* Copyright (c) 1999 by David I. Bell
* Permission is granted to use, distribute, or modify this source,
* provided that this copyright notice remains intact.
- * Permission to distribute sash derived code under the GPL has been granted.
+ * Permission to distribute sash derived code under GPL has been granted.
*
* Based in part on the tar implementation from busybox-0.28
* Copyright (C) 1995 Bruce Perens
*
- * Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
+ * Licensed under GPLv2 or later, see file LICENSE in this source tree.
+ */
+
+/* TODO: security with -C DESTDIR option can be enhanced.
+ * Consider tar file created via:
+ * $ tar cvf bug.tar anything.txt
+ * $ ln -s /tmp symlink
+ * $ tar --append -f bug.tar symlink
+ * $ rm symlink
+ * $ mkdir symlink
+ * $ tar --append -f bug.tar symlink/evil.py
+ *
+ * This will result in an archive which contains:
+ * $ tar --list -f bug.tar
+ * anything.txt
+ * symlink
+ * symlink/evil.py
+ *
+ * Untarring it puts evil.py in '/tmp' even if the -C DESTDIR is given.
+ * This doesn't feel right, and IIRC GNU tar doesn't do that.
*/
#include <fnmatch.h>
#include "libbb.h"
-#include "unarchive.h"
+#include "archive.h"
/* FIXME: Stop using this non-standard feature */
#ifndef FNM_LEADING_DIR
# define FNM_LEADING_DIR 0
PUT_OCTAL(header.uid, statbuf->st_uid);
PUT_OCTAL(header.gid, statbuf->st_gid);
memset(header.size, '0', sizeof(header.size)-1); /* Regular file size is handled later */
- PUT_OCTAL(header.mtime, statbuf->st_mtime);
+ /* users report that files with negative st_mtime cause trouble, so: */
+ PUT_OCTAL(header.mtime, statbuf->st_mtime >= 0 ? statbuf->st_mtime : 0);
/* Enter the user and group names */
safe_strncpy(header.uname, get_cached_username(statbuf->st_uid), sizeof(header.uname));
} else if (S_ISFIFO(statbuf->st_mode)) {
header.typeflag = FIFOTYPE;
} else if (S_ISREG(statbuf->st_mode)) {
- if (sizeof(statbuf->st_size) > 4
- && statbuf->st_size > (off_t)0777777777777LL
+ /* header.size field is 12 bytes long */
+ /* Does octal-encoded size fit? */
+ uoff_t filesize = statbuf->st_size;
+ if (sizeof(filesize) <= 4
+ || filesize <= (uoff_t)0777777777777LL
) {
+ PUT_OCTAL(header.size, filesize);
+ }
+ /* Does base256-encoded size fit?
+ * It always does unless off_t is wider than 64 bits.
+ */
+ else if (ENABLE_FEATURE_TAR_GNU_EXTENSIONS
+#if ULLONG_MAX > 0xffffffffffffffffLL /* 2^64-1 */
+ && (filesize <= 0x3fffffffffffffffffffffffLL)
+#endif
+ ) {
+ /* GNU tar uses "base-256 encoding" for very large numbers.
+ * Encoding is binary, with highest bit always set as a marker
+ * and sign in next-highest bit:
+ * 80 00 .. 00 - zero
+ * bf ff .. ff - largest positive number
+ * ff ff .. ff - minus 1
+ * c0 00 .. 00 - smallest negative number
+ */
+ char *p8 = header.size + sizeof(header.size);
+ do {
+ *--p8 = (uint8_t)filesize;
+ filesize >>= 8;
+ } while (p8 != header.size);
+ *p8 |= 0x80;
+ } else {
bb_error_msg_and_die("can't store file '%s' "
"of size %"OFF_FMT"u, aborting",
fileName, statbuf->st_size);
}
header.typeflag = REGTYPE;
- PUT_OCTAL(header.size, statbuf->st_size);
} else {
bb_error_msg("%s: unknown file type", fileName);
return FALSE;
DBG("writeFileToTarball('%s')", fileName);
- /* Strip leading '/' (must be before memorizing hardlink's name) */
- header_name = fileName;
- while (header_name[0] == '/') {
- static smallint warned;
-
- if (!warned) {
- bb_error_msg("removing leading '/' from member names");
- warned = 1;
- }
- header_name++;
- }
+ /* Strip leading '/' and such (must be before memorizing hardlink's name) */
+ header_name = strip_unsafe_prefix(fileName);
if (header_name[0] == '\0')
return TRUE;
/* Store the stat info for the tarball's file, so
* can avoid including the tarball into itself.... */
- if (fstat(tbInfo.tarFd, &tbInfo.tarFileStatBuf) < 0)
- bb_perror_msg_and_die("can't stat tar file");
+ xfstat(tbInfo.tarFd, &tbInfo.tarFileStatBuf, "can't stat tar file");
#if ENABLE_FEATURE_SEAMLESS_GZ || ENABLE_FEATURE_SEAMLESS_BZ2
if (gzip)
llist_t *newlist = NULL;
while (list) {
- src_stream = xfopen_for_read(llist_pop(&list));
+ src_stream = xfopen_stdin(llist_pop(&list));
while ((line = xmalloc_fgetline(src_stream)) != NULL) {
/* kill trailing '/' unless the string is just "/" */
char *cp = last_char_is(line, '/');
#endif
//usage:#define tar_trivial_usage
-//usage: "-[" IF_FEATURE_TAR_CREATE("c") "xt" IF_FEATURE_SEAMLESS_GZ("z")
-//usage: IF_FEATURE_SEAMLESS_BZ2("j") IF_FEATURE_SEAMLESS_LZMA("a")
-//usage: IF_FEATURE_SEAMLESS_Z("Z") IF_FEATURE_TAR_NOPRESERVE_TIME("m") "vO] "
-//usage: IF_FEATURE_TAR_FROM("[-X FILE] ")
-//usage: "[-f TARFILE] [-C DIR] [FILE]..."
+//usage: "-[" IF_FEATURE_TAR_CREATE("c") "xt"
+//usage: IF_FEATURE_SEAMLESS_Z("Z")
+//usage: IF_FEATURE_SEAMLESS_GZ("z")
+//usage: IF_FEATURE_SEAMLESS_BZ2("j")
+//usage: IF_FEATURE_SEAMLESS_LZMA("a")
+//usage: IF_FEATURE_TAR_CREATE("h")
+//usage: IF_FEATURE_TAR_NOPRESERVE_TIME("m")
+//usage: "vO] "
+//usage: IF_FEATURE_TAR_FROM("[-X FILE] [-T FILE] ")
+//usage: "[-f TARFILE] [-C DIR] [FILE]..."
//usage:#define tar_full_usage "\n\n"
//usage: IF_FEATURE_TAR_CREATE("Create, extract, ")
//usage: IF_NOT_FEATURE_TAR_CREATE("Extract ")
//usage: )
//usage: "\n x Extract"
//usage: "\n t List"
-//usage: "\nOptions:"
//usage: "\n f Name of TARFILE ('-' for stdin/out)"
//usage: "\n C Change to DIR before operation"
//usage: "\n v Verbose"
+//usage: IF_FEATURE_SEAMLESS_Z(
+//usage: "\n Z (De)compress using compress"
+//usage: )
//usage: IF_FEATURE_SEAMLESS_GZ(
//usage: "\n z (De)compress using gzip"
//usage: )
//usage: IF_FEATURE_SEAMLESS_LZMA(
//usage: "\n a (De)compress using lzma"
//usage: )
-//usage: IF_FEATURE_SEAMLESS_Z(
-//usage: "\n Z (De)compress using compress"
-//usage: )
//usage: "\n O Extract to stdout"
//usage: IF_FEATURE_TAR_CREATE(
//usage: "\n h Follow symlinks"
/* Prepend '-' to the first argument if required */
opt_complementary = "--:" // first arg is options
"tt:vv:" // count -t,-v
- "?:" // bail out with usage instead of error return
- "X::T::" // cumulative lists
+ IF_FEATURE_TAR_FROM("X::T::") // cumulative lists
#if ENABLE_FEATURE_TAR_LONG_OPTIONS && ENABLE_FEATURE_TAR_FROM
"\xff::" // cumulative lists for --exclude
#endif
putenv((char*)"TAR_FILETYPE=f");
signal(SIGPIPE, SIG_IGN);
tar_handle->action_data = data_extract_to_command;
+ IF_FEATURE_TAR_TO_COMMAND(tar_handle->tar__to_command_shell = xstrdup(get_shell_name());)
}
if (opt & OPT_KEEP_OLD)
tar_handle->src_fd = tar_fd;
tar_handle->seek = seek_by_read;
} else {
- if (ENABLE_FEATURE_TAR_AUTODETECT && flags == O_RDONLY) {
- get_header_ptr = get_header_tar;
+ if (ENABLE_FEATURE_TAR_AUTODETECT
+ && flags == O_RDONLY
+ && get_header_ptr == get_header_tar
+ ) {
tar_handle->src_fd = open_zipped(tar_filename);
if (tar_handle->src_fd < 0)
bb_perror_msg_and_die("can't open '%s'", tar_filename);
projects / oweals / busybox.git / blobdiff