freebsd-nq/usr.bin/tar/read.c
Tim Kientzle 6b422e20c1 Extended attribute support on write for Linux; FreeBSD hooks are
forthcoming.  This commit also has a number of style(9) fixes and
minor corrections so the code works better with the build system being
used for non-FreeBSD builds.

Many thanks to: Jaakko Heinonen, who proposed a mechanism for extended
attribute support and implemented both the machine-independent portion
and the Linux-specific portion.
2006-03-21 17:03:51 +00:00

468 lines
13 KiB
C

/*-
* Copyright (c) 2003-2004 Tim Kientzle
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer
* in this position and unchanged.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "bsdtar_platform.h"
__FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <errno.h>
#include <grp.h>
#include <limits.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
#include <unistd.h>
#include "bsdtar.h"
static void cleanup_security(struct bsdtar *);
static void list_item_verbose(struct bsdtar *, FILE *,
struct archive_entry *);
static void read_archive(struct bsdtar *bsdtar, char mode);
static int security_problem(struct bsdtar *, struct archive_entry *);
void
tar_mode_t(struct bsdtar *bsdtar)
{
read_archive(bsdtar, 't');
}
void
tar_mode_x(struct bsdtar *bsdtar)
{
read_archive(bsdtar, 'x');
}
/*
* Handle 'x' and 't' modes.
*/
static void
read_archive(struct bsdtar *bsdtar, char mode)
{
FILE *out;
struct archive *a;
struct archive_entry *entry;
const struct stat *st;
int r;
while (*bsdtar->argv) {
include(bsdtar, *bsdtar->argv);
bsdtar->argv++;
}
if (bsdtar->names_from_file != NULL)
include_from_file(bsdtar, bsdtar->names_from_file);
a = archive_read_new();
archive_read_support_compression_all(a);
archive_read_support_format_all(a);
if (archive_read_open_file(a, bsdtar->filename,
bsdtar->bytes_per_block != 0 ? bsdtar->bytes_per_block :
DEFAULT_BYTES_PER_BLOCK))
bsdtar_errc(bsdtar, 1, 0, "Error opening archive: %s",
archive_error_string(a));
do_chdir(bsdtar);
for (;;) {
/* Support --fast-read option */
if (bsdtar->option_fast_read &&
unmatched_inclusions(bsdtar) == 0)
break;
r = archive_read_next_header(a, &entry);
if (r == ARCHIVE_EOF)
break;
if (r == ARCHIVE_WARN)
bsdtar_warnc(bsdtar, 0, "%s", archive_error_string(a));
if (r == ARCHIVE_FATAL) {
bsdtar->return_value = 1;
bsdtar_warnc(bsdtar, 0, "%s", archive_error_string(a));
break;
}
if (r == ARCHIVE_RETRY) {
/* Retryable error: try again */
bsdtar_warnc(bsdtar, 0, "%s", archive_error_string(a));
bsdtar_warnc(bsdtar, 0, "Retrying...");
continue;
}
/*
* Exclude entries that are too old.
*/
st = archive_entry_stat(entry);
if (bsdtar->newer_ctime_sec > 0) {
if (st->st_ctime < bsdtar->newer_ctime_sec)
continue; /* Too old, skip it. */
if (st->st_ctime == bsdtar->newer_ctime_sec
&& ARCHIVE_STAT_CTIME_NANOS(st)
<= bsdtar->newer_ctime_nsec)
continue; /* Too old, skip it. */
}
if (bsdtar->newer_mtime_sec > 0) {
if (st->st_mtime < bsdtar->newer_mtime_sec)
continue; /* Too old, skip it. */
if (st->st_mtime == bsdtar->newer_mtime_sec
&& ARCHIVE_STAT_MTIME_NANOS(st)
<= bsdtar->newer_mtime_nsec)
continue; /* Too old, skip it. */
}
/*
* Note that pattern exclusions are checked before
* pathname rewrites are handled. This gives more
* control over exclusions, since rewrites always lose
* information. (For example, consider a rewrite
* s/foo[0-9]/foo/. If we check exclusions after the
* rewrite, there would be no way to exclude foo1/bar
* while allowing foo2/bar.)
*/
if (excluded(bsdtar, archive_entry_pathname(entry)))
continue; /* Excluded by a pattern test. */
/*
* Modify the pathname as requested by the user. We
* do this for -t as well to give users a way to
* preview the effects of their rewrites. We also do
* this before extraction security checks (including
* leading '/' removal). Note that some rewrite
* failures prevent extraction.
*/
if (edit_pathname(bsdtar, entry))
continue; /* Excluded by a rewrite failure. */
if (mode == 't') {
/* Perversely, gtar uses -O to mean "send to stderr"
* when used with -t. */
out = bsdtar->option_stdout ? stderr : stdout;
if (bsdtar->verbose < 2)
safe_fprintf(out, "%s",
archive_entry_pathname(entry));
else
list_item_verbose(bsdtar, out, entry);
fflush(out);
r = archive_read_data_skip(a);
if (r == ARCHIVE_WARN) {
fprintf(out, "\n");
bsdtar_warnc(bsdtar, 0, "%s",
archive_error_string(a));
}
if (r == ARCHIVE_RETRY) {
fprintf(out, "\n");
bsdtar_warnc(bsdtar, 0, "%s",
archive_error_string(a));
}
if (r == ARCHIVE_FATAL) {
fprintf(out, "\n");
bsdtar_warnc(bsdtar, 0, "%s",
archive_error_string(a));
break;
}
fprintf(out, "\n");
} else {
/*
* Skip security problems before prompting.
* Otherwise, the user may be confused that a
* file they wanted to extract was
* subsequently skipped.
*/
if (security_problem(bsdtar, entry))
continue;
if (bsdtar->option_interactive &&
!yes("extract '%s'", archive_entry_pathname(entry)))
continue;
/*
* Format here is from SUSv2, including the
* deferred '\n'.
*/
if (bsdtar->verbose) {
safe_fprintf(stderr, "x %s",
archive_entry_pathname(entry));
fflush(stderr);
}
if (bsdtar->option_stdout) {
/* TODO: Catch/recover any errors here. */
archive_read_data_into_fd(a, 1);
} else if (archive_read_extract(a, entry,
bsdtar->extract_flags)) {
if (!bsdtar->verbose)
safe_fprintf(stderr, "%s",
archive_entry_pathname(entry));
safe_fprintf(stderr, ": %s",
archive_error_string(a));
if (!bsdtar->verbose)
fprintf(stderr, "\n");
/*
* TODO: Decide how to handle
* extraction error... <sigh>
*/
bsdtar->return_value = 1;
}
if (bsdtar->verbose)
fprintf(stderr, "\n");
}
}
if (bsdtar->verbose > 2)
fprintf(stdout, "Archive Format: %s, Compression: %s\n",
archive_format_name(a), archive_compression_name(a));
archive_read_finish(a);
cleanup_security(bsdtar);
}
/*
* Display information about the current file.
*
* The format here roughly duplicates the output of 'ls -l'.
* This is based on SUSv2, where 'tar tv' is documented as
* listing additional information in an "unspecified format,"
* and 'pax -l' is documented as using the same format as 'ls -l'.
*/
static void
list_item_verbose(struct bsdtar *bsdtar, FILE *out, struct archive_entry *entry)
{
const struct stat *st;
char tmp[100];
size_t w;
const char *p;
const char *fmt;
time_t tim;
static time_t now;
st = archive_entry_stat(entry);
/*
* We avoid collecting the entire list in memory at once by
* listing things as we see them. However, that also means we can't
* just pre-compute the field widths. Instead, we start with guesses
* and just widen them as necessary. These numbers are completely
* arbitrary.
*/
if (!bsdtar->u_width) {
bsdtar->u_width = 6;
bsdtar->gs_width = 13;
}
if (!now)
time(&now);
bsdtar_strmode(entry, tmp);
fprintf(out, "%s %d ", tmp, (int)(st->st_nlink));
/* Use uname if it's present, else uid. */
p = archive_entry_uname(entry);
if ((p == NULL) || (*p == '\0')) {
sprintf(tmp, "%d ", st->st_uid);
p = tmp;
}
w = strlen(p);
if (w > bsdtar->u_width)
bsdtar->u_width = w;
fprintf(out, "%-*s ", (int)bsdtar->u_width, p);
/* Use gname if it's present, else gid. */
p = archive_entry_gname(entry);
if (p != NULL && p[0] != '\0') {
fprintf(out, "%s", p);
w = strlen(p);
} else {
sprintf(tmp, "%d", st->st_gid);
w = strlen(tmp);
fprintf(out, "%s", tmp);
}
/*
* Print device number or file size, right-aligned so as to make
* total width of group and devnum/filesize fields be gs_width.
* If gs_width is too small, grow it.
*/
if (S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode)) {
sprintf(tmp, "%d,%u",
major(st->st_rdev),
(unsigned)minor(st->st_rdev)); /* ls(1) also casts here. */
} else {
/*
* Note the use of platform-dependent macros to format
* the filesize here. We need the format string and the
* corresponding type for the cast.
*/
sprintf(tmp, BSDTAR_FILESIZE_PRINTF,
(BSDTAR_FILESIZE_TYPE)st->st_size);
}
if (w + strlen(tmp) >= bsdtar->gs_width)
bsdtar->gs_width = w+strlen(tmp)+1;
fprintf(out, "%*s", (int)(bsdtar->gs_width - w), tmp);
/* Format the time using 'ls -l' conventions. */
tim = (time_t)st->st_mtime;
if (abs(tim - now) > (365/2)*86400)
fmt = bsdtar->day_first ? "%e %b %Y" : "%b %e %Y";
else
fmt = bsdtar->day_first ? "%e %b %R" : "%b %e %R";
strftime(tmp, sizeof(tmp), fmt, localtime(&tim));
fprintf(out, " %s ", tmp);
safe_fprintf(out, "%s", archive_entry_pathname(entry));
/* Extra information for links. */
if (archive_entry_hardlink(entry)) /* Hard link */
safe_fprintf(out, " link to %s",
archive_entry_hardlink(entry));
else if (S_ISLNK(st->st_mode)) /* Symbolic link */
safe_fprintf(out, " -> %s", archive_entry_symlink(entry));
}
/*
* Structure for storing path of last successful security check.
*/
struct security {
char *path;
size_t path_size;
};
/*
* Check for a variety of security issues. Fix what we can here,
* generate warnings as appropriate, return non-zero to prevent
* this entry from being extracted.
*/
static int
security_problem(struct bsdtar *bsdtar, struct archive_entry *entry)
{
struct stat st;
const char *name, *pn;
char *p;
int r;
/* -P option forces us to just accept all pathnames as-is. */
if (bsdtar->option_absolute_paths)
return (0);
name = archive_entry_pathname(entry);
/* Reject any archive entry with '..' as a path element. */
pn = name;
while (pn != NULL && pn[0] != '\0') {
if (pn[0] == '.' && pn[1] == '.' &&
(pn[2] == '\0' || pn[2] == '/')) {
bsdtar_warnc(bsdtar, 0,
"Skipping pathname containing ..");
bsdtar->return_value = 1;
return (1);
}
pn = strchr(pn, '/');
if (pn != NULL)
pn++;
}
/*
* Gaurd against symlink tricks. Reject any archive entry whose
* destination would be altered by a symlink.
*/
/* XXX TODO: Make this faster by comparing current path to
* prefix of last successful check to avoid duplicate lstat()
* calls. XXX */
pn = name;
if (bsdtar->security == NULL) {
bsdtar->security = malloc(sizeof(*bsdtar->security));
if (bsdtar->security == NULL)
bsdtar_errc(bsdtar, 1, errno, "No Memory");
bsdtar->security->path_size = MAXPATHLEN + 1;
bsdtar->security->path = malloc(bsdtar->security->path_size);
if (bsdtar->security->path == NULL)
bsdtar_errc(bsdtar, 1, errno, "No Memory");
}
if (strlen(name) >= bsdtar->security->path_size) {
free(bsdtar->security->path);
while (strlen(name) >= bsdtar->security->path_size)
bsdtar->security->path_size *= 2;
bsdtar->security->path = malloc(bsdtar->security->path_size);
if (bsdtar->security->path == NULL)
bsdtar_errc(bsdtar, 1, errno, "No Memory");
}
p = bsdtar->security->path;
while (pn != NULL && pn[0] != '\0') {
*p++ = *pn++;
while (*pn != '\0' && *pn != '/')
*p++ = *pn++;
p[0] = '\0';
r = lstat(bsdtar->security->path, &st);
if (r != 0) {
if (errno == ENOENT)
break;
} else if (S_ISLNK(st.st_mode)) {
if (pn[0] == '\0') {
/*
* Last element is symlink; remove it
* so we can overwrite it with the
* item being extracted.
*/
if (!S_ISLNK(archive_entry_mode(entry))) {
/*
* Warn only if the symlink is being
* replaced with a non-symlink.
*/
bsdtar_warnc(bsdtar, 0,
"Removing symlink %s",
bsdtar->security->path);
}
if (unlink(bsdtar->security->path))
bsdtar_errc(bsdtar, 1, errno,
"Unlink failed");
/* Symlink gone. No more problem! */
return (0);
} else if (bsdtar->option_unlink_first) {
/* User asked us to remove problems. */
if (unlink(bsdtar->security->path))
bsdtar_errc(bsdtar, 1, errno,
"Unlink failed");
} else {
bsdtar_warnc(bsdtar, 0,
"Cannot extract %s through symlink %s",
name, bsdtar->security->path);
bsdtar->return_value = 1;
return (1);
}
}
}
return (0);
}
static void
cleanup_security(struct bsdtar *bsdtar)
{
if (bsdtar->security != NULL) {
free(bsdtar->security->path);
free(bsdtar->security);
}
}