varnish-cache/lib/libvgz/inflate.c
0
/* inflate.c -- zlib decompression
1
 * Copyright (C) 1995-2022 Mark Adler
2
 * For conditions of distribution and use, see copyright notice in zlib.h
3
 */
4
5
/*
6
 * Change history:
7
 *
8
 * 1.2.beta0    24 Nov 2002
9
 * - First version -- complete rewrite of inflate to simplify code, avoid
10
 *   creation of window when not needed, minimize use of window when it is
11
 *   needed, make inffast.c even faster, implement gzip decoding, and to
12
 *   improve code readability and style over the previous zlib inflate code
13
 *
14
 * 1.2.beta1    25 Nov 2002
15
 * - Use pointers for available input and output checking in inffast.c
16
 * - Remove input and output counters in inffast.c
17
 * - Change inffast.c entry and loop from avail_in >= 7 to >= 6
18
 * - Remove unnecessary second byte pull from length extra in inffast.c
19
 * - Unroll direct copy to three copies per loop in inffast.c
20
 *
21
 * 1.2.beta2    4 Dec 2002
22
 * - Change external routine names to reduce potential conflicts
23
 * - Correct filename to inffixed.h for fixed tables in inflate.c
24
 * - Make hbuf[] unsigned char to match parameter type in inflate.c
25
 * - Change strm->next_out[-state->offset] to *(strm->next_out - state->offset)
26
 *   to avoid negation problem on Alphas (64 bit) in inflate.c
27
 *
28
 * 1.2.beta3    22 Dec 2002
29
 * - Add comments on state->bits assertion in inffast.c
30
 * - Add comments on op field in inftrees.h
31
 * - Fix bug in reuse of allocated window after inflateReset()
32
 * - Remove bit fields--back to byte structure for speed
33
 * - Remove distance extra == 0 check in inflate_fast()--only helps for lengths
34
 * - Change post-increments to pre-increments in inflate_fast(), PPC biased?
35
 * - Add compile time option, POSTINC, to use post-increments instead (Intel?)
36
 * - Make MATCH copy in inflate() much faster for when inflate_fast() not used
37
 * - Use local copies of stream next and avail values, as well as local bit
38
 *   buffer and bit count in inflate()--for speed when inflate_fast() not used
39
 *
40
 * 1.2.beta4    1 Jan 2003
41
 * - Split ptr - 257 statements in inflate_table() to avoid compiler warnings
42
 * - Move a comment on output buffer sizes from inffast.c to inflate.c
43
 * - Add comments in inffast.c to introduce the inflate_fast() routine
44
 * - Rearrange window copies in inflate_fast() for speed and simplification
45
 * - Unroll last copy for window match in inflate_fast()
46
 * - Use local copies of window variables in inflate_fast() for speed
47
 * - Pull out common wnext == 0 case for speed in inflate_fast()
48
 * - Make op and len in inflate_fast() unsigned for consistency
49
 * - Add FAR to lcode and dcode declarations in inflate_fast()
50
 * - Simplified bad distance check in inflate_fast()
51
 * - Added inflateBackInit(), inflateBack(), and inflateBackEnd() in new
52
 *   source file infback.c to provide a call-back interface to inflate for
53
 *   programs like gzip and unzip -- uses window as output buffer to avoid
54
 *   window copying
55
 *
56
 * 1.2.beta5    1 Jan 2003
57
 * - Improved inflateBack() interface to allow the caller to provide initial
58
 *   input in strm.
59
 * - Fixed stored blocks bug in inflateBack()
60
 *
61
 * 1.2.beta6    4 Jan 2003
62
 * - Added comments in inffast.c on effectiveness of POSTINC
63
 * - Typecasting all around to reduce compiler warnings
64
 * - Changed loops from while (1) or do {} while (1) to for (;;), again to
65
 *   make compilers happy
66
 * - Changed type of window in inflateBackInit() to unsigned char *
67
 *
68
 * 1.2.beta7    27 Jan 2003
69
 * - Changed many types to unsigned or unsigned short to avoid warnings
70
 * - Added inflateCopy() function
71
 *
72
 * 1.2.0        9 Mar 2003
73
 * - Changed inflateBack() interface to provide separate opaque descriptors
74
 *   for the in() and out() functions
75
 * - Changed inflateBack() argument and in_func typedef to swap the length
76
 *   and buffer address return values for the input function
77
 * - Check next_in and next_out for Z_NULL on entry to inflate()
78
 *
79
 * The history for versions after 1.2.0 are in ChangeLog in zlib distribution.
80
 */
81
82
#include "zutil.h"
83
#include "inftrees.h"
84
#include "inflate.h"
85
#include "inffast.h"
86
87
#ifdef MAKEFIXED
88
#  ifndef BUILDFIXED
89
#    define BUILDFIXED
90
#  endif
91
#endif
92
93 48648
local int inflateStateCheck(z_streamp strm) {
94
    struct inflate_state FAR *state;
95 97296
    if (strm == Z_NULL ||
96 48648
        strm->zalloc == (alloc_func)0 || strm->zfree == (free_func)0)
97 0
        return 1;
98 48648
    state = (struct inflate_state FAR *)strm->state;
99 97296
    if (state == Z_NULL || state->strm != strm ||
100 48648
        state->mode < HEAD || state->mode > SYNC)
101 0
        return 1;
102 48648
    return 0;
103 48648
}
104
105 6750
int ZEXPORT inflateResetKeep(z_streamp strm) {
106
    struct inflate_state FAR *state;
107
108 6750
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
109 6750
    state = (struct inflate_state FAR *)strm->state;
110 6750
    strm->total_in = strm->total_out = state->total = 0;
111 6750
    strm->start_bit = strm->stop_bit = strm->last_bit = 0;
112 6750
    strm->msg = Z_NULL;
113 6750
    if (state->wrap)        /* to support ill-conceived Java test suite */
114 6750
        strm->adler = state->wrap & 1;
115 6750
    state->mode = HEAD;
116 6750
    state->last = 0;
117 6750
    state->havedict = 0;
118 6750
    state->flags = -1;
119 6750
    state->dmax = 32768U;
120 6750
    state->head = Z_NULL;
121 6750
    state->hold = 0;
122 6750
    state->bits = 0;
123 6750
    state->lencode = state->distcode = state->next = state->codes;
124 6750
    state->sane = 1;
125 6750
    state->back = -1;
126
    Tracev((stderr, "inflate: reset\n"));
127 6750
    return Z_OK;
128 6750
}
129
130 6750
int ZEXPORT inflateReset(z_streamp strm) {
131
    struct inflate_state FAR *state;
132
133 6750
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
134 6750
    state = (struct inflate_state FAR *)strm->state;
135 6750
    state->wsize = 0;
136 6750
    state->whave = 0;
137 6750
    state->wnext = 0;
138 6750
    return inflateResetKeep(strm);
139 6750
}
140
141 6750
int ZEXPORT inflateReset2(z_streamp strm, int windowBits) {
142
    int wrap;
143
    struct inflate_state FAR *state;
144
145
    /* get the state */
146 6750
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
147 6750
    state = (struct inflate_state FAR *)strm->state;
148
149
    /* extract wrap request from windowBits parameter */
150 6750
    if (windowBits < 0) {
151 0
        if (windowBits < -15)
152 0
            return Z_STREAM_ERROR;
153 0
        wrap = 0;
154 0
        windowBits = -windowBits;
155 0
    }
156
    else {
157 6750
        wrap = (windowBits >> 4) + 5;
158
#ifdef GUNZIP
159 6750
        if (windowBits < 48)
160 6750
            windowBits &= 15;
161
#endif
162
    }
163
164
    /* set number of window bits, free window if different */
165 6750
    if (windowBits && (windowBits < 8 || windowBits > 15))
166 0
        return Z_STREAM_ERROR;
167 6750
    if (state->window != Z_NULL && state->wbits != (unsigned)windowBits) {
168 0
        ZFREE(strm, state->window);
169 0
        state->window = Z_NULL;
170 0
    }
171
172
    /* update state and reset the rest of it */
173 6750
    state->wrap = wrap;
174 6750
    state->wbits = (unsigned)windowBits;
175 6750
    return inflateReset(strm);
176 6750
}
177
178 6750
int ZEXPORT inflateInit2_(z_streamp strm, int windowBits,
179
                          const char *version, int stream_size) {
180
    int ret;
181
    struct inflate_state FAR *state;
182
183 6750
    if (version == Z_NULL || version[0] != ZLIB_VERSION[0] ||
184 6750
        stream_size != (int)(sizeof(z_stream)))
185 0
        return Z_VERSION_ERROR;
186 6750
    if (strm == Z_NULL) return Z_STREAM_ERROR;
187 6750
    strm->msg = Z_NULL;                 /* in case we return an error */
188 6750
    if (strm->zalloc == (alloc_func)0) {
189
#ifdef Z_SOLO
190
        return Z_STREAM_ERROR;
191
#else
192 6750
        strm->zalloc = zcalloc;
193 6750
        strm->opaque = (voidpf)0;
194
#endif
195 6750
    }
196 6750
    if (strm->zfree == (free_func)0)
197
#ifdef Z_SOLO
198
        return Z_STREAM_ERROR;
199
#else
200 6750
        strm->zfree = zcfree;
201
#endif
202 6750
    state = (struct inflate_state FAR *)
203 6750
            ZALLOC(strm, 1, sizeof(struct inflate_state));
204 6750
    if (state == Z_NULL) return Z_MEM_ERROR;
205
    Tracev((stderr, "inflate: allocated\n"));
206 6750
    strm->state = (struct internal_state FAR *)state;
207 6750
    state->strm = strm;
208 6750
    state->window = Z_NULL;
209 6750
    state->mode = HEAD;     /* to pass state test in inflateReset2() */
210 6750
    ret = inflateReset2(strm, windowBits);
211 6750
    if (ret != Z_OK) {
212 0
        ZFREE(strm, state);
213 0
        strm->state = Z_NULL;
214 0
    }
215 6750
    return ret;
216 6750
}
217
218
#ifdef NOVGZ
219
220
int ZEXPORT inflateInit_(z_streamp strm, const char *version,
221
                         int stream_size) {
222
    return inflateInit2_(strm, DEF_WBITS, version, stream_size);
223
}
224
225
int ZEXPORT inflatePrime(z_streamp strm, int bits, int value) {
226
    struct inflate_state FAR *state;
227
228
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
229
    if (bits == 0)
230
        return Z_OK;
231
    state = (struct inflate_state FAR *)strm->state;
232
    if (bits < 0) {
233
        state->hold = 0;
234
        state->bits = 0;
235
        return Z_OK;
236
    }
237
    if (bits > 16 || state->bits + (uInt)bits > 32) return Z_STREAM_ERROR;
238
    value &= (1L << bits) - 1;
239
    state->hold += (unsigned)value << state->bits;
240
    state->bits += (uInt)bits;
241
    return Z_OK;
242
}
243
244
#endif /* NOVGZ */
245
246
/*
247
   Return state with length and distance decoding tables and index sizes set to
248
   fixed code decoding.  Normally this returns fixed tables from inffixed.h.
249
   If BUILDFIXED is defined, then instead this routine builds the tables the
250
   first time it's called, and returns those tables the first time and
251
   thereafter.  This reduces the size of the code by about 2K bytes, in
252
   exchange for a little execution time.  However, BUILDFIXED should not be
253
   used for threaded applications, since the rewriting of the tables and virgin
254
   may not be thread-safe.
255
 */
256 10500
local void fixedtables(struct inflate_state FAR *state) {
257
#ifdef BUILDFIXED
258
    static int virgin = 1;
259
    static code *lenfix, *distfix;
260
    static code fixed[544];
261
262
    /* build fixed huffman tables if first call (may not be thread safe) */
263
    if (virgin) {
264
        unsigned sym, bits;
265
        static code *next;
266
267
        /* literal/length table */
268
        sym = 0;
269
        while (sym < 144) state->lens[sym++] = 8;
270
        while (sym < 256) state->lens[sym++] = 9;
271
        while (sym < 280) state->lens[sym++] = 7;
272
        while (sym < 288) state->lens[sym++] = 8;
273
        next = fixed;
274
        lenfix = next;
275
        bits = 9;
276
        inflate_table(LENS, state->lens, 288, &(next), &(bits), state->work);
277
278
        /* distance table */
279
        sym = 0;
280
        while (sym < 32) state->lens[sym++] = 5;
281
        distfix = next;
282
        bits = 5;
283
        inflate_table(DISTS, state->lens, 32, &(next), &(bits), state->work);
284
285
        /* do this just once */
286
        virgin = 0;
287
    }
288
#else /* !BUILDFIXED */
289
#   include "inffixed.h"
290
#endif /* BUILDFIXED */
291 10500
    state->lencode = lenfix;
292 10500
    state->lenbits = 9;
293 10500
    state->distcode = distfix;
294 10500
    state->distbits = 5;
295 10500
}
296
297
#ifdef MAKEFIXED
298
#include <stdio.h>
299
300
/*
301
   Write out the inffixed.h that is #include'd above.  Defining MAKEFIXED also
302
   defines BUILDFIXED, so the tables are built on the fly.  makefixed() writes
303
   those tables to stdout, which would be piped to inffixed.h.  A small program
304
   can simply call makefixed to do this:
305
306
    void makefixed(void);
307
308
    int main(void)
309
    {
310
        makefixed();
311
        return 0;
312
    }
313
314
   Then that can be linked with zlib built with MAKEFIXED defined and run:
315
316
    a.out > inffixed.h
317
 */
318
void makefixed(void)
319
{
320
    unsigned low, size;
321
    struct inflate_state state;
322
323
    fixedtables(&state);
324
    puts("    /* inffixed.h -- table for decoding fixed codes");
325
    puts("     * Generated automatically by makefixed().");
326
    puts("     */");
327
    puts("");
328
    puts("    /* WARNING: this file should *not* be used by applications.");
329
    puts("       It is part of the implementation of this library and is");
330
    puts("       subject to change. Applications should only use zlib.h.");
331
    puts("     */");
332
    puts("");
333
    size = 1U << 9;
334
    printf("    static const code lenfix[%u] = {", size);
335
    low = 0;
336
    for (;;) {
337
        if ((low % 7) == 0) printf("\n        ");
338
        printf("{%u,%u,%d}", (low & 127) == 99 ? 64 : state.lencode[low].op,
339
               state.lencode[low].bits, state.lencode[low].val);
340
        if (++low == size) break;
341
        putchar(',');
342
    }
343
    puts("\n    };");
344
    size = 1U << 5;
345
    printf("\n    static const code distfix[%u] = {", size);
346
    low = 0;
347
    for (;;) {
348
        if ((low % 6) == 0) printf("\n        ");
349
        printf("{%u,%u,%d}", state.distcode[low].op, state.distcode[low].bits,
350
               state.distcode[low].val);
351
        if (++low == size) break;
352
        putchar(',');
353
    }
354
    puts("\n    };");
355
}
356
#endif /* MAKEFIXED */
357
358
/*
359
   Update the window with the last wsize (normally 32K) bytes written before
360
   returning.  If window does not exist yet, create it.  This is only called
361
   when a window is already in use, or when output has been written during this
362
   inflate call, but the end of the deflate stream has not been reached yet.
363
   It is also called to create a window for dictionary data when a dictionary
364
   is loaded.
365
366
   Providing output buffers larger than 32K to inflate() should provide a speed
367
   advantage, since only the last 32K of output is copied to the sliding window
368
   upon return from inflate(), and since all distances after the first 32K of
369
   output will fall in the output data, making match copies simpler and faster.
370
   The advantage may be dependent on the size of the processor's data caches.
371
 */
372 15602
local int updatewindow(z_streamp strm, const Bytef *end, unsigned copy) {
373
    struct inflate_state FAR *state;
374
    unsigned dist;
375
376 15602
    state = (struct inflate_state FAR *)strm->state;
377
378
    /* if it hasn't been done already, allocate space for the window */
379 15602
    if (state->window == Z_NULL) {
380 1679
        state->window = (unsigned char FAR *)
381 1679
                        ZALLOC(strm, 1U << state->wbits,
382
                               sizeof(unsigned char));
383 1679
        if (state->window == Z_NULL) return 1;
384 1679
    }
385
386
    /* if window not in use yet, initialize */
387 15602
    if (state->wsize == 0) {
388 1679
        state->wsize = 1U << state->wbits;
389 1679
        state->wnext = 0;
390 1679
        state->whave = 0;
391 1679
    }
392
393
    /* copy state->wsize or less output bytes into the circular window */
394 15602
    if (copy >= state->wsize) {
395 0
        zmemcpy(state->window, end - state->wsize, state->wsize);
396 0
        state->wnext = 0;
397 0
        state->whave = state->wsize;
398 0
    }
399
    else {
400 15602
        dist = state->wsize - state->wnext;
401 15602
        if (dist > copy) dist = copy;
402 15602
        zmemcpy(state->window + state->wnext, end - copy, dist);
403 15602
        copy -= dist;
404 15602
        if (copy) {
405 0
            zmemcpy(state->window, end - copy, copy);
406 0
            state->wnext = copy;
407 0
            state->whave = state->wsize;
408 0
        }
409
        else {
410 15602
            state->wnext += dist;
411 15602
            if (state->wnext == state->wsize) state->wnext = 0;
412 15602
            if (state->whave < state->wsize) state->whave += dist;
413
        }
414
    }
415 15602
    return 0;
416 15602
}
417
418
/* Macros for inflate(): */
419
420
/* check function to use adler32() for zlib or crc32() for gzip */
421
#ifdef GUNZIP
422
#  define UPDATE_CHECK(check, buf, len) \
423
    (state->flags ? crc32(check, buf, len) : adler32(check, buf, len))
424
#else
425
#  define UPDATE_CHECK(check, buf, len) adler32(check, buf, len)
426
#endif
427
428
/* check macros for header crc */
429
#ifdef GUNZIP
430
#  define CRC2(check, word) \
431
    do { \
432
        hbuf[0] = (unsigned char)(word); \
433
        hbuf[1] = (unsigned char)((word) >> 8); \
434
        check = crc32(check, hbuf, 2); \
435
    } while (0)
436
437
#  define CRC4(check, word) \
438
    do { \
439
        hbuf[0] = (unsigned char)(word); \
440
        hbuf[1] = (unsigned char)((word) >> 8); \
441
        hbuf[2] = (unsigned char)((word) >> 16); \
442
        hbuf[3] = (unsigned char)((word) >> 24); \
443
        check = crc32(check, hbuf, 4); \
444
    } while (0)
445
#endif
446
447
/* Load registers with state in inflate() for speed */
448
#define LOAD() \
449
    do { \
450
        put = strm->next_out; \
451
        left = strm->avail_out; \
452
        next = strm->next_in; \
453
        have = strm->avail_in; \
454
        hold = state->hold; \
455
        bits = state->bits; \
456
    } while (0)
457
458
/* Restore state from registers in inflate() */
459
#define RESTORE() \
460
    do { \
461
        strm->next_out = put; \
462
        strm->avail_out = left; \
463
        strm->next_in = next; \
464
        strm->avail_in = have; \
465
        state->hold = hold; \
466
        state->bits = bits; \
467
    } while (0)
468
469
/* Clear the input bit accumulator */
470
#define INITBITS() \
471
    do { \
472
        hold = 0; \
473
        bits = 0; \
474
    } while (0)
475
476
/* Get a byte of input into the bit accumulator, or return from inflate()
477
   if there is no input available. */
478
#define PULLBYTE() \
479
    do { \
480
        if (have == 0) goto inf_leave; \
481
        have--; \
482
        hold += (unsigned long)(*next++) << bits; \
483
        bits += 8; \
484
    } while (0)
485
486
/* Assure that there are at least n bits in the bit accumulator.  If there is
487
   not enough available input to do that, then return from inflate(). */
488
#define NEEDBITS(n) \
489
    do { \
490
        while (bits < (unsigned)(n)) \
491
            PULLBYTE(); \
492
    } while (0)
493
494
/* Return the low n bits of the bit accumulator (n < 16) */
495
#define BITS(n) \
496
    ((unsigned)hold & ((1U << (n)) - 1))
497
498
/* Remove n bits from the bit accumulator */
499
#define DROPBITS(n) \
500
    do { \
501
        hold >>= (n); \
502
        bits -= (unsigned)(n); \
503
    } while (0)
504
505
/* Remove zero to seven bits as needed to go to a byte boundary */
506
#define BYTEBITS() \
507
    do { \
508
        hold >>= bits & 7; \
509
        bits -= bits & 7; \
510
    } while (0)
511
512
/*
513
   inflate() uses a state machine to process as much input data and generate as
514
   much output data as possible before returning.  The state machine is
515
   structured roughly as follows:
516
517
    for (;;) switch (state) {
518
    ...
519
    case STATEn:
520
        if (not enough input data or output space to make progress)
521
            return;
522
        ... make progress ...
523
        state = STATEm;
524
        break;
525
    ...
526
    }
527
528
   so when inflate() is called again, the same case is attempted again, and
529
   if the appropriate resources are provided, the machine proceeds to the
530
   next state.  The NEEDBITS() macro is usually the way the state evaluates
531
   whether it can proceed or should return.  NEEDBITS() does the return if
532
   the requested bits are not available.  The typical use of the BITS macros
533
   is:
534
535
        NEEDBITS(n);
536
        ... do something with BITS(n) ...
537
        DROPBITS(n);
538
539
   where NEEDBITS(n) either returns from inflate() if there isn't enough
540
   input left to load n bits into the accumulator, or it continues.  BITS(n)
541
   gives the low n bits in the accumulator.  When done, DROPBITS(n) drops
542
   the low n bits off the accumulator.  INITBITS() clears the accumulator
543
   and sets the number of available bits to zero.  BYTEBITS() discards just
544
   enough bits to put the accumulator on a byte boundary.  After BYTEBITS()
545
   and a NEEDBITS(8), then BITS(8) would return the next byte in the stream.
546
547
   NEEDBITS(n) uses PULLBYTE() to get an available byte of input, or to return
548
   if there is no input available.  The decoding of variable length codes uses
549
   PULLBYTE() directly in order to pull just enough bytes to decode the next
550
   code, and no more.
551
552
   Some states loop until they get enough input, making sure that enough
553
   state information is maintained to continue the loop where it left off
554
   if NEEDBITS() returns in the loop.  For example, want, need, and keep
555
   would all have to actually be part of the saved state in case NEEDBITS()
556
   returns:
557
558
    case STATEw:
559
        while (want < need) {
560
            NEEDBITS(n);
561
            keep[want++] = BITS(n);
562
            DROPBITS(n);
563
        }
564
        state = STATEx;
565
    case STATEx:
566
567
   As shown above, if the next state is also the next case, then the break
568
   is omitted.
569
570
   A state may also return if there is not enough output space available to
571
   complete that state.  Those states are copying stored data, writing a
572
   literal byte, and copying a matching string.
573
574
   When returning, a "goto inf_leave" is used to update the total counters,
575
   update the check value, and determine whether any progress has been made
576
   during that inflate() call in order to return the proper return code.
577
   Progress is defined as a change in either strm->avail_in or strm->avail_out.
578
   When there is a window, goto inf_leave will update the window with the last
579
   output written.  If a goto inf_leave occurs in the middle of decompression
580
   and there is no window currently, goto inf_leave will create one and copy
581
   output to the window for the next call of inflate().
582
583
   In this implementation, the flush parameter of inflate() only affects the
584
   return code (per zlib.h).  inflate() always writes as much as possible to
585
   strm->next_out, given the space available and the provided input--the effect
586
   documented in zlib.h of Z_SYNC_FLUSH.  Furthermore, inflate() always defers
587
   the allocation of and copying into a sliding window until necessary, which
588
   provides the effect documented in zlib.h for Z_FINISH when the entire input
589
   stream available.  So the only thing the flush parameter actually does is:
590
   when flush is set to Z_FINISH, inflate() cannot return Z_OK.  Instead it
591
   will return Z_BUF_ERROR if it has not reached the end of the stream.
592
 */
593
594 21648
int ZEXPORT inflate(z_streamp strm, int flush) {
595
    struct inflate_state FAR *state;
596
    z_const unsigned char FAR *next;    /* next input */
597
    unsigned char FAR *put;     /* next output */
598
    unsigned have, left;        /* available input and output */
599
    unsigned long hold;         /* bit buffer */
600
    unsigned bits;              /* bits in bit buffer */
601
    unsigned in, out;           /* save starting available input and output */
602
    unsigned copy;              /* number of stored or match bytes to copy */
603
    unsigned char FAR *from;    /* where to copy match bytes from */
604
    code here;                  /* current decoding table entry */
605
    code last;                  /* parent table entry */
606
    unsigned len;               /* length to copy for repeats, bits to drop */
607
    int ret;                    /* return code */
608
#ifdef GUNZIP
609
    unsigned char hbuf[4];      /* buffer for gzip header crc calculation */
610
#endif
611
    static const unsigned short order[19] = /* permutation of code lengths */
612
        {16, 17, 18, 0, 8, 7, 9, 6, 10, 5, 11, 4, 12, 3, 13, 2, 14, 1, 15};
613
614 21648
    if (inflateStateCheck(strm) || strm->next_out == Z_NULL ||
615 21648
        (strm->next_in == Z_NULL && strm->avail_in != 0))
616 0
        return Z_STREAM_ERROR;
617
618 21648
    state = (struct inflate_state FAR *)strm->state;
619 21648
    if (state->mode == TYPE) state->mode = TYPEDO;      /* skip check */
620 21648
    LOAD();
621 21648
    in = have;
622 21648
    out = left;
623 21648
    ret = Z_OK;
624 156532
    for (;;)
625 156532
        switch (state->mode) {
626
        case HEAD:
627 5400
            if (state->wrap == 0) {
628 0
                state->mode = TYPEDO;
629 0
                break;
630
            }
631 16200
            NEEDBITS(16);
632
#ifdef GUNZIP
633 5400
            if ((state->wrap & 2) && hold == 0x8b1f) {  /* gzip header */
634 5400
                if (state->wbits == 0)
635 0
                    state->wbits = 15;
636 5400
                state->check = crc32(0L, Z_NULL, 0);
637 5400
                CRC2(state->check, hold);
638 5400
                INITBITS();
639 5400
                state->mode = FLAGS;
640 5400
                break;
641
            }
642 0
            if (state->head != Z_NULL)
643 0
                state->head->done = -1;
644 0
            if (!(state->wrap & 1) ||   /* check if zlib header allowed */
645
#else
646
            if (
647
#endif
648 0
                ((BITS(8) << 8) + (hold >> 8)) % 31) {
649 0
                strm->msg = "incorrect header check";
650 0
                state->mode = BAD;
651 0
                break;
652
            }
653 0
            if (BITS(4) != Z_DEFLATED) {
654 0
                strm->msg = "unknown compression method";
655 0
                state->mode = BAD;
656 0
                break;
657
            }
658 0
            DROPBITS(4);
659 0
            len = BITS(4) + 8;
660 0
            if (state->wbits == 0)
661 0
                state->wbits = len;
662 0
            if (len > 15 || len > state->wbits) {
663 0
                strm->msg = "invalid window size";
664 0
                state->mode = BAD;
665 0
                break;
666
            }
667 0
            state->dmax = 1U << len;
668 0
            state->flags = 0;               /* indicate zlib header */
669
            Tracev((stderr, "inflate:   zlib header ok\n"));
670 0
            strm->adler = state->check = adler32(0L, Z_NULL, 0);
671 0
            state->mode = hold & 0x200 ? DICTID : TYPE;
672 0
            INITBITS();
673 0
            break;
674
#ifdef GUNZIP
675
        case FLAGS:
676 16250
            NEEDBITS(16);
677 5400
            state->flags = (int)(hold);
678 5400
            if ((state->flags & 0xff) != Z_DEFLATED) {
679 0
                strm->msg = "unknown compression method";
680 0
                state->mode = BAD;
681 0
                break;
682
            }
683 5400
            if (state->flags & 0xe000) {
684 0
                strm->msg = "unknown header flags set";
685 0
                state->mode = BAD;
686 0
                break;
687
            }
688 5400
            if (state->head != Z_NULL)
689 0
                state->head->text = (int)((hold >> 8) & 1);
690 5400
            if ((state->flags & 0x0200) && (state->wrap & 4))
691 50
                CRC2(state->check, hold);
692 5400
            INITBITS();
693 5400
            state->mode = TIME;
694
                /* fallthrough */
695
        case TIME:
696 27000
            NEEDBITS(32);
697 5400
            if (state->head != Z_NULL)
698 0
                state->head->time = hold;
699 5400
            if ((state->flags & 0x0200) && (state->wrap & 4))
700 50
                CRC4(state->check, hold);
701 5400
            INITBITS();
702 5400
            state->mode = OS;
703
                /* fallthrough */
704
        case OS:
705 16200
            NEEDBITS(16);
706 5400
            if (state->head != Z_NULL) {
707 0
                state->head->xflags = (int)(hold & 0xff);
708 0
                state->head->os = (int)(hold >> 8);
709 0
            }
710 5400
            if ((state->flags & 0x0200) && (state->wrap & 4))
711 50
                CRC2(state->check, hold);
712 5400
            INITBITS();
713 5400
            state->mode = EXLEN;
714
                /* fallthrough */
715
        case EXLEN:
716 5400
            if (state->flags & 0x0400) {
717 150
                NEEDBITS(16);
718 50
                state->length = (unsigned)(hold);
719 50
                if (state->head != Z_NULL)
720 0
                    state->head->extra_len = (unsigned)hold;
721 50
                if ((state->flags & 0x0200) && (state->wrap & 4))
722 50
                    CRC2(state->check, hold);
723 50
                INITBITS();
724 50
            }
725 5350
            else if (state->head != Z_NULL)
726 0
                state->head->extra = Z_NULL;
727 5400
            state->mode = EXTRA;
728
                /* fallthrough */
729
        case EXTRA:
730 5400
            if (state->flags & 0x0400) {
731 50
                copy = state->length;
732 50
                if (copy > have) copy = have;
733 50
                if (copy) {
734 50
                    if (state->head != Z_NULL &&
735 0
                        state->head->extra != Z_NULL &&
736 0
                        (len = state->head->extra_len - state->length) <
737 0
                            state->head->extra_max) {
738 0
                        zmemcpy(state->head->extra + len, next,
739 0
                                len + copy > state->head->extra_max ?
740 0
                                state->head->extra_max - len : copy);
741 0
                    }
742 50
                    if ((state->flags & 0x0200) && (state->wrap & 4))
743 50
                        state->check = crc32(state->check, next, copy);
744 50
                    have -= copy;
745 50
                    next += copy;
746 50
                    state->length -= copy;
747 50
                }
748 50
                if (state->length) goto inf_leave;
749 50
            }
750 5400
            state->length = 0;
751 5400
            state->mode = NAME;
752
                /* fallthrough */
753
        case NAME:
754 5400
            if (state->flags & 0x0800) {
755 175
                if (have == 0) goto inf_leave;
756 175
                copy = 0;
757 175
                do {
758 550
                    len = (unsigned)(next[copy++]);
759 550
                    if (state->head != Z_NULL &&
760 0
                            state->head->name != Z_NULL &&
761 0
                            state->length < state->head->name_max)
762 0
                        state->head->name[state->length++] = (Bytef)len;
763 550
                } while (len && copy < have);
764 175
                if ((state->flags & 0x0200) && (state->wrap & 4))
765 50
                    state->check = crc32(state->check, next, copy);
766 175
                have -= copy;
767 175
                next += copy;
768 175
                if (len) goto inf_leave;
769 175
            }
770 5225
            else if (state->head != Z_NULL)
771 0
                state->head->name = Z_NULL;
772 5400
            state->length = 0;
773 5400
            state->mode = COMMENT;
774
                /* fallthrough */
775
        case COMMENT:
776 5400
            if (state->flags & 0x1000) {
777 50
                if (have == 0) goto inf_leave;
778 50
                copy = 0;
779 50
                do {
780 450
                    len = (unsigned)(next[copy++]);
781 450
                    if (state->head != Z_NULL &&
782 0
                            state->head->comment != Z_NULL &&
783 0
                            state->length < state->head->comm_max)
784 0
                        state->head->comment[state->length++] = (Bytef)len;
785 450
                } while (len && copy < have);
786 50
                if ((state->flags & 0x0200) && (state->wrap & 4))
787 50
                    state->check = crc32(state->check, next, copy);
788 50
                have -= copy;
789 50
                next += copy;
790 50
                if (len) goto inf_leave;
791 50
            }
792 5350
            else if (state->head != Z_NULL)
793 0
                state->head->comment = Z_NULL;
794 5400
            state->mode = HCRC;
795
                /* fallthrough */
796
        case HCRC:
797 5400
            if (state->flags & 0x0200) {
798 150
                NEEDBITS(16);
799 50
                if ((state->wrap & 4) && hold != (state->check & 0xffff)) {
800 0
                    strm->msg = "header crc mismatch";
801 0
                    state->mode = BAD;
802 0
                    break;
803
                }
804 50
                INITBITS();
805 50
            }
806 5400
            if (state->head != Z_NULL) {
807 0
                state->head->hcrc = (int)((state->flags >> 9) & 1);
808 0
                state->head->done = 1;
809 0
            }
810 5400
            strm->adler = state->check = crc32(0L, Z_NULL, 0);
811 5400
            state->mode = TYPE;
812 5400
            break;
813
#endif
814
        case DICTID:
815 0
            NEEDBITS(32);
816 0
            strm->adler = state->check = ZSWAP32(hold);
817 0
            INITBITS();
818 0
            state->mode = DICT;
819
                /* fallthrough */
820
        case DICT:
821 0
            if (state->havedict == 0) {
822 0
                RESTORE();
823 0
                return Z_NEED_DICT;
824
            }
825 0
            strm->adler = state->check = adler32(0L, Z_NULL, 0);
826 0
            state->mode = TYPE;
827
                /* fallthrough */
828
        case TYPE:
829 27175
            if (flush == Z_BLOCK || flush == Z_TREES) goto inf_leave;
830
                /* fallthrough */
831
        case TYPEDO:
832 30550
            if (strm->start_bit == 0)
833 5400
                strm->start_bit = 8 * (strm->total_in + in - have) - bits;
834 30550
            if (state->last) {
835 5250
                strm->stop_bit = 8 * (strm->total_in + in - have) - bits;
836 5250
                BYTEBITS();
837 5250
                state->mode = CHECK;
838 5250
                break;
839
            }
840 41241
            NEEDBITS(3);
841 21925
            state->last = BITS(1);
842 21925
            if (state->last)
843 5400
                strm->last_bit = 8 * (strm->total_in + in - have) - bits;
844 21925
            DROPBITS(1);
845 21925
            switch (BITS(2)) {
846
            case 0:                             /* stored block */
847
                Tracev((stderr, "inflate:     stored block%s\n",
848
                        state->last ? " (last)" : ""));
849 11225
                state->mode = STORED;
850 11225
                break;
851
            case 1:                             /* fixed block */
852 10500
                fixedtables(state);
853
                Tracev((stderr, "inflate:     fixed codes block%s\n",
854
                        state->last ? " (last)" : ""));
855 10500
                state->mode = LEN_;             /* decode codes */
856 10500
                if (flush == Z_TREES) {
857 0
                    DROPBITS(2);
858 0
                    goto inf_leave;
859
                }
860 10500
                break;
861
            case 2:                             /* dynamic block */
862
                Tracev((stderr, "inflate:     dynamic codes block%s\n",
863
                        state->last ? " (last)" : ""));
864 200
                state->mode = TABLE;
865 200
                break;
866
            case 3:
867 0
                strm->msg = "invalid block type";
868 0
                state->mode = BAD;
869 0
            }
870 21925
            DROPBITS(2);
871 21925
            break;
872
        case STORED:
873 11375
            BYTEBITS();                         /* go to byte boundary */
874 56275
            NEEDBITS(32);
875 11225
            if ((hold & 0xffff) != ((hold >> 16) ^ 0xffff)) {
876 0
                strm->msg = "invalid stored block lengths";
877 0
                state->mode = BAD;
878 0
                break;
879
            }
880 11225
            state->length = (unsigned)hold & 0xffff;
881
            Tracev((stderr, "inflate:       stored length %u\n",
882
                    state->length));
883 11225
            INITBITS();
884 11225
            state->mode = COPY_;
885 11225
            if (flush == Z_TREES) goto inf_leave;
886
                /* fallthrough */
887
        case COPY_:
888 11225
            state->mode = COPY;
889
                /* fallthrough */
890
        case COPY:
891 33013
            copy = state->length;
892 33013
            if (copy) {
893 21788
                if (copy > have) copy = have;
894 21788
                if (copy > left) copy = left;
895 21788
                if (copy == 0) goto inf_leave;
896 12844
                zmemcpy(put, next, copy);
897 12844
                have -= copy;
898 12844
                next += copy;
899 12844
                left -= copy;
900 12844
                put += copy;
901 12844
                state->length -= copy;
902 12844
                break;
903
            }
904
            Tracev((stderr, "inflate:       stored end\n"));
905 11225
            state->mode = TYPE;
906 11225
            break;
907
        case TABLE:
908 600
            NEEDBITS(14);
909 200
            state->nlen = BITS(5) + 257;
910 200
            DROPBITS(5);
911 200
            state->ndist = BITS(5) + 1;
912 200
            DROPBITS(5);
913 200
            state->ncode = BITS(4) + 4;
914 200
            DROPBITS(4);
915
#ifndef PKZIP_BUG_WORKAROUND
916 200
            if (state->nlen > 286 || state->ndist > 30) {
917 0
                strm->msg = "too many length or distance symbols";
918 0
                state->mode = BAD;
919 0
                break;
920
            }
921
#endif
922
            Tracev((stderr, "inflate:       table sizes ok\n"));
923 200
            state->have = 0;
924 200
            state->mode = LENLENS;
925
                /* fallthrough */
926
        case LENLENS:
927 3500
            while (state->have < state->ncode) {
928 4500
                NEEDBITS(3);
929 3300
                state->lens[order[state->have++]] = (unsigned short)BITS(3);
930 3300
                DROPBITS(3);
931
            }
932 700
            while (state->have < 19)
933 500
                state->lens[order[state->have++]] = 0;
934 200
            state->next = state->codes;
935 200
            state->lencode = (const code FAR *)(state->next);
936 200
            state->lenbits = 7;
937 400
            ret = inflate_table(CODES, state->lens, 19, &(state->next),
938 200
                                &(state->lenbits), state->work);
939 200
            if (ret) {
940 0
                strm->msg = "invalid code lengths set";
941 0
                state->mode = BAD;
942 0
                break;
943
            }
944
            Tracev((stderr, "inflate:       code lengths ok\n"));
945 200
            state->have = 0;
946 200
            state->mode = CODELENS;
947
                /* fallthrough */
948
        case CODELENS:
949 15050
            while (state->have < state->nlen + state->ndist) {
950 20575
                for (;;) {
951 20575
                    here = state->lencode[BITS(state->lenbits)];
952 20575
                    if ((unsigned)(here.bits) <= bits) break;
953 5725
                    PULLBYTE();
954
                }
955 14850
                if (here.val < 16) {
956 12875
                    DROPBITS(here.bits);
957 12875
                    state->lens[state->have++] = here.val;
958 12875
                }
959
                else {
960 1975
                    if (here.val == 16) {
961 325
                        NEEDBITS(here.bits + 2);
962 300
                        DROPBITS(here.bits);
963 300
                        if (state->have == 0) {
964 0
                            strm->msg = "invalid bit length repeat";
965 0
                            state->mode = BAD;
966 0
                            break;
967
                        }
968 300
                        len = state->lens[state->have - 1];
969 300
                        copy = 3 + BITS(2);
970 300
                        DROPBITS(2);
971 300
                    }
972 1675
                    else if (here.val == 17) {
973 1125
                        NEEDBITS(here.bits + 3);
974 875
                        DROPBITS(here.bits);
975 875
                        len = 0;
976 875
                        copy = 3 + BITS(3);
977 875
                        DROPBITS(3);
978 875
                    }
979
                    else {
980 1425
                        NEEDBITS(here.bits + 7);
981 800
                        DROPBITS(here.bits);
982 800
                        len = 0;
983 800
                        copy = 11 + BITS(7);
984 800
                        DROPBITS(7);
985
                    }
986 1975
                    if (state->have + copy > state->nlen + state->ndist) {
987 0
                        strm->msg = "invalid bit length repeat";
988 0
                        state->mode = BAD;
989 0
                        break;
990
                    }
991 45975
                    while (copy--)
992 44000
                        state->lens[state->have++] = (unsigned short)len;
993
                }
994
            }
995
996
            /* handle error breaks in while */
997 200
            if (state->mode == BAD) break;
998
999
            /* check for end-of-block code (better have one) */
1000 200
            if (state->lens[256] == 0) {
1001 0
                strm->msg = "invalid code -- missing end-of-block";
1002 0
                state->mode = BAD;
1003 0
                break;
1004
            }
1005
1006
            /* build code tables -- note: do not change the lenbits or distbits
1007
               values here (9 and 6) without reading the comments in inftrees.h
1008
               concerning the ENOUGH constants, which depend on those values */
1009 200
            state->next = state->codes;
1010 200
            state->lencode = (const code FAR *)(state->next);
1011 200
            state->lenbits = 9;
1012 400
            ret = inflate_table(LENS, state->lens, state->nlen, &(state->next),
1013 200
                                &(state->lenbits), state->work);
1014 200
            if (ret) {
1015 0
                strm->msg = "invalid literal/lengths set";
1016 0
                state->mode = BAD;
1017 0
                break;
1018
            }
1019 200
            state->distcode = (const code FAR *)(state->next);
1020 200
            state->distbits = 6;
1021 400
            ret = inflate_table(DISTS, state->lens + state->nlen, state->ndist,
1022 200
                            &(state->next), &(state->distbits), state->work);
1023 200
            if (ret) {
1024 0
                strm->msg = "invalid distances set";
1025 0
                state->mode = BAD;
1026 0
                break;
1027
            }
1028
            Tracev((stderr, "inflate:       codes ok\n"));
1029 200
            state->mode = LEN_;
1030 200
            if (flush == Z_TREES) goto inf_leave;
1031
                /* fallthrough */
1032
        case LEN_:
1033 10700
            state->mode = LEN;
1034
                /* fallthrough */
1035
        case LEN:
1036 45652
            if (have >= 6 && left >= 258) {
1037 12115
                RESTORE();
1038 12115
                inflate_fast(strm, out);
1039 12115
                LOAD();
1040 12115
                if (state->mode == TYPE)
1041 6574
                    state->back = -1;
1042 12115
                break;
1043
            }
1044 33537
            state->back = 0;
1045 65528
            for (;;) {
1046 65528
                here = state->lencode[BITS(state->lenbits)];
1047 65528
                if ((unsigned)(here.bits) <= bits) break;
1048 32945
                PULLBYTE();
1049
            }
1050 32583
            if (here.op && (here.op & 0xf0) == 0) {
1051 0
                last = here;
1052 0
                for (;;) {
1053 0
                    here = state->lencode[last.val +
1054 0
                            (BITS(last.bits + last.op) >> last.bits)];
1055 0
                    if ((unsigned)(last.bits + here.bits) <= bits) break;
1056 0
                    PULLBYTE();
1057
                }
1058 0
                DROPBITS(last.bits);
1059 0
                state->back += last.bits;
1060 0
            }
1061 32583
            DROPBITS(here.bits);
1062 32583
            state->back += here.bits;
1063 32583
            state->length = (unsigned)here.val;
1064 32583
            if ((int)(here.op) == 0) {
1065
                Tracevv((stderr, here.val >= 0x20 && here.val < 0x7f ?
1066
                        "inflate:         literal '%c'\n" :
1067
                        "inflate:         literal 0x%02x\n", here.val));
1068 28192
                state->mode = LIT;
1069 28192
                break;
1070
            }
1071 4391
            if (here.op & 32) {
1072
                Tracevv((stderr, "inflate:         end of block\n"));
1073 3976
                state->back = -1;
1074 3976
                state->mode = TYPE;
1075 3976
                break;
1076
            }
1077 415
            if (here.op & 64) {
1078 0
                strm->msg = "invalid literal/length code";
1079 0
                state->mode = BAD;
1080 0
                break;
1081
            }
1082 415
            state->extra = (unsigned)(here.op) & 15;
1083 415
            state->mode = LENEXT;
1084
                /* fallthrough */
1085
        case LENEXT:
1086 415
            if (state->extra) {
1087 50
                NEEDBITS(state->extra);
1088 50
                state->length += BITS(state->extra);
1089 50
                DROPBITS(state->extra);
1090 50
                state->back += state->extra;
1091 50
            }
1092
            Tracevv((stderr, "inflate:         length %u\n", state->length));
1093 415
            state->was = state->length;
1094 415
            state->mode = DIST;
1095
                /* fallthrough */
1096
        case DIST:
1097 539
            for (;;) {
1098 539
                here = state->distcode[BITS(state->distbits)];
1099 539
                if ((unsigned)(here.bits) <= bits) break;
1100 124
                PULLBYTE();
1101
            }
1102 415
            if ((here.op & 0xf0) == 0) {
1103 0
                last = here;
1104 0
                for (;;) {
1105 0
                    here = state->distcode[last.val +
1106 0
                            (BITS(last.bits + last.op) >> last.bits)];
1107 0
                    if ((unsigned)(last.bits + here.bits) <= bits) break;
1108 0
                    PULLBYTE();
1109
                }
1110 0
                DROPBITS(last.bits);
1111 0
                state->back += last.bits;
1112 0
            }
1113 415
            DROPBITS(here.bits);
1114 415
            state->back += here.bits;
1115 415
            if (here.op & 64) {
1116 0
                strm->msg = "invalid distance code";
1117 0
                state->mode = BAD;
1118 0
                break;
1119
            }
1120 415
            state->offset = (unsigned)here.val;
1121 415
            state->extra = (unsigned)(here.op) & 15;
1122 415
            state->mode = DISTEXT;
1123
                /* fallthrough */
1124
        case DISTEXT:
1125 415
            if (state->extra) {
1126 483
                NEEDBITS(state->extra);
1127 315
                state->offset += BITS(state->extra);
1128 315
                DROPBITS(state->extra);
1129 315
                state->back += state->extra;
1130 315
            }
1131
#ifdef INFLATE_STRICT
1132
            if (state->offset > state->dmax) {
1133
                strm->msg = "invalid distance too far back";
1134
                state->mode = BAD;
1135
                break;
1136
            }
1137
#endif
1138
            Tracevv((stderr, "inflate:         distance %u\n", state->offset));
1139 365
            state->mode = MATCH;
1140
                /* fallthrough */
1141
        case MATCH:
1142 365
            if (left == 0) goto inf_leave;
1143 365
            copy = out - left;
1144 365
            if (state->offset > copy) {         /* copy from window */
1145 50
                copy = state->offset - copy;
1146 50
                if (copy > state->whave) {
1147 0
                    if (state->sane) {
1148 0
                        strm->msg = "invalid distance too far back";
1149 0
                        state->mode = BAD;
1150 0
                        break;
1151
                    }
1152
#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
1153
                    Trace((stderr, "inflate.c too far\n"));
1154
                    copy -= state->whave;
1155
                    if (copy > state->length) copy = state->length;
1156
                    if (copy > left) copy = left;
1157
                    left -= copy;
1158
                    state->length -= copy;
1159
                    do {
1160
                        *put++ = 0;
1161
                    } while (--copy);
1162
                    if (state->length == 0) state->mode = LEN;
1163
                    break;
1164
#endif
1165 0
                }
1166 50
                if (copy > state->wnext) {
1167 0
                    copy -= state->wnext;
1168 0
                    from = state->window + (state->wsize - copy);
1169 0
                }
1170
                else
1171 50
                    from = state->window + (state->wnext - copy);
1172 50
                if (copy > state->length) copy = state->length;
1173 50
            }
1174
            else {                              /* copy from output */
1175 315
                from = put - state->offset;
1176 315
                copy = state->length;
1177
            }
1178 365
            if (copy > left) copy = left;
1179 365
            left -= copy;
1180 365
            state->length -= copy;
1181 365
            do {
1182 1895
                *put++ = *from++;
1183 1895
            } while (--copy);
1184 365
            if (state->length == 0) state->mode = LEN;
1185 365
            break;
1186
        case LIT:
1187 28292
            if (left == 0) goto inf_leave;
1188 28192
            *put++ = (unsigned char)(state->length);
1189 28192
            left--;
1190 28192
            state->mode = LEN;
1191 28192
            break;
1192
        case CHECK:
1193 6050
            if (state->wrap) {
1194 27050
                NEEDBITS(32);
1195 5250
                out -= left;
1196 5250
                strm->total_out += out;
1197 5250
                state->total += out;
1198 5250
                if ((state->wrap & 4) && out)
1199 3875
                    strm->adler = state->check =
1200 3875
                        UPDATE_CHECK(state->check, put - out, out);
1201 5250
                out = left;
1202 10500
                if ((state->wrap & 4) && (
1203
#ifdef GUNZIP
1204 5250
                     state->flags ? hold :
1205
#endif
1206 5250
                     ZSWAP32(hold)) != state->check) {
1207 0
                    strm->msg = "incorrect data check";
1208 0
                    state->mode = BAD;
1209 0
                    break;
1210
                }
1211 5250
                INITBITS();
1212
                Tracev((stderr, "inflate:   check matches trailer\n"));
1213 5250
            }
1214
#ifdef GUNZIP
1215 5250
            state->mode = LENGTH;
1216
                /* fallthrough */
1217
        case LENGTH:
1218 5250
            if (state->wrap && state->flags) {
1219 26250
                NEEDBITS(32);
1220 5250
                if ((state->wrap & 4) && hold != (state->total & 0xffffffff)) {
1221 0
                    strm->msg = "incorrect length check";
1222 0
                    state->mode = BAD;
1223 0
                    break;
1224
                }
1225 5250
                INITBITS();
1226
                Tracev((stderr, "inflate:   length matches trailer\n"));
1227 5250
            }
1228
#endif
1229 5250
            state->mode = DONE;
1230
                /* fallthrough */
1231
        case DONE:
1232 7175
            ret = Z_STREAM_END;
1233 7175
            goto inf_leave;
1234
        case BAD:
1235 50
            ret = Z_DATA_ERROR;
1236 50
            goto inf_leave;
1237
        case MEM:
1238 0
            return Z_MEM_ERROR;
1239 0
        case SYNC:
1240
                /* fallthrough */
1241
        default:
1242 0
            return Z_STREAM_ERROR;
1243
        }
1244
1245
    /*
1246
       Return from inflate(), updating the total counts and the check value.
1247
       If there was no progress during the inflate() call, return a buffer
1248
       error.  Call updatewindow() to create and/or update the window state.
1249
       Note: a memory error from inflate() is non-recoverable.
1250
     */
1251
  inf_leave:
1252 21648
    RESTORE();
1253 22448
    if (state->wsize || (out != strm->avail_out && state->mode < BAD &&
1254 1679
            (state->mode < CHECK || flush != Z_FINISH)))
1255 15602
        if (updatewindow(strm, strm->next_out, out - strm->avail_out)) {
1256 0
            state->mode = MEM;
1257 0
            return Z_MEM_ERROR;
1258
        }
1259 21648
    in -= strm->avail_in;
1260 21648
    out -= strm->avail_out;
1261 21648
    strm->total_in += in;
1262 21648
    strm->total_out += out;
1263 21648
    state->total += out;
1264 21648
    if ((state->wrap & 4) && out)
1265 11948
        strm->adler = state->check =
1266 11948
            UPDATE_CHECK(state->check, strm->next_out - out, out);
1267 64944
    strm->data_type = (int)state->bits + (state->last ? 64 : 0) +
1268 43296
                      (state->mode == TYPE ? 128 : 0) +
1269 21648
                      (state->mode == LEN_ || state->mode == COPY_ ? 256 : 0);
1270 21648
    if (((in == 0 && out == 0) || flush == Z_FINISH) && ret == Z_OK)
1271 300
        ret = Z_BUF_ERROR;
1272 21648
    return ret;
1273 21648
}
1274
1275 6750
int ZEXPORT inflateEnd(z_streamp strm) {
1276
    struct inflate_state FAR *state;
1277 6750
    if (inflateStateCheck(strm))
1278 0
        return Z_STREAM_ERROR;
1279 6750
    state = (struct inflate_state FAR *)strm->state;
1280 6750
    if (state->window != Z_NULL) ZFREE(strm, state->window);
1281 6750
    ZFREE(strm, strm->state);
1282 6750
    strm->state = Z_NULL;
1283
    Tracev((stderr, "inflate: end\n"));
1284 6750
    return Z_OK;
1285 6750
}
1286
1287
#ifdef NOVGZ
1288
1289
int ZEXPORT inflateGetDictionary(z_streamp strm, Bytef *dictionary,
1290
                                 uInt *dictLength) {
1291
    struct inflate_state FAR *state;
1292
1293
    /* check state */
1294
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
1295
    state = (struct inflate_state FAR *)strm->state;
1296
1297
    /* copy dictionary */
1298
    if (state->whave && dictionary != Z_NULL) {
1299
        zmemcpy(dictionary, state->window + state->wnext,
1300
                state->whave - state->wnext);
1301
        zmemcpy(dictionary + state->whave - state->wnext,
1302
                state->window, state->wnext);
1303
    }
1304
    if (dictLength != Z_NULL)
1305
        *dictLength = state->whave;
1306
    return Z_OK;
1307
}
1308
1309
int ZEXPORT inflateSetDictionary(z_streamp strm, const Bytef *dictionary,
1310
                                 uInt dictLength) {
1311
    struct inflate_state FAR *state;
1312
    unsigned long dictid;
1313
    int ret;
1314
1315
    /* check state */
1316
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
1317
    state = (struct inflate_state FAR *)strm->state;
1318
    if (state->wrap != 0 && state->mode != DICT)
1319
        return Z_STREAM_ERROR;
1320
1321
    /* check for correct dictionary identifier */
1322
    if (state->mode == DICT) {
1323
        dictid = adler32(0L, Z_NULL, 0);
1324
        dictid = adler32(dictid, dictionary, dictLength);
1325
        if (dictid != state->check)
1326
            return Z_DATA_ERROR;
1327
    }
1328
1329
    /* copy dictionary to window using updatewindow(), which will amend the
1330
       existing dictionary if appropriate */
1331
    ret = updatewindow(strm, dictionary + dictLength, dictLength);
1332
    if (ret) {
1333
        state->mode = MEM;
1334
        return Z_MEM_ERROR;
1335
    }
1336
    state->havedict = 1;
1337
    Tracev((stderr, "inflate:   dictionary set\n"));
1338
    return Z_OK;
1339
}
1340
1341
int ZEXPORT inflateGetHeader(z_streamp strm, gz_headerp head) {
1342
    struct inflate_state FAR *state;
1343
1344
    /* check state */
1345
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
1346
    state = (struct inflate_state FAR *)strm->state;
1347
    if ((state->wrap & 2) == 0) return Z_STREAM_ERROR;
1348
1349
    /* save header structure */
1350
    state->head = head;
1351
    head->done = 0;
1352
    return Z_OK;
1353
}
1354
1355
/*
1356
   Search buf[0..len-1] for the pattern: 0, 0, 0xff, 0xff.  Return when found
1357
   or when out of input.  When called, *have is the number of pattern bytes
1358
   found in order so far, in 0..3.  On return *have is updated to the new
1359
   state.  If on return *have equals four, then the pattern was found and the
1360
   return value is how many bytes were read including the last byte of the
1361
   pattern.  If *have is less than four, then the pattern has not been found
1362
   yet and the return value is len.  In the latter case, syncsearch() can be
1363
   called again with more data and the *have state.  *have is initialized to
1364
   zero for the first call.
1365
 */
1366
local unsigned syncsearch(unsigned FAR *have, const unsigned char FAR *buf,
1367
                          unsigned len) {
1368
    unsigned got;
1369
    unsigned next;
1370
1371
    got = *have;
1372
    next = 0;
1373
    while (next < len && got < 4) {
1374
        if ((int)(buf[next]) == (got < 2 ? 0 : 0xff))
1375
            got++;
1376
        else if (buf[next])
1377
            got = 0;
1378
        else
1379
            got = 4 - got;
1380
        next++;
1381
    }
1382
    *have = got;
1383
    return next;
1384
}
1385
1386
int ZEXPORT inflateSync(z_streamp strm) {
1387
    unsigned len;               /* number of bytes to look at or looked at */
1388
    int flags;                  /* temporary to save header status */
1389
    unsigned long in, out;      /* temporary to save total_in and total_out */
1390
    unsigned char buf[4];       /* to restore bit buffer to byte string */
1391
    struct inflate_state FAR *state;
1392
1393
    /* check parameters */
1394
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
1395
    state = (struct inflate_state FAR *)strm->state;
1396
    if (strm->avail_in == 0 && state->bits < 8) return Z_BUF_ERROR;
1397
1398
    /* if first time, start search in bit buffer */
1399
    if (state->mode != SYNC) {
1400
        state->mode = SYNC;
1401
        state->hold <<= state->bits & 7;
1402
        state->bits -= state->bits & 7;
1403
        len = 0;
1404
        while (state->bits >= 8) {
1405
            buf[len++] = (unsigned char)(state->hold);
1406
            state->hold >>= 8;
1407
            state->bits -= 8;
1408
        }
1409
        state->have = 0;
1410
        syncsearch(&(state->have), buf, len);
1411
    }
1412
1413
    /* search available input */
1414
    len = syncsearch(&(state->have), strm->next_in, strm->avail_in);
1415
    strm->avail_in -= len;
1416
    strm->next_in += len;
1417
    strm->total_in += len;
1418
1419
    /* return no joy or set up to restart inflate() on a new block */
1420
    if (state->have != 4) return Z_DATA_ERROR;
1421
    if (state->flags == -1)
1422
        state->wrap = 0;    /* if no header yet, treat as raw */
1423
    else
1424
        state->wrap &= ~4;  /* no point in computing a check value now */
1425
    flags = state->flags;
1426
    in = strm->total_in;  out = strm->total_out;
1427
    inflateReset(strm);
1428
    strm->total_in = in;  strm->total_out = out;
1429
    state->flags = flags;
1430
    state->mode = TYPE;
1431
    return Z_OK;
1432
}
1433
1434
/*
1435
   Returns true if inflate is currently at the end of a block generated by
1436
   Z_SYNC_FLUSH or Z_FULL_FLUSH. This function is used by one PPP
1437
   implementation to provide an additional safety check. PPP uses
1438
   Z_SYNC_FLUSH but removes the length bytes of the resulting empty stored
1439
   block. When decompressing, PPP checks that at the end of input packet,
1440
   inflate is waiting for these length bytes.
1441
 */
1442
int ZEXPORT inflateSyncPoint(z_streamp strm) {
1443
    struct inflate_state FAR *state;
1444
1445
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
1446
    state = (struct inflate_state FAR *)strm->state;
1447
    return state->mode == STORED && state->bits == 0;
1448
}
1449
1450
int ZEXPORT inflateCopy(z_streamp dest, z_streamp source) {
1451
    struct inflate_state FAR *state;
1452
    struct inflate_state FAR *copy;
1453
    unsigned char FAR *window;
1454
    unsigned wsize;
1455
1456
    /* check input */
1457
    if (inflateStateCheck(source) || dest == Z_NULL)
1458
        return Z_STREAM_ERROR;
1459
    state = (struct inflate_state FAR *)source->state;
1460
1461
    /* allocate space */
1462
    copy = (struct inflate_state FAR *)
1463
           ZALLOC(source, 1, sizeof(struct inflate_state));
1464
    if (copy == Z_NULL) return Z_MEM_ERROR;
1465
    window = Z_NULL;
1466
    if (state->window != Z_NULL) {
1467
        window = (unsigned char FAR *)
1468
                 ZALLOC(source, 1U << state->wbits, sizeof(unsigned char));
1469
        if (window == Z_NULL) {
1470
            ZFREE(source, copy);
1471
            return Z_MEM_ERROR;
1472
        }
1473
    }
1474
1475
    /* copy state */
1476
    zmemcpy((voidpf)dest, (voidpf)source, sizeof(z_stream));
1477
    zmemcpy((voidpf)copy, (voidpf)state, sizeof(struct inflate_state));
1478
    copy->strm = dest;
1479
    if (state->lencode >= state->codes &&
1480
        state->lencode <= state->codes + ENOUGH - 1) {
1481
        copy->lencode = copy->codes + (state->lencode - state->codes);
1482
        copy->distcode = copy->codes + (state->distcode - state->codes);
1483
    }
1484
    copy->next = copy->codes + (state->next - state->codes);
1485
    if (window != Z_NULL) {
1486
        wsize = 1U << state->wbits;
1487
        zmemcpy(window, state->window, wsize);
1488
    }
1489
    copy->window = window;
1490
    dest->state = (struct internal_state FAR *)copy;
1491
    return Z_OK;
1492
}
1493
1494
int ZEXPORT inflateUndermine(z_streamp strm, int subvert) {
1495
    struct inflate_state FAR *state;
1496
1497
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
1498
    state = (struct inflate_state FAR *)strm->state;
1499
#ifdef INFLATE_ALLOW_INVALID_DISTANCE_TOOFAR_ARRR
1500
    state->sane = !subvert;
1501
    return Z_OK;
1502
#else
1503
    (void)subvert;
1504
    state->sane = 1;
1505
    return Z_DATA_ERROR;
1506
#endif
1507
}
1508
1509
int ZEXPORT inflateValidate(z_streamp strm, int check) {
1510
    struct inflate_state FAR *state;
1511
1512
    if (inflateStateCheck(strm)) return Z_STREAM_ERROR;
1513
    state = (struct inflate_state FAR *)strm->state;
1514
    if (check && state->wrap)
1515
        state->wrap |= 4;
1516
    else
1517
        state->wrap &= ~4;
1518
    return Z_OK;
1519
}
1520
1521
long ZEXPORT inflateMark(z_streamp strm) {
1522
    struct inflate_state FAR *state;
1523
1524
    if (inflateStateCheck(strm))
1525
        return -(1L << 16);
1526
    state = (struct inflate_state FAR *)strm->state;
1527
    return (long)(((unsigned long)((long)state->back)) << 16) +
1528
        (state->mode == COPY ? state->length :
1529
            (state->mode == MATCH ? state->was - state->length : 0));
1530
}
1531
1532
unsigned long ZEXPORT inflateCodesUsed(z_streamp strm) {
1533
    struct inflate_state FAR *state;
1534
    if (inflateStateCheck(strm)) return (unsigned long)-1;
1535
    state = (struct inflate_state FAR *)strm->state;
1536
    return (unsigned long)(state->next - state->codes);
1537
}
1538
1539
#endif /* NOVGZ */