| package plist |
| |
| import ( |
| "bytes" |
| "encoding/binary" |
| "errors" |
| "fmt" |
| "io" |
| "io/ioutil" |
| "math" |
| "runtime" |
| "time" |
| "unicode/utf16" |
| ) |
| |
| const ( |
| signedHighBits = 0xFFFFFFFFFFFFFFFF |
| ) |
| |
| type offset uint64 |
| |
| type bplistParser struct { |
| buffer []byte |
| |
| reader io.ReadSeeker |
| version int |
| objects []cfValue // object ID to object |
| trailer bplistTrailer |
| trailerOffset uint64 |
| |
| containerStack []offset // slice of object offsets; manipulated during container deserialization |
| } |
| |
| func (p *bplistParser) validateDocumentTrailer() { |
| if p.trailer.OffsetTableOffset >= p.trailerOffset { |
| panic(fmt.Errorf("offset table beyond beginning of trailer (0x%x, trailer@0x%x)", p.trailer.OffsetTableOffset, p.trailerOffset)) |
| } |
| |
| if p.trailer.OffsetTableOffset < 9 { |
| panic(fmt.Errorf("offset table begins inside header (0x%x)", p.trailer.OffsetTableOffset)) |
| } |
| |
| if p.trailerOffset > (p.trailer.NumObjects*uint64(p.trailer.OffsetIntSize))+p.trailer.OffsetTableOffset { |
| panic(errors.New("garbage between offset table and trailer")) |
| } |
| |
| if p.trailer.OffsetTableOffset+(uint64(p.trailer.OffsetIntSize)*p.trailer.NumObjects) > p.trailerOffset { |
| panic(errors.New("offset table isn't long enough to address every object")) |
| } |
| |
| maxObjectRef := uint64(1) << (8 * p.trailer.ObjectRefSize) |
| if p.trailer.NumObjects > maxObjectRef { |
| panic(fmt.Errorf("more objects (%v) than object ref size (%v bytes) can support", p.trailer.NumObjects, p.trailer.ObjectRefSize)) |
| } |
| |
| if p.trailer.OffsetIntSize < uint8(8) && (uint64(1)<<(8*p.trailer.OffsetIntSize)) <= p.trailer.OffsetTableOffset { |
| panic(errors.New("offset size isn't big enough to address entire file")) |
| } |
| |
| if p.trailer.TopObject >= p.trailer.NumObjects { |
| panic(fmt.Errorf("top object #%d is out of range (only %d exist)", p.trailer.TopObject, p.trailer.NumObjects)) |
| } |
| } |
| |
| func (p *bplistParser) parseDocument() (pval cfValue, parseError error) { |
| defer func() { |
| if r := recover(); r != nil { |
| if _, ok := r.(runtime.Error); ok { |
| panic(r) |
| } |
| |
| parseError = plistParseError{"binary", r.(error)} |
| } |
| }() |
| |
| p.buffer, _ = ioutil.ReadAll(p.reader) |
| |
| l := len(p.buffer) |
| if l < 40 { |
| panic(errors.New("not enough data")) |
| } |
| |
| if !bytes.Equal(p.buffer[0:6], []byte{'b', 'p', 'l', 'i', 's', 't'}) { |
| panic(errors.New("incomprehensible magic")) |
| } |
| |
| p.version = int(((p.buffer[6] - '0') * 10) + (p.buffer[7] - '0')) |
| |
| if p.version > 1 { |
| panic(fmt.Errorf("unexpected version %d", p.version)) |
| } |
| |
| p.trailerOffset = uint64(l - 32) |
| p.trailer = bplistTrailer{ |
| SortVersion: p.buffer[p.trailerOffset+5], |
| OffsetIntSize: p.buffer[p.trailerOffset+6], |
| ObjectRefSize: p.buffer[p.trailerOffset+7], |
| NumObjects: binary.BigEndian.Uint64(p.buffer[p.trailerOffset+8:]), |
| TopObject: binary.BigEndian.Uint64(p.buffer[p.trailerOffset+16:]), |
| OffsetTableOffset: binary.BigEndian.Uint64(p.buffer[p.trailerOffset+24:]), |
| } |
| |
| p.validateDocumentTrailer() |
| |
| // INVARIANTS: |
| // - Entire offset table is before trailer |
| // - Offset table begins after header |
| // - Offset table can address entire document |
| // - Object IDs are big enough to support the number of objects in this plist |
| // - Top object is in range |
| |
| p.objects = make([]cfValue, p.trailer.NumObjects) |
| |
| pval = p.objectAtIndex(p.trailer.TopObject) |
| return |
| } |
| |
| // parseSizedInteger returns a 128-bit integer as low64, high64 |
| func (p *bplistParser) parseSizedInteger(off offset, nbytes int) (lo uint64, hi uint64, newOffset offset) { |
| // Per comments in CoreFoundation, format version 00 requires that all |
| // 1, 2 or 4-byte integers be interpreted as unsigned. 8-byte integers are |
| // signed (always?) and therefore must be sign extended here. |
| // negative 1, 2, or 4-byte integers are always emitted as 64-bit. |
| switch nbytes { |
| case 1: |
| lo, hi = uint64(p.buffer[off]), 0 |
| case 2: |
| lo, hi = uint64(binary.BigEndian.Uint16(p.buffer[off:])), 0 |
| case 4: |
| lo, hi = uint64(binary.BigEndian.Uint32(p.buffer[off:])), 0 |
| case 8: |
| lo = binary.BigEndian.Uint64(p.buffer[off:]) |
| if p.buffer[off]&0x80 != 0 { |
| // sign extend if lo is signed |
| hi = signedHighBits |
| } |
| case 16: |
| lo, hi = binary.BigEndian.Uint64(p.buffer[off+8:]), binary.BigEndian.Uint64(p.buffer[off:]) |
| default: |
| panic(errors.New("illegal integer size")) |
| } |
| newOffset = off + offset(nbytes) |
| return |
| } |
| |
| func (p *bplistParser) parseObjectRefAtOffset(off offset) (uint64, offset) { |
| oid, _, next := p.parseSizedInteger(off, int(p.trailer.ObjectRefSize)) |
| return oid, next |
| } |
| |
| func (p *bplistParser) parseOffsetAtOffset(off offset) (offset, offset) { |
| parsedOffset, _, next := p.parseSizedInteger(off, int(p.trailer.OffsetIntSize)) |
| return offset(parsedOffset), next |
| } |
| |
| func (p *bplistParser) objectAtIndex(index uint64) cfValue { |
| if index >= p.trailer.NumObjects { |
| panic(fmt.Errorf("invalid object#%d (max %d)", index, p.trailer.NumObjects)) |
| } |
| |
| if pval := p.objects[index]; pval != nil { |
| return pval |
| } |
| |
| off, _ := p.parseOffsetAtOffset(offset(p.trailer.OffsetTableOffset + (index * uint64(p.trailer.OffsetIntSize)))) |
| if off > offset(p.trailer.OffsetTableOffset-1) { |
| panic(fmt.Errorf("object#%d starts beyond beginning of object table (0x%x, table@0x%x)", index, off, p.trailer.OffsetTableOffset)) |
| } |
| |
| pval := p.parseTagAtOffset(off) |
| p.objects[index] = pval |
| return pval |
| |
| } |
| |
| func (p *bplistParser) pushNestedObject(off offset) { |
| for _, v := range p.containerStack { |
| if v == off { |
| p.panicNestedObject(off) |
| } |
| } |
| p.containerStack = append(p.containerStack, off) |
| } |
| |
| func (p *bplistParser) panicNestedObject(off offset) { |
| ids := "" |
| for _, v := range p.containerStack { |
| ids += fmt.Sprintf("0x%x > ", v) |
| } |
| |
| // %s0x%d: ids above ends with " > " |
| panic(fmt.Errorf("self-referential collection@0x%x (%s0x%x) cannot be deserialized", off, ids, off)) |
| } |
| |
| func (p *bplistParser) popNestedObject() { |
| p.containerStack = p.containerStack[:len(p.containerStack)-1] |
| } |
| |
| func (p *bplistParser) parseTagAtOffset(off offset) cfValue { |
| tag := p.buffer[off] |
| |
| switch tag & 0xF0 { |
| case bpTagNull: |
| switch tag & 0x0F { |
| case bpTagBoolTrue, bpTagBoolFalse: |
| return cfBoolean(tag == bpTagBoolTrue) |
| } |
| case bpTagInteger: |
| lo, hi, _ := p.parseIntegerAtOffset(off) |
| return &cfNumber{ |
| signed: hi == signedHighBits, // a signed integer is stored as a 128-bit integer with the top 64 bits set |
| value: lo, |
| } |
| case bpTagReal: |
| nbytes := 1 << (tag & 0x0F) |
| switch nbytes { |
| case 4: |
| bits := binary.BigEndian.Uint32(p.buffer[off+1:]) |
| return &cfReal{wide: false, value: float64(math.Float32frombits(bits))} |
| case 8: |
| bits := binary.BigEndian.Uint64(p.buffer[off+1:]) |
| return &cfReal{wide: true, value: math.Float64frombits(bits)} |
| } |
| panic(errors.New("illegal float size")) |
| case bpTagDate: |
| bits := binary.BigEndian.Uint64(p.buffer[off+1:]) |
| val := math.Float64frombits(bits) |
| |
| // Apple Epoch is 20110101000000Z |
| // Adjust for UNIX Time |
| val += 978307200 |
| |
| sec, fsec := math.Modf(val) |
| time := time.Unix(int64(sec), int64(fsec*float64(time.Second))).In(time.UTC) |
| return cfDate(time) |
| case bpTagData: |
| data := p.parseDataAtOffset(off) |
| return cfData(data) |
| case bpTagASCIIString: |
| str := p.parseASCIIStringAtOffset(off) |
| return cfString(str) |
| case bpTagUTF16String: |
| str := p.parseUTF16StringAtOffset(off) |
| return cfString(str) |
| case bpTagUID: // Somehow different than int: low half is nbytes - 1 instead of log2(nbytes) |
| lo, _, _ := p.parseSizedInteger(off+1, int(tag&0xF)+1) |
| return cfUID(lo) |
| case bpTagDictionary: |
| return p.parseDictionaryAtOffset(off) |
| case bpTagArray: |
| return p.parseArrayAtOffset(off) |
| } |
| panic(fmt.Errorf("unexpected atom 0x%2.02x at offset 0x%x", tag, off)) |
| } |
| |
| func (p *bplistParser) parseIntegerAtOffset(off offset) (uint64, uint64, offset) { |
| tag := p.buffer[off] |
| return p.parseSizedInteger(off+1, 1<<(tag&0xF)) |
| } |
| |
| func (p *bplistParser) countForTagAtOffset(off offset) (uint64, offset) { |
| tag := p.buffer[off] |
| cnt := uint64(tag & 0x0F) |
| if cnt == 0xF { |
| cnt, _, off = p.parseIntegerAtOffset(off + 1) |
| return cnt, off |
| } |
| return cnt, off + 1 |
| } |
| |
| func (p *bplistParser) parseDataAtOffset(off offset) []byte { |
| len, start := p.countForTagAtOffset(off) |
| if start+offset(len) > offset(p.trailer.OffsetTableOffset) { |
| panic(fmt.Errorf("data@0x%x too long (%v bytes, max is %v)", off, len, p.trailer.OffsetTableOffset-uint64(start))) |
| } |
| return p.buffer[start : start+offset(len)] |
| } |
| |
| func (p *bplistParser) parseASCIIStringAtOffset(off offset) string { |
| len, start := p.countForTagAtOffset(off) |
| if start+offset(len) > offset(p.trailer.OffsetTableOffset) { |
| panic(fmt.Errorf("ascii string@0x%x too long (%v bytes, max is %v)", off, len, p.trailer.OffsetTableOffset-uint64(start))) |
| } |
| |
| return zeroCopy8BitString(p.buffer, int(start), int(len)) |
| } |
| |
| func (p *bplistParser) parseUTF16StringAtOffset(off offset) string { |
| len, start := p.countForTagAtOffset(off) |
| bytes := len * 2 |
| if start+offset(bytes) > offset(p.trailer.OffsetTableOffset) { |
| panic(fmt.Errorf("utf16 string@0x%x too long (%v bytes, max is %v)", off, bytes, p.trailer.OffsetTableOffset-uint64(start))) |
| } |
| |
| u16s := make([]uint16, len) |
| for i := offset(0); i < offset(len); i++ { |
| u16s[i] = binary.BigEndian.Uint16(p.buffer[start+(i*2):]) |
| } |
| runes := utf16.Decode(u16s) |
| return string(runes) |
| } |
| |
| func (p *bplistParser) parseObjectListAtOffset(off offset, count uint64) []cfValue { |
| if off+offset(count*uint64(p.trailer.ObjectRefSize)) > offset(p.trailer.OffsetTableOffset) { |
| panic(fmt.Errorf("list@0x%x length (%v) puts its end beyond the offset table at 0x%x", off, count, p.trailer.OffsetTableOffset)) |
| } |
| objects := make([]cfValue, count) |
| |
| next := off |
| var oid uint64 |
| for i := uint64(0); i < count; i++ { |
| oid, next = p.parseObjectRefAtOffset(next) |
| objects[i] = p.objectAtIndex(oid) |
| } |
| |
| return objects |
| } |
| |
| func (p *bplistParser) parseDictionaryAtOffset(off offset) *cfDictionary { |
| p.pushNestedObject(off) |
| defer p.popNestedObject() |
| |
| // a dictionary is an object list of [key key key val val val] |
| cnt, start := p.countForTagAtOffset(off) |
| objects := p.parseObjectListAtOffset(start, cnt*2) |
| |
| keys := make([]string, cnt) |
| for i := uint64(0); i < cnt; i++ { |
| if str, ok := objects[i].(cfString); ok { |
| keys[i] = string(str) |
| } else { |
| panic(fmt.Errorf("dictionary@0x%x contains non-string key at index %d", off, i)) |
| } |
| } |
| |
| return &cfDictionary{ |
| keys: keys, |
| values: objects[cnt:], |
| } |
| } |
| |
| func (p *bplistParser) parseArrayAtOffset(off offset) *cfArray { |
| p.pushNestedObject(off) |
| defer p.popNestedObject() |
| |
| // an array is just an object list |
| cnt, start := p.countForTagAtOffset(off) |
| return &cfArray{p.parseObjectListAtOffset(start, cnt)} |
| } |
| |
| func newBplistParser(r io.ReadSeeker) *bplistParser { |
| return &bplistParser{reader: r} |
| } |
