From 29901739a2506999955e1fdd5a2f8f7b2140b089 Mon Sep 17 00:00:00 2001 From: Ladislav Zezula Date: Mon, 15 Apr 2024 23:30:36 +0200 Subject: Work in progress: New MPQ protector --- src/SBaseFileTable.cpp | 10 +++++++++- src/SFileOpenArchive.cpp | 39 +++++++++++++++++++++++++++++---------- 2 files changed, 38 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/SBaseFileTable.cpp b/src/SBaseFileTable.cpp index fa388fc..a222ac5 100644 --- a/src/SBaseFileTable.cpp +++ b/src/SBaseFileTable.cpp @@ -479,8 +479,16 @@ DWORD ConvertMpqHeaderToFormat4( { case MPQ_FORMAT_VERSION_1: - // Check for malformed MPQ header version 1.0 + // Make sure that the MPQ Header is properly swapped BSWAP_TMPQHEADER(pHeader, MPQ_FORMAT_VERSION_1); + + // Check for blatantly wrong MPQ header by the hash table position + if(((ByteOffset + pHeader->dwHashTablePos) & 0xFFFFFFFF) > FileSize) + return ERROR_FAKE_MPQ_HEADER; + if(((ByteOffset + pHeader->dwBlockTablePos) & 0xFFFFFFFF) > FileSize) + return ERROR_FAKE_MPQ_HEADER; + + // Check for malformed MPQ header version 1.0 if(pHeader->wFormatVersion != MPQ_FORMAT_VERSION_1 || pHeader->dwHeaderSize != MPQ_HEADER_SIZE_V1) { pHeader->wFormatVersion = MPQ_FORMAT_VERSION_1; diff --git a/src/SFileOpenArchive.cpp b/src/SFileOpenArchive.cpp index 4b2d3b4..a97ecea 100644 --- a/src/SFileOpenArchive.cpp +++ b/src/SFileOpenArchive.cpp @@ -228,7 +228,7 @@ bool WINAPI SFileOpenArchive( DWORD dwFlags, HANDLE * phMpq) { - TMPQUserData * pUserData; + TMPQUserData * pUserData = NULL; TFileStream * pStream = NULL; // Open file stream TMPQArchive * ha = NULL; // Archive handle TFileEntry * pFileEntry; @@ -354,18 +354,25 @@ bool WINAPI SFileOpenArchive( { if(ha->pUserData == NULL && dwHeaderID == ID_MPQ_USERDATA) { + // Copy the eventual user data to the separate buffer + memcpy(&ha->UserData, ha->HeaderData, sizeof(TMPQUserData)); + // Verify if this looks like a valid user data - pUserData = IsValidMpqUserData(ByteOffset, FileSize, ha->HeaderData); + pUserData = IsValidMpqUserData(ByteOffset, FileSize, &ha->UserData); if(pUserData != NULL) { - // Fill the user data header - ha->UserDataPos = ByteOffset; - ha->pUserData = &ha->UserData; - memcpy(ha->pUserData, pUserData, sizeof(TMPQUserData)); - - // Continue searching from that position - ByteOffset += ha->pUserData->dwHeaderOffs; - break; + // Set the byte offset to the loaded user data + ULONGLONG TempByteOffset = ByteOffset + pUserData->dwHeaderOffs; + + // Read the eventual MPQ header from the position where the user data points + if(!FileStream_Read(ha->pStream, &TempByteOffset, ha->HeaderData, sizeof(ha->HeaderData))) + { + dwErrCode = GetLastError(); + break; + } + + // Re-initialize the header ID + dwHeaderID = BSWAP_INT32_UNSIGNED(ha->HeaderData[0]); } } } @@ -405,12 +412,24 @@ bool WINAPI SFileOpenArchive( // Move the pointers ByteOffset += 0x200; + pUserData = NULL; } } // Did we identify one of the supported headers? if(dwErrCode == ERROR_SUCCESS) { + // If we retrieved the offset from the user data offset, initialize the user data + if(pUserData != NULL) + { + // Fill the user data header + ha->pUserData = &ha->UserData; + ha->UserDataPos = ByteOffset; + + // Set the real byte offset + ByteOffset = ByteOffset + pUserData->dwHeaderOffs; + } + // Set the user data position to the MPQ header, if none if(ha->pUserData == NULL) ha->UserDataPos = ByteOffset; -- cgit v1.2.3 From 25f52b76295eec974fba4b79869c664b338cf258 Mon Sep 17 00:00:00 2001 From: Ladislav Zezula Date: Tue, 16 Apr 2024 14:26:13 +0200 Subject: Added test results for the unsupported MPQ --- src/SFileReadFile.cpp | 7 +++++++ test/StormTest.cpp | 36 ++++++++++++++++++++++++------------ test/stormlib-test-001.txt | 23 ++++++++++++----------- 3 files changed, 43 insertions(+), 23 deletions(-) (limited to 'src') diff --git a/src/SFileReadFile.cpp b/src/SFileReadFile.cpp index b0698c1..153401a 100644 --- a/src/SFileReadFile.cpp +++ b/src/SFileReadFile.cpp @@ -194,6 +194,13 @@ static DWORD ReadMpqSectors(TMPQFile * hf, LPBYTE pbBuffer, DWORD dwByteOffset, dwErrCode = ERROR_FILE_CORRUPT; break; } + + // Special case (MPQ_2024_v1_300TK2.09p.w3x, file File00010254.blp): + // Extracted less than required. Fill the rest with zeros + if(cbOutSector < dwBytesInThisSector) + { + memset(pbOutSector + cbOutSector, 0, dwBytesInThisSector - cbOutSector); + } } else { diff --git a/test/StormTest.cpp b/test/StormTest.cpp index 55700be..3276c59 100755 --- a/test/StormTest.cpp +++ b/test/StormTest.cpp @@ -1651,7 +1651,9 @@ static DWORD SearchArchive( // Construct the full name of the listfile CreateFullPathName(szListFile, _countof(szListFile), szListFileDir, _T("ListFile_Blizzard.txt")); - fp = fopen("E:\\mpq-listing.txt", "wt"); + + // Create the log file with file sizes and CRCs + //fp = fopen("C:\\mpq-listing.txt", "wt"); // Prepare hashing md5_init(&md5state); @@ -1697,6 +1699,20 @@ static DWORD SearchArchive( fprintf(fp, "%08x:%08x: %s \n", pFileData->dwFileSize, pFileData->dwCrc32, sf.cFileName); } + // Also write the content of the file to the test directory + //if(fp != NULL) + //{ + // FILE * fp2; + // char szFullPath[MAX_PATH] = "C:\\test\\"; + + // strcat(szFullPath, sf.cFileName); + // if((fp2 = fopen(szFullPath, "wb")) != NULL) + // { + // fwrite(pFileData->FileData, 1, pFileData->dwFileSize, fp2); + // fclose(fp2); + // } + //} + // Free the loaded file data STORM_FREE(pFileData); } @@ -3986,7 +4002,6 @@ static const TEST_INFO1 TestList_MasterMirror[] = static const TEST_INFO1 Test_OpenMpqs[] = { -/* // Correct or damaged archives {_T("MPQ_1997_v1_Diablo1_DIABDAT.MPQ"), NULL, "554b538541e42170ed41cb236483489e", 2910, &TwoFilesD1}, // Base MPQ from Diablo 1 {_T("MPQ_1997_v1_patch_rt_SC1B.mpq"), NULL, "43fe7d362955be68a708486e399576a7", 10}, // From Starcraft 1 BETA @@ -4047,9 +4062,8 @@ static const TEST_INFO1 Test_OpenMpqs[] = {_T("MPQ_2022_v1_Sniper.scx"), NULL, "2e955271b70b79344ad85b698f6ce9d8", 64}, // Multiple items in hash table for staredit\scenario.chk (locale=0, platform=0) {_T("MPQ_2022_v1_OcOc_Bound_2.scx"), NULL, "25cad16a2fb4e883767a1f512fc1dce7", 16}, {_T("MPQ_2023_v1_Lusin2Rpg1.28.w3x"), NULL, "9c21352f06cf763fcf05e8a2691e6194", 10305, &HashVals}, -*/ - {_T("MPQ_2024_v1_300TK2.09p.w3x"), NULL, "e126ea5df9028e5ee3d7ad4bcf09bab5", 32588}, // Fake MPQ User data, fake MPQ header at offset 0x200 -/* + {_T("MPQ_2024_v1_300TK2.09p.w3x"), NULL, "e442e3d2e7d457b9ba544544013b791f", 32588}, // Fake MPQ User data, fake MPQ header at offset 0x200 + // ASI plugins {_T("MPQ_2020_v1_HS0.1.asi"), NULL, "50cba7460a6e6d270804fb9776a7ec4f", 6022}, {_T("MPQ_2022_v1_hs0.8.asi"), NULL, "6a40f733428001805bfe6e107ca9aec1", 11352}, // Items in hash table have platform = 0xFF @@ -4096,7 +4110,7 @@ static const TEST_INFO1 Test_OpenMpqs[] = // Check the GetFileInfo operations {_T("MPQ_2002_v1_StrongSignature.w3m"), NULL, "7b725d87e07a2173c42fe2314b95fa6c", 17 | TFLG_GET_FILE_INFO}, {_T("MPQ_2013_v4_SC2_EmptyMap.SC2Map"), NULL, "88e1b9a88d56688c9c24037782b7bb68", 33 | TFLG_GET_FILE_INFO}, -*/ + }; static const TEST_INFO1 Test_ReopenMpqs[] = @@ -4168,10 +4182,10 @@ static const LPCSTR Test_CreateMpq_Localized[] = //----------------------------------------------------------------------------- // Main -//#define TEST_COMMAND_LINE -//#define TEST_LOCAL_LISTFILE -//#define TEST_STREAM_OPERATIONS -//#define TEST_MASTER_MIRROR +#define TEST_COMMAND_LINE +#define TEST_LOCAL_LISTFILE +#define TEST_STREAM_OPERATIONS +#define TEST_MASTER_MIRROR #define TEST_OPEN_MPQ #define TEST_REOPEN_MPQ #define TEST_VERIFY_SIGNATURE @@ -4248,8 +4262,6 @@ int _tmain(int argc, TCHAR * argv[]) } #endif // TEST_OPEN_MPQ - ExitProcess(0); - #ifdef TEST_REOPEN_MPQ // Test operations involving reopening the archive if(dwErrCode == ERROR_SUCCESS) { diff --git a/test/stormlib-test-001.txt b/test/stormlib-test-001.txt index 2979f56..bc36adc 100644 --- a/test/stormlib-test-001.txt +++ b/test/stormlib-test-001.txt @@ -1,7 +1,7 @@ ==== Test Suite for StormLib version 9.25 ==== InitWorkFolder: Work directory /media/ladik/MPQs (default) TestLiFiSearch (FLAT-MAP:listfile-test.txt) succeeded. -TestLiFiSearch (listfile-test.txt) succeeded. +TestLiFiSearch (listfile-test.txt) succeeded. TestFileStream (MPQ_2013_v4_alternate-original.MPQ) succeeded. TestFileStream (MPQ_2013_v4_alternate-original.MPQ) succeeded. TestFileStream (MPQ_2013_v4_alternate-complete.MPQ) succeeded. @@ -11,7 +11,7 @@ TestFileStream (mpqe-file://MPQ_2011_v2_EncryptedMpq.MPQE) succeeded. TestFileMirror (part-file://MPQ_2009_v1_patch-created.MPQ.part) succeeded. TestFileMirror (part-file://MPQ_2009_v1_patch-partial.MPQ.part) succeeded. TestFileMirror (part-file://MPQ_2009_v1_patch-complete.MPQ.part) succeeded. -TestFileMirror (MPQ_2013_v4_alternate-created.MPQ) succeeded. +TestFileMirror (MPQ_2013_v4_alternate-created.MPQ) succeeded. TestFileMirror (MPQ_2013_v4_alternate-incomplete.MPQ) succeeded. TestFileMirror (MPQ_2013_v4_alternate-complete.MPQ) succeeded. TestReadingMpq (MPQ_1997_v1_Diablo1_DIABDAT.MPQ) succeeded. @@ -77,6 +77,7 @@ TestReadingMpq (MPQ_2021_v1_CantExtractCHK.scx) succeeded. TestReadingMpq (MPQ_2022_v1_Sniper.scx) succeeded. TestReadingMpq (MPQ_2022_v1_OcOc_Bound_2.scx) succeeded. TestReadingMpq (MPQ_2023_v1_Lusin2Rpg1.28.w3x) succeeded. +TestReadingMpq (MPQ_2024_v1_300TK2.09p.w3x) succeeded. TestReadingMpq (MPQ_2020_v1_HS0.1.asi) succeeded. TestReadingMpq (MPQ_2022_v1_hs0.8.asi) succeeded. TestReadingMpq (MPQ_2022_v1_MoeMoeMod.asi) succeeded. @@ -84,11 +85,11 @@ TestReadingMpq (MPx_2013_v1_LongwuOnline.mpk) succeeded. TestReadingMpq (MPx_2013_v1_WarOfTheImmortals.sqp) succeeded. TestReadingMpq (MPx_2022_v1_Music.mpk) succeeded. TestReadingMpq (MPx_2022_v1_Scp.mpk) succeeded. -TestReadingMpq (MPx_2022_v1_UI.mpk) succeeded. +TestReadingMpq (MPx_2022_v1_UI.mpk) succeeded. TestReadingMpq (MPQ_1998_v1_StarCraft.mpq) succeeded. -TestReadingMpq (MPQ_2012_v4_OldWorld.MPQ) succeeded. -TestReadingMpq (MPQ_2013_v4_world.MPQ) succeeded. -TestReadingMpq (MPQ_2013_v4_locale-enGB.MPQ) succeeded. +TestReadingMpq (MPQ_2012_v4_OldWorld.MPQ) succeeded. +TestReadingMpq (MPQ_2013_v4_world.MPQ) succeeded. +TestReadingMpq (MPQ_2013_v4_locale-enGB.MPQ) succeeded. TestReadingMpq (MPQ_2013_v4_Base1.SC2Data) succeeded. TestReadingMpq (MPQ_2013_v4_Mods#Core.SC2Mod#enGB.SC2Assets) succeeded. TestReadingMpq (MPQ_2013_v4_Base1.SC2Data) succeeded. @@ -111,7 +112,7 @@ TestReadingMpq (MPQ_2013_v4_SC2_EmptyMap.SC2Map) succeeded. Test_ReopenMpq (MPQ_2010_v3_expansion-locale-frFR.MPQ) succeeded. Test_ReopenMpq (MPQ_2016_v1_00000.pak) succeeded. Test_ReopenMpq (MPQ_2013_v4_SC2_EmptyMap.SC2Map) succeeded. -Test_ReopenMpq (MPQ_2013_v4_expansion1.MPQ) succeeded. +Test_ReopenMpq (MPQ_2013_v4_expansion1.MPQ) succeeded. Test_ReopenMpq (MPQ_2014_v1_out1.w3x) succeeded. Test_ReopenMpq (MPQ_2014_v1_out2.w3x) succeeded. Test_ReopenMpq (MPQ_1997_v1_Diablo1_DIABDAT.MPQ) succeeded. @@ -139,11 +140,11 @@ TestCreateFull (StormLibTest_FileTableFull.mpq) succeeded. TestCreateFull (StormLibTest_FileTableFull.mpq) succeeded. TestCreateFull (StormLibTest_FileTableFull.mpq) succeeded. IncMaxFileCount (StormLibTest_IncMaxFileCount.mpq) succeeded. -TestFileFlag (StormLibTest_FileFlagTest.mpq) succeeded. +TestFileFlag (StormLibTest_FileFlagTest.mpq) succeeded. TestCompressions: Warning: CRC32 error on WaveFile_01.wav TestCompressions: Warning: CRC32 error on WaveFile_02.wav -TestCompressions (StormLibTest_AddWaveMonoBadTest.mpq) succeeded. -TestCompressions: Warning: CRC32 error on WaveFile_01.wav +TestCompressions (StormLibTest_AddWaveMonoBadTest.mpq) succeeded. +TestCompressions: Warning: CRC32 error on WaveFile_01.wav TestCompressions: Warning: CRC32 error on WaveFile_02.wav ListFilePos (StormLibTest_ListFilePos.mpq) succeeded. -TestBigArchive (StormLibTest_BigArchive_v4.mpq) succeeded. \ No newline at end of file +TestBigArchive (StormLibTest_BigArchive_v4.mpq) succeeded. \ No newline at end of file -- cgit v1.2.3 From 578885058df9f8db6c8efa9a3b043fe1e5bb739f Mon Sep 17 00:00:00 2001 From: Ladislav Zezula Date: Tue, 16 Apr 2024 14:39:12 +0200 Subject: Removed warning --- src/SFileReadFile.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/SFileReadFile.cpp b/src/SFileReadFile.cpp index 153401a..8ab5f48 100644 --- a/src/SFileReadFile.cpp +++ b/src/SFileReadFile.cpp @@ -197,7 +197,7 @@ static DWORD ReadMpqSectors(TMPQFile * hf, LPBYTE pbBuffer, DWORD dwByteOffset, // Special case (MPQ_2024_v1_300TK2.09p.w3x, file File00010254.blp): // Extracted less than required. Fill the rest with zeros - if(cbOutSector < dwBytesInThisSector) + if((DWORD)(cbOutSector) < dwBytesInThisSector) { memset(pbOutSector + cbOutSector, 0, dwBytesInThisSector - cbOutSector); } -- cgit v1.2.3