Commit Graph

48 Commits

Author SHA1 Message Date
kientzle
58af11b815 MfP4: Joerg Sonnenberger's fixes to make 'ar' and 'pax' writers
robust against multiple calls to their destroy() functions.
2008-08-10 02:06:28 +00:00
kientzle
a24d28f8e3 MFp4: libarchive 2.5.4b. (Still 'b' until I get a bit more
feedback, but the 2.5 branch is shaping up nicely.)

In addition to many small bug fixes and code improvements:
 * Another iteration of versioning; I think I've got it right now.
 * Portability:  A lot of progress on Windows support (though I'm
   not committing all of the Windows support files to FreeBSD CVS)
 * Explicit tracking of MBS, WCS, and UTF-8 versions of strings
   in archive_entry; the archive_entry routines now correctly return
   NULL only when something is unset, setting NULL properly clears
   string values.  Most charset conversions have been pushed down to
   archive_string.
 * Better handling of charset conversion failure when writing or
   reading UTF-8 headers in pax archives
 * archive_entry_linkify() provides multiple strategies for
   hardlink matching to suit different format expectations
 * More accurate bzip2 format detection
 * Joerg Sonnenberger's extensive improvements to mtree support
 * Rough support for self-extracting ZIP archives.  Not an ideal
   approach, but it works for the archives I've tried.
 * New "sparsify" option in archive_write_disk converts blocks of nulls
   into seeks.
 * Better default behavior for the test harness; it now reports
   all failures by default instead of coredumping at the first one.
2008-05-26 17:00:24 +00:00
kientzle
c7c16fc8e2 Remove the duplicate "archive_format" and "archive_format_name" fields
from the private archive_write structure and fix up all writers to use
the format fields in the base "archive" structure.  This error made it
impossible to query the format after setting up a writer because the
write format was stored in an inaccessible place.
2008-03-15 11:04:45 +00:00
kientzle
74f604455f Testability is more important than standards conformance.
Disable the use of PaxHeader.<pid> for the fake pax extension pathname
until I can make the name here settable.  Otherwise, tests that try
to compare output to static pre-generated reference files break.
2008-03-15 03:49:18 +00:00
kientzle
f863f57f14 Resolve a minor nit in SUS compliance by including the PID in the
fake directory name used for pax extended headers.
2008-03-15 02:30:42 +00:00
kientzle
4f3f5f46dd A subtle point: "pax interchange format" mandates that all strings
(including pathname, gname, uname) be stored in UTF-8.  This usually
doesn't cause problems on FreeBSD because the "C" locale on FreeBSD
can convert any byte to Unicode/wchar_t and from there to UTF-8.  In
other locales (including the "C" locale on Linux which is really
ASCII), you can get into trouble with pathnames that cannot be
converted to UTF-8.

Libarchive's pax writer truncated pathnames and other strings at the
first nonconvertible character.  (ouch!)  Other archivers have worked
around this by storing unconvertible pathnames as raw binary, a
practice which has been sanctioned by the Austin group.  However,
libarchive's pax reader would segfault reading headers that weren't
proper UTF-8.  (ouch!)  Since bsdtar defaults to pax format, this
affects bsdtar rather heavily.

To correctly support the new "hdrcharset" header that is going into
SUS and to handle conversion failures in general, libarchive's pax reader
and writer have been overhauled fairly extensively.  They used to do
most of the pax header processing using wchar_t (Unicode); they now do
most of it using char so that common logic applies to either UTF-8 or
"binary" strings.

As a bonus, a number of extraneous conversions to/from wchar_t have
been eliminated, which should speed things up just a tad.

Thanks to: Bjoern Jacke for originally reporting this to me
Thanks to: Joerg Sonnenberger for noting a bad typo in my first draft of this
Thanks to: Gunnar Ritter for getting the standard fixed
MFC after: 5 days
2008-03-15 01:43:59 +00:00
kientzle
2b8395148f Update libarchive to 2.4.10. This includes a number of improvements
that I've been working on but put off committing until after the
RELENG_7 branch, including:

* New manpages: cpio.5 mtree.5
* New archive_entry_strmode()
* New archive_entry_link_resolver()
* New read support: mtree format
* Internal API change:  read format auction only runs once
* Running the auction only once allowed simplifying a lot of bid logic.
* Cpio robustness:  search for next header after a sync error
* Support device nodes on ISO9660 images
* Eliminate a lot of unnecessary copies for uncompressed archives
* Corrected handling of new GNU --sparse --posix formats
* Correctly handle a zero-byte write to a compressed archive
* Fixed memory leaks

Many of these improvements were motivated by the upcoming bsdcpio
front-end.

There have also been extensive improvements to the libarchive_test
test harness, which I'll commit separately.
2007-12-30 04:58:22 +00:00
kientzle
013be331bc libarchive 2.2.3
* "compression_program" support uses an external program
  * Portability: no longer uses "struct stat" as a primary
    data interchange structure internally
  * Part of the above: refactor archive_entry to separate
    out copy_stat() and stat() functions
  * More complete tests for archive_entry
  * Finish archive_entry_clone()
  * Isolate major()/minor()/makedev() in archive_entry; remove
    these from everywhere else.
  * Bug fix: properly handle decompression look-ahead at end-of-data
  * Bug fixes to 'ar' support
  * Fix memory leak in ZIP reader
  * Portability: better timegm() emulation in iso9660 reader
  * New write_disk flags to suppress auto dir creation and not
    overwrite newer files (for future cpio front-end)
  * Simplify trailing-'/' fixup when writing tar and pax
  * Test enhancements:  fix various compiler warnings, improve
    portability, add lots of new tests.
  * Documentation: document new functions, first draft of
    libarchive_internals.3

MFC after: 14 days
Thanks to: Joerg Sonnenberger (compression_program)
Thanks to: Kai Wang (ar)
Thanks to: Colin Percival (many small fixes)
Thanks to: Many others who sent me various patches and problem reports.
2007-05-29 01:00:21 +00:00
kientzle
f22ef7785f Conventionally, tar archives have always included a trailing '/'
for directories.  bsdtar used to add this, but that recently got
lost somehow.  So now I'm adding it back in libarchive.
The only odd part of doing this in libarchive:  Adding a directory to
a tar archive and then reading it back again can yield a different name.

Add a test case to exercise some boundary conditions with
tar filenames and ensure that trailing slashes are added to
dir names only as necessary.

Thanks to: Oliver Lehmann for bringing this regression to my attention.
2007-04-14 08:20:31 +00:00
kientzle
1a60578adb libarchive 2.0
* libarchive_test program exercises many of the core features
  * Refactored old "read_extract" into new "archive_write_disk", which
    uses archive_write methods to put entries onto disk.  In particular,
    you can now use archive_write_disk to create objects on disk
    without having an archive available.
  * Pushed some security checks from bsdtar down into libarchive, where
    they can be better optimized.
  * Rearchitected the logic for creating objects on disk to reduce
    the number of system calls.  Several common cases now use a
    minimum number of system calls.
  * Virtualized some internal interfaces to provide a clearer separation
    of read and write handling and make it simpler to override key
    methods.
  * New "empty" format reader.
  * Corrected return types (this ABI breakage required the "2.0" version bump)
  * Many bug fixes.
2007-03-03 07:37:37 +00:00
kientzle
af26d8ef92 Fix the copyright notice; it was always intended to be
a vanilla 2-clause BSD license, but somehow some confusing
extra verbage get copied from somewhere.

Also, update the copyright dates to 2007 for all of the files.

Prompted by: several questions about what those extra words really mean
2007-01-09 08:05:56 +00:00
kientzle
8aa83b7d19 Fill in a couple of missing casts: clarify one narrowing conversion
and correct the use of unary minus with an unsigned value.  (The unary
minus here is actually being used as a bitwise operation, which is
unusual enough to deserve a clarifying cast.)
2006-11-24 05:48:04 +00:00
kientzle
8c58f2d4e8 Change the internal API for writing data to an entry; make the
internal format-specific functions return the same as the public
function, so that the public API layer doesn't have to guess the
correct return value.  This addresses an obscure problem that occurs
when someone tries to write more data than the size of the entry (as
indicated in the entry header).  In this case, the return value from
archive_write_data() was incorrect, reflecting the requested write
rather than the amount actually written.

MFC after: 15 days
2006-11-15 05:14:20 +00:00
kientzle
50bb724108 Portability and style fixes:
* Actually use the HAVE_<header>_H macros to conditionally include
    system headers.  They've been defined for a long time, but only
    used in a few places.  Now they're used pretty consistently
    throughout.
  * Fill in a lot of missing casts for conversions from void*.
    Although Standard C doesn't require this, some people have been
    trying to use C++ compilers with this code, and they do require it.

Bit-for-bit, the compiled object files are identical, except for
one assert() whose line number changed, so I'm pretty confident I
didn't break anything.  ;-)
2006-11-10 06:39:46 +00:00
kientzle
537ab73b2f POSIX.1e-style Extended Attribute support
This commit implements storing/reading POSIX.1e-style extended
attribute information in "pax" format archives.  An outline of the
storage format is in the tar.5 manpage.  The archive_read_extract()
function has code to restore those archives to disk for Linux; FreeBSD
implementation is forthcoming.

Many thanks to Jaakko Heinonen for finding flaws in earlier
proposals and doing the bulk of the coding in this work.
2006-03-21 16:55:46 +00:00
kientzle
68f2d4ef56 Minor fixes to the code that generates an internal ustar filename
for Pax extended attribute entries.
2006-02-14 04:05:03 +00:00
kientzle
6f0c8478d1 Portability: Use some autoconf magic to include the
correct headers for major()/minor()/makedev() on various
platforms.

Thanks to: Darin Broady
2005-11-08 03:52:42 +00:00
kientzle
456d84d665 In pax interchange format, use UTF8 for writing
link names, usernames, or group names that contain
non-ASCII characters.

In particular, this corrects an inconsistency reported
by Ed Maste when archiving symlinks with odd characters:
long symlinks would get preserved, short ones would
be changed.
2005-10-12 03:26:09 +00:00
kientzle
dcb8de96ab Add a lot of error checks, based on the patches provided by Dan Lukes.
Also fixes a memory leak reported by Andrew Turner.

PR: bin/83476
Thanks to: Dan Lukes, Andrew Turner
2005-09-21 04:25:06 +00:00
kientzle
9d88c7f7b7 Style issue: Don't include <wchar.h> where it is not actually needed.
(wchar_t is defined in stddef.h, and only two files need more than that.)

Portability:  Since the wchar requirements are really quite modest,
it's easy to define basic replacements for wcslen, wcscmp, wcscpy,
etc, for use on systems that lack <wchar.h>.  In particular, this allows
libarchive to be used on older OpenBSD systems.
2005-09-10 22:58:06 +00:00
kientzle
eda3e2bd37 When copying time values from the main entry header to be used in the
header of the pax extension entry, clip them to ustar limits.  In particular,
this prevents an internal panic for very old files.

Thanks to: Chris Spiegel
MFC after: 7 days
2005-08-02 03:13:42 +00:00
kientzle
326eb5aaed A minor refinement to "pax" output: Remove suid/sgid/sticky bits
from mode before using mode for extended attributes entry, copy
mtime/atime/ctime to extended attributes entry so it's a little more
clear that it corresponds to the like-named regular entry.

MFC after: 14 days
2005-06-01 15:44:23 +00:00
kientzle
5be5ef99a1 Certain filenames between 245 and 255 characters long would cause an
internal error if pax extended attributes were being generated.  Being
< 255 characters, the first-pass path editing (to generate a
ustar-compatible name for the main entry) wouldn't occur, and the
second-pass path editing (to generate a ustar name for the pax
attributes entry) assumed the input was already < 245 chars.

The core problem here was using an abbreviated algorithm for the
second pass that relied on the first pass having already run.  The
rewritten code is much simpler: It just uses the full path-shortening
algorithm for building both ustar pathnames.  This way, the second
ustar pathname will always be short enough.

Thanks to: Mark Cammidge
Related to: bin/74385
2005-04-23 17:46:51 +00:00
kientzle
3ba777976f Rewrite the code that hacks a short names to use in
the regular ustar entry.  The old code sometimes created
a too-long name that overflowed the ustar fields and triggered
an internal assertion failure.  This version should be more
robust.

Thanks to: Michal Listos
Fixes: bin/74385
MFC after: 15 days
2004-12-29 23:26:18 +00:00
kientzle
15dfe78baa Don't truncate major/minor numbers written to the legacy
ustar fields.  Later, we're going to permit numeric extensions
for these fields, so we can support large values here.  In particular,
this allows GNU tar to correctly extract such entries even
though it doesn't support the pax extended attributes.

Note: r1.18 and r1.17.2.1 of this file allowed similar treatment
of the uid/gid fields.

Thanks to: Ben Mesander
2004-12-22 02:35:37 +00:00
kientzle
ffb27cac2c When determining whether filename is too long for a
regular 'ustar' entry, use narrow-character version,
not wide-character version, as the ustar entry always
uses the narrow-character filename.

Thanks to: Michal Listos
Inspired by, but doesn't fix: bin/74385
2004-11-28 17:57:11 +00:00
kientzle
43f45b89f8 Correct the spelling of "archive_write_pax_header"
in an error message.

Thanks to: Michal Listos
Inspired by, but doesn't fix: bin/74385
2004-11-28 17:49:39 +00:00
kientzle
35042e9828 Since I'm not using the public API for writing
the the pax attributes, I shouldn't try using the public
API for finishing out the attribute entry, either.

This also removes some old dubious state manipulations.
2004-11-15 01:46:33 +00:00
kientzle
70764b092d Pax extended headers were always failing
because the code was using the external API
(archive_write_data) and assuming internal
error-return conventions.  Use the internal
API for writing data.

Thanks to: Joe Marcus Clarke
2004-11-15 01:24:39 +00:00
kientzle
fef2e8cee8 Clean up the error handling in the
write path.  In particular, this should
solve some problems people have seen with
bsdtar not exiting on various write errors.
2004-11-05 05:26:30 +00:00
kientzle
e572c5e1cf Fix two ugly errors:
1. The correct cutoff for large uid/gid handling is 1<<18, not 1<<20.
2. Limit the uid/gid in the 'x' extension header (where numeric extensions
are not permitted) to 1<<18, but use the correct value in the regular
header (where numeric extensions are permitted).
Thanks to: Dan Nelson
MFC after: 3 days
2004-09-17 04:39:07 +00:00
kientzle
6b8c5a5e67 Oops. Use "unsigned long" instead of "int" for the intermediate variables
in wide-character conversions, since it's guaranteed to be large enough.
Thanks to: Andrey Chernov
2004-08-08 02:22:48 +00:00
kientzle
0433526613 Use 'int' for certain wide-character conversions instead of wchar_t.
That quiets some compiler warnings on platforms with 16-bit wchar_t.
With this change, libarchive now compiles cleanly on Win32/cygwin.
2004-08-08 01:21:10 +00:00
kientzle
2f7b443faf Beef up the "cannot archive this" error message with the
actual mode that failed, to help track down a bug.
2004-08-07 02:24:20 +00:00
kientzle
c6ae412b29 When writing "pax" format, readers are supposed to ignore fields
in the regular ustar header that are overridden by the pax
extended attributes.  As a result, it makes perfect sense to
use numeric extensions in the regular ustar header so that readers
that don't understand pax extensions but do understand some other
extensions can still get useful information out of it.

This is especially important for filesizes, as the failure to
read a file size correctly can get the reader out of sync.

This commit introduces a "non-strict" option into the internal
function to format a ustar header.  In non-strict mode, the formatter
will use longer octal values (overwriting terminators) or binary
("base-256") values as needed to ensure that large file sizes,
negative mtimes, etc, have the correct values stored in the regular
ustar header.
2004-07-26 02:54:42 +00:00
kientzle
f3910ffdc8 We were forcing a pax extension header for files >= 1G. Set that
cutoff to >= 8G, as it should be.
2004-07-25 18:50:24 +00:00
kientzle
7cfb61a9b9 Clean up some consistent confusion between "dev" and "rdev."
Mostly, these were being used correctly even though a lot of
variables and function names were mis-named.

In the process, I found and fixed a couple of latent bugs and
added a guard against adding an archive to itself.
2004-06-27 18:38:13 +00:00
kientzle
736725bcab Update file flag handling.
The new fflags support in archive_entry supports Linux and FreeBSD
file flags and is a bit more gracious about unrecognized flag names
than strtofflags(3).  This involves some minor API breakage.

The default tar format ("restricted pax") now enables pax extensions
when archiving files that have flags.  In particular, copying dir
heirarchies with 'bsdtar cf - -C src . | bsdtar xpf - -C dest' now
preserves file flags.  (Note the "p" on extract!)

While I'm here, fill in some additional explanation in the
archive_entry.3 manpage, fill in some missing MLINKS, mark some
overlooked internal functions 'static', and make a few minor style
fixes.
2004-04-26 23:37:54 +00:00
kientzle
bd01158393 More portability improvements, thanks to Juergen Lock.
High-resolution mtime/ctime/atime is not POSIX-standard, so hide
set/get of high-resolution time fields behind easily-mutable macros.
That makes it easier to change how those fields are accessed.
2004-04-21 05:13:42 +00:00
kientzle
d880d2509a Eliminate some redundant calls to archive_entry_hardlink. 2004-04-20 20:07:30 +00:00
kientzle
5c2c79eafd * Plug a buffer overrun in ACL parsing. (archive_entry.c)
* Re-use a single buffer for shar output formatting rather
   than hammering the heap. (archive_write_set_format_shar.c)
 * Fix a handful of minor memory leaks and clean up some of the
   memory-management code.
2004-04-13 23:45:37 +00:00
kientzle
444807bb41 More work on ACLs: fix error in archive_entry's ACL parsing code,
try to set ACLs even if fflag restore fails, first cut at reading
  Solaris tar ACLs

Code improvement: merge gnu tar read support into main tar reader;
  this eliminates a lot of duplicate code and generalizes the tar
  reader to handle formats with GNU-like extensions.

Style: Makefile cleanup, eliminate 'dmalloc' references, remove 'tartype'
  from archive_entry (this makes archive_entry more format-agnostic)

Thanks to: David Magda for providing Solaris tar test files
2004-04-12 01:16:16 +00:00
kientzle
f66baeffb4 Fix some issues with ACL handling:
* ACL storage is no longer erased before a group of entries are added.
  * ACL text creation no longer tries to skip over non-existent text.
  * UTF8 encoder no longer blows up on invalid wide characters.
  * Fixed ACL state management for default ACLs.
Also, publicize function for obtaining text-format ACL in various
formats.  The interface is now extensible through a "flags" argument
that allows you to select a variant format.
2004-04-06 23:16:50 +00:00
kientzle
775d07093e Overhauled ACL support. This makes us compatible
with 'star' ACL handling, though there's still a
bit more work needed in this area.

Added 'write_open_fd' and 'read_open_fd' to simplify, e.g.,
tar's u and r modes.  Eliminated old 'write_open_file_position'
as a bad idea.  (It required closing/reopening files to
do updates, which led to unpleasant implications.)

Various other minor fixes, API tweaks, etc.
2004-04-05 21:12:29 +00:00
kientzle
ef0d6eb598 Many fixes:
* Disabled shared-library building, as some API breakage is
  still likely.  (I didn't realize it was turned on by default.)  If
  you have an existing /usr/lib/libarchive.so.2, I recommend deleting it.
* Pax interchange format now correctly stores and reads UTF8
  for extended attributes.  In particular, pax format can portably
  handle arbitrarily long pathnames containing arbitrary characters.
* Library compiles cleanly at -O2, -O3, and WARNS=6 on all
  FreeBSD-CURRENT platforms.
* Minor portability improvements inspired by Juergen Lock
  and Greg Lewis.  (Less reliance on stdint.h, isolating of
  various portability-challenged constructs.)
* archive_entry transparently converts multi-byte <-> wide character
  strings, allowing clients and format handlers to deal with either
  one, as appropriate.
* Support for reading 'L' and 'K' entries in standard tar archives
  for star compatibility.
* Recognize (but don't yet handle) ACL entries from Solaris tar.
* Pushed format-specific data for format readers down into
  format-specific storage and out of library-global storage.  This
  should make it easier to maintain individual formats without mucking
  with the core library management.
* Documentation updates to track the above changes.
* Updates to tar.5 to correct a few mistakes and add some additional
  information about GNU tar and Solaris tar formats.

Notes:
* The basic 'tar' reader is getting more general; there's not much
  point in keeping the 'gnutar' reader separate.  Merging the two
  would lose a bunch of duplicate code.
* The libc ACL support is looking increasingly inadequate for my needs
  here.  I might need to assemble some fairly significant code for
  parsing and building ACLs. <sigh>
2004-03-19 22:37:06 +00:00
kientzle
90072dfae0 Many fixes.
Portability: Thanks to Juergen Lock, libarchive now compiles cleanly
on Linux.  Along the way, I cleaned up a lot of error return codes and
reorganized some code to simplify conditional compilation of certain
sections.

Bug fixes:
  * pax format now actually stores filenames that are 101-154
    characters long.
  * pax format now allows newline characters in extended attributes
    (this fixes a long-standing bug in ACL handling)
  * mtime/atime are now restored for directories
  * directory list is now sorted prior to fix-up to permit
    correct restore of non-writable dir heirarchies
2004-03-09 19:50:41 +00:00
kientzle
f7afdba4b3 Minor API tweak: The format-specific write_header function now sets
the size in the archive_entry object to zero if that format doesn't
store a body for that file type.  This allows the client to determine
whether or not it should feed the file body to the archive.  In
particular, cpio stores the file body for hardlinks, tar and shar
don't.  With this change, bsdtar now correctly archives hardlinks in all
supported formats.

While I'm here, make shar output be more aggressive about creating directories.
Before this, commands such as:
    bsdtar -cv -F shar  some/explicit/path/to/a/file
wouldn't create the directory.  Some simple logic to remember the last
directory creation helps reduce unnecessary mkdirs here.

At this point, I think the only flaw in libarchive's cpio support is
the failure to recognize hardlinks when reading.
2004-03-06 05:44:13 +00:00
kientzle
af9413b539 Initial import of libarchive.
What it is:
   A library for reading and writing various streaming archive
   formats, especially tar and cpio.  Being a library, it should
   be easy to incorporate into pkg_* tools, sysinstall, and any
   other place that needs to read or write such archives.

Features:
  * Full automatic detection of both compression and archive format.
  * Extensible internal architecture to make it easy to add new formats.
  * Support for "pax interchange format," a new POSIX-standard tar format
    that eliminates essentially all of the restrictions of historic formats.
  * BSD license

Thanks to: jkh for pushing me to start this work, gordon for
  encouraging me to commit it, bde for answering endless style
  questions, and many others for feedback and encouragement.

Status: Pretty good overall, though there are still a few rough edges and
  the library could always use more testing.  Feedback eagerly solicited.
2004-02-09 23:22:54 +00:00