Commit Graph

83 Commits

Author SHA1 Message Date
Tim Kientzle
5708f1dd7c In case symlinks happen to already be sitting around, be sure to use
chmod() and not lchmod() whenever we know we didn't extract a symlink.
2004-06-30 04:54:07 +00:00
Tim Kientzle
88c3541690 Some implicit dirs were not having the umask correctly
applied to their permissions.  Just calculate the
default dir mode once and use it consistently, rather than
trying to remember to calculate it everywhere it's needed.
2004-06-28 14:12:09 +00:00
Tim Kientzle
b3f695b45c Refuse to extract an entry from an archive on top of the archive being read.
(This is the converse of the "don't add an archive to itself".)
2004-06-27 23:36:39 +00:00
Tim Kientzle
b5f1f87711 More cleanup work on permissions restore:
* Rename some variables/functions/etc to try to make things clearer.
  * Add separate flags to control fflag/acl restore
  * Collect metadata restore into a single function for clarity
  * Propagate errors in metadata restore back out to the client
  * Fix some places where errors were being returned when they
    shouldn't and vice-versa
  * Modes are now always restored; ARCHIVE_EXTRACT_PERM just controls
    whether or not umask is obeyed.
  * Restore suid/sgid bits only if user/group matches archive
  * Cache the last stat results to try to reduce the number of stat calls
2004-06-27 23:27:28 +00:00
Tim Kientzle
4660ecd1dc Add two new convenience functions to query the uid/gid from an
archive_entry.

Update the Makefile MLINKS and manpage to bring it up-to-date with
the current status of archive_entry.  At least the manpage actually
lists all of the functions now, even if it doesn't really yet explain
them all.
2004-06-27 23:16:42 +00:00
Tim Kientzle
527b6597a0 Clean up some consistent confusion between "dev" and "rdev."
Mostly, these were being used correctly even though a lot of
variables and function names were mis-named.

In the process, I found and fixed a couple of latent bugs and
added a guard against adding an archive to itself.
2004-06-27 18:38:13 +00:00
Tim Kientzle
406b66ef06 More tweaks to implicit directory creation. Even such abominations as
a/././b/../b/../c/./../d/e/f now work correctly.  And yes, a/b and a/c
both get created in this example; if you want, you can create an
entire dir heirarchy from a tar archive with only one entry.

More tweaks to umask support: umasks are now obeyed for all objects,
not just directories; the umask used is now the one in effect at the
corresponding call to archive_read_extract(), so clients that want to
tinker with umask during extract should get the expected behavior.
2004-06-27 16:44:51 +00:00
Tim Kientzle
30d140332e * The mode for implicitly-created dirs is now 0777 modified by the
umask in effect when the archive is closed
* Correct a typo that broke implicit dir creation for non-directories.

Thanks to: Garret A Wollman for pointing out my umask oversight
2004-06-27 05:59:15 +00:00
Tim Kientzle
6efb916277 Unify mkdirpath (used to automatically create missing parent dirs) and
read_extract_dir (which creates directories in the archive).  This
brings a number of advantages:
 * FINALLY fix the problems creating dirs ending in "/."  <sigh>
 * Missing parent dirs now get created securely, just like explicit dirs.
   (Created 0700 initially, then edited to 0755 at end of extraction.)
 * Eliminate some duplicate code and some weird special cases.

While I'm cleaning, inline the regular-file creation code as well.
2004-06-27 03:19:01 +00:00
Tim Kientzle
1393f9061e Read gtar-style sparse archives.
This change also pointed out one API deficiency: the
archive_read_data_into_XXX functions were originally defined to return
the total bytes read.  This is, of course, ambiguous when dealing with
non-contiguous files.  Change it to just return a status value.
2004-06-27 01:15:31 +00:00
Tim Kientzle
b77cfdd61e Ignore file flag bits that we don't support. In particular, this
corrects a segfault seen when archiving files from NTFS (which sets
bits in st_flags that are not documented in <sys/stat.h>.)

Thanks to: Doug Rabson
2004-06-19 04:19:27 +00:00
Tim Kientzle
9ad66a1eed Always restore permissions for regular files, even if the
file already exists on disk.

Pointed out by: www/resin3 port (whose distfile contains the same file
  twice with different permissions and relies on the permissions associated
  with the second instance)
Thanks again to: Kris Kennaway
2004-06-17 03:09:06 +00:00
Tim Kientzle
7e37ae50db Be a little more careful about creating directories:
* Restore directories with 0700 permissions initially,
   then use the fixup pass to correct the permissions
 * Trim trailing "/" and "/." in mkdirpath()

Suggested by: Garrett Wollman
2004-06-15 07:12:04 +00:00
Tim Kientzle
071a23c2d6 Correct some spelling errors. 2004-06-08 00:23:27 +00:00
Tim Kientzle
ce7fa714ab Linux (at least Debian) requires sys/types.h to get off_t. 2004-06-07 18:42:50 +00:00
Tim Kientzle
33e546958b History: A few very, very old tar programs used the filename to
distinguish files from dirs (trailing '/' indicated a dir).  Since
POSIX.1-1987, this convention is no longer necessary.  However, there
are current tar programs that pretend to write POSIX-compliant
archives, yet store directories as "regular files", relying on this
old filename convention to save them.  <sigh> So, move the check for
this old convention so it applies to all tar archives, not just those
identified as "old."

Pointed out by: Broken distfile for audio/faad port
2004-06-07 06:34:51 +00:00
Tim Kientzle
7d9005ce33 Tar bidder should just return a zero bid ("not me!") if
it sees a truncated input the first time it gets called.
(In particular, files shorter than 512 bytes cannot be tar archives.)
This allows the top-level archive_read_next_header code to
generate a proper error message for unrecognized file types.

Pointed out by: numerous ports that expect tar to extract non-tar files ;-(
Thanks to: Kris Kennaway
2004-06-07 04:32:10 +00:00
Tim Kientzle
16847cbdc4 Pointy hat: We can't avoid a chown() call without checking both UID
and GID.  Suppress a premature attempt at optimization.
2004-06-05 06:08:40 +00:00
Tim Kientzle
25354e55bf YAPHtM: Yet Another Pointy Hat to Me.
After calculating new dir permissions that allow creating files,
don't be stupid and use the original permissions.  <sigh>
2004-06-05 05:34:45 +00:00
Tim Kientzle
2474b73276 Recognize when we've accidentally created "foo/."
and don't complain about it.
2004-06-05 05:30:41 +00:00
Tim Kientzle
2b68caa0f2 Correctly reset archive_read_data state everytime a header is read. 2004-06-04 23:25:20 +00:00
Tim Kientzle
7a4f3ab2c4 Correct the layering violation in read_body_to_string. The previous
version called the higher-level archive_read_data and
archive_read_data_skip functions, which screwed up state management of
those functions.  This bit of mis-design has existed for a long time,
but became a serious issue with the recent changes to the
archive_read_data APIs, which added more internal state to the
high-level archive_read_data function.  Most common symptom was a
failure to correctly read 'L' entries (long filename) from GNU-style
archives, causing the message ": Can't open: No such file or
directory" with an empty filename.

Pointed out by:  Numerous port build failures
Thanks to: Kris Kennaway
2004-06-04 23:24:21 +00:00
Tim Kientzle
456db9b6db When we go to read the next tar header, if we get zero bytes, accept
that as end-of-archive.  Otherwise, a short read at this point
generates an error.  This accomodates broken tar writers (such as the
one apparently in use at AT&T Labs) that don't even write a single
end-of-archive block.

Note that both star and pdtar behave this way as well.
In contrast, gtar doesn't complain in either case, and as a
result, will generate no warning for a lot of trashed archives.

Pointed out by: shells/ksh93 port  (Thanks to Kris Kennaway)
2004-06-04 10:27:23 +00:00
Tim Kientzle
1a74b99db7 Be more careful about the initial read (used for "tasting" the compression):
* Check for and return input errors
  * Treat empty file (zero-length read) as a fatal error
2004-06-04 01:36:10 +00:00
Tim Kientzle
a8659f8468 Refactor the extraction code somewhat. In particular,
push extract data down into archive_read_extract.c and out
of the library-global archive_private.h; push dir-specific
mode/time fixup down into dir restore function; now that the
fixup list is file-local, I can use somewhat more natural
naming.

Oh, yeah, update a bunch of comments to match current reality.
2004-06-03 23:29:47 +00:00
Tim Kientzle
94dffc977c Add MLINKS for new API functions. 2004-06-02 08:16:21 +00:00
Tim Kientzle
e250dd4fad Refactor read_data:
* New read_data_block is both sparse-file aware and uses zero-copy semantics
 * Push read_data_block down into specific formats (opens door to
   various encoded entry bodies, such as zip or gtar -S)
 * Reimplement read_data, read_data_skip, read_data_into_fd in terms
   of new read_data_block.
 * Update documentation
It's unfortunate that I couldn't just call the new interface
archive_read_data, but didn't want to upset the API that much.
2004-06-02 08:14:43 +00:00
Tim Kientzle
14a60ae9a2 Connect libarchive decompress support to the build.
Also, add it to archive_read_support_compression_all()
so that typical clients get it pulled in by default.
2004-05-27 23:57:45 +00:00
Tim Kientzle
30230b4fd0 'gnutar' is now handled by the 'tar' reader, so
there's no need to enable support for it separately
from 'tar.'  (The call to enable gnutar support is
now just an alias for the tar support, left in to
avoid API breakage.)
2004-05-27 21:27:42 +00:00
Tim Kientzle
da725414f3 Previously, restoring an archive with hardlinked files that had
certain flags set (e.g., schg or uappend) would fail because the flags
were restored before the hardlink was created.

To address this, I've generalized the existing machinery for deferring
directory timestamp/mode restoration and used it to defer the
restoration of highly-restrictive flags to the end of the extraction,
after any links have been created.

Pointed out by: Pawel Jakub Dawidek (pjd@)
2004-05-27 05:02:35 +00:00
Tim Kientzle
2023cfd41b Document support for reading .Z compressed archives.
Correct a few other minor nits.
2004-05-27 04:21:52 +00:00
Tim Kientzle
5d425e1c12 GC some no-longer-used constants. 2004-05-27 04:01:58 +00:00
Tim Kientzle
ddf99967cc Add prototypes for .Z compression support. 2004-05-27 04:00:25 +00:00
Tim Kientzle
72271236bb Add read-only support for .Z compressed archives. 2004-05-27 03:58:55 +00:00
Tim Kientzle
b3fd17797d Correct parsing of Solaris default ACLs. 2004-05-21 09:01:13 +00:00
Tim Kientzle
5aedc78012 Nits fixed.
Pointed out by: Daniel Harris
2004-05-20 06:22:42 +00:00
Tim Kientzle
9e9662ef5b More research, more shuffling and clarification. 2004-05-20 04:12:47 +00:00
Tim Kientzle
22a2730797 When combining ustar prefix and name fields, check before adding a '/'
character, as some tar implementations incorrectly include a '/' with
the prefix.

Thanks to: Divacky Roman for the UnixWare 7 tarfile that
demonstrated this issue.
2004-05-19 17:09:24 +00:00
Tim Kientzle
ecad688385 I've recently been looking at the Seventh Edition source
code available at tuhs.org, and found out that my chronology
is a bit off.  In particular, Seventh Edition already used
the "linkflag" and "linkname" fields.  Also, it appears that
there was no tar in Sixth Edition, contrary to what an earlier
tar.1 manpage claimed.

A few mdoc fixes also crept in here.
2004-05-19 06:38:38 +00:00
Tim Kientzle
44c46f7978 Refine the heuristic used to determine whether or not to obey
the size field for a hardlink entry.  Specifically, ensure that
we do obey the size field for archives that we know are pax interchange
format archives, as required by POSIX.

Also, clarify the comment explaining why this is necessary and explain
the (very unusual) conditions under which it might fail.
2004-05-19 06:35:47 +00:00
Tim Kientzle
6c1a87e738 Be smarter about hardlink sizes: some tar programs write
a non-zero size but no body, some write a non-zero size and include
a body.  To distinguish these cases, look for a valid tar header immediately
following a hardlink header with non-zero size.
2004-05-18 18:16:30 +00:00
Tim Kientzle
f62681112e Clarify an error message. 2004-05-18 00:13:06 +00:00
Olivier Houchard
c1b2de5af0 Use WARNS?=3 for these in the arm case for now, due to toolchain issues. 2004-05-14 13:31:21 +00:00
Tim Kientzle
f9bc91709e Update raw byte count statistic correctly. 2004-05-13 06:38:30 +00:00
Tim Kientzle
4809584dd6 Add MLINK for newly-added archive_read_extract_set_progress_callback(3). 2004-05-13 06:04:21 +00:00
Tim Kientzle
199984b3b2 Add hook for a client-provided progress callback to be invoked
during lengthy extract operations.
2004-05-13 06:01:14 +00:00
Tim Kientzle
71125f3eb4 Consistify: #define gets 1 tab character afterwards
Pointed out by: Simon Nielsen
2004-05-03 01:40:34 +00:00
Tim Kientzle
037a17e70b Include appropriate flag header on Linux. 2004-05-02 00:38:38 +00:00
Tim Kientzle
183392ce20 Create missing directories when extracting hardlinks and symlinks. 2004-04-30 01:31:20 +00:00
Tim Kientzle
9e62b060b7 Implement ARCHIVE_EXTRACT_UNLINK for regular files. This supports the
-U flag to bsdtar.  Essentially, this option breaks existing hard
links.  According to SUSv2, tar is supposed to overwrite existing
files on extract by default which, in particular, preserves
existing hard links.  Note that this is yet another bug in gtar; it
appears to always break existing links.  (Maybe gtar's -U is broken?)

I'm unsure about how to handle this for other file types; the current
code always unlinks first unless the NO_OVERWRITE flag is specified.
I've commented this issue liberally and will come back to it later.
2004-04-29 05:19:42 +00:00