha->pStream, &dwStreamFlags);
ha->dwFlags |= (dwStreamFlags & STREAM_FLAG_READ_ONLY) ? MPQ_FLAG_READ_ONLY : 0;
// Also remember if we shall check sector CRCs when reading file
if(dwFlags & MPQ_OPEN_CHECK_SECTOR_CRC)
ha->dwFlags |= MPQ_FLAG_CHECK_SECTOR_CRC;
// Find the offset of MPQ header within the file
while(SearchOffset < FileSize)
{
DWORD dwBytesAvailable = MPQ_HEADER_SIZE_V4;
// Cut the bytes available, if needed
if((FileSize - SearchOffset) < MPQ_HEADER_SIZE_V4)
dwBytesAvailable = (DWORD)(FileSize - SearchOffset);
// Read the eventual MPQ header
if(!FileStream_Read(ha->pStream, &SearchOffset, ha->HeaderData, dwBytesAvailable))
{
nError = GetLastError();
break;
}
// There are AVI files from Warcraft III with 'MPQ' extension.
if(SearchOffset == 0 && IsAviFile(ha->HeaderData))
{
nError = ERROR_AVI_FILE;
break;
}
// If there is the MPQ user data signature, process it
dwHeaderID = BSWAP_INT32_UNSIGNED(ha->HeaderData[0]);
if(dwHeaderID == ID_MPQ_USERDATA && ha->pUserData == NULL && (dwFlags & MPQ_OPEN_FORCE_MPQ_V1) == 0)
{
// Verify if this looks like a valid user data
pUserData = IsValidMpqUserData(SearchOffset, FileSize, ha->HeaderData);
if(pUserData != NULL)
{
// Fill the user data header
ha->UserDataPos = SearchOffset;
ha->pUserData = &ha->UserData;
memcpy(ha->pUserData, pUserData, sizeof(TMPQUserData));
// Continue searching from that position
SearchOffset += ha->pUserData->dwHeaderOffs;
continue;
}
}
// There must be MPQ header signature. Note that STORM.dll from Warcraft III actually
// tests the MPQ header size. It must be at least 0x20 bytes in order to load it
// Abused by Spazzler Map protector. Note that the size check is not present
// in Storm.dll v 1.00, so Diablo I code would load the MPQ anyway.
dwHeaderSize = BSWAP_INT32_UNSIGNED(ha->HeaderData[1]);
if(dwHeaderID == ID_MPQ && dwHeaderSize >= MPQ_HEADER_SIZE_V1)
{
// Now convert the header to version 4
nError = ConvertMpqHeaderToFormat4(ha, SearchOffset, FileSize, dwFlags);
break;
}
// Check for MPK archives (Longwu Online - MPQ fork)
if(dwHeaderID == ID_MPK)
{
// Now convert the MPK header to MPQ Header version 4
nError = ConvertMpkHeaderToFormat4(ha, FileSize, dwFlags);
break;
}
// If searching for the MPQ header is disabled, return an error
if(dwFlags & MPQ_OPEN_NO_HEADER_SEARCH)
{
nError = ERROR_NOT_SUPPORTED;
break;
}
// Move to the next possible offset
SearchOffset += 0x200;
}
// Did we identify one of the supported headers?
if(nError == ERROR_SUCCESS)
{
// Set the user data position to the MPQ header, if none
if(ha->pUserData == NULL)
ha->UserDataPos = SearchOffset;
// Set the position of the MPQ header
ha->pHeader = (TMPQHeader *)ha->HeaderData;
ha->MpqPos = SearchOffset;
// Sector size must be nonzero.
if(SearchOffset >= FileSize || ha->pHeader->wSectorSize == 0)
nError = ERROR_BAD_FORMAT;
}
}
// Fix table positions according to format
if(nError == ERROR_SUCCESS)
{
// Dump the header
// DumpMpqHeader(ha->pHeader);
// W3x Map Protectors use the fact that War3's Storm.dll ignores the MPQ user data,
// and ignores the MPQ format version as well. The trick is to
// fake MPQ format 2, with an improper hi-word position of hash table and block table
// We can overcome such protectors by forcing opening the archive as MPQ v 1.0
if(dwFlags & MPQ_OPEN_FORCE_MPQ_V1)
{
ha->pHeader->wFormatVersion = MPQ_FORMAT_VERSION_1;
ha->pHeader->dwHeaderSize = MPQ_HEADER_SIZE_V1;
ha->dwFlags |= MPQ_FLAG_READ_ONLY;
ha->pUserData = NULL;
}
// Both MPQ_OPEN_NO_LISTFILE or MPQ_OPEN_NO_ATTRIBUTES trigger read only mode
if(dwFlags & (MPQ_OPEN_NO_LISTFILE | MPQ_OPEN_NO_ATTRIBUTES))
ha->dwFlags |= MPQ_FLAG_READ_ONLY;
// Set the size of file sector
ha->dwSectorSize = (0x200 << ha->pHeader->wSectorSize);
// Verify if any of the tables doesn't start beyond the end of the file
nError = VerifyMpqTablePositions(ha, FileSize);
}
// Read the hash table. Ignore the result, as hash table is no longer required
// Read HET table. Ignore the result, as HET table is no longer required
if(nError == ERROR_SUCCESS)
{
nError = LoadAnyHashTable(ha);
}
// Now, build the file table. It will be built by combining
// the block table, BET table, hi-block table, (attributes) and (listfile).
if(nError == ERROR_SUCCESS)
{
nError = BuildFileTable(ha);
}
// Verify the file table, if no kind of malformation was detected
if(nError == ERROR_SUCCESS && (ha->dwFlags & MPQ_FLAG_MALFORMED) == 0)
{
TFileEntry * pFileTableEnd = ha->pFileTable + ha->dwFileTableSize;
ULONGLONG RawFilePos;
// Parse all file entries
for(pFileEntry = ha->pFileTable; pFileEntry < pFileTableEnd; pFileEntry++)
{
// If that file entry is valid, check the file position
if(pFileEntry->dwFlags & MPQ_FILE_EXISTS)
{
// Get the 64-bit file position,
// relative to the begin of the file
RawFilePos = ha->MpqPos + pFileEntry->ByteOffset;
// Begin of the file must be within range
if(RawFilePos > FileSize)
{
nError = ERROR_FILE_CORRUPT;
break;
}
// End of the file must be within range
RawFilePos += pFileEntry->dwCmpSize;
if(RawFilePos > FileSize)
{
nError = ERROR_FILE_CORRUPT;
break;
}
}
}
}
// Load the internal listfile and include it to the file table
if(nError == ERROR_SUCCESS && (dwFlags & MPQ_OPEN_NO_LISTFILE) == 0)
{
// Save the flags for (listfile)
pFileEntry = GetFileEntryLocale(ha, LISTFILE_NAME, LANG_NEUTRAL);
if(pFileEntry != NULL)
{
// Ignore result of the operation. (listfile) is optional.
SFileAddListFile((HANDLE)ha, NULL);
ha->dwFileFlags1 = pFileEntry->dwFlags;
}
}
// Load the "(attributes)" file and merge it to the file table
if(nError == ERROR_SUCCESS && (dwFlags & MPQ_OPEN_NO_ATTRIBUTES) == 0)
{
// Save the flags for (attributes)
pFileEntry = GetFileEntryLocale(ha, ATTRIBUTES_NAME, LANG_NEUTRAL);
if(pFileEntry != NULL)
{
// Ignore result of the operation. (attributes) is optional.
SAttrLoadAttributes(ha);
ha->dwFileFlags2 = pFileEntry->dwFlags;
}
}
// Cleanup and exit
if(nError != ERROR_SUCCESS)
{
FileStream_Close(pStream);
FreeMPQArchive(ha);
SetLastError(nError);
ha = NULL;
}
*phMpq = ha;
return (nError == ERROR_SUCCESS);
}
