1 /* $OpenBSD: tar.c,v 1.68 2019/06/24 03:33:09 deraadt Exp $ */ 2 /* $NetBSD: tar.c,v 1.5 1995/03/21 09:07:49 cgd Exp $ */ 3 4 /*- 5 * Copyright (c) 1992 Keith Muller. 6 * Copyright (c) 1992, 1993 7 * The Regents of the University of California. All rights reserved. 8 * 9 * This code is derived from software contributed to Berkeley by 10 * Keith Muller of the University of California, San Diego. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/types.h> 38 #include <sys/stat.h> 39 #include <ctype.h> 40 #include <errno.h> 41 #include <grp.h> 42 #include <limits.h> 43 #include <pwd.h> 44 #include <stdio.h> 45 #include <stdlib.h> 46 #include <string.h> 47 #include <unistd.h> 48 49 #include "pax.h" 50 #include "extern.h" 51 #include "tar.h" 52 53 /* 54 * Routines for reading, writing and header identify of various versions of tar 55 */ 56 57 static size_t expandname(char *, size_t, char **, const char *, size_t); 58 static u_long tar_chksm(char *, int); 59 static char *name_split(char *, int); 60 static int ul_oct(u_long, char *, int, int); 61 static int ull_oct(unsigned long long, char *, int, int); 62 #ifndef SMALL 63 static int rd_xheader(ARCHD *arcn, int, off_t); 64 #endif 65 66 static uid_t uid_nobody; 67 static uid_t uid_warn; 68 static gid_t gid_nobody; 69 static gid_t gid_warn; 70 71 /* 72 * Routines common to all versions of tar 73 */ 74 75 int tar_nodir; /* do not write dirs under old tar */ 76 char *gnu_name_string; /* GNU ././@LongLink hackery name */ 77 char *gnu_link_string; /* GNU ././@LongLink hackery link */ 78 79 /* 80 * tar_endwr() 81 * add the tar trailer of two null blocks 82 * Return: 83 * 0 if ok, -1 otherwise (what wr_skip returns) 84 */ 85 86 int 87 tar_endwr(void) 88 { 89 return wr_skip(NULLCNT * BLKMULT); 90 } 91 92 /* 93 * tar_endrd() 94 * no cleanup needed here, just return size of trailer (for append) 95 * Return: 96 * size of trailer (2 * BLKMULT) 97 */ 98 99 off_t 100 tar_endrd(void) 101 { 102 return NULLCNT * BLKMULT; 103 } 104 105 /* 106 * tar_trail() 107 * Called to determine if a header block is a valid trailer. We are passed 108 * the block, the in_sync flag (which tells us we are in resync mode; 109 * looking for a valid header), and cnt (which starts at zero) which is 110 * used to count the number of empty blocks we have seen so far. 111 * Return: 112 * 0 if a valid trailer, -1 if not a valid trailer, or 1 if the block 113 * could never contain a header. 114 */ 115 116 int 117 tar_trail(ARCHD *ignore, char *buf, int in_resync, int *cnt) 118 { 119 int i; 120 121 /* 122 * look for all zero, trailer is two consecutive blocks of zero 123 */ 124 for (i = 0; i < BLKMULT; ++i) { 125 if (buf[i] != '\0') 126 break; 127 } 128 129 /* 130 * if not all zero it is not a trailer, but MIGHT be a header. 131 */ 132 if (i != BLKMULT) 133 return(-1); 134 135 /* 136 * When given a zero block, we must be careful! 137 * If we are not in resync mode, check for the trailer. Have to watch 138 * out that we do not mis-identify file data as the trailer, so we do 139 * NOT try to id a trailer during resync mode. During resync mode we 140 * might as well throw this block out since a valid header can NEVER be 141 * a block of all 0 (we must have a valid file name). 142 */ 143 if (!in_resync && (++*cnt >= NULLCNT)) 144 return(0); 145 return(1); 146 } 147 148 /* 149 * ul_oct() 150 * convert an unsigned long to an octal string. many oddball field 151 * termination characters are used by the various versions of tar in the 152 * different fields. term selects which kind to use. str is '0' padded 153 * at the front to len. we are unable to use only one format as many old 154 * tar readers are very cranky about this. 155 * Return: 156 * 0 if the number fit into the string, -1 otherwise 157 */ 158 159 static int 160 ul_oct(u_long val, char *str, int len, int term) 161 { 162 char *pt; 163 164 /* 165 * term selects the appropriate character(s) for the end of the string 166 */ 167 pt = str + len - 1; 168 switch (term) { 169 case 3: 170 *pt-- = '\0'; 171 break; 172 case 2: 173 *pt-- = ' '; 174 *pt-- = '\0'; 175 break; 176 case 1: 177 *pt-- = ' '; 178 break; 179 case 0: 180 default: 181 *pt-- = '\0'; 182 *pt-- = ' '; 183 break; 184 } 185 186 /* 187 * convert and blank pad if there is space 188 */ 189 while (pt >= str) { 190 *pt-- = '0' + (char)(val & 0x7); 191 val >>= 3; 192 if (val == 0) 193 break; 194 } 195 196 while (pt >= str) 197 *pt-- = '0'; 198 if (val != 0) 199 return(-1); 200 return(0); 201 } 202 203 /* 204 * ull_oct() 205 * Convert an unsigned long long to an octal string. One of many oddball 206 * field termination characters are used by the various versions of tar 207 * in the different fields. term selects which kind to use. str is 208 * '0' padded at the front to len. We are unable to use only one format 209 * as many old tar readers are very cranky about this. 210 * Return: 211 * 0 if the number fit into the string, -1 otherwise 212 */ 213 214 static int 215 ull_oct(unsigned long long val, char *str, int len, int term) 216 { 217 char *pt; 218 219 /* 220 * term selects the appropriate character(s) for the end of the string 221 */ 222 pt = str + len - 1; 223 switch (term) { 224 case 3: 225 *pt-- = '\0'; 226 break; 227 case 2: 228 *pt-- = ' '; 229 *pt-- = '\0'; 230 break; 231 case 1: 232 *pt-- = ' '; 233 break; 234 case 0: 235 default: 236 *pt-- = '\0'; 237 *pt-- = ' '; 238 break; 239 } 240 241 /* 242 * convert and blank pad if there is space 243 */ 244 while (pt >= str) { 245 *pt-- = '0' + (char)(val & 0x7); 246 val >>= 3; 247 if (val == 0) 248 break; 249 } 250 251 while (pt >= str) 252 *pt-- = '0'; 253 if (val != 0) 254 return(-1); 255 return(0); 256 } 257 258 /* 259 * tar_chksm() 260 * calculate the checksum for a tar block counting the checksum field as 261 * all blanks (BLNKSUM is that value pre-calculated, the sum of 8 blanks). 262 * NOTE: we use len to short circuit summing 0's on write since we ALWAYS 263 * pad headers with 0. 264 * Return: 265 * unsigned long checksum 266 */ 267 268 static u_long 269 tar_chksm(char *blk, int len) 270 { 271 char *stop; 272 char *pt; 273 u_long chksm = BLNKSUM; /* initial value is checksum field sum */ 274 275 /* 276 * add the part of the block before the checksum field 277 */ 278 pt = blk; 279 stop = blk + CHK_OFFSET; 280 while (pt < stop) 281 chksm += (u_long)(*pt++ & 0xff); 282 /* 283 * move past the checksum field and keep going, spec counts the 284 * checksum field as the sum of 8 blanks (which is pre-computed as 285 * BLNKSUM). 286 * ASSUMED: len is greater than CHK_OFFSET. (len is where our 0 padding 287 * starts, no point in summing zero's) 288 */ 289 pt += CHK_LEN; 290 stop = blk + len; 291 while (pt < stop) 292 chksm += (u_long)(*pt++ & 0xff); 293 return(chksm); 294 } 295 296 /* 297 * Routines for old BSD style tar (also made portable to sysV tar) 298 */ 299 300 /* 301 * tar_id() 302 * determine if a block given to us is a valid tar header (and not a USTAR 303 * header). We have to be on the lookout for those pesky blocks of all 304 * zero's. 305 * Return: 306 * 0 if a tar header, -1 otherwise 307 */ 308 309 int 310 tar_id(char *blk, int size) 311 { 312 HD_TAR *hd; 313 HD_USTAR *uhd; 314 315 if (size < BLKMULT) 316 return(-1); 317 hd = (HD_TAR *)blk; 318 uhd = (HD_USTAR *)blk; 319 320 /* 321 * check for block of zero's first, a simple and fast test, then make 322 * sure this is not a ustar header by looking for the ustar magic 323 * cookie. We should use TMAGLEN, but some USTAR archive programs are 324 * wrong and create archives missing the \0. Last we check the 325 * checksum. If this is ok we have to assume it is a valid header. 326 */ 327 if (hd->name[0] == '\0') 328 return(-1); 329 if (strncmp(uhd->magic, TMAGIC, TMAGLEN - 1) == 0) 330 return(-1); 331 if (asc_ul(hd->chksum,sizeof(hd->chksum),OCT) != tar_chksm(blk,BLKMULT)) 332 return(-1); 333 force_one_volume = 1; 334 return(0); 335 } 336 337 /* 338 * tar_opt() 339 * handle tar format specific -o options 340 * Return: 341 * 0 if ok -1 otherwise 342 */ 343 344 int 345 tar_opt(void) 346 { 347 OPLIST *opt; 348 349 while ((opt = opt_next()) != NULL) { 350 if (strcmp(opt->name, TAR_OPTION) || 351 strcmp(opt->value, TAR_NODIR)) { 352 paxwarn(1, "Unknown tar format -o option/value pair %s=%s", 353 opt->name, opt->value); 354 paxwarn(1,"%s=%s is the only supported tar format option", 355 TAR_OPTION, TAR_NODIR); 356 return(-1); 357 } 358 359 /* 360 * we only support one option, and only when writing 361 */ 362 if ((act != APPND) && (act != ARCHIVE)) { 363 paxwarn(1, "%s=%s is only supported when writing.", 364 opt->name, opt->value); 365 return(-1); 366 } 367 tar_nodir = 1; 368 } 369 return(0); 370 } 371 372 373 /* 374 * tar_rd() 375 * extract the values out of block already determined to be a tar header. 376 * store the values in the ARCHD parameter. 377 * Return: 378 * 0 379 */ 380 381 int 382 tar_rd(ARCHD *arcn, char *buf) 383 { 384 HD_TAR *hd; 385 unsigned long long val; 386 char *pt; 387 388 /* 389 * we only get proper sized buffers passed to us 390 */ 391 if (tar_id(buf, BLKMULT) < 0) 392 return(-1); 393 memset(arcn, 0, sizeof(*arcn)); 394 arcn->org_name = arcn->name; 395 arcn->sb.st_nlink = 1; 396 397 /* 398 * copy out the name and values in the stat buffer 399 */ 400 hd = (HD_TAR *)buf; 401 if (hd->linkflag != LONGLINKTYPE && hd->linkflag != LONGNAMETYPE) { 402 arcn->nlen = expandname(arcn->name, sizeof(arcn->name), 403 &gnu_name_string, hd->name, sizeof(hd->name)); 404 arcn->ln_nlen = expandname(arcn->ln_name, sizeof(arcn->ln_name), 405 &gnu_link_string, hd->linkname, sizeof(hd->linkname)); 406 } 407 arcn->sb.st_mode = (mode_t)(asc_ul(hd->mode,sizeof(hd->mode),OCT) & 408 0xfff); 409 arcn->sb.st_uid = (uid_t)asc_ul(hd->uid, sizeof(hd->uid), OCT); 410 arcn->sb.st_gid = (gid_t)asc_ul(hd->gid, sizeof(hd->gid), OCT); 411 arcn->sb.st_size = (off_t)asc_ull(hd->size, sizeof(hd->size), OCT); 412 val = asc_ull(hd->mtime, sizeof(hd->mtime), OCT); 413 if (val > MAX_TIME_T) 414 arcn->sb.st_mtime = INT_MAX; /* XXX 2038 */ 415 else 416 arcn->sb.st_mtime = val; 417 arcn->sb.st_ctime = arcn->sb.st_atime = arcn->sb.st_mtime; 418 419 /* 420 * have to look at the last character, it may be a '/' and that is used 421 * to encode this as a directory 422 */ 423 pt = &(arcn->name[arcn->nlen - 1]); 424 arcn->pad = 0; 425 arcn->skip = 0; 426 switch (hd->linkflag) { 427 case SYMTYPE: 428 /* 429 * symbolic link, need to get the link name and set the type in 430 * the st_mode so -v printing will look correct. 431 */ 432 arcn->type = PAX_SLK; 433 arcn->sb.st_mode |= S_IFLNK; 434 break; 435 case LNKTYPE: 436 /* 437 * hard link, need to get the link name, set the type in the 438 * st_mode and st_nlink so -v printing will look better. 439 */ 440 arcn->type = PAX_HLK; 441 arcn->sb.st_nlink = 2; 442 443 /* 444 * no idea of what type this thing really points at, but 445 * we set something for printing only. 446 */ 447 arcn->sb.st_mode |= S_IFREG; 448 break; 449 case LONGLINKTYPE: 450 case LONGNAMETYPE: 451 /* 452 * GNU long link/file; we tag these here and let the 453 * pax internals deal with it -- too ugly otherwise. 454 */ 455 arcn->type = 456 hd->linkflag == LONGLINKTYPE ? PAX_GLL : PAX_GLF; 457 arcn->pad = TAR_PAD(arcn->sb.st_size); 458 arcn->skip = arcn->sb.st_size; 459 break; 460 case DIRTYPE: 461 /* 462 * It is a directory, set the mode for -v printing 463 */ 464 arcn->type = PAX_DIR; 465 arcn->sb.st_mode |= S_IFDIR; 466 arcn->sb.st_nlink = 2; 467 break; 468 case AREGTYPE: 469 case REGTYPE: 470 default: 471 /* 472 * If we have a trailing / this is a directory and NOT a file. 473 */ 474 arcn->ln_name[0] = '\0'; 475 arcn->ln_nlen = 0; 476 if (*pt == '/') { 477 /* 478 * it is a directory, set the mode for -v printing 479 */ 480 arcn->type = PAX_DIR; 481 arcn->sb.st_mode |= S_IFDIR; 482 arcn->sb.st_nlink = 2; 483 } else { 484 /* 485 * have a file that will be followed by data. Set the 486 * skip value to the size field and calculate the size 487 * of the padding. 488 */ 489 arcn->type = PAX_REG; 490 arcn->sb.st_mode |= S_IFREG; 491 arcn->pad = TAR_PAD(arcn->sb.st_size); 492 arcn->skip = arcn->sb.st_size; 493 } 494 break; 495 } 496 497 /* 498 * strip off any trailing slash. 499 */ 500 if (*pt == '/') { 501 *pt = '\0'; 502 --arcn->nlen; 503 } 504 return(0); 505 } 506 507 /* 508 * tar_wr() 509 * write a tar header for the file specified in the ARCHD to the archive. 510 * Have to check for file types that cannot be stored and file names that 511 * are too long. Be careful of the term (last arg) to ul_oct, each field 512 * of tar has it own spec for the termination character(s). 513 * ASSUMED: space after header in header block is zero filled 514 * Return: 515 * 0 if file has data to be written after the header, 1 if file has NO 516 * data to write after the header, -1 if archive write failed 517 */ 518 519 int 520 tar_wr(ARCHD *arcn) 521 { 522 HD_TAR *hd; 523 int len; 524 char hdblk[sizeof(HD_TAR)]; 525 526 /* 527 * check for those file system types which tar cannot store 528 */ 529 switch (arcn->type) { 530 case PAX_DIR: 531 /* 532 * user asked that dirs not be written to the archive 533 */ 534 if (tar_nodir) 535 return(1); 536 break; 537 case PAX_CHR: 538 paxwarn(1, "Tar cannot archive a character device %s", 539 arcn->org_name); 540 return(1); 541 case PAX_BLK: 542 paxwarn(1, "Tar cannot archive a block device %s", arcn->org_name); 543 return(1); 544 case PAX_SCK: 545 paxwarn(1, "Tar cannot archive a socket %s", arcn->org_name); 546 return(1); 547 case PAX_FIF: 548 paxwarn(1, "Tar cannot archive a fifo %s", arcn->org_name); 549 return(1); 550 case PAX_SLK: 551 case PAX_HLK: 552 case PAX_HRG: 553 if ((size_t)arcn->ln_nlen > sizeof(hd->linkname)) { 554 paxwarn(1, "Link name too long for tar %s", 555 arcn->ln_name); 556 return(1); 557 } 558 break; 559 case PAX_REG: 560 case PAX_CTG: 561 default: 562 break; 563 } 564 565 /* 566 * check file name len, remember extra char for dirs (the / at the end) 567 */ 568 len = arcn->nlen; 569 if (arcn->type == PAX_DIR) 570 ++len; 571 if ((size_t)len > sizeof(hd->name)) { 572 paxwarn(1, "File name too long for tar %s", arcn->name); 573 return(1); 574 } 575 576 /* 577 * Copy the data out of the ARCHD into the tar header based on the type 578 * of the file. Remember, many tar readers want all fields to be 579 * padded with zero so we zero the header first. We then set the 580 * linkflag field (type), the linkname, the size, and set the padding 581 * (if any) to be added after the file data (0 for all other types, 582 * as they only have a header). 583 */ 584 memset(hdblk, 0, sizeof(hdblk)); 585 hd = (HD_TAR *)hdblk; 586 fieldcpy(hd->name, sizeof(hd->name), arcn->name, sizeof(arcn->name)); 587 arcn->pad = 0; 588 589 if (arcn->type == PAX_DIR) { 590 /* 591 * directories are the same as files, except have a filename 592 * that ends with a /, we add the slash here. No data follows 593 * dirs, so no pad. 594 */ 595 hd->linkflag = AREGTYPE; 596 hd->name[len-1] = '/'; 597 if (ul_oct(0, hd->size, sizeof(hd->size), 1)) 598 goto out; 599 } else if (arcn->type == PAX_SLK) { 600 /* 601 * no data follows this file, so no pad 602 */ 603 hd->linkflag = SYMTYPE; 604 fieldcpy(hd->linkname, sizeof(hd->linkname), arcn->ln_name, 605 sizeof(arcn->ln_name)); 606 if (ul_oct(0, hd->size, sizeof(hd->size), 1)) 607 goto out; 608 } else if (PAX_IS_HARDLINK(arcn->type)) { 609 /* 610 * no data follows this file, so no pad 611 */ 612 hd->linkflag = LNKTYPE; 613 fieldcpy(hd->linkname, sizeof(hd->linkname), arcn->ln_name, 614 sizeof(arcn->ln_name)); 615 if (ul_oct(0, hd->size, sizeof(hd->size), 1)) 616 goto out; 617 } else { 618 /* 619 * data follows this file, so set the pad 620 */ 621 hd->linkflag = AREGTYPE; 622 if (ull_oct(arcn->sb.st_size, hd->size, sizeof(hd->size), 1)) { 623 paxwarn(1, "File is too large for tar %s", 624 arcn->org_name); 625 return(1); 626 } 627 arcn->pad = TAR_PAD(arcn->sb.st_size); 628 } 629 630 /* 631 * copy those fields that are independent of the type 632 */ 633 if (ul_oct(arcn->sb.st_mode, hd->mode, sizeof(hd->mode), 0) || 634 ull_oct(arcn->sb.st_mtime < 0 ? 0 : arcn->sb.st_mtime, hd->mtime, 635 sizeof(hd->mtime), 1) || 636 ul_oct(arcn->sb.st_uid, hd->uid, sizeof(hd->uid), 0) || 637 ul_oct(arcn->sb.st_gid, hd->gid, sizeof(hd->gid), 0)) 638 goto out; 639 640 /* 641 * calculate and add the checksum, then write the header. A return of 642 * 0 tells the caller to now write the file data, 1 says no data needs 643 * to be written 644 */ 645 if (ul_oct(tar_chksm(hdblk, sizeof(HD_TAR)), hd->chksum, 646 sizeof(hd->chksum), 3)) 647 goto out; 648 if (wr_rdbuf(hdblk, sizeof(HD_TAR)) < 0) 649 return(-1); 650 if (wr_skip(BLKMULT - sizeof(HD_TAR)) < 0) 651 return(-1); 652 if (PAX_IS_REG(arcn->type)) 653 return(0); 654 return(1); 655 656 out: 657 /* 658 * header field is out of range 659 */ 660 paxwarn(1, "Tar header field is too small for %s", arcn->org_name); 661 return(1); 662 } 663 664 /* 665 * Routines for POSIX ustar 666 */ 667 668 /* 669 * ustar_id() 670 * determine if a block given to us is a valid ustar header. We have to 671 * be on the lookout for those pesky blocks of all zero's 672 * Return: 673 * 0 if a ustar header, -1 otherwise 674 */ 675 676 int 677 ustar_id(char *blk, int size) 678 { 679 HD_USTAR *hd; 680 681 if (size < BLKMULT) 682 return(-1); 683 hd = (HD_USTAR *)blk; 684 685 /* 686 * check for block of zero's first, a simple and fast test then check 687 * ustar magic cookie. We should use TMAGLEN, but some USTAR archive 688 * programs are fouled up and create archives missing the \0. Last we 689 * check the checksum. If ok we have to assume it is a valid header. 690 */ 691 if (hd->prefix[0] == '\0' && hd->name[0] == '\0') 692 return(-1); 693 if (strncmp(hd->magic, TMAGIC, TMAGLEN - 1) != 0) 694 return(-1); 695 if (asc_ul(hd->chksum,sizeof(hd->chksum),OCT) != tar_chksm(blk,BLKMULT)) 696 return(-1); 697 return(0); 698 } 699 700 /* 701 * ustar_rd() 702 * extract the values out of block already determined to be a ustar header. 703 * store the values in the ARCHD parameter. 704 * Return: 705 * 0 706 */ 707 708 int 709 ustar_rd(ARCHD *arcn, char *buf) 710 { 711 HD_USTAR *hd = (HD_USTAR *)buf; 712 char *dest; 713 int cnt = 0; 714 dev_t devmajor; 715 dev_t devminor; 716 unsigned long long val; 717 718 /* 719 * we only get proper sized buffers 720 */ 721 if (ustar_id(buf, BLKMULT) < 0) 722 return(-1); 723 724 #ifndef SMALL 725 reset: 726 #endif 727 memset(arcn, 0, sizeof(*arcn)); 728 arcn->org_name = arcn->name; 729 arcn->sb.st_nlink = 1; 730 731 #ifndef SMALL 732 /* Process Extended headers. */ 733 if (hd->typeflag == XHDRTYPE || hd->typeflag == GHDRTYPE) { 734 if (rd_xheader(arcn, hd->typeflag == GHDRTYPE, 735 (off_t)asc_ul(hd->size, sizeof(hd->size), OCT)) < 0) 736 return (-1); 737 738 /* Update and check the ustar header. */ 739 if (rd_wrbuf(buf, BLKMULT) != BLKMULT) 740 return (-1); 741 if (ustar_id(buf, BLKMULT) < 0) 742 return(-1); 743 744 /* if the next block is another extension, reset the values */ 745 if (hd->typeflag == XHDRTYPE || hd->typeflag == GHDRTYPE) 746 goto reset; 747 } 748 #endif 749 750 if (!arcn->nlen) { 751 /* 752 * See if the filename is split into two parts. if, so join 753 * the parts. We copy the prefix first and add a / between 754 * the prefix and name. 755 */ 756 dest = arcn->name; 757 if (*(hd->prefix) != '\0') { 758 cnt = fieldcpy(dest, sizeof(arcn->name) - 1, 759 hd->prefix, sizeof(hd->prefix)); 760 dest += cnt; 761 *dest++ = '/'; 762 cnt++; 763 } else 764 cnt = 0; 765 766 if (hd->typeflag != LONGLINKTYPE && 767 hd->typeflag != LONGNAMETYPE) { 768 arcn->nlen = cnt + expandname(dest, 769 sizeof(arcn->name) - cnt, &gnu_name_string, 770 hd->name, sizeof(hd->name)); 771 } 772 } 773 774 if (!arcn->ln_nlen && 775 hd->typeflag != LONGLINKTYPE && hd->typeflag != LONGNAMETYPE) { 776 arcn->ln_nlen = expandname(arcn->ln_name, sizeof(arcn->ln_name), 777 &gnu_link_string, hd->linkname, sizeof(hd->linkname)); 778 } 779 780 /* 781 * follow the spec to the letter. we should only have mode bits, strip 782 * off all other crud we may be passed. 783 */ 784 arcn->sb.st_mode = (mode_t)(asc_ul(hd->mode, sizeof(hd->mode), OCT) & 785 0xfff); 786 arcn->sb.st_size = (off_t)asc_ull(hd->size, sizeof(hd->size), OCT); 787 val = asc_ull(hd->mtime, sizeof(hd->mtime), OCT); 788 if (val > MAX_TIME_T) 789 arcn->sb.st_mtime = INT_MAX; /* XXX 2038 */ 790 else 791 arcn->sb.st_mtime = val; 792 arcn->sb.st_ctime = arcn->sb.st_atime = arcn->sb.st_mtime; 793 794 /* 795 * If we can find the ascii names for gname and uname in the password 796 * and group files we will use the uid's and gid they bind. Otherwise 797 * we use the uid and gid values stored in the header. (This is what 798 * the posix spec wants). 799 */ 800 hd->gname[sizeof(hd->gname) - 1] = '\0'; 801 if (Nflag || gid_from_group(hd->gname, &(arcn->sb.st_gid)) == -1) 802 arcn->sb.st_gid = (gid_t)asc_ul(hd->gid, sizeof(hd->gid), OCT); 803 hd->uname[sizeof(hd->uname) - 1] = '\0'; 804 if (Nflag || uid_from_user(hd->uname, &(arcn->sb.st_uid)) == -1) 805 arcn->sb.st_uid = (uid_t)asc_ul(hd->uid, sizeof(hd->uid), OCT); 806 807 /* 808 * set the defaults, these may be changed depending on the file type 809 */ 810 arcn->pad = 0; 811 arcn->skip = 0; 812 arcn->sb.st_rdev = (dev_t)0; 813 814 /* 815 * set the mode and PAX type according to the typeflag in the header 816 */ 817 switch (hd->typeflag) { 818 case FIFOTYPE: 819 arcn->type = PAX_FIF; 820 arcn->sb.st_mode |= S_IFIFO; 821 break; 822 case DIRTYPE: 823 arcn->type = PAX_DIR; 824 arcn->sb.st_mode |= S_IFDIR; 825 arcn->sb.st_nlink = 2; 826 827 /* 828 * Some programs that create ustar archives append a '/' 829 * to the pathname for directories. This clearly violates 830 * ustar specs, but we will silently strip it off anyway. 831 */ 832 if (arcn->name[arcn->nlen - 1] == '/') 833 arcn->name[--arcn->nlen] = '\0'; 834 break; 835 case BLKTYPE: 836 case CHRTYPE: 837 /* 838 * this type requires the rdev field to be set. 839 */ 840 if (hd->typeflag == BLKTYPE) { 841 arcn->type = PAX_BLK; 842 arcn->sb.st_mode |= S_IFBLK; 843 } else { 844 arcn->type = PAX_CHR; 845 arcn->sb.st_mode |= S_IFCHR; 846 } 847 devmajor = (dev_t)asc_ul(hd->devmajor,sizeof(hd->devmajor),OCT); 848 devminor = (dev_t)asc_ul(hd->devminor,sizeof(hd->devminor),OCT); 849 arcn->sb.st_rdev = TODEV(devmajor, devminor); 850 break; 851 case SYMTYPE: 852 case LNKTYPE: 853 if (hd->typeflag == SYMTYPE) { 854 arcn->type = PAX_SLK; 855 arcn->sb.st_mode |= S_IFLNK; 856 } else { 857 arcn->type = PAX_HLK; 858 /* 859 * so printing looks better 860 */ 861 arcn->sb.st_mode |= S_IFREG; 862 arcn->sb.st_nlink = 2; 863 } 864 break; 865 case LONGLINKTYPE: 866 case LONGNAMETYPE: 867 /* 868 * GNU long link/file; we tag these here and let the 869 * pax internals deal with it -- too ugly otherwise. 870 */ 871 arcn->type = 872 hd->typeflag == LONGLINKTYPE ? PAX_GLL : PAX_GLF; 873 arcn->pad = TAR_PAD(arcn->sb.st_size); 874 arcn->skip = arcn->sb.st_size; 875 break; 876 case CONTTYPE: 877 case AREGTYPE: 878 case REGTYPE: 879 default: 880 /* 881 * these types have file data that follows. Set the skip and 882 * pad fields. 883 */ 884 arcn->type = PAX_REG; 885 arcn->pad = TAR_PAD(arcn->sb.st_size); 886 arcn->skip = arcn->sb.st_size; 887 arcn->sb.st_mode |= S_IFREG; 888 break; 889 } 890 return(0); 891 } 892 893 /* 894 * ustar_wr() 895 * write a ustar header for the file specified in the ARCHD to the archive 896 * Have to check for file types that cannot be stored and file names that 897 * are too long. Be careful of the term (last arg) to ul_oct, we only use 898 * '\0' for the termination character (this is different than picky tar) 899 * ASSUMED: space after header in header block is zero filled 900 * Return: 901 * 0 if file has data to be written after the header, 1 if file has NO 902 * data to write after the header, -1 if archive write failed 903 */ 904 905 int 906 ustar_wr(ARCHD *arcn) 907 { 908 HD_USTAR *hd; 909 const char *name; 910 char *pt, hdblk[sizeof(HD_USTAR)]; 911 912 /* 913 * check for those file system types ustar cannot store 914 */ 915 if (arcn->type == PAX_SCK) { 916 paxwarn(1, "Ustar cannot archive a socket %s", arcn->org_name); 917 return(1); 918 } 919 920 /* 921 * user asked that dirs not be written to the archive 922 */ 923 if (arcn->type == PAX_DIR && tar_nodir) 924 return (1); 925 926 /* 927 * check the length of the linkname 928 */ 929 if (PAX_IS_LINK(arcn->type) && 930 ((size_t)arcn->ln_nlen > sizeof(hd->linkname))) { 931 paxwarn(1, "Link name too long for ustar %s", arcn->ln_name); 932 return(1); 933 } 934 935 /* 936 * split the path name into prefix and name fields (if needed). if 937 * pt != arcn->name, the name has to be split 938 */ 939 if ((pt = name_split(arcn->name, arcn->nlen)) == NULL) { 940 paxwarn(1, "File name too long for ustar %s", arcn->name); 941 return(1); 942 } 943 944 /* 945 * zero out the header so we don't have to worry about zero fill below 946 */ 947 memset(hdblk, 0, sizeof(hdblk)); 948 hd = (HD_USTAR *)hdblk; 949 arcn->pad = 0; 950 951 /* 952 * split the name, or zero out the prefix 953 */ 954 if (pt != arcn->name) { 955 /* 956 * name was split, pt points at the / where the split is to 957 * occur, we remove the / and copy the first part to the prefix 958 */ 959 *pt = '\0'; 960 fieldcpy(hd->prefix, sizeof(hd->prefix), arcn->name, 961 sizeof(arcn->name)); 962 *pt++ = '/'; 963 } 964 965 /* 966 * copy the name part. this may be the whole path or the part after 967 * the prefix 968 */ 969 fieldcpy(hd->name, sizeof(hd->name), pt, 970 sizeof(arcn->name) - (pt - arcn->name)); 971 972 /* 973 * set the fields in the header that are type dependent 974 */ 975 switch (arcn->type) { 976 case PAX_DIR: 977 hd->typeflag = DIRTYPE; 978 if (ul_oct(0, hd->size, sizeof(hd->size), 3)) 979 goto out; 980 break; 981 case PAX_CHR: 982 case PAX_BLK: 983 if (arcn->type == PAX_CHR) 984 hd->typeflag = CHRTYPE; 985 else 986 hd->typeflag = BLKTYPE; 987 if (ul_oct(MAJOR(arcn->sb.st_rdev), hd->devmajor, 988 sizeof(hd->devmajor), 3) || 989 ul_oct(MINOR(arcn->sb.st_rdev), hd->devminor, 990 sizeof(hd->devminor), 3) || 991 ul_oct(0, hd->size, sizeof(hd->size), 3)) 992 goto out; 993 break; 994 case PAX_FIF: 995 hd->typeflag = FIFOTYPE; 996 if (ul_oct(0, hd->size, sizeof(hd->size), 3)) 997 goto out; 998 break; 999 case PAX_SLK: 1000 case PAX_HLK: 1001 case PAX_HRG: 1002 if (arcn->type == PAX_SLK) 1003 hd->typeflag = SYMTYPE; 1004 else 1005 hd->typeflag = LNKTYPE; 1006 fieldcpy(hd->linkname, sizeof(hd->linkname), arcn->ln_name, 1007 sizeof(arcn->ln_name)); 1008 if (ul_oct(0, hd->size, sizeof(hd->size), 3)) 1009 goto out; 1010 break; 1011 case PAX_REG: 1012 case PAX_CTG: 1013 default: 1014 /* 1015 * file data with this type, set the padding 1016 */ 1017 if (arcn->type == PAX_CTG) 1018 hd->typeflag = CONTTYPE; 1019 else 1020 hd->typeflag = REGTYPE; 1021 arcn->pad = TAR_PAD(arcn->sb.st_size); 1022 if (ull_oct(arcn->sb.st_size, hd->size, sizeof(hd->size), 3)) { 1023 paxwarn(1, "File is too long for ustar %s", 1024 arcn->org_name); 1025 return(1); 1026 } 1027 break; 1028 } 1029 1030 strncpy(hd->magic, TMAGIC, TMAGLEN); 1031 strncpy(hd->version, TVERSION, TVERSLEN); 1032 1033 /* 1034 * set the remaining fields. Some versions want all 16 bits of mode 1035 * we better humor them (they really do not meet spec though).... 1036 */ 1037 if (ul_oct(arcn->sb.st_uid, hd->uid, sizeof(hd->uid), 3)) { 1038 if (uid_nobody == 0) { 1039 if (uid_from_user("nobody", &uid_nobody) == -1) 1040 goto out; 1041 } 1042 if (uid_warn != arcn->sb.st_uid) { 1043 uid_warn = arcn->sb.st_uid; 1044 paxwarn(1, 1045 "Ustar header field is too small for uid %lu, " 1046 "using nobody", (u_long)arcn->sb.st_uid); 1047 } 1048 if (ul_oct(uid_nobody, hd->uid, sizeof(hd->uid), 3)) 1049 goto out; 1050 } 1051 if (ul_oct(arcn->sb.st_gid, hd->gid, sizeof(hd->gid), 3)) { 1052 if (gid_nobody == 0) { 1053 if (gid_from_group("nobody", &gid_nobody) == -1) 1054 goto out; 1055 } 1056 if (gid_warn != arcn->sb.st_gid) { 1057 gid_warn = arcn->sb.st_gid; 1058 paxwarn(1, 1059 "Ustar header field is too small for gid %lu, " 1060 "using nobody", (u_long)arcn->sb.st_gid); 1061 } 1062 if (ul_oct(gid_nobody, hd->gid, sizeof(hd->gid), 3)) 1063 goto out; 1064 } 1065 if (ull_oct(arcn->sb.st_mtime < 0 ? 0 : arcn->sb.st_mtime, hd->mtime, 1066 sizeof(hd->mtime), 3) || 1067 ul_oct(arcn->sb.st_mode, hd->mode, sizeof(hd->mode), 3)) 1068 goto out; 1069 if (!Nflag) { 1070 if ((name = user_from_uid(arcn->sb.st_uid, 1)) != NULL) 1071 strncpy(hd->uname, name, sizeof(hd->uname)); 1072 if ((name = group_from_gid(arcn->sb.st_gid, 1)) != NULL) 1073 strncpy(hd->gname, name, sizeof(hd->gname)); 1074 } 1075 1076 /* 1077 * calculate and store the checksum write the header to the archive 1078 * return 0 tells the caller to now write the file data, 1 says no data 1079 * needs to be written 1080 */ 1081 if (ul_oct(tar_chksm(hdblk, sizeof(HD_USTAR)), hd->chksum, 1082 sizeof(hd->chksum), 3)) 1083 goto out; 1084 if (wr_rdbuf(hdblk, sizeof(HD_USTAR)) < 0) 1085 return(-1); 1086 if (wr_skip(BLKMULT - sizeof(HD_USTAR)) < 0) 1087 return(-1); 1088 if (PAX_IS_REG(arcn->type)) 1089 return(0); 1090 return(1); 1091 1092 out: 1093 /* 1094 * header field is out of range 1095 */ 1096 paxwarn(1, "Ustar header field is too small for %s", arcn->org_name); 1097 return(1); 1098 } 1099 1100 /* 1101 * name_split() 1102 * see if the name has to be split for storage in a ustar header. We try 1103 * to fit the entire name in the name field without splitting if we can. 1104 * The split point is always at a / 1105 * Return 1106 * character pointer to split point (always the / that is to be removed 1107 * if the split is not needed, the points is set to the start of the file 1108 * name (it would violate the spec to split there). A NULL is returned if 1109 * the file name is too long 1110 */ 1111 1112 static char * 1113 name_split(char *name, int len) 1114 { 1115 char *start; 1116 1117 /* 1118 * check to see if the file name is small enough to fit in the name 1119 * field. if so just return a pointer to the name. 1120 * The strings can fill the complete name and prefix fields 1121 * without a NUL terminator. 1122 */ 1123 if (len <= TNMSZ) 1124 return(name); 1125 if (len > (TPFSZ + TNMSZ + 1)) 1126 return(NULL); 1127 1128 /* 1129 * we start looking at the biggest sized piece that fits in the name 1130 * field. We walk forward looking for a slash to split at. The idea is 1131 * to find the biggest piece to fit in the name field (or the smallest 1132 * prefix we can find) (the -1 is correct the biggest piece would 1133 * include the slash between the two parts that gets thrown away) 1134 */ 1135 start = name + len - TNMSZ - 1; 1136 1137 /* 1138 * the prefix may not be empty, so skip the first character when 1139 * trying to split a path of exactly TNMSZ+1 characters. 1140 * NOTE: This means the ustar format can't store /str if 1141 * str contains no slashes and the length of str == TNMSZ 1142 */ 1143 if (start == name) 1144 ++start; 1145 1146 while ((*start != '\0') && (*start != '/')) 1147 ++start; 1148 1149 /* 1150 * if we hit the end of the string, this name cannot be split, so we 1151 * cannot store this file. 1152 */ 1153 if (*start == '\0') 1154 return(NULL); 1155 1156 /* 1157 * the split point isn't valid if it results in a prefix 1158 * longer than TPFSZ 1159 */ 1160 if ((start - name) > TPFSZ) 1161 return(NULL); 1162 1163 /* 1164 * ok have a split point, return it to the caller 1165 */ 1166 return(start); 1167 } 1168 1169 static size_t 1170 expandname(char *buf, size_t len, char **gnu_name, const char *name, 1171 size_t limit) 1172 { 1173 size_t nlen; 1174 1175 if (*gnu_name) { 1176 /* *gnu_name is NUL terminated */ 1177 if ((nlen = strlcpy(buf, *gnu_name, len)) >= len) 1178 nlen = len - 1; 1179 free(*gnu_name); 1180 *gnu_name = NULL; 1181 } else 1182 nlen = fieldcpy(buf, len, name, limit); 1183 return(nlen); 1184 } 1185 1186 #ifndef SMALL 1187 1188 /* shortest possible extended record: "5 a=\n" */ 1189 #define MINXHDRSZ 5 1190 1191 /* longest record we'll accept */ 1192 #define MAXXHDRSZ BLKMULT 1193 1194 static int 1195 rd_xheader(ARCHD *arcn, int global, off_t size) 1196 { 1197 char buf[MAXXHDRSZ]; 1198 long len; 1199 char *delim, *keyword; 1200 char *nextp, *p, *end; 1201 int pad, ret = 0; 1202 1203 /* before we alter size, make note of how much we have to skip */ 1204 pad = TAR_PAD((unsigned)size); 1205 1206 p = end = buf; 1207 while (size > 0 || p < end) { 1208 if (size > 0) { 1209 int rdlen; 1210 1211 /* shift stuff down */ 1212 if (p > buf) { 1213 memmove(buf, p, end - p); 1214 end -= p - buf; 1215 p = buf; 1216 } 1217 1218 /* fill starting at end */ 1219 rdlen = MINIMUM(size, (buf + sizeof buf) - end); 1220 if (rd_wrbuf(end, rdlen) != rdlen) { 1221 ret = -1; 1222 break; 1223 } 1224 size -= rdlen; 1225 end += rdlen; 1226 } 1227 1228 /* [p, end) is good */ 1229 if (memchr(p, ' ', end - p) == NULL || 1230 !isdigit((unsigned char)*p)) { 1231 paxwarn(1, "Invalid extended header record"); 1232 ret = -1; 1233 break; 1234 } 1235 errno = 0; 1236 len = strtol(p, &delim, 10); 1237 if (*delim != ' ' || (errno == ERANGE && len == LONG_MAX) || 1238 len < MINXHDRSZ) { 1239 paxwarn(1, "Invalid extended header record length"); 1240 ret = -1; 1241 break; 1242 } 1243 if (len > end - p) { 1244 paxwarn(1, "Extended header record length %lu is " 1245 "out of range", len); 1246 /* if we can just toss this record, do so */ 1247 len -= end - p; 1248 if (len <= size && rd_skip(len) == 0) { 1249 size -= len; 1250 p = end = buf; 1251 continue; 1252 } 1253 ret = -1; 1254 break; 1255 } 1256 nextp = p + len; 1257 keyword = p = delim + 1; 1258 p = memchr(p, '=', len); 1259 if (!p || nextp[-1] != '\n') { 1260 paxwarn(1, "Malformed extended header record"); 1261 ret = -1; 1262 break; 1263 } 1264 *p++ = nextp[-1] = '\0'; 1265 if (!global) { 1266 if (!strcmp(keyword, "path")) { 1267 arcn->nlen = strlcpy(arcn->name, p, 1268 sizeof(arcn->name)); 1269 } else if (!strcmp(keyword, "linkpath")) { 1270 arcn->ln_nlen = strlcpy(arcn->ln_name, p, 1271 sizeof(arcn->ln_name)); 1272 } 1273 } 1274 p = nextp; 1275 } 1276 1277 if (rd_skip(size + pad) < 0) 1278 return (-1); 1279 return (ret); 1280 } 1281 #endif 1282