2
* Copyright (c) 2003-2004 Tim Kientzle
5
* Redistribution and use in source and binary forms, with or without
6
* modification, are permitted provided that the following conditions
8
* 1. Redistributions of source code must retain the above copyright
9
* notice, this list of conditions and the following disclaimer
10
* in this position and unchanged.
11
* 2. Redistributions in binary form must reproduce the above copyright
12
* notice, this list of conditions and the following disclaimer in the
13
* documentation and/or other materials provided with the distribution.
15
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
16
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18
* IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
19
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27
#include "bsdtar_platform.h"
28
__FBSDID("$FreeBSD: src/usr.bin/tar/read.c,v 1.25 2006/03/21 17:03:51 kientzle Exp $");
30
#include <sys/param.h>
31
#include <sys/types.h>
46
static void cleanup_security(struct bsdtar *);
47
static void list_item_verbose(struct bsdtar *, FILE *,
48
struct archive_entry *);
49
static void read_archive(struct bsdtar *bsdtar, char mode);
50
static int security_problem(struct bsdtar *, struct archive_entry *);
53
tar_mode_t(struct bsdtar *bsdtar)
55
read_archive(bsdtar, 't');
59
tar_mode_x(struct bsdtar *bsdtar)
61
read_archive(bsdtar, 'x');
65
* Handle 'x' and 't' modes.
68
read_archive(struct bsdtar *bsdtar, char mode)
72
struct archive_entry *entry;
73
const struct stat *st;
76
while (*bsdtar->argv) {
77
include(bsdtar, *bsdtar->argv);
81
if (bsdtar->names_from_file != NULL)
82
include_from_file(bsdtar, bsdtar->names_from_file);
84
a = archive_read_new();
85
archive_read_support_compression_all(a);
86
archive_read_support_format_all(a);
87
if (archive_read_open_file(a, bsdtar->filename,
88
bsdtar->bytes_per_block != 0 ? bsdtar->bytes_per_block :
89
DEFAULT_BYTES_PER_BLOCK))
90
bsdtar_errc(bsdtar, 1, 0, "Error opening archive: %s",
91
archive_error_string(a));
95
/* Support --fast-read option */
96
if (bsdtar->option_fast_read &&
97
unmatched_inclusions(bsdtar) == 0)
100
r = archive_read_next_header(a, &entry);
101
if (r == ARCHIVE_EOF)
103
if (r == ARCHIVE_WARN)
104
bsdtar_warnc(bsdtar, 0, "%s", archive_error_string(a));
105
if (r == ARCHIVE_FATAL) {
106
bsdtar->return_value = 1;
107
bsdtar_warnc(bsdtar, 0, "%s", archive_error_string(a));
110
if (r == ARCHIVE_RETRY) {
111
/* Retryable error: try again */
112
bsdtar_warnc(bsdtar, 0, "%s", archive_error_string(a));
113
bsdtar_warnc(bsdtar, 0, "Retrying...");
118
* Exclude entries that are too old.
120
st = archive_entry_stat(entry);
121
if (bsdtar->newer_ctime_sec > 0) {
122
if (st->st_ctime < bsdtar->newer_ctime_sec)
123
continue; /* Too old, skip it. */
124
if (st->st_ctime == bsdtar->newer_ctime_sec
125
&& ARCHIVE_STAT_CTIME_NANOS(st)
126
<= bsdtar->newer_ctime_nsec)
127
continue; /* Too old, skip it. */
129
if (bsdtar->newer_mtime_sec > 0) {
130
if (st->st_mtime < bsdtar->newer_mtime_sec)
131
continue; /* Too old, skip it. */
132
if (st->st_mtime == bsdtar->newer_mtime_sec
133
&& ARCHIVE_STAT_MTIME_NANOS(st)
134
<= bsdtar->newer_mtime_nsec)
135
continue; /* Too old, skip it. */
139
* Note that pattern exclusions are checked before
140
* pathname rewrites are handled. This gives more
141
* control over exclusions, since rewrites always lose
142
* information. (For example, consider a rewrite
143
* s/foo[0-9]/foo/. If we check exclusions after the
144
* rewrite, there would be no way to exclude foo1/bar
145
* while allowing foo2/bar.)
147
if (excluded(bsdtar, archive_entry_pathname(entry)))
148
continue; /* Excluded by a pattern test. */
151
* Modify the pathname as requested by the user. We
152
* do this for -t as well to give users a way to
153
* preview the effects of their rewrites. We also do
154
* this before extraction security checks (including
155
* leading '/' removal). Note that some rewrite
156
* failures prevent extraction.
158
if (edit_pathname(bsdtar, entry))
159
continue; /* Excluded by a rewrite failure. */
162
/* Perversely, gtar uses -O to mean "send to stderr"
163
* when used with -t. */
164
out = bsdtar->option_stdout ? stderr : stdout;
166
if (bsdtar->verbose < 2)
167
safe_fprintf(out, "%s",
168
archive_entry_pathname(entry));
170
list_item_verbose(bsdtar, out, entry);
172
r = archive_read_data_skip(a);
173
if (r == ARCHIVE_WARN) {
175
bsdtar_warnc(bsdtar, 0, "%s",
176
archive_error_string(a));
178
if (r == ARCHIVE_RETRY) {
180
bsdtar_warnc(bsdtar, 0, "%s",
181
archive_error_string(a));
183
if (r == ARCHIVE_FATAL) {
185
bsdtar_warnc(bsdtar, 0, "%s",
186
archive_error_string(a));
192
* Skip security problems before prompting.
193
* Otherwise, the user may be confused that a
194
* file they wanted to extract was
195
* subsequently skipped.
197
if (security_problem(bsdtar, entry))
200
if (bsdtar->option_interactive &&
201
!yes("extract '%s'", archive_entry_pathname(entry)))
205
* Format here is from SUSv2, including the
208
if (bsdtar->verbose) {
209
safe_fprintf(stderr, "x %s",
210
archive_entry_pathname(entry));
213
if (bsdtar->option_stdout) {
214
/* TODO: Catch/recover any errors here. */
215
archive_read_data_into_fd(a, 1);
216
} else if (archive_read_extract(a, entry,
217
bsdtar->extract_flags)) {
218
if (!bsdtar->verbose)
219
safe_fprintf(stderr, "%s",
220
archive_entry_pathname(entry));
221
safe_fprintf(stderr, ": %s",
222
archive_error_string(a));
223
if (!bsdtar->verbose)
224
fprintf(stderr, "\n");
226
* TODO: Decide how to handle
227
* extraction error... <sigh>
229
bsdtar->return_value = 1;
232
fprintf(stderr, "\n");
236
if (bsdtar->verbose > 2)
237
fprintf(stdout, "Archive Format: %s, Compression: %s\n",
238
archive_format_name(a), archive_compression_name(a));
240
archive_read_finish(a);
241
cleanup_security(bsdtar);
246
* Display information about the current file.
248
* The format here roughly duplicates the output of 'ls -l'.
249
* This is based on SUSv2, where 'tar tv' is documented as
250
* listing additional information in an "unspecified format,"
251
* and 'pax -l' is documented as using the same format as 'ls -l'.
254
list_item_verbose(struct bsdtar *bsdtar, FILE *out, struct archive_entry *entry)
256
const struct stat *st;
264
st = archive_entry_stat(entry);
267
* We avoid collecting the entire list in memory at once by
268
* listing things as we see them. However, that also means we can't
269
* just pre-compute the field widths. Instead, we start with guesses
270
* and just widen them as necessary. These numbers are completely
273
if (!bsdtar->u_width) {
275
bsdtar->gs_width = 13;
279
bsdtar_strmode(entry, tmp);
280
fprintf(out, "%s %d ", tmp, (int)(st->st_nlink));
282
/* Use uname if it's present, else uid. */
283
p = archive_entry_uname(entry);
284
if ((p == NULL) || (*p == '\0')) {
285
sprintf(tmp, "%d ", st->st_uid);
289
if (w > bsdtar->u_width)
291
fprintf(out, "%-*s ", (int)bsdtar->u_width, p);
293
/* Use gname if it's present, else gid. */
294
p = archive_entry_gname(entry);
295
if (p != NULL && p[0] != '\0') {
296
fprintf(out, "%s", p);
299
sprintf(tmp, "%d", st->st_gid);
301
fprintf(out, "%s", tmp);
305
* Print device number or file size, right-aligned so as to make
306
* total width of group and devnum/filesize fields be gs_width.
307
* If gs_width is too small, grow it.
309
if (S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode)) {
310
sprintf(tmp, "%d,%u",
312
(unsigned)minor(st->st_rdev)); /* ls(1) also casts here. */
315
* Note the use of platform-dependent macros to format
316
* the filesize here. We need the format string and the
317
* corresponding type for the cast.
319
sprintf(tmp, BSDTAR_FILESIZE_PRINTF,
320
(BSDTAR_FILESIZE_TYPE)st->st_size);
322
if (w + strlen(tmp) >= bsdtar->gs_width)
323
bsdtar->gs_width = w+strlen(tmp)+1;
324
fprintf(out, "%*s", (int)(bsdtar->gs_width - w), tmp);
326
/* Format the time using 'ls -l' conventions. */
327
tim = (time_t)st->st_mtime;
328
if (abs(tim - now) > (365/2)*86400)
329
fmt = bsdtar->day_first ? "%e %b %Y" : "%b %e %Y";
331
fmt = bsdtar->day_first ? "%e %b %R" : "%b %e %R";
332
strftime(tmp, sizeof(tmp), fmt, localtime(&tim));
333
fprintf(out, " %s ", tmp);
334
safe_fprintf(out, "%s", archive_entry_pathname(entry));
336
/* Extra information for links. */
337
if (archive_entry_hardlink(entry)) /* Hard link */
338
safe_fprintf(out, " link to %s",
339
archive_entry_hardlink(entry));
340
else if (S_ISLNK(st->st_mode)) /* Symbolic link */
341
safe_fprintf(out, " -> %s", archive_entry_symlink(entry));
345
* Structure for storing path of last successful security check.
353
* Check for a variety of security issues. Fix what we can here,
354
* generate warnings as appropriate, return non-zero to prevent
355
* this entry from being extracted.
358
security_problem(struct bsdtar *bsdtar, struct archive_entry *entry)
361
const char *name, *pn;
365
/* -P option forces us to just accept all pathnames as-is. */
366
if (bsdtar->option_absolute_paths)
369
name = archive_entry_pathname(entry);
371
/* Reject any archive entry with '..' as a path element. */
373
while (pn != NULL && pn[0] != '\0') {
374
if (pn[0] == '.' && pn[1] == '.' &&
375
(pn[2] == '\0' || pn[2] == '/')) {
376
bsdtar_warnc(bsdtar, 0,
377
"Skipping pathname containing ..");
378
bsdtar->return_value = 1;
381
pn = strchr(pn, '/');
387
* Gaurd against symlink tricks. Reject any archive entry whose
388
* destination would be altered by a symlink.
390
/* XXX TODO: Make this faster by comparing current path to
391
* prefix of last successful check to avoid duplicate lstat()
394
if (bsdtar->security == NULL) {
395
bsdtar->security = malloc(sizeof(*bsdtar->security));
396
if (bsdtar->security == NULL)
397
bsdtar_errc(bsdtar, 1, errno, "No Memory");
398
bsdtar->security->path_size = MAXPATHLEN + 1;
399
bsdtar->security->path = malloc(bsdtar->security->path_size);
400
if (bsdtar->security->path == NULL)
401
bsdtar_errc(bsdtar, 1, errno, "No Memory");
403
if (strlen(name) >= bsdtar->security->path_size) {
404
free(bsdtar->security->path);
405
while (strlen(name) >= bsdtar->security->path_size)
406
bsdtar->security->path_size *= 2;
407
bsdtar->security->path = malloc(bsdtar->security->path_size);
408
if (bsdtar->security->path == NULL)
409
bsdtar_errc(bsdtar, 1, errno, "No Memory");
411
p = bsdtar->security->path;
412
while (pn != NULL && pn[0] != '\0') {
414
while (*pn != '\0' && *pn != '/')
417
r = lstat(bsdtar->security->path, &st);
421
} else if (S_ISLNK(st.st_mode)) {
424
* Last element is symlink; remove it
425
* so we can overwrite it with the
426
* item being extracted.
428
if (!S_ISLNK(archive_entry_mode(entry))) {
430
* Warn only if the symlink is being
431
* replaced with a non-symlink.
433
bsdtar_warnc(bsdtar, 0,
434
"Removing symlink %s",
435
bsdtar->security->path);
437
if (unlink(bsdtar->security->path))
438
bsdtar_errc(bsdtar, 1, errno,
440
/* Symlink gone. No more problem! */
442
} else if (bsdtar->option_unlink_first) {
443
/* User asked us to remove problems. */
444
if (unlink(bsdtar->security->path))
445
bsdtar_errc(bsdtar, 1, errno,
448
bsdtar_warnc(bsdtar, 0,
449
"Cannot extract %s through symlink %s",
450
name, bsdtar->security->path);
451
bsdtar->return_value = 1;
461
cleanup_security(struct bsdtar *bsdtar)
463
if (bsdtar->security != NULL) {
464
free(bsdtar->security->path);
465
free(bsdtar->security);