| blob | 4d69cc406ec5c9c022fb6880e29c1ac144505d41 |
1 /*
2 * Samba compression library - LGPLv3
3 *
4 * Copyright © Catalyst IT 2022
5 *
6 * Written by Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
7 * and Joseph Sutton <josephsutton@catalyst.net.nz>
8 *
9 * ** NOTE! The following LGPL license applies to this file.
10 * ** It does NOT imply that all of Samba is released under the LGPL
11 *
12 * This library is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU Lesser General Public
14 * License as published by the Free Software Foundation; either
15 * version 3 of the License, or (at your option) any later version.
16 *
17 * This library is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * Lesser General Public License for more details.
21 *
22 * You should have received a copy of the GNU Lesser General Public
23 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
24 */
26 #include <talloc.h>
35 /*
36 * DEBUG_NO_LZ77_MATCHES toggles the encoding of matches as matches. If it is
37 * false the potential match is written as a series of literals, which is a
38 * valid but usually inefficient encoding. This is useful for isolating a
39 * problem to either the LZ77 or the Huffman stage.
40 */
41 #ifndef DEBUG_NO_LZ77_MATCHES
42 #define DEBUG_NO_LZ77_MATCHES false
43 #endif
45 /*
46 * DEBUG_HUFFMAN_TREE forces the drawing of ascii art huffman trees during
47 * compression and decompression.
48 *
49 * These trees will also be drawn at DEBUG level 10, but that doesn't work
50 * with cmocka tests.
51 */
52 #ifndef DEBUG_HUFFMAN_TREE
53 #define DEBUG_HUFFMAN_TREE false
54 #endif
56 #if DEBUG_HUFFMAN_TREE
57 #define DBG(...) fprintf(stderr, __VA_ARGS__)
58 #else
59 #define DBG(...) DBG_INFO(__VA_ARGS__)
60 #endif
63 #define LZXPRESS_ERROR -1LL
65 /*
66 * We won't encode a match length longer than MAX_MATCH_LENGTH.
67 *
68 * Reports are that Windows has a limit at 64M.
69 */
70 #define MAX_MATCH_LENGTH (64 * 1024 * 1024)
80 };
83 #if ! defined __has_builtin
84 #define __has_builtin(x) 0
85 #endif
87 /*
88 * bitlen_nonzero_16() returns the bit number of the most significant bit, or
89 * put another way, the integer log base 2. Log(0) is undefined; the argument
90 * has to be non-zero!
91 * 1 -> 0
92 * 2,3 -> 1
93 * 4-7 -> 2
94 * 1024 -> 10, etc
95 *
96 * Probably this is handled by a compiler intrinsic function that maps to a
97 * dedicated machine instruction.
98 */
101 {
102 #if __has_builtin(__builtin_clz)
104 /* __builtin_clz returns the number of leading zeros */
108 #else
113 count++;
114 }
117 #endif
118 }
129 };
133 {
135 }
139 {
143 }
145 }
148 #define HASH_MASK ((1 << LZX_HUFF_COMP_HASH_BITS) - 1)
151 {
152 /*
153 * MS-XCA says "three byte hash", but does not specify it.
154 *
155 * This one is just cobbled together, but has quite good distribution
156 * in the 12-14 bit forms, which is what we care about most.
157 * e.g: 13 bit: median 2048, min 2022, max 2074, stddev 6.0
158 */
165 }
169 {
174 }
176 /*
177 * debug_huffman_tree() uses debug_huffman_tree_print() to draw the Huffman
178 * tree in ascii art.
179 *
180 * Note that the Huffman tree is probably not the same as that implied by the
181 * canonical Huffman encoding that is finally used. That tree would be the
182 * same shape, but with the left and right toggled to sort the branches by
183 * length, after which the symbols for each length sorted by value.
184 */
188 {
190 /* time to print a row */
203 }
210 }
216 }
217 }
236 }
237 }
242 s,
256 len,
260 s,
263 }
268 }
273 }
276 /*
277 * If DEBUG_HUFFMAN_TREE is defined true, debug_huffman_tree()
278 * will print a tree looking something like this:
279 *
280 * 7─┬─── 3 len:18+, dist:1-1 10f 0
281 * ╰─ 4─┬─ 2─┬─── 1 61 'a' 100
282 * │ ╰─── 1 62 'b' 101
283 * ╰─ 2─┬─── 1 63 'c' 110
284 * ╰─── 1 len: 3, dist:1-1 100 EOF 111
285 *
286 * This is based off a Huffman root node, and the tree may not be the same as
287 * the canonical tree.
288 */
290 {
293 }
296 /*
297 * If DEBUG_HUFFMAN_TREE is defined true, debug_huffman_tree_from_table()
298 * will print something like this based on a decoding symbol table.
299 *
300 * Tree from decoding table 9 nodes → 5 codes
301 * 10000─┬─── 5000 len:18+, dist:1-1 10f 0
302 * ╰─ 5000─┬─ 2500─┬─── 1250 61 'a' 100
303 * │ ╰─── 1250 62 'b' 101
304 * ╰─ 2500─┬─── 1250 63 'c' 110
305 * ╰─── 1250 len: 3, dist:1-1 100 EOF 111
306 *
307 * This is the canonical form of the Huffman tree where the actual counts
308 * aren't known (we use "10000" to help indicate relative frequencies).
309 */
311 {
324 /* internal node */
326 /* left */
327 index++;
331 n++;
332 /*right*/
333 index++;
337 n++;
339 /* leaf node */
341 }
342 i++;
343 }
350 }
354 {
357 /* this is a leaf, record the depth */
360 }
363 }
368 }
372 {
374 }
380 {
382 /*
383 * See, we have a leading 1 in our internal code representation, which
384 * indicates the code length.
385 */
394 code++;
395 }
396 /*
397 * The last code should be 11111... with code_len + 1 ones. The final
398 * code++ will wrap this round to 1000... with code_len + 1 zeroes.
399 */
403 }
405 }
411 {
419 /*
420 * Before we sort the nodes, we can eliminate the unused ones.
421 */
425 n_leaves++;
426 }
427 }
430 }
432 /*
433 * There is *almost* no way this should happen, and it would
434 * ruin the tree (because the shortest possible codes are 1
435 * bit long, and there are two of them).
436 *
437 * The only way to get here is in an internal block in a
438 * 3-or-more block message (i.e. > 128k), which consists
439 * entirely of a match starting in the previous block (if it
440 * was the end block, it would have the EOF symbol).
441 *
442 * What we do is add a dummy symbol which is this one XOR 256.
443 * It won't be used in the stream but will balance the tree.
444 */
448 }
450 /* note, in sort we're using internal_nodes as auxiliary space */
452 internal_nodes,
453 n_leaves,
457 /*
458 * This outer loop is for re-quantizing the counts if the tree is too
459 * tall (>15), which we need to do because the final encoding can't
460 * express a tree that deep.
461 *
462 * In theory, this should be a 'while (true)' loop, but we chicken
463 * out with 10 iterations, just in case.
464 *
465 * In practice it will almost always resolve in the first round; if
466 * not then, in the second or third. Remember we'll looking at 64k or
467 * less, so the rarest we can have is 1 in 64k; each round of
468 * quantization effectively doubles its frequency to 1 in 32k, 1 in
469 * 16k, etc, until we're treating the rare symbol as actually quite
470 * common.
471 */
481 /*
482 * We have the complete tree. The root will be
483 * an internal node unless there is just one
484 * symbol, which is already impossible.
485 */
489 huffman_root = \
491 }
493 }
494 /*
495 * We know here we have at least two nodes, and we
496 * want to select the two lowest scoring ones. Those
497 * have to be either a) the head of each queue, or b)
498 * the first two nodes of either queue.
499 *
500 * The complicating factors are: a) we need to check
501 * the length of each queue, and b) in the case of
502 * ties, we prefer to pair leaves with leaves.
503 *
504 * Note a complication we don't have: the leaf node
505 * queue never grows, and the subtree queue starts
506 * empty and cannot grow beyond n - 1. It feeds on
507 * itself. We don't need to think about overflow.
508 */
510 /* two from subtrees */
515 /* two from nodes */
520 /* one of each */
523 head_branch++;
524 head_leaf++;
526 /*
527 * Take the lowest head, twice, checking for
528 * length after taking the first one.
529 */
533 head_branch++;
536 head_leaf++;
538 }
541 head_leaf++;
544 head_branch++;
546 }
547 }
548 /* the other node */
552 head_branch++;
555 head_leaf++;
556 }
557 }
558 done:
559 /*
560 * Now we add a new node to the subtrees list that
561 * combines the score of node_a and node_b, and points
562 * to them as children.
563 */
567 tail_branch++;
569 /*
570 * We're not getting here, no way, never ever.
571 * Unless we made a terible mistake.
572 *
573 * That is, in a binary tree with n leaves,
574 * there are ALWAYS n-1 internal nodes.
575 */
577 }
578 }
581 }
582 /*
583 * We have a tree, and need to turn it into a lookup table,
584 * and see if it is shallow enough (<= 15).
585 */
588 /*
589 * Now the leaf nodes know how deep they are, and we
590 * no longer need the internal nodes.
591 *
592 * We need to sort the nodes of equal depth, so that
593 * they are sorted by depth first, and symbol value
594 * second. The internal_nodes can again be auxiliary
595 * memory.
596 */
598 leaf_nodes,
599 internal_nodes,
600 n_leaves,
607 }
609 /*
610 * requantize by halfing and rounding up, so that small counts
611 * become relatively bigger. This will lead to a flatter tree.
612 */
616 }
620 }
622 }
624 /*
625 * LZX_HUFF_COMP_HASH_SEARCH_ATTEMPTS is how far ahead to search in the
626 * circular hash table for a match, before we give up. A bigger number will
627 * generally lead to better but slower compression, but a stupidly big number
628 * will just be worse.
629 *
630 * If you're fiddling with this, consider also fiddling with
631 * LZX_HUFF_COMP_HASH_BITS.
632 */
633 #define LZX_HUFF_COMP_HASH_SEARCH_ATTEMPTS 5
638 {
646 /* there is nothing there yet */
649 }
655 }
656 }
657 /*
658 * There are no slots, but we really want to store this, so we'll kick
659 * out the one with the longest distance.
660 */
671 }
672 }
674 }
677 /*
678 * Yes, struct match looks a lot like a DATA_BLOB.
679 */
683 };
691 {
703 /*
704 * in setting this, we would never have stepped over
705 * an 0xffff, so we won't now.
706 */
708 }
712 }
714 /*
715 * When we already have a long match, we can try to avoid
716 * measuring out another long, but shorter match.
717 */
721 }
725 len++) {
726 /* counting */
727 }
729 /*
730 * As a tiebreaker, we prefer the closer match which
731 * is likely to encode smaller (and certainly no worse).
732 */
737 }
738 }
739 }
741 }
749 {
763 }
768 /* we've got confused! hash and block should go together */
770 }
772 /*
773 * leaf_nodes is used to count the symbols seen, for later Huffman
774 * encoding.
775 */
779 };
780 }
785 /*
786 * There is no point doing a hash table and looking for
787 * matches in this tiny block (remembering we are committed to
788 * using 32 bits, so there's a good chance we wouldn't even
789 * save a byte). The threshold of 41 matches Windows.
790 * If remaining_size < 3, we *can't* do the hash.
791 */
794 /*
795 * We use 0xffff as the unset value for table, because it is
796 * not a valid match offset (and 0x0 is).
797 */
806 h,
807 data,
808 here,
809 max_len);
812 /*
813 * If this is not the first block,
814 * backreferences can look into the previous
815 * block (but only as far as 65535 bytes, so
816 * the end of this block cannot see the start
817 * of the last one).
818 */
820 h,
821 prev_block,
822 here,
824 }
829 /* add a literal and move on. */
833 j++;
835 }
837 /* a real match */
850 }
854 /*
855 * A match can take us past the intended block length,
856 * extending the block. We don't need to do anything
857 * special for this case -- the loops will naturally
858 * do the right thing.
859 */
860 }
861 }
863 /*
864 * There might be some bytes at the end.
865 */
869 j++;
870 }
873 /* add a trailing EOF marker (256) */
879 }
886 /* fill in the symbols table */
889 symbol_values);
892 }
895 }
902 {
907 }
915 }
918 }
920 }
922 }
933 };
935 /*
936 * Write out 16 bits, little-endian, for write_huffman_codes()
937 *
938 * As you'll notice, there's a bit to do.
939 *
940 * We are collecting up bits in a uint32_t, then when there are 16 of them we
941 * write out a word into the stream, using a trio of offsets (wc->next_code,
942 * wc->pending_next_code, and wc->head) which dance around ensuring that the
943 * bitstream and the interspersed lengths are in the right places relative to
944 * each other.
945 */
949 {
959 }
965 }
967 }
971 {
975 }
978 }
981 {
984 }
988 }
992 {
996 }
1004 }
1013 }
1015 }
1022 {
1031 };
1042 }
1044 }
1049 }
1058 }
1064 }
1067 }
1068 /* len has already had 3 subtracted */
1070 /*
1071 * We are going to need to write extra length
1072 * bytes into the stream, but we don't do it
1073 * now, we do it after the code has been
1074 * written (and before the distance bits).
1075 */
1079 }
1084 }
1089 }
1096 }
1099 }
1100 }
1106 }
1107 }
1108 }
1109 /*
1110 * There are some intricacies around flushing the bits and returning
1111 * the length.
1112 *
1113 * If the returned length is not exactly right and there is another
1114 * block, that block will read its huffman table from the wrong place,
1115 * and have all the symbol codes out by a multiple of 4.
1116 */
1120 }
1124 }
1126 /*
1127 * Flush out the bits with zeroes. It doesn't matter if we do
1128 * a round too many, as we have buffer space, and have already
1129 * determined the returned length (end).
1130 */
1134 }
1135 }
1137 }
1143 {
1144 ssize_t intermediate_size;
1147 ssize_t bytes_written;
1150 /* huffman block + 4 bytes */
1152 }
1154 /*
1155 * For LZ77 compression, we keep a hash table for the previous block,
1156 * via alternation after the first block.
1157 *
1158 * LZ77 writes into the intermediate buffer in the cmp_mem context.
1159 */
1169 }
1172 cmp_mem,
1173 hash_table,
1174 back_window_hash_table);
1178 }
1180 /*
1181 * Write the 256 byte Huffman table, based on the counts gained in
1182 * LZ77 phase.
1183 */
1191 }
1194 /*
1195 * Write the compressed bytes using the LZ77 matches and Huffman codes
1196 * worked out in the previous steps.
1197 */
1201 intermediate_size,
1207 }
1211 }
1213 /*
1214 * lzxpress_huffman_max_compressed_size()
1215 *
1216 * Return the most bytes the compression can take, to allow
1217 * pre-allocation.
1218 */
1220 {
1221 /*
1222 * In the worst case, the output size should be about the same as the
1223 * input size, plus the 256 byte header per 64k block. We aim for
1224 * ample, but within the order of magnitude.
1225 */
1227 }
1229 /*
1230 * lzxpress_huffman_compress_talloc()
1231 *
1232 * This is the convenience function that allocates the compressor context and
1233 * output memory for you. The return value is the number of bytes written to
1234 * the location indicated by the output pointer.
1235 *
1236 * The maximum input_size is effectively around 227MB due to the need to guess
1237 * an upper bound on the output size that hits an internal limitation in
1238 * talloc.
1239 *
1240 * @param mem_ctx TALLOC_CTX parent for the compressed buffer.
1241 * @param input_bytes memory to be compressed.
1242 * @param input_size length of the input buffer.
1243 * @param output destination pointer for the compressed data.
1244 *
1245 * @return the number of bytes written or -1 on error.
1246 */
1252 {
1256 ssize_t output_size;
1261 }
1267 }
1270 input_bytes,
1271 input_size,
1273 alloc_size);
1280 }
1285 }
1288 }
1290 /*
1291 * lzxpress_huffman_compress()
1292 *
1293 * This is the inconvenience function, slightly faster and fiddlier than
1294 * lzxpress_huffman_compress_talloc().
1295 *
1296 * To use this, you need to have allocated (but not initialised) a `struct
1297 * lzxhuff_compressor_mem`, and an output buffer. If the buffer is not big
1298 * enough (per `output_size`), you'll get a negative return value, otherwise
1299 * the number of bytes actually consumed, which will always be at least 260.
1300 *
1301 * The `struct lzxhuff_compressor_mem` is reusable -- it is basically a
1302 * collection of uninitialised memory buffers. The total size is less than
1303 * 150k, so stack allocation is plausible.
1304 *
1305 * input_size and available_size are limited to the minimum of UINT32_MAX and
1306 * SSIZE_MAX. On 64 bit machines that will be UINT32_MAX, or 4GB.
1307 *
1308 * @param cmp_mem a struct lzxhuff_compressor_mem.
1309 * @param input_bytes memory to be compressed.
1310 * @param input_size length of the input buffer.
1311 * @param output destination for the compressed data.
1312 * @param available_size allocated output bytes.
1313 *
1314 * @return the number of bytes written or -1 on error.
1315 */
1321 {
1331 };
1334 /*
1335 * We can't deal with this for a number of reasons (e.g. it
1336 * breaks the Huffman tree), and the output will be infinitely
1337 * bigger than the input. The caller needs to go and think
1338 * about what they're trying to do here.
1339 */
1341 }
1348 /*
1349 * We use negative ssize_t to return errors, which is limiting
1350 * on 32 bit machines; otherwise we adhere to Microsoft's 4GB
1351 * limit.
1352 *
1353 * lzxpress_huffman_compress_talloc() will not get this far,
1354 * having already have failed on talloc's 256 MB limit.
1355 */
1357 }
1363 }
1366 ssize_t ret;
1368 cmp_mem,
1369 i);
1372 }
1373 i++;
1374 }
1377 }
1380 {
1381 /*
1382 */
1389 };
1407 }
1412 }
1415 head++;
1417 }
1418 ffff_count++;
1421 tail++;
1424 tail++;
1425 head++;
1426 }
1428 }
1430 /**
1431 * Determines the sort order of one prefix_code_symbol relative to another
1432 */
1434 {
1437 }
1440 }
1442 }
1446 {
1447 /*
1448 * There are 512 symbols, each encoded in 4 bits, which indicates
1449 * their depth in the Huffman tree. The even numbers get the lower
1450 * nibble of each byte, so that the byte hex values look backwards
1451 * (i.e. 0xab encodes b then a). These are allocated Huffman codes in
1452 * order of appearance, per depth.
1453 *
1454 * For example, if the first two bytes were:
1455 *
1456 * 0x23 0x53
1457 *
1458 * the first four codes have the lengths 3, 2, 3, 5.
1459 * Let's call them A, B, C, D.
1460 *
1461 * Suppose there is no other codeword with length 1 (which is
1462 * necessarily true in this example) or 2, but there might be others
1463 * of length 3 or 4. Then we can say this about the codes:
1464 *
1465 * _ --*--_
1466 * / \
1467 * 0 1
1468 * / \ / \
1469 * 0 1 0 1
1470 * B |\ / \ |\
1471 * 0 1 0 1 0 1
1472 * A C |\ /| | |\
1473 *
1474 * pos bits code
1475 * A 3 010
1476 * B 2 00
1477 * C 3 011
1478 * D 5 1????
1479 *
1480 * B has the shortest code, so takes the leftmost branch, 00. That
1481 * ends the branch -- nothing else can start with 00. There are no
1482 * more 2s, so we look at the 3s, starting as far left as possible. So
1483 * A takes 010 and C takes 011. That means everything else has to
1484 * start with 1xx. We don't know how many codewords of length 3 or 4
1485 * there are; if there are none, D would end up with 10000, the
1486 * leftmost available code of length 5. If the compressor is any good,
1487 * there should be no unused leaf nodes left dangling at the end.
1488 *
1489 * (this is "Canonical Huffman Coding").
1490 *
1491 *
1492 * But what symbols do these codes actually stand for?
1493 * --------------------------------------------------
1494 *
1495 * Good question. The first 256 codes stand for the corresponding
1496 * literal bytes. The codes from 256 to 511 stand for LZ77 matches,
1497 * which have a distance and a length, encoded in a strange way that
1498 * isn't entirely the purview of this function.
1499 *
1500 * What does the value 0 mean?
1501 * ---------------------------
1502 *
1503 * The code does not occur. For example, if the next byte in the
1504 * example above was 0x07, that would give the byte 0x04 a 7-long
1505 * code, and no code to the 0x05 byte, which means we there is no way
1506 * we going to see a 5 in the decoded stream.
1507 *
1508 * Isn't LZ77 + Huffman what zip/gzip/zlib do?
1509 * -------------------------------------------
1510 *
1511 * Yes, DEFLATE is LZ77 + Huffman, but the details are quite different.
1512 */
1516 ssize_t code;
1522 }
1530 n_symbols++;
1531 }
1534 n_symbols++;
1535 }
1536 }
1540 }
1545 /*
1546 * we're using an implicit binary tree, as you'd see in a heap.
1547 * table[0] = unused
1548 * table[1] = '0'
1549 * table[2] = '1'
1550 * table[3] = '00' <-- '00' and '01' are children of '0'
1551 * table[4] = '01' <-- '0' is [0], children are [0 * 2 + {1,2}]
1552 * table[5] = '10'
1553 * table[6] = '11'
1554 * table[7] = '000'
1555 * table[8] = '001'
1556 * table[9] = '010'
1557 * table[10]= '011'
1558 * table[11]= '100
1559 *'
1560 * table[1 << n - 1] = '0' * n
1561 * table[1 << n - 1 + x] = n-bit wide x (left padded with '0')
1562 * table[1 << n - 2] = '1' * (n - 1)
1563 *
1564 * table[i]->left = table[i*2 + 1]
1565 * table[i]->right = table[i*2 + 2]
1566 * table[0xffff] = unused (16 '0's, max len is 15)
1567 *
1568 * therefore e.g. table[70] = table[64 - 1 + 7]
1569 * = table[1 << 6 - 1 + 7]
1570 * = '000111' (binary 7, widened to 6 bits)
1571 *
1572 * and if '000111' is a code,
1573 * '00011', '0001', '000', '00', '0' are unavailable prefixes.
1574 * 34 16 7 3 1 are their indices
1575 * and (i - 1) >> 1 is the path back from 70 through these.
1576 *
1577 * the lookup is
1578 *
1579 * 1 start with i = 0
1580 * 2 extract a symbol bit (i = (i << 1) + bit + 1)
1581 * 3 is table[i] == 0xffff?
1582 * 4 yes -- goto 2
1583 * 4 table[i] & 511 is the symbol, stop
1584 *
1585 * and the construction (here) is sort of the reverse.
1586 *
1587 * Most of this table is free space that can never be reached, and
1588 * most of the activity is at the beginning (since all codes start
1589 * there, and by design the shortest codes are the most common).
1590 */
1592 /* prefill the table head */
1594 }
1602 code++;
1605 code++;
1606 prev_len++;
1607 }
1611 }
1617 }
1618 }
1621 }
1623 /*
1624 * check that the last code encodes 11111..., with right number of
1625 * ones, pointing to the right symbol -- otherwise we have a dangling
1626 * uninitialised symbol.
1627 */
1630 }
1632 }
1635 #define CHECK_READ_32(dest) \
1636 do { \
1637 if (input->byte_pos + 4 > input->byte_size) { \
1638 return LZXPRESS_ERROR; \
1639 } \
1640 dest = PULL_LE_U32(input->bytes, input->byte_pos); \
1641 input->byte_pos += 4; \
1642 } while (0)
1644 #define CHECK_READ_16(dest) \
1645 do { \
1646 if (input->byte_pos + 2 > input->byte_size) { \
1647 return LZXPRESS_ERROR; \
1648 } \
1649 dest = PULL_LE_U16(input->bytes, input->byte_pos); \
1650 input->byte_pos += 2; \
1651 } while (0)
1653 #define CHECK_READ_8(dest) \
1654 do { \
1655 if (input->byte_pos >= input->byte_size) { \
1656 return LZXPRESS_ERROR; \
1657 } \
1658 dest = PULL_LE_U8(input->bytes, input->byte_pos); \
1659 input->byte_pos++; \
1660 } while(0)
1664 {
1679 }
1681 }
1684 /*
1685 * Decompress a block. The actual decompressed size is returned (or -1 on
1686 * error). The putative block length is 64k (or shorter, if the message ends
1687 * first), but a match can run over the end, extending the block. That's why
1688 * we need the overall output size as well as the block size. A match encoded
1689 * in this block can point back to previous blocks, but not before the
1690 * beginning of the message, so we also need the previously decoded size.
1691 *
1692 * The compressed block will have 256 bytes for the Huffman table, and at
1693 * least 4 bytes of (possibly padded) encoded values.
1694 */
1700 {
1714 }
1717 }
1718 /*
1719 * Always read 32 bits at the start, even if we don't need them.
1720 */
1726 /*
1727 * This loop iterates over individual *bits*. These are read from
1728 * little-endian 16 bit words, most significant bit first.
1729 *
1730 * At points in the bitstream, the following are possible:
1731 *
1732 * # the source word is empty and needs to be refilled from the input
1733 * stream.
1734 * # an incomplete codeword is being extended.
1735 * # a codeword is resolved, either as a literal or a match.
1736 * # a literal is written.
1737 * # a match is collecting distance bits.
1738 * # the output stream is copied, as specified by a match.
1739 * # input bytes are read for match lengths.
1740 *
1741 * Note that we *don't* specifically check for the EOF marker (symbol
1742 * 256) in this loop, because the a precondition for stopping for the
1743 * EOF marker is that the output buffer is full (otherwise, you
1744 * wouldn't know which 256 is EOF, rather than an actual symbol), and
1745 * we *always* want to stop when the buffer is full. So we work out if
1746 * there is an EOF in in another loop after we stop writing.
1747 */
1756 }
1757 }
1762 /* not in a match; pulling a codeword */
1766 /* incomplete codeword, the common case */
1768 }
1769 /* found the symbol, reset the code string */
1773 /* a literal, the easy case */
1775 output_pos++;
1777 }
1779 /* the beginning of a match */
1787 /*
1788 * note, we discard (don't add) the
1789 * length so far.
1790 */
1794 }
1795 }
1796 }
1799 /* we are pulling extra distance bits */
1800 distance_bits_wanted--;
1802 }
1805 /*
1806 * We have a complete match, and it is time to do the
1807 * copy (byte by byte, because the ranges can overlap,
1808 * and we might need to copy bytes we just copied in).
1809 *
1810 * It is possible that this match will extend beyond
1811 * the end of the expected block. That's fine, so long
1812 * as it doesn't extend past the total output size.
1813 */
1822 }
1825 }
1829 }
1830 }
1833 /* it seems like we've hit an early end, mid-code */
1835 }
1838 /*
1839 * This block is over, but it clearly isn't the last block, so
1840 * we don't want to look for the EOF.
1841 */
1843 }
1844 /*
1845 * We won't write any more, but we try to read some more to make sure
1846 * we're finishing in a good place. That means we want to see a 256
1847 * symbol and then some number of zeroes, possibly zero, but as many
1848 * as 32.
1849 *
1850 * In this we are perhaps a bit stricter than Windows, which
1851 * apparently does not insist on the EOF marker, nor on a lack of
1852 * trailing bytes.
1853 */
1857 ssize_t ret;
1859 /* FIN */
1861 }
1865 }
1866 }
1870 /*
1871 * we have read an EOF symbols. Now we just want to
1872 * see zeroes.
1873 */
1876 }
1878 }
1880 /* we're pulling in a symbol, which had better be 256 */
1885 }
1890 }
1893 }
1897 }
1900 }
1905 {
1910 }
1913 ssize_t block_output_pos;
1914 ssize_t block_output_size;
1920 input,
1922 block_output_size,
1923 remaining_output_size,
1924 output_pos);
1928 }
1931 /* not expecting to get here. */
1933 }
1934 }
1938 }
1941 }
1944 /*
1945 * lzxpress_huffman_decompress()
1946 *
1947 * output_size must be the expected length of the decompressed data.
1948 * input_size and output_size are limited to the minimum of UINT32_MAX and
1949 * SSIZE_MAX. On 64 bit machines that will be UINT32_MAX, or 4GB.
1950 *
1951 * @param input_bytes memory to be decompressed.
1952 * @param input_size length of the compressed buffer.
1953 * @param output destination for the decompressed data.
1954 * @param output_size exact expected length of the decompressed data.
1955 *
1956 * @return the number of bytes written or -1 on error.
1957 */
1963 {
1972 };
1982 /*
1983 * We use negative ssize_t to return errors, which is limiting
1984 * on 32 bit machines, and the 4GB limit exists on Windows.
1985 */
1987 }
1990 output,
1991 output_size);
1992 }
1995 /**
1996 * lzxpress_huffman_decompress_talloc()
1997 *
1998 * The caller must provide the exact size of the expected output.
1999 *
2000 * The input_size is limited to the minimum of UINT32_MAX and SSIZE_MAX, but
2001 * output_size is limited to 256MB due to a limit in talloc. This effectively
2002 * limits input_size too, as non-crafted compressed data will not exceed the
2003 * decompressed size by very much.
2004 *
2005 * @param mem_ctx TALLOC_CTX parent for the decompressed buffer.
2006 * @param input_bytes memory to be decompressed.
2007 * @param input_size length of the compressed buffer.
2008 * @param output_size expected decompressed size.
2009 *
2010 * @return a talloc'ed buffer exactly output_size in length, or NULL.
2011 */
2017 {
2018 ssize_t result;
2023 };
2028 }
2034 }
2036 output,
2037 output_size);
2043 }
2045 }