1 ///////////////////////////////////////////////////////////////////////////////
3 /// \file lzma_decoder.c
4 /// \brief LZMA decoder
6 // Copyright (C) 1999-2006 Igor Pavlov
7 // Copyright (C) 2007 Lasse Collin
9 // This library is free software; you can redistribute it and/or
10 // modify it under the terms of the GNU Lesser General Public
11 // License as published by the Free Software Foundation; either
12 // version 2.1 of the License, or (at your option) any later version.
14 // This library is distributed in the hope that it will be useful,
15 // but WITHOUT ANY WARRANTY; without even the implied warranty of
16 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 // Lesser General Public License for more details.
19 ///////////////////////////////////////////////////////////////////////////////
21 // NOTE: If you want to keep the line length in 80 characters, set
22 // tab width to 4 or less in your editor when editing this file.
24 #include "lzma_common.h"
25 #include "lzma_decoder.h"
26 #include "lz_decoder.h"
27 #include "range_decoder.h"
30 /// REQUIRED_IN_BUFFER_SIZE is the number of required input bytes
31 /// for the worst case: longest match with longest distance.
32 /// LZMA_IN_BUFFER_SIZE must be larger than REQUIRED_IN_BUFFER_SIZE.
33 /// 23 bits = 2 (match select) + 10 (len) + 6 (distance) + 4 (align)
34 /// + 1 (rc_normalize)
36 /// \todo Is this correct for sure?
38 #define REQUIRED_IN_BUFFER_SIZE \
39 ((23 * (BIT_MODEL_TOTAL_BITS - MOVE_BITS + 1) + 26 + 9) / 8)
42 // Length decoders are easiest to have as macros, because they use range
43 // decoder macros, which use local variables rc_range and rc_code.
45 #define length_decode(target, len_decoder, pos_state) \
47 if_bit_0(len_decoder.choice) { \
48 update_bit_0(len_decoder.choice); \
49 target = MATCH_MIN_LEN; \
50 bittree_decode(target, len_decoder.low[pos_state], LEN_LOW_BITS); \
52 update_bit_1(len_decoder.choice); \
53 if_bit_0(len_decoder.choice2) { \
54 update_bit_0(len_decoder.choice2); \
55 target = MATCH_MIN_LEN + LEN_LOW_SYMBOLS; \
56 bittree_decode(target, len_decoder.mid[pos_state], LEN_MID_BITS); \
58 update_bit_1(len_decoder.choice2); \
59 target = MATCH_MIN_LEN + LEN_LOW_SYMBOLS + LEN_MID_SYMBOLS; \
60 bittree_decode(target, len_decoder.high, LEN_HIGH_BITS); \
66 #define length_decode_dummy(target, len_decoder, pos_state) \
68 if_bit_0(len_decoder.choice) { \
69 update_bit_0_dummy(); \
70 target = MATCH_MIN_LEN; \
71 bittree_decode_dummy(target, \
72 len_decoder.low[pos_state], LEN_LOW_BITS); \
74 update_bit_1_dummy(); \
75 if_bit_0(len_decoder.choice2) { \
76 update_bit_0_dummy(); \
77 target = MATCH_MIN_LEN + LEN_LOW_SYMBOLS; \
78 bittree_decode_dummy(target, len_decoder.mid[pos_state], \
81 update_bit_1_dummy(); \
82 target = MATCH_MIN_LEN + LEN_LOW_SYMBOLS + LEN_MID_SYMBOLS; \
83 bittree_decode_dummy(target, len_decoder.high, LEN_HIGH_BITS); \
92 probability low[POS_STATES_MAX][LEN_LOW_SYMBOLS];
93 probability mid[POS_STATES_MAX][LEN_MID_SYMBOLS];
94 probability high[LEN_HIGH_SYMBOLS];
95 } lzma_length_decoder;
99 /// Data of the next coder, if any.
100 lzma_next_coder next;
102 /// Sliding output window a.k.a. dictionary a.k.a. history buffer.
106 lzma_range_decoder rc;
110 uint32_t rep0; ///< Distance of the latest match
111 uint32_t rep1; ///< Distance of second latest match
112 uint32_t rep2; ///< Distance of third latest match
113 uint32_t rep3; ///< Distance of fourth latest match
116 uint32_t now_pos; // Lowest 32-bits are enough here.
118 lzma_literal_coder *literal_coder;
120 /// If 1, it's a match. Otherwise it's a single 8-bit literal.
121 probability is_match[STATES][POS_STATES_MAX];
123 /// If 1, it's a repeated match. The distance is one of rep0 .. rep3.
124 probability is_rep[STATES];
126 /// If 0, distance of a repeated match is rep0.
127 /// Otherwise check is_rep1.
128 probability is_rep0[STATES];
130 /// If 0, distance of a repeated match is rep1.
131 /// Otherwise check is_rep2.
132 probability is_rep1[STATES];
134 /// If 0, distance of a repeated match is rep2. Otherwise it is rep3.
135 probability is_rep2[STATES];
137 /// If 1, the repeated match has length of one byte. Otherwise
138 /// the length is decoded from rep_match_len_decoder.
139 probability is_rep0_long[STATES][POS_STATES_MAX];
141 probability pos_slot_decoder[LEN_TO_POS_STATES][1 << POS_SLOT_BITS];
142 probability pos_decoders[FULL_DISTANCES - END_POS_MODEL_INDEX];
143 probability pos_align_decoder[1 << ALIGN_BITS];
145 /// Length of a match
146 lzma_length_decoder len_decoder;
148 /// Length of a repeated match.
149 lzma_length_decoder rep_match_len_decoder;
151 /// True when we have produced at least one byte of output since the
152 /// beginning of the stream or the latest flush marker.
153 bool has_produced_output;
157 /// \brief Check if the next iteration of the decoder loop can be run.
159 /// \note There must always be REQUIRED_IN_BUFFER_SIZE bytes
162 static bool lzma_attribute((pure))
163 decode_dummy(const lzma_coder *restrict coder,
164 const uint8_t *restrict in, size_t in_pos_local,
165 const size_t in_size, lzma_range_decoder rc,
166 uint32_t state, uint32_t rep0, const uint32_t now_pos)
171 const uint32_t pos_state = now_pos & coder->pos_mask;
173 if_bit_0(coder->is_match[state][pos_state]) {
174 // It's a literal i.e. a single 8-bit byte.
176 update_bit_0_dummy();
178 const probability *subcoder = literal_get_subcoder(
179 coder->literal_coder, now_pos, lz_get_byte(coder->lz, 0));
182 if (is_char_state(state)) {
183 // Decode literal without match byte.
185 if_bit_0(subcoder[symbol]) {
186 update_bit_0_dummy();
189 update_bit_1_dummy();
190 symbol = (symbol << 1) | 1;
192 } while (symbol < 0x100);
195 // Decode literal with match byte.
196 uint32_t match_byte = lz_get_byte(coder->lz, rep0);
197 uint32_t subcoder_offset = 0x100;
201 const uint32_t match_bit = match_byte & subcoder_offset;
202 const uint32_t subcoder_index
203 = subcoder_offset + match_bit + symbol;
205 if_bit_0(subcoder[subcoder_index]) {
206 update_bit_0_dummy();
208 subcoder_offset &= ~match_bit;
210 update_bit_1_dummy();
211 symbol = (symbol << 1) | 1;
212 subcoder_offset &= match_bit;
214 } while (symbol < 0x100);
220 update_bit_1_dummy();
223 if_bit_0(coder->is_rep[state]) {
224 update_bit_0_dummy();
225 length_decode_dummy(len, coder->len_decoder, pos_state);
228 const uint32_t len_to_pos_state = get_len_to_pos_state(len);
229 uint32_t pos_slot = 0;
230 bittree_decode_dummy(pos_slot,
231 coder->pos_slot_decoder[len_to_pos_state], POS_SLOT_BITS);
232 assert(pos_slot <= 63);
234 if (pos_slot >= START_POS_MODEL_INDEX) {
235 uint32_t direct_bits = (pos_slot >> 1) - 1;
236 assert(direct_bits >= 1 && direct_bits <= 31);
237 rep0 = 2 | (pos_slot & 1);
239 if (pos_slot < END_POS_MODEL_INDEX) {
240 assert(direct_bits <= 5);
241 rep0 <<= direct_bits;
243 // -1 is fine, because bittree_reverse_decode()
244 // starts from table index [1] (not [0]).
245 assert((int32_t)(rep0 - pos_slot - 1) >= -1);
246 assert((int32_t)(rep0 - pos_slot - 1) <= 82);
247 // We add the result to rep0, so rep0
248 // must not be part of second argument
250 const int32_t offset = rep0 - pos_slot - 1;
251 bittree_reverse_decode_dummy(coder->pos_decoders + offset,
254 assert(pos_slot >= 14);
255 assert(direct_bits >= 6);
256 direct_bits -= ALIGN_BITS;
257 assert(direct_bits >= 2);
258 rc_decode_direct_dummy(direct_bits);
260 bittree_reverse_decode_dummy(coder->pos_align_decoder,
266 update_bit_1_dummy();
268 if_bit_0(coder->is_rep0[state]) {
269 update_bit_0_dummy();
271 if_bit_0(coder->is_rep0_long[state][pos_state]) {
272 update_bit_0_dummy();
275 update_bit_1_dummy();
279 update_bit_1_dummy();
281 if_bit_0(coder->is_rep1[state]) {
282 update_bit_0_dummy();
284 update_bit_1_dummy();
286 if_bit_0(coder->is_rep2[state]) {
287 update_bit_0_dummy();
289 update_bit_1_dummy();
294 length_decode_dummy(len, coder->rep_match_len_decoder, pos_state);
300 return in_pos_local <= in_size;
305 decode_real(lzma_coder *restrict coder, const uint8_t *restrict in,
306 size_t *restrict in_pos, size_t in_size, bool has_safe_buffer)
312 if (!rc_read_init(&coder->rc, in, in_pos, in_size))
319 // Making local copies of often-used variables improves both
320 // speed and readability.
323 rc_to_local(coder->rc);
326 uint32_t state = coder->state;
327 uint32_t rep0 = coder->rep0;
328 uint32_t rep1 = coder->rep1;
329 uint32_t rep2 = coder->rep2;
330 uint32_t rep3 = coder->rep3;
333 uint32_t now_pos = coder->now_pos;
334 bool has_produced_output = coder->has_produced_output;
336 // Variables derived from decoder settings
337 const uint32_t pos_mask = coder->pos_mask;
339 size_t in_pos_local = *in_pos; // Local copy
341 if (in_size <= REQUIRED_IN_BUFFER_SIZE)
344 in_limit = in_size - REQUIRED_IN_BUFFER_SIZE;
347 while (coder->lz.pos < coder->lz.limit
348 && (in_pos_local < in_limit || (has_safe_buffer
349 && decode_dummy(coder, in, in_pos_local, in_size,
350 rc, state, rep0, now_pos)))) {
352 /////////////////////
353 // Actual decoding //
354 /////////////////////
356 const uint32_t pos_state = now_pos & pos_mask;
358 if_bit_0(coder->is_match[state][pos_state]) {
359 update_bit_0(coder->is_match[state][pos_state]);
361 // It's a literal i.e. a single 8-bit byte.
363 probability *subcoder = literal_get_subcoder(coder->literal_coder,
364 now_pos, lz_get_byte(coder->lz, 0));
367 if (is_char_state(state)) {
368 // Decode literal without match byte.
370 if_bit_0(subcoder[symbol]) {
371 update_bit_0(subcoder[symbol]);
374 update_bit_1(subcoder[symbol]);
375 symbol = (symbol << 1) | 1;
377 } while (symbol < 0x100);
380 // Decode literal with match byte.
382 // The usage of subcoder_offset allows omitting some
383 // branches, which should give tiny speed improvement on
384 // some CPUs. subcoder_offset gets set to zero if match_bit
386 uint32_t match_byte = lz_get_byte(coder->lz, rep0);
387 uint32_t subcoder_offset = 0x100;
391 const uint32_t match_bit = match_byte & subcoder_offset;
392 const uint32_t subcoder_index
393 = subcoder_offset + match_bit + symbol;
395 if_bit_0(subcoder[subcoder_index]) {
396 update_bit_0(subcoder[subcoder_index]);
398 subcoder_offset &= ~match_bit;
400 update_bit_1(subcoder[subcoder_index]);
401 symbol = (symbol << 1) | 1;
402 subcoder_offset &= match_bit;
404 } while (symbol < 0x100);
407 // Put the decoded byte to the dictionary, update the
408 // decoder state, and start a new decoding loop.
409 coder->lz.dict[coder->lz.pos++] = (uint8_t)(symbol);
412 has_produced_output = true;
416 // Instead of a new byte we are going to get a byte range
417 // (distance and length) which will be repeated from our
420 update_bit_1(coder->is_match[state][pos_state]);
423 if_bit_0(coder->is_rep[state]) {
424 update_bit_0(coder->is_rep[state]);
426 // Not a repeated match
428 // We will decode a new distance and store
429 // the value to distance.
431 // Decode the length of the match.
432 length_decode(len, coder->len_decoder, pos_state);
436 const uint32_t len_to_pos_state = get_len_to_pos_state(len);
437 uint32_t pos_slot = 0;
438 bittree_decode(pos_slot,
439 coder->pos_slot_decoder[len_to_pos_state], POS_SLOT_BITS);
440 assert(pos_slot <= 63);
442 if (pos_slot >= START_POS_MODEL_INDEX) {
443 uint32_t direct_bits = (pos_slot >> 1) - 1;
444 assert(direct_bits >= 1 && direct_bits <= 30);
445 uint32_t distance = 2 | (pos_slot & 1);
447 if (pos_slot < END_POS_MODEL_INDEX) {
448 assert(direct_bits <= 5);
449 distance <<= direct_bits;
450 assert(distance <= 96);
451 // -1 is fine, because
452 // bittree_reverse_decode()
453 // starts from table index [1]
455 assert((int32_t)(distance - pos_slot - 1) >= -1);
456 assert((int32_t)(distance - pos_slot - 1) <= 82);
457 // We add the result to distance, so distance
458 // must not be part of second argument
460 const int32_t offset = distance - pos_slot - 1;
461 bittree_reverse_decode(distance, coder->pos_decoders + offset,
464 assert(pos_slot >= 14);
465 assert(direct_bits >= 6);
466 direct_bits -= ALIGN_BITS;
467 assert(direct_bits >= 2);
468 rc_decode_direct(distance, direct_bits);
469 distance <<= ALIGN_BITS;
471 bittree_reverse_decode(distance, coder->pos_align_decoder,
474 if (distance == UINT32_MAX) {
475 if (len == LEN_SPECIAL_EOPM) {
476 // End of Payload Marker found.
477 coder->lz.eopm_detected = true;
480 } else if (len == LEN_SPECIAL_FLUSH) {
481 // Flush marker detected. We must have produced
482 // at least one byte of output since the previous
483 // flush marker or the beginning of the stream.
484 // This is to prevent hanging the decoder with
485 // malicious input files.
486 if (!has_produced_output)
489 has_produced_output = false;
491 // We know that we have enough input to call
492 // this macro, because it is tested at the
493 // end of decode_dummy().
498 // If we don't have enough input here, we jump
499 // out of the loop. Note that while there is a
500 // useless call to rc_normalize(), it does nothing
501 // since we have just reset the range decoder.
502 if (!rc_read_init(&rc, in, &in_pos_local, in_size))
513 // The latest three match distances are kept in
514 // memory in case there are repeated matches.
528 update_bit_1(coder->is_rep[state]);
532 // The match distance is a value that we have had
533 // earlier. The latest four match distances are
534 // available as rep0, rep1, rep2 and rep3. We will
535 // now decode which of them is the new distance.
537 if_bit_0(coder->is_rep0[state]) {
538 update_bit_0(coder->is_rep0[state]);
540 // The distance is rep0.
542 if_bit_0(coder->is_rep0_long[state][pos_state]) {
543 update_bit_0(coder->is_rep0_long[state][pos_state]);
545 update_short_rep(state);
547 // Repeat exactly one byte and start a new decoding loop.
548 // Note that rep0 is known to have a safe value, thus we
549 // don't need to check if we are wrapping the dictionary
550 // when it isn't full yet.
551 coder->lz.dict[coder->lz.pos]
552 = lz_get_byte(coder->lz, rep0);
555 has_produced_output = true;
559 update_bit_1(coder->is_rep0_long[state][pos_state]);
561 // Repeating more than one byte at
566 update_bit_1(coder->is_rep0[state]);
568 // The distance is rep1, rep2 or rep3. Once
569 // we find out which one of these three, it
570 // is stored to rep0 and rep1, rep2 and rep3
571 // are updated accordingly.
575 if_bit_0(coder->is_rep1[state]) {
576 update_bit_0(coder->is_rep1[state]);
579 update_bit_1(coder->is_rep1[state]);
581 if_bit_0(coder->is_rep2[state]) {
582 update_bit_0(coder->is_rep2[state]);
585 update_bit_1(coder->is_rep2[state]);
597 // Decode the length of the repeated match.
598 length_decode(len, coder->rep_match_len_decoder, pos_state);
604 /////////////////////////////////
605 // Repeat from history buffer. //
606 /////////////////////////////////
608 // The length is always between these limits. There is no way
609 // to trigger the algorithm to set len outside this range.
610 assert(len >= MATCH_MIN_LEN);
611 assert(len <= MATCH_MAX_LEN);
614 has_produced_output = true;
616 // Repeat len bytes from distance of rep0.
617 if (!lzma_lz_out_repeat(&coder->lz, rep0, len))
624 /////////////////////////////////
625 // Update the *data structure. //
626 /////////////////////////////////
629 rc_from_local(coder->rc);
632 coder->state = state;
639 coder->now_pos = now_pos;
640 coder->has_produced_output = has_produced_output;
641 *in_pos = in_pos_local;
648 lzma_decoder_end(lzma_coder *coder, lzma_allocator *allocator)
650 lzma_next_coder_end(&coder->next, allocator);
651 lzma_lz_decoder_end(&coder->lz, allocator);
652 lzma_literal_end(&coder->literal_coder, allocator);
653 lzma_free(coder, allocator);
659 lzma_lzma_decoder_init(lzma_next_coder *next, lzma_allocator *allocator,
660 const lzma_filter_info *filters)
662 // Validate pos_bits. Other options are validated by the
663 // respective initialization functions.
664 const lzma_options_lzma *options = filters[0].options;
665 if (options->pos_bits > LZMA_POS_BITS_MAX)
666 return LZMA_HEADER_ERROR;
668 // Allocate memory for the decoder if needed.
669 if (next->coder == NULL) {
670 next->coder = lzma_alloc(sizeof(lzma_coder), allocator);
671 if (next->coder == NULL)
672 return LZMA_MEM_ERROR;
674 // Initialize variables so that we know later that we don't
675 // have an existing decoder initialized.
676 next->coder->next = LZMA_NEXT_CODER_INIT;
677 next->coder->lz = LZMA_LZ_DECODER_INIT;
678 next->coder->literal_coder = NULL;
681 // Store the pos_bits and calculate pos_mask.
682 next->coder->pos_bits = options->pos_bits;
683 next->coder->pos_mask = (1U << next->coder->pos_bits) - 1;
685 // Allocate (if needed) and initialize the literal decoder.
687 const lzma_ret ret = lzma_literal_init(
688 &next->coder->literal_coder, allocator,
689 options->literal_context_bits,
690 options->literal_pos_bits);
691 if (ret != LZMA_OK) {
692 lzma_free(next->coder, allocator);
698 // Allocate and initialize the LZ decoder.
700 const lzma_ret ret = lzma_lz_decoder_reset(
701 &next->coder->lz, allocator, &decode_real,
702 filters[0].uncompressed_size,
703 options->dictionary_size, MATCH_MAX_LEN);
704 if (ret != LZMA_OK) {
705 lzma_literal_end(&next->coder->literal_coder,
707 lzma_free(next->coder, allocator);
714 next->coder->state = 0;
715 next->coder->rep0 = 0;
716 next->coder->rep1 = 0;
717 next->coder->rep2 = 0;
718 next->coder->rep3 = 0;
719 next->coder->pos_bits = options->pos_bits;
720 next->coder->pos_mask = (1 << next->coder->pos_bits) - 1;
721 next->coder->now_pos = 0;
724 rc_reset(next->coder->rc);
726 // Bit and bittree decoders
727 for (uint32_t i = 0; i < STATES; ++i) {
728 for (uint32_t j = 0; j <= next->coder->pos_mask; ++j) {
729 bit_reset(next->coder->is_match[i][j]);
730 bit_reset(next->coder->is_rep0_long[i][j]);
733 bit_reset(next->coder->is_rep[i]);
734 bit_reset(next->coder->is_rep0[i]);
735 bit_reset(next->coder->is_rep1[i]);
736 bit_reset(next->coder->is_rep2[i]);
739 for (uint32_t i = 0; i < LEN_TO_POS_STATES; ++i)
740 bittree_reset(next->coder->pos_slot_decoder[i], POS_SLOT_BITS);
742 for (uint32_t i = 0; i < FULL_DISTANCES - END_POS_MODEL_INDEX; ++i)
743 bit_reset(next->coder->pos_decoders[i]);
745 bittree_reset(next->coder->pos_align_decoder, ALIGN_BITS);
747 // Len decoders (also bit/bittree)
748 const uint32_t num_pos_states = 1 << next->coder->pos_bits;
749 bit_reset(next->coder->len_decoder.choice);
750 bit_reset(next->coder->len_decoder.choice2);
751 bit_reset(next->coder->rep_match_len_decoder.choice);
752 bit_reset(next->coder->rep_match_len_decoder.choice2);
754 for (uint32_t pos_state = 0; pos_state < num_pos_states; ++pos_state) {
755 bittree_reset(next->coder->len_decoder.low[pos_state], LEN_LOW_BITS);
756 bittree_reset(next->coder->len_decoder.mid[pos_state], LEN_MID_BITS);
758 bittree_reset(next->coder->rep_match_len_decoder.low[pos_state],
760 bittree_reset(next->coder->rep_match_len_decoder.mid[pos_state],
764 bittree_reset(next->coder->len_decoder.high, LEN_HIGH_BITS);
765 bittree_reset(next->coder->rep_match_len_decoder.high, LEN_HIGH_BITS);
767 next->coder->has_produced_output = false;
769 // Initialize the next decoder in the chain, if any.
771 const lzma_ret ret = lzma_next_filter_init(&next->coder->next,
772 allocator, filters + 1);
773 if (ret != LZMA_OK) {
774 lzma_decoder_end(next->coder, allocator);
779 // Initialization successful. Set the function pointers.
780 next->code = &lzma_lz_decode;
781 next->end = &lzma_decoder_end;
788 lzma_lzma_decode_properties(lzma_options_lzma *options, uint8_t byte)
790 if (byte > (4 * 5 + 4) * 9 + 8)
793 // See the file format specification to understand this.
794 options->pos_bits = byte / (9 * 5);
795 byte -= options->pos_bits * 9 * 5;
796 options->literal_pos_bits = byte / 9;
797 options->literal_context_bits = byte - options->literal_pos_bits * 9;