1 /*- 2 * Copyright (c) 2003-2010 Tim Kientzle 3 * Copyright (c) 2012 Michihiro NAKAJIMA 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer 11 * in this position and unchanged. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 #include "archive_platform.h" 29 __FBSDID("$FreeBSD$"); 30 31 #if !defined(_WIN32) || defined(__CYGWIN__) 32 33 #ifdef HAVE_SYS_TYPES_H 34 #include <sys/types.h> 35 #endif 36 #ifdef HAVE_SYS_ACL_H 37 #include <sys/acl.h> 38 #endif 39 #ifdef HAVE_SYS_EXTATTR_H 40 #include <sys/extattr.h> 41 #endif 42 #if defined(HAVE_SYS_XATTR_H) 43 #include <sys/xattr.h> 44 #elif defined(HAVE_ATTR_XATTR_H) 45 #include <attr/xattr.h> 46 #endif 47 #ifdef HAVE_SYS_EA_H 48 #include <sys/ea.h> 49 #endif 50 #ifdef HAVE_SYS_IOCTL_H 51 #include <sys/ioctl.h> 52 #endif 53 #ifdef HAVE_SYS_STAT_H 54 #include <sys/stat.h> 55 #endif 56 #ifdef HAVE_SYS_TIME_H 57 #include <sys/time.h> 58 #endif 59 #ifdef HAVE_SYS_UTIME_H 60 #include <sys/utime.h> 61 #endif 62 #ifdef HAVE_COPYFILE_H 63 #include <copyfile.h> 64 #endif 65 #ifdef HAVE_ERRNO_H 66 #include <errno.h> 67 #endif 68 #ifdef HAVE_FCNTL_H 69 #include <fcntl.h> 70 #endif 71 #ifdef HAVE_GRP_H 72 #include <grp.h> 73 #endif 74 #ifdef HAVE_LANGINFO_H 75 #include <langinfo.h> 76 #endif 77 #ifdef HAVE_LINUX_FS_H 78 #include <linux/fs.h> /* for Linux file flags */ 79 #endif 80 /* 81 * Some Linux distributions have both linux/ext2_fs.h and ext2fs/ext2_fs.h. 82 * As the include guards don't agree, the order of include is important. 83 */ 84 #ifdef HAVE_LINUX_EXT2_FS_H 85 #include <linux/ext2_fs.h> /* for Linux file flags */ 86 #endif 87 #if defined(HAVE_EXT2FS_EXT2_FS_H) && !defined(__CYGWIN__) 88 #include <ext2fs/ext2_fs.h> /* Linux file flags, broken on Cygwin */ 89 #endif 90 #ifdef HAVE_LIMITS_H 91 #include <limits.h> 92 #endif 93 #ifdef HAVE_PWD_H 94 #include <pwd.h> 95 #endif 96 #include <stdio.h> 97 #ifdef HAVE_STDLIB_H 98 #include <stdlib.h> 99 #endif 100 #ifdef HAVE_STRING_H 101 #include <string.h> 102 #endif 103 #ifdef HAVE_UNISTD_H 104 #include <unistd.h> 105 #endif 106 #ifdef HAVE_UTIME_H 107 #include <utime.h> 108 #endif 109 #ifdef F_GETTIMES /* Tru64 specific */ 110 #include <sys/fcntl1.h> 111 #endif 112 113 #if __APPLE__ 114 #include <TargetConditionals.h> 115 #if TARGET_OS_MAC && !TARGET_OS_EMBEDDED && HAVE_QUARANTINE_H 116 #include <quarantine.h> 117 #define HAVE_QUARANTINE 1 118 #endif 119 #endif 120 121 #ifdef HAVE_ZLIB_H 122 #include <zlib.h> 123 #endif 124 125 /* TODO: Support Mac OS 'quarantine' feature. This is really just a 126 * standard tag to mark files that have been downloaded as "tainted". 127 * On Mac OS, we should mark the extracted files as tainted if the 128 * archive being read was tainted. Windows has a similar feature; we 129 * should investigate ways to support this generically. */ 130 131 #include "archive.h" 132 #include "archive_acl_private.h" 133 #include "archive_string.h" 134 #include "archive_endian.h" 135 #include "archive_entry.h" 136 #include "archive_private.h" 137 #include "archive_write_disk_private.h" 138 139 #ifndef O_BINARY 140 #define O_BINARY 0 141 #endif 142 #ifndef O_CLOEXEC 143 #define O_CLOEXEC 0 144 #endif 145 146 struct fixup_entry { 147 struct fixup_entry *next; 148 struct archive_acl acl; 149 mode_t mode; 150 int64_t atime; 151 int64_t birthtime; 152 int64_t mtime; 153 int64_t ctime; 154 unsigned long atime_nanos; 155 unsigned long birthtime_nanos; 156 unsigned long mtime_nanos; 157 unsigned long ctime_nanos; 158 unsigned long fflags_set; 159 size_t mac_metadata_size; 160 void *mac_metadata; 161 int fixup; /* bitmask of what needs fixing */ 162 char *name; 163 }; 164 165 /* 166 * We use a bitmask to track which operations remain to be done for 167 * this file. In particular, this helps us avoid unnecessary 168 * operations when it's possible to take care of one step as a 169 * side-effect of another. For example, mkdir() can specify the mode 170 * for the newly-created object but symlink() cannot. This means we 171 * can skip chmod() if mkdir() succeeded, but we must explicitly 172 * chmod() if we're trying to create a directory that already exists 173 * (mkdir() failed) or if we're restoring a symlink. Similarly, we 174 * need to verify UID/GID before trying to restore SUID/SGID bits; 175 * that verification can occur explicitly through a stat() call or 176 * implicitly because of a successful chown() call. 177 */ 178 #define TODO_MODE_FORCE 0x40000000 179 #define TODO_MODE_BASE 0x20000000 180 #define TODO_SUID 0x10000000 181 #define TODO_SUID_CHECK 0x08000000 182 #define TODO_SGID 0x04000000 183 #define TODO_SGID_CHECK 0x02000000 184 #define TODO_APPLEDOUBLE 0x01000000 185 #define TODO_MODE (TODO_MODE_BASE|TODO_SUID|TODO_SGID) 186 #define TODO_TIMES ARCHIVE_EXTRACT_TIME 187 #define TODO_OWNER ARCHIVE_EXTRACT_OWNER 188 #define TODO_FFLAGS ARCHIVE_EXTRACT_FFLAGS 189 #define TODO_ACLS ARCHIVE_EXTRACT_ACL 190 #define TODO_XATTR ARCHIVE_EXTRACT_XATTR 191 #define TODO_MAC_METADATA ARCHIVE_EXTRACT_MAC_METADATA 192 #define TODO_HFS_COMPRESSION ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED 193 194 struct archive_write_disk { 195 struct archive archive; 196 197 mode_t user_umask; 198 struct fixup_entry *fixup_list; 199 struct fixup_entry *current_fixup; 200 int64_t user_uid; 201 int skip_file_set; 202 int64_t skip_file_dev; 203 int64_t skip_file_ino; 204 time_t start_time; 205 206 int64_t (*lookup_gid)(void *private, const char *gname, int64_t gid); 207 void (*cleanup_gid)(void *private); 208 void *lookup_gid_data; 209 int64_t (*lookup_uid)(void *private, const char *uname, int64_t uid); 210 void (*cleanup_uid)(void *private); 211 void *lookup_uid_data; 212 213 /* 214 * Full path of last file to satisfy symlink checks. 215 */ 216 struct archive_string path_safe; 217 218 /* 219 * Cached stat data from disk for the current entry. 220 * If this is valid, pst points to st. Otherwise, 221 * pst is null. 222 */ 223 struct stat st; 224 struct stat *pst; 225 226 /* Information about the object being restored right now. */ 227 struct archive_entry *entry; /* Entry being extracted. */ 228 char *name; /* Name of entry, possibly edited. */ 229 struct archive_string _name_data; /* backing store for 'name' */ 230 /* Tasks remaining for this object. */ 231 int todo; 232 /* Tasks deferred until end-of-archive. */ 233 int deferred; 234 /* Options requested by the client. */ 235 int flags; 236 /* Handle for the file we're restoring. */ 237 int fd; 238 /* Current offset for writing data to the file. */ 239 int64_t offset; 240 /* Last offset actually written to disk. */ 241 int64_t fd_offset; 242 /* Total bytes actually written to files. */ 243 int64_t total_bytes_written; 244 /* Maximum size of file, -1 if unknown. */ 245 int64_t filesize; 246 /* Dir we were in before this restore; only for deep paths. */ 247 int restore_pwd; 248 /* Mode we should use for this entry; affected by _PERM and umask. */ 249 mode_t mode; 250 /* UID/GID to use in restoring this entry. */ 251 int64_t uid; 252 int64_t gid; 253 /* 254 * HFS+ Compression. 255 */ 256 /* Xattr "com.apple.decmpfs". */ 257 uint32_t decmpfs_attr_size; 258 unsigned char *decmpfs_header_p; 259 /* ResourceFork set options used for fsetxattr. */ 260 int rsrc_xattr_options; 261 /* Xattr "com.apple.ResourceFork". */ 262 unsigned char *resource_fork; 263 size_t resource_fork_allocated_size; 264 unsigned int decmpfs_block_count; 265 uint32_t *decmpfs_block_info; 266 /* Buffer for compressed data. */ 267 unsigned char *compressed_buffer; 268 size_t compressed_buffer_size; 269 size_t compressed_buffer_remaining; 270 /* The offset of the ResourceFork where compressed data will 271 * be placed. */ 272 uint32_t compressed_rsrc_position; 273 uint32_t compressed_rsrc_position_v; 274 /* Buffer for uncompressed data. */ 275 char *uncompressed_buffer; 276 size_t block_remaining_bytes; 277 size_t file_remaining_bytes; 278 #ifdef HAVE_ZLIB_H 279 z_stream stream; 280 int stream_valid; 281 int decmpfs_compression_level; 282 #endif 283 }; 284 285 /* 286 * Default mode for dirs created automatically (will be modified by umask). 287 * Note that POSIX specifies 0777 for implicitly-created dirs, "modified 288 * by the process' file creation mask." 289 */ 290 #define DEFAULT_DIR_MODE 0777 291 /* 292 * Dir modes are restored in two steps: During the extraction, the permissions 293 * in the archive are modified to match the following limits. During 294 * the post-extract fixup pass, the permissions from the archive are 295 * applied. 296 */ 297 #define MINIMUM_DIR_MODE 0700 298 #define MAXIMUM_DIR_MODE 0775 299 300 /* 301 * Maxinum uncompressed size of a decmpfs block. 302 */ 303 #define MAX_DECMPFS_BLOCK_SIZE (64 * 1024) 304 /* 305 * HFS+ compression type. 306 */ 307 #define CMP_XATTR 3/* Compressed data in xattr. */ 308 #define CMP_RESOURCE_FORK 4/* Compressed data in resource fork. */ 309 /* 310 * HFS+ compression resource fork. 311 */ 312 #define RSRC_H_SIZE 260 /* Base size of Resource fork header. */ 313 #define RSRC_F_SIZE 50 /* Size of Resource fork footer. */ 314 /* Size to write compressed data to resource fork. */ 315 #define COMPRESSED_W_SIZE (64 * 1024) 316 /* decmpfs difinitions. */ 317 #define MAX_DECMPFS_XATTR_SIZE 3802 318 #ifndef DECMPFS_XATTR_NAME 319 #define DECMPFS_XATTR_NAME "com.apple.decmpfs" 320 #endif 321 #define DECMPFS_MAGIC 0x636d7066 322 #define DECMPFS_COMPRESSION_MAGIC 0 323 #define DECMPFS_COMPRESSION_TYPE 4 324 #define DECMPFS_UNCOMPRESSED_SIZE 8 325 #define DECMPFS_HEADER_SIZE 16 326 327 #define HFS_BLOCKS(s) ((s) >> 12) 328 329 static int check_symlinks(struct archive_write_disk *); 330 static int create_filesystem_object(struct archive_write_disk *); 331 static struct fixup_entry *current_fixup(struct archive_write_disk *, const char *pathname); 332 #if defined(HAVE_FCHDIR) && defined(PATH_MAX) 333 static void edit_deep_directories(struct archive_write_disk *ad); 334 #endif 335 static int cleanup_pathname(struct archive_write_disk *); 336 static int create_dir(struct archive_write_disk *, char *); 337 static int create_parent_dir(struct archive_write_disk *, char *); 338 static ssize_t hfs_write_data_block(struct archive_write_disk *, 339 const char *, size_t); 340 static int fixup_appledouble(struct archive_write_disk *, const char *); 341 static int older(struct stat *, struct archive_entry *); 342 static int restore_entry(struct archive_write_disk *); 343 static int set_mac_metadata(struct archive_write_disk *, const char *, 344 const void *, size_t); 345 static int set_xattrs(struct archive_write_disk *); 346 static int clear_nochange_fflags(struct archive_write_disk *); 347 static int set_fflags(struct archive_write_disk *); 348 static int set_fflags_platform(struct archive_write_disk *, int fd, 349 const char *name, mode_t mode, 350 unsigned long fflags_set, unsigned long fflags_clear); 351 static int set_ownership(struct archive_write_disk *); 352 static int set_mode(struct archive_write_disk *, int mode); 353 static int set_time(int, int, const char *, time_t, long, time_t, long); 354 static int set_times(struct archive_write_disk *, int, int, const char *, 355 time_t, long, time_t, long, time_t, long, time_t, long); 356 static int set_times_from_entry(struct archive_write_disk *); 357 static struct fixup_entry *sort_dir_list(struct fixup_entry *p); 358 static ssize_t write_data_block(struct archive_write_disk *, 359 const char *, size_t); 360 361 static struct archive_vtable *archive_write_disk_vtable(void); 362 363 static int _archive_write_disk_close(struct archive *); 364 static int _archive_write_disk_free(struct archive *); 365 static int _archive_write_disk_header(struct archive *, struct archive_entry *); 366 static int64_t _archive_write_disk_filter_bytes(struct archive *, int); 367 static int _archive_write_disk_finish_entry(struct archive *); 368 static ssize_t _archive_write_disk_data(struct archive *, const void *, size_t); 369 static ssize_t _archive_write_disk_data_block(struct archive *, const void *, size_t, int64_t); 370 371 static int 372 lazy_stat(struct archive_write_disk *a) 373 { 374 if (a->pst != NULL) { 375 /* Already have stat() data available. */ 376 return (ARCHIVE_OK); 377 } 378 #ifdef HAVE_FSTAT 379 if (a->fd >= 0 && fstat(a->fd, &a->st) == 0) { 380 a->pst = &a->st; 381 return (ARCHIVE_OK); 382 } 383 #endif 384 /* 385 * XXX At this point, symlinks should not be hit, otherwise 386 * XXX a race occurred. Do we want to check explicitly for that? 387 */ 388 if (lstat(a->name, &a->st) == 0) { 389 a->pst = &a->st; 390 return (ARCHIVE_OK); 391 } 392 archive_set_error(&a->archive, errno, "Couldn't stat file"); 393 return (ARCHIVE_WARN); 394 } 395 396 static struct archive_vtable * 397 archive_write_disk_vtable(void) 398 { 399 static struct archive_vtable av; 400 static int inited = 0; 401 402 if (!inited) { 403 av.archive_close = _archive_write_disk_close; 404 av.archive_filter_bytes = _archive_write_disk_filter_bytes; 405 av.archive_free = _archive_write_disk_free; 406 av.archive_write_header = _archive_write_disk_header; 407 av.archive_write_finish_entry 408 = _archive_write_disk_finish_entry; 409 av.archive_write_data = _archive_write_disk_data; 410 av.archive_write_data_block = _archive_write_disk_data_block; 411 inited = 1; 412 } 413 return (&av); 414 } 415 416 static int64_t 417 _archive_write_disk_filter_bytes(struct archive *_a, int n) 418 { 419 struct archive_write_disk *a = (struct archive_write_disk *)_a; 420 (void)n; /* UNUSED */ 421 if (n == -1 || n == 0) 422 return (a->total_bytes_written); 423 return (-1); 424 } 425 426 427 int 428 archive_write_disk_set_options(struct archive *_a, int flags) 429 { 430 struct archive_write_disk *a = (struct archive_write_disk *)_a; 431 432 a->flags = flags; 433 return (ARCHIVE_OK); 434 } 435 436 437 /* 438 * Extract this entry to disk. 439 * 440 * TODO: Validate hardlinks. According to the standards, we're 441 * supposed to check each extracted hardlink and squawk if it refers 442 * to a file that we didn't restore. I'm not entirely convinced this 443 * is a good idea, but more importantly: Is there any way to validate 444 * hardlinks without keeping a complete list of filenames from the 445 * entire archive?? Ugh. 446 * 447 */ 448 static int 449 _archive_write_disk_header(struct archive *_a, struct archive_entry *entry) 450 { 451 struct archive_write_disk *a = (struct archive_write_disk *)_a; 452 struct fixup_entry *fe; 453 int ret, r; 454 455 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 456 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 457 "archive_write_disk_header"); 458 archive_clear_error(&a->archive); 459 if (a->archive.state & ARCHIVE_STATE_DATA) { 460 r = _archive_write_disk_finish_entry(&a->archive); 461 if (r == ARCHIVE_FATAL) 462 return (r); 463 } 464 465 /* Set up for this particular entry. */ 466 a->pst = NULL; 467 a->current_fixup = NULL; 468 a->deferred = 0; 469 if (a->entry) { 470 archive_entry_free(a->entry); 471 a->entry = NULL; 472 } 473 a->entry = archive_entry_clone(entry); 474 a->fd = -1; 475 a->fd_offset = 0; 476 a->offset = 0; 477 a->restore_pwd = -1; 478 a->uid = a->user_uid; 479 a->mode = archive_entry_mode(a->entry); 480 if (archive_entry_size_is_set(a->entry)) 481 a->filesize = archive_entry_size(a->entry); 482 else 483 a->filesize = -1; 484 archive_strcpy(&(a->_name_data), archive_entry_pathname(a->entry)); 485 a->name = a->_name_data.s; 486 archive_clear_error(&a->archive); 487 488 /* 489 * Clean up the requested path. This is necessary for correct 490 * dir restores; the dir restore logic otherwise gets messed 491 * up by nonsense like "dir/.". 492 */ 493 ret = cleanup_pathname(a); 494 if (ret != ARCHIVE_OK) 495 return (ret); 496 497 /* 498 * Query the umask so we get predictable mode settings. 499 * This gets done on every call to _write_header in case the 500 * user edits their umask during the extraction for some 501 * reason. 502 */ 503 umask(a->user_umask = umask(0)); 504 505 /* Figure out what we need to do for this entry. */ 506 a->todo = TODO_MODE_BASE; 507 if (a->flags & ARCHIVE_EXTRACT_PERM) { 508 a->todo |= TODO_MODE_FORCE; /* Be pushy about permissions. */ 509 /* 510 * SGID requires an extra "check" step because we 511 * cannot easily predict the GID that the system will 512 * assign. (Different systems assign GIDs to files 513 * based on a variety of criteria, including process 514 * credentials and the gid of the enclosing 515 * directory.) We can only restore the SGID bit if 516 * the file has the right GID, and we only know the 517 * GID if we either set it (see set_ownership) or if 518 * we've actually called stat() on the file after it 519 * was restored. Since there are several places at 520 * which we might verify the GID, we need a TODO bit 521 * to keep track. 522 */ 523 if (a->mode & S_ISGID) 524 a->todo |= TODO_SGID | TODO_SGID_CHECK; 525 /* 526 * Verifying the SUID is simpler, but can still be 527 * done in multiple ways, hence the separate "check" bit. 528 */ 529 if (a->mode & S_ISUID) 530 a->todo |= TODO_SUID | TODO_SUID_CHECK; 531 } else { 532 /* 533 * User didn't request full permissions, so don't 534 * restore SUID, SGID bits and obey umask. 535 */ 536 a->mode &= ~S_ISUID; 537 a->mode &= ~S_ISGID; 538 a->mode &= ~S_ISVTX; 539 a->mode &= ~a->user_umask; 540 } 541 if (a->flags & ARCHIVE_EXTRACT_OWNER) 542 a->todo |= TODO_OWNER; 543 if (a->flags & ARCHIVE_EXTRACT_TIME) 544 a->todo |= TODO_TIMES; 545 if (a->flags & ARCHIVE_EXTRACT_ACL) { 546 if (archive_entry_filetype(a->entry) == AE_IFDIR) 547 a->deferred |= TODO_ACLS; 548 else 549 a->todo |= TODO_ACLS; 550 } 551 if (a->flags & ARCHIVE_EXTRACT_MAC_METADATA) { 552 if (archive_entry_filetype(a->entry) == AE_IFDIR) 553 a->deferred |= TODO_MAC_METADATA; 554 else 555 a->todo |= TODO_MAC_METADATA; 556 } 557 #if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 558 if ((a->flags & ARCHIVE_EXTRACT_NO_HFS_COMPRESSION) == 0) { 559 unsigned long set, clear; 560 archive_entry_fflags(a->entry, &set, &clear); 561 if ((set & ~clear) & UF_COMPRESSED) { 562 a->todo |= TODO_HFS_COMPRESSION; 563 a->decmpfs_block_count = (unsigned)-1; 564 } 565 } 566 if ((a->flags & ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED) != 0 && 567 (a->mode & AE_IFMT) == AE_IFREG && a->filesize > 0) { 568 a->todo |= TODO_HFS_COMPRESSION; 569 a->decmpfs_block_count = (unsigned)-1; 570 } 571 { 572 const char *p; 573 574 /* Check if the current file name is a type of the 575 * resource fork file. */ 576 p = strrchr(a->name, '/'); 577 if (p == NULL) 578 p = a->name; 579 else 580 p++; 581 if (p[0] == '.' && p[1] == '_') { 582 /* Do not compress "._XXX" files. */ 583 a->todo &= ~TODO_HFS_COMPRESSION; 584 if (a->filesize > 0) 585 a->todo |= TODO_APPLEDOUBLE; 586 } 587 } 588 #endif 589 590 if (a->flags & ARCHIVE_EXTRACT_XATTR) 591 a->todo |= TODO_XATTR; 592 if (a->flags & ARCHIVE_EXTRACT_FFLAGS) 593 a->todo |= TODO_FFLAGS; 594 if (a->flags & ARCHIVE_EXTRACT_SECURE_SYMLINKS) { 595 ret = check_symlinks(a); 596 if (ret != ARCHIVE_OK) 597 return (ret); 598 } 599 #if defined(HAVE_FCHDIR) && defined(PATH_MAX) 600 /* If path exceeds PATH_MAX, shorten the path. */ 601 edit_deep_directories(a); 602 #endif 603 604 ret = restore_entry(a); 605 606 #if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 607 /* 608 * Check if the filesystem the file is restoring on supports 609 * HFS+ Compression. If not, cancel HFS+ Compression. 610 */ 611 if (a->todo | TODO_HFS_COMPRESSION) { 612 /* 613 * NOTE: UF_COMPRESSED is ignored even if the filesystem 614 * supports HFS+ Compression because the file should 615 * have at least an extended attriute "com.apple.decmpfs" 616 * before the flag is set to indicate that the file have 617 * been compressed. If hte filesystem does not support 618 * HFS+ Compression the system call will fail. 619 */ 620 if (a->fd < 0 || fchflags(a->fd, UF_COMPRESSED) != 0) 621 a->todo &= ~TODO_HFS_COMPRESSION; 622 } 623 #endif 624 625 /* 626 * TODO: There are rumours that some extended attributes must 627 * be restored before file data is written. If this is true, 628 * then we either need to write all extended attributes both 629 * before and after restoring the data, or find some rule for 630 * determining which must go first and which last. Due to the 631 * many ways people are using xattrs, this may prove to be an 632 * intractable problem. 633 */ 634 635 #ifdef HAVE_FCHDIR 636 /* If we changed directory above, restore it here. */ 637 if (a->restore_pwd >= 0) { 638 r = fchdir(a->restore_pwd); 639 if (r != 0) { 640 archive_set_error(&a->archive, errno, "chdir() failure"); 641 ret = ARCHIVE_FATAL; 642 } 643 close(a->restore_pwd); 644 a->restore_pwd = -1; 645 } 646 #endif 647 648 /* 649 * Fixup uses the unedited pathname from archive_entry_pathname(), 650 * because it is relative to the base dir and the edited path 651 * might be relative to some intermediate dir as a result of the 652 * deep restore logic. 653 */ 654 if (a->deferred & TODO_MODE) { 655 fe = current_fixup(a, archive_entry_pathname(entry)); 656 if (fe == NULL) 657 return (ARCHIVE_FATAL); 658 fe->fixup |= TODO_MODE_BASE; 659 fe->mode = a->mode; 660 } 661 662 if ((a->deferred & TODO_TIMES) 663 && (archive_entry_mtime_is_set(entry) 664 || archive_entry_atime_is_set(entry))) { 665 fe = current_fixup(a, archive_entry_pathname(entry)); 666 if (fe == NULL) 667 return (ARCHIVE_FATAL); 668 fe->mode = a->mode; 669 fe->fixup |= TODO_TIMES; 670 if (archive_entry_atime_is_set(entry)) { 671 fe->atime = archive_entry_atime(entry); 672 fe->atime_nanos = archive_entry_atime_nsec(entry); 673 } else { 674 /* If atime is unset, use start time. */ 675 fe->atime = a->start_time; 676 fe->atime_nanos = 0; 677 } 678 if (archive_entry_mtime_is_set(entry)) { 679 fe->mtime = archive_entry_mtime(entry); 680 fe->mtime_nanos = archive_entry_mtime_nsec(entry); 681 } else { 682 /* If mtime is unset, use start time. */ 683 fe->mtime = a->start_time; 684 fe->mtime_nanos = 0; 685 } 686 if (archive_entry_birthtime_is_set(entry)) { 687 fe->birthtime = archive_entry_birthtime(entry); 688 fe->birthtime_nanos = archive_entry_birthtime_nsec(entry); 689 } else { 690 /* If birthtime is unset, use mtime. */ 691 fe->birthtime = fe->mtime; 692 fe->birthtime_nanos = fe->mtime_nanos; 693 } 694 } 695 696 if (a->deferred & TODO_ACLS) { 697 fe = current_fixup(a, archive_entry_pathname(entry)); 698 if (fe == NULL) 699 return (ARCHIVE_FATAL); 700 fe->fixup |= TODO_ACLS; 701 archive_acl_copy(&fe->acl, archive_entry_acl(entry)); 702 } 703 704 if (a->deferred & TODO_MAC_METADATA) { 705 const void *metadata; 706 size_t metadata_size; 707 metadata = archive_entry_mac_metadata(a->entry, &metadata_size); 708 if (metadata != NULL && metadata_size > 0) { 709 fe = current_fixup(a, archive_entry_pathname(entry)); 710 if (fe == NULL) 711 return (ARCHIVE_FATAL); 712 fe->mac_metadata = malloc(metadata_size); 713 if (fe->mac_metadata != NULL) { 714 memcpy(fe->mac_metadata, metadata, metadata_size); 715 fe->mac_metadata_size = metadata_size; 716 fe->fixup |= TODO_MAC_METADATA; 717 } 718 } 719 } 720 721 if (a->deferred & TODO_FFLAGS) { 722 fe = current_fixup(a, archive_entry_pathname(entry)); 723 if (fe == NULL) 724 return (ARCHIVE_FATAL); 725 fe->fixup |= TODO_FFLAGS; 726 /* TODO: Complete this.. defer fflags from below. */ 727 } 728 729 /* We've created the object and are ready to pour data into it. */ 730 if (ret >= ARCHIVE_WARN) 731 a->archive.state = ARCHIVE_STATE_DATA; 732 /* 733 * If it's not open, tell our client not to try writing. 734 * In particular, dirs, links, etc, don't get written to. 735 */ 736 if (a->fd < 0) { 737 archive_entry_set_size(entry, 0); 738 a->filesize = 0; 739 } 740 741 return (ret); 742 } 743 744 int 745 archive_write_disk_set_skip_file(struct archive *_a, int64_t d, int64_t i) 746 { 747 struct archive_write_disk *a = (struct archive_write_disk *)_a; 748 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 749 ARCHIVE_STATE_ANY, "archive_write_disk_set_skip_file"); 750 a->skip_file_set = 1; 751 a->skip_file_dev = d; 752 a->skip_file_ino = i; 753 return (ARCHIVE_OK); 754 } 755 756 static ssize_t 757 write_data_block(struct archive_write_disk *a, const char *buff, size_t size) 758 { 759 uint64_t start_size = size; 760 ssize_t bytes_written = 0; 761 ssize_t block_size = 0, bytes_to_write; 762 763 if (size == 0) 764 return (ARCHIVE_OK); 765 766 if (a->filesize == 0 || a->fd < 0) { 767 archive_set_error(&a->archive, 0, 768 "Attempt to write to an empty file"); 769 return (ARCHIVE_WARN); 770 } 771 772 if (a->flags & ARCHIVE_EXTRACT_SPARSE) { 773 #if HAVE_STRUCT_STAT_ST_BLKSIZE 774 int r; 775 if ((r = lazy_stat(a)) != ARCHIVE_OK) 776 return (r); 777 block_size = a->pst->st_blksize; 778 #else 779 /* XXX TODO XXX Is there a more appropriate choice here ? */ 780 /* This needn't match the filesystem allocation size. */ 781 block_size = 16*1024; 782 #endif 783 } 784 785 /* If this write would run beyond the file size, truncate it. */ 786 if (a->filesize >= 0 && (int64_t)(a->offset + size) > a->filesize) 787 start_size = size = (size_t)(a->filesize - a->offset); 788 789 /* Write the data. */ 790 while (size > 0) { 791 if (block_size == 0) { 792 bytes_to_write = size; 793 } else { 794 /* We're sparsifying the file. */ 795 const char *p, *end; 796 int64_t block_end; 797 798 /* Skip leading zero bytes. */ 799 for (p = buff, end = buff + size; p < end; ++p) { 800 if (*p != '\0') 801 break; 802 } 803 a->offset += p - buff; 804 size -= p - buff; 805 buff = p; 806 if (size == 0) 807 break; 808 809 /* Calculate next block boundary after offset. */ 810 block_end 811 = (a->offset / block_size + 1) * block_size; 812 813 /* If the adjusted write would cross block boundary, 814 * truncate it to the block boundary. */ 815 bytes_to_write = size; 816 if (a->offset + bytes_to_write > block_end) 817 bytes_to_write = block_end - a->offset; 818 } 819 /* Seek if necessary to the specified offset. */ 820 if (a->offset != a->fd_offset) { 821 if (lseek(a->fd, a->offset, SEEK_SET) < 0) { 822 archive_set_error(&a->archive, errno, 823 "Seek failed"); 824 return (ARCHIVE_FATAL); 825 } 826 a->fd_offset = a->offset; 827 } 828 bytes_written = write(a->fd, buff, bytes_to_write); 829 if (bytes_written < 0) { 830 archive_set_error(&a->archive, errno, "Write failed"); 831 return (ARCHIVE_WARN); 832 } 833 buff += bytes_written; 834 size -= bytes_written; 835 a->total_bytes_written += bytes_written; 836 a->offset += bytes_written; 837 a->fd_offset = a->offset; 838 } 839 return (start_size - size); 840 } 841 842 #if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_SYS_XATTR_H)\ 843 && defined(HAVE_ZLIB_H) 844 845 /* 846 * Set UF_COMPRESSED file flag. 847 * This have to be called after hfs_write_decmpfs() because if the 848 * file does not have "com.apple.decmpfs" xattr the flag is ignored. 849 */ 850 static int 851 hfs_set_compressed_fflag(struct archive_write_disk *a) 852 { 853 int r; 854 855 if ((r = lazy_stat(a)) != ARCHIVE_OK) 856 return (r); 857 858 a->st.st_flags |= UF_COMPRESSED; 859 if (fchflags(a->fd, a->st.st_flags) != 0) { 860 archive_set_error(&a->archive, errno, 861 "Failed to set UF_COMPRESSED file flag"); 862 return (ARCHIVE_WARN); 863 } 864 return (ARCHIVE_OK); 865 } 866 867 /* 868 * HFS+ Compression decmpfs 869 * 870 * +------------------------------+ +0 871 * | Magic(LE 4 bytes) | 872 * +------------------------------+ 873 * | Type(LE 4 bytes) | 874 * +------------------------------+ 875 * | Uncompressed size(LE 8 bytes)| 876 * +------------------------------+ +16 877 * | | 878 * | Compressed data | 879 * | (Placed only if Type == 3) | 880 * | | 881 * +------------------------------+ +3802 = MAX_DECMPFS_XATTR_SIZE 882 * 883 * Type is 3: decmpfs has compressed data. 884 * Type is 4: Resource Fork has compressed data. 885 */ 886 /* 887 * Write "com.apple.decmpfs" 888 */ 889 static int 890 hfs_write_decmpfs(struct archive_write_disk *a) 891 { 892 int r; 893 uint32_t compression_type; 894 895 r = fsetxattr(a->fd, DECMPFS_XATTR_NAME, a->decmpfs_header_p, 896 a->decmpfs_attr_size, 0, 0); 897 if (r < 0) { 898 archive_set_error(&a->archive, errno, 899 "Cannot restore xattr:%s", DECMPFS_XATTR_NAME); 900 compression_type = archive_le32dec( 901 &a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE]); 902 if (compression_type == CMP_RESOURCE_FORK) 903 fremovexattr(a->fd, XATTR_RESOURCEFORK_NAME, 904 XATTR_SHOWCOMPRESSION); 905 return (ARCHIVE_WARN); 906 } 907 return (ARCHIVE_OK); 908 } 909 910 /* 911 * HFS+ Compression Resource Fork 912 * 913 * +-----------------------------+ 914 * | Header(260 bytes) | 915 * +-----------------------------+ 916 * | Block count(LE 4 bytes) | 917 * +-----------------------------+ --+ 918 * +-- | Offset (LE 4 bytes) | | 919 * | | [distance from Block count] | | Block 0 920 * | +-----------------------------+ | 921 * | | Compressed size(LE 4 bytes) | | 922 * | +-----------------------------+ --+ 923 * | | | 924 * | | .................. | 925 * | | | 926 * | +-----------------------------+ --+ 927 * | | Offset (LE 4 bytes) | | 928 * | +-----------------------------+ | Block (Block count -1) 929 * | | Compressed size(LE 4 bytes) | | 930 * +-> +-----------------------------+ --+ 931 * | Compressed data(n bytes) | Block 0 932 * +-----------------------------+ 933 * | | 934 * | .................. | 935 * | | 936 * +-----------------------------+ 937 * | Compressed data(n bytes) | Block (Block count -1) 938 * +-----------------------------+ 939 * | Footer(50 bytes) | 940 * +-----------------------------+ 941 * 942 */ 943 /* 944 * Write the header of "com.apple.ResourceFork" 945 */ 946 static int 947 hfs_write_resource_fork(struct archive_write_disk *a, unsigned char *buff, 948 size_t bytes, uint32_t position) 949 { 950 int ret; 951 952 ret = fsetxattr(a->fd, XATTR_RESOURCEFORK_NAME, buff, bytes, 953 position, a->rsrc_xattr_options); 954 if (ret < 0) { 955 archive_set_error(&a->archive, errno, 956 "Cannot restore xattr: %s at %u pos %u bytes", 957 XATTR_RESOURCEFORK_NAME, 958 (unsigned)position, 959 (unsigned)bytes); 960 return (ARCHIVE_WARN); 961 } 962 a->rsrc_xattr_options &= ~XATTR_CREATE; 963 return (ARCHIVE_OK); 964 } 965 966 static int 967 hfs_write_compressed_data(struct archive_write_disk *a, size_t bytes_compressed) 968 { 969 int ret; 970 971 ret = hfs_write_resource_fork(a, a->compressed_buffer, 972 bytes_compressed, a->compressed_rsrc_position); 973 if (ret == ARCHIVE_OK) 974 a->compressed_rsrc_position += bytes_compressed; 975 return (ret); 976 } 977 978 static int 979 hfs_write_resource_fork_header(struct archive_write_disk *a) 980 { 981 unsigned char *buff; 982 uint32_t rsrc_bytes; 983 uint32_t rsrc_header_bytes; 984 985 /* 986 * Write resource fork header + block info. 987 */ 988 buff = a->resource_fork; 989 rsrc_bytes = a->compressed_rsrc_position - RSRC_F_SIZE; 990 rsrc_header_bytes = 991 RSRC_H_SIZE + /* Header base size. */ 992 4 + /* Block count. */ 993 (a->decmpfs_block_count * 8);/* Block info */ 994 archive_be32enc(buff, 0x100); 995 archive_be32enc(buff + 4, rsrc_bytes); 996 archive_be32enc(buff + 8, rsrc_bytes - 256); 997 archive_be32enc(buff + 12, 0x32); 998 memset(buff + 16, 0, 240); 999 archive_be32enc(buff + 256, rsrc_bytes - 260); 1000 return hfs_write_resource_fork(a, buff, rsrc_header_bytes, 0); 1001 } 1002 1003 static size_t 1004 hfs_set_resource_fork_footer(unsigned char *buff, size_t buff_size) 1005 { 1006 static const char rsrc_footer[RSRC_F_SIZE] = { 1007 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1008 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1009 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1010 0x00, 0x1c, 0x00, 0x32, 0x00, 0x00, 'c', 'm', 1011 'p', 'f', 0x00, 0x00, 0x00, 0x0a, 0x00, 0x01, 1012 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1013 0x00, 0x00 1014 }; 1015 if (buff_size < sizeof(rsrc_footer)) 1016 return (0); 1017 memcpy(buff, rsrc_footer, sizeof(rsrc_footer)); 1018 return (sizeof(rsrc_footer)); 1019 } 1020 1021 static int 1022 hfs_reset_compressor(struct archive_write_disk *a) 1023 { 1024 int ret; 1025 1026 if (a->stream_valid) 1027 ret = deflateReset(&a->stream); 1028 else 1029 ret = deflateInit(&a->stream, a->decmpfs_compression_level); 1030 1031 if (ret != Z_OK) { 1032 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1033 "Failed to initialize compressor"); 1034 return (ARCHIVE_FATAL); 1035 } else 1036 a->stream_valid = 1; 1037 1038 return (ARCHIVE_OK); 1039 } 1040 1041 static int 1042 hfs_decompress(struct archive_write_disk *a) 1043 { 1044 uint32_t *block_info; 1045 unsigned int block_count; 1046 uint32_t data_pos, data_size; 1047 ssize_t r; 1048 ssize_t bytes_written, bytes_to_write; 1049 unsigned char *b; 1050 1051 block_info = (uint32_t *)(a->resource_fork + RSRC_H_SIZE); 1052 block_count = archive_le32dec(block_info++); 1053 while (block_count--) { 1054 data_pos = RSRC_H_SIZE + archive_le32dec(block_info++); 1055 data_size = archive_le32dec(block_info++); 1056 r = fgetxattr(a->fd, XATTR_RESOURCEFORK_NAME, 1057 a->compressed_buffer, data_size, data_pos, 0); 1058 if (r != data_size) { 1059 archive_set_error(&a->archive, 1060 (r < 0)?errno:ARCHIVE_ERRNO_MISC, 1061 "Failed to read resource fork"); 1062 return (ARCHIVE_WARN); 1063 } 1064 if (a->compressed_buffer[0] == 0xff) { 1065 bytes_to_write = data_size -1; 1066 b = a->compressed_buffer + 1; 1067 } else { 1068 uLong dest_len = MAX_DECMPFS_BLOCK_SIZE; 1069 int zr; 1070 1071 zr = uncompress((Bytef *)a->uncompressed_buffer, 1072 &dest_len, a->compressed_buffer, data_size); 1073 if (zr != Z_OK) { 1074 archive_set_error(&a->archive, 1075 ARCHIVE_ERRNO_MISC, 1076 "Failed to decompress resource fork"); 1077 return (ARCHIVE_WARN); 1078 } 1079 bytes_to_write = dest_len; 1080 b = (unsigned char *)a->uncompressed_buffer; 1081 } 1082 do { 1083 bytes_written = write(a->fd, b, bytes_to_write); 1084 if (bytes_written < 0) { 1085 archive_set_error(&a->archive, errno, 1086 "Write failed"); 1087 return (ARCHIVE_WARN); 1088 } 1089 bytes_to_write -= bytes_written; 1090 b += bytes_written; 1091 } while (bytes_to_write > 0); 1092 } 1093 r = fremovexattr(a->fd, XATTR_RESOURCEFORK_NAME, 0); 1094 if (r == -1) { 1095 archive_set_error(&a->archive, errno, 1096 "Failed to remove resource fork"); 1097 return (ARCHIVE_WARN); 1098 } 1099 return (ARCHIVE_OK); 1100 } 1101 1102 static int 1103 hfs_drive_compressor(struct archive_write_disk *a, const char *buff, 1104 size_t size) 1105 { 1106 unsigned char *buffer_compressed; 1107 size_t bytes_compressed; 1108 size_t bytes_used; 1109 int ret; 1110 1111 ret = hfs_reset_compressor(a); 1112 if (ret != ARCHIVE_OK) 1113 return (ret); 1114 1115 if (a->compressed_buffer == NULL) { 1116 size_t block_size; 1117 1118 block_size = COMPRESSED_W_SIZE + RSRC_F_SIZE + 1119 + compressBound(MAX_DECMPFS_BLOCK_SIZE); 1120 a->compressed_buffer = malloc(block_size); 1121 if (a->compressed_buffer == NULL) { 1122 archive_set_error(&a->archive, ENOMEM, 1123 "Can't allocate memory for Resource Fork"); 1124 return (ARCHIVE_FATAL); 1125 } 1126 a->compressed_buffer_size = block_size; 1127 a->compressed_buffer_remaining = block_size; 1128 } 1129 1130 buffer_compressed = a->compressed_buffer + 1131 a->compressed_buffer_size - a->compressed_buffer_remaining; 1132 a->stream.next_in = (Bytef *)(uintptr_t)(const void *)buff; 1133 a->stream.avail_in = size; 1134 a->stream.next_out = buffer_compressed; 1135 a->stream.avail_out = a->compressed_buffer_remaining; 1136 do { 1137 ret = deflate(&a->stream, Z_FINISH); 1138 switch (ret) { 1139 case Z_OK: 1140 case Z_STREAM_END: 1141 break; 1142 default: 1143 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1144 "Failed to compress data"); 1145 return (ARCHIVE_FAILED); 1146 } 1147 } while (ret == Z_OK); 1148 bytes_compressed = a->compressed_buffer_remaining - a->stream.avail_out; 1149 1150 /* 1151 * If the compressed size is larger than the original size, 1152 * throw away compressed data, use uncompressed data instead. 1153 */ 1154 if (bytes_compressed > size) { 1155 buffer_compressed[0] = 0xFF;/* uncompressed marker. */ 1156 memcpy(buffer_compressed + 1, buff, size); 1157 bytes_compressed = size + 1; 1158 } 1159 a->compressed_buffer_remaining -= bytes_compressed; 1160 1161 /* 1162 * If the compressed size is smaller than MAX_DECMPFS_XATTR_SIZE 1163 * and the block count in the file is only one, store compressed 1164 * data to decmpfs xattr instead of the resource fork. 1165 */ 1166 if (a->decmpfs_block_count == 1 && 1167 (a->decmpfs_attr_size + bytes_compressed) 1168 <= MAX_DECMPFS_XATTR_SIZE) { 1169 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE], 1170 CMP_XATTR); 1171 memcpy(a->decmpfs_header_p + DECMPFS_HEADER_SIZE, 1172 buffer_compressed, bytes_compressed); 1173 a->decmpfs_attr_size += bytes_compressed; 1174 a->compressed_buffer_remaining = a->compressed_buffer_size; 1175 /* 1176 * Finish HFS+ Compression. 1177 * - Write the decmpfs xattr. 1178 * - Set the UF_COMPRESSED file flag. 1179 */ 1180 ret = hfs_write_decmpfs(a); 1181 if (ret == ARCHIVE_OK) 1182 ret = hfs_set_compressed_fflag(a); 1183 return (ret); 1184 } 1185 1186 /* Update block info. */ 1187 archive_le32enc(a->decmpfs_block_info++, 1188 a->compressed_rsrc_position_v - RSRC_H_SIZE); 1189 archive_le32enc(a->decmpfs_block_info++, bytes_compressed); 1190 a->compressed_rsrc_position_v += bytes_compressed; 1191 1192 /* 1193 * Write the compressed data to the resource fork. 1194 */ 1195 bytes_used = a->compressed_buffer_size - a->compressed_buffer_remaining; 1196 while (bytes_used >= COMPRESSED_W_SIZE) { 1197 ret = hfs_write_compressed_data(a, COMPRESSED_W_SIZE); 1198 if (ret != ARCHIVE_OK) 1199 return (ret); 1200 bytes_used -= COMPRESSED_W_SIZE; 1201 if (bytes_used > COMPRESSED_W_SIZE) 1202 memmove(a->compressed_buffer, 1203 a->compressed_buffer + COMPRESSED_W_SIZE, 1204 bytes_used); 1205 else 1206 memcpy(a->compressed_buffer, 1207 a->compressed_buffer + COMPRESSED_W_SIZE, 1208 bytes_used); 1209 } 1210 a->compressed_buffer_remaining = a->compressed_buffer_size - bytes_used; 1211 1212 /* 1213 * If the current block is the last block, write the remaining 1214 * compressed data and the resource fork footer. 1215 */ 1216 if (a->file_remaining_bytes == 0) { 1217 size_t rsrc_size; 1218 int64_t bk; 1219 1220 /* Append the resource footer. */ 1221 rsrc_size = hfs_set_resource_fork_footer( 1222 a->compressed_buffer + bytes_used, 1223 a->compressed_buffer_remaining); 1224 ret = hfs_write_compressed_data(a, bytes_used + rsrc_size); 1225 a->compressed_buffer_remaining = a->compressed_buffer_size; 1226 1227 /* If the compressed size is not enouph smaller than 1228 * the uncompressed size. cancel HFS+ compression. 1229 * TODO: study a behavior of ditto utility and improve 1230 * the condition to fall back into no HFS+ compression. */ 1231 bk = HFS_BLOCKS(a->compressed_rsrc_position); 1232 bk += bk >> 7; 1233 if (bk > HFS_BLOCKS(a->filesize)) 1234 return hfs_decompress(a); 1235 /* 1236 * Write the resourcefork header. 1237 */ 1238 if (ret == ARCHIVE_OK) 1239 ret = hfs_write_resource_fork_header(a); 1240 /* 1241 * Finish HFS+ Compression. 1242 * - Write the decmpfs xattr. 1243 * - Set the UF_COMPRESSED file flag. 1244 */ 1245 if (ret == ARCHIVE_OK) 1246 ret = hfs_write_decmpfs(a); 1247 if (ret == ARCHIVE_OK) 1248 ret = hfs_set_compressed_fflag(a); 1249 } 1250 return (ret); 1251 } 1252 1253 static ssize_t 1254 hfs_write_decmpfs_block(struct archive_write_disk *a, const char *buff, 1255 size_t size) 1256 { 1257 const char *buffer_to_write; 1258 size_t bytes_to_write; 1259 int ret; 1260 1261 if (a->decmpfs_block_count == (unsigned)-1) { 1262 void *new_block; 1263 size_t new_size; 1264 unsigned int block_count; 1265 1266 if (a->decmpfs_header_p == NULL) { 1267 new_block = malloc(MAX_DECMPFS_XATTR_SIZE 1268 + sizeof(uint32_t)); 1269 if (new_block == NULL) { 1270 archive_set_error(&a->archive, ENOMEM, 1271 "Can't allocate memory for decmpfs"); 1272 return (ARCHIVE_FATAL); 1273 } 1274 a->decmpfs_header_p = new_block; 1275 } 1276 a->decmpfs_attr_size = DECMPFS_HEADER_SIZE; 1277 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_MAGIC], 1278 DECMPFS_MAGIC); 1279 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE], 1280 CMP_RESOURCE_FORK); 1281 archive_le64enc(&a->decmpfs_header_p[DECMPFS_UNCOMPRESSED_SIZE], 1282 a->filesize); 1283 1284 /* Calculate a block count of the file. */ 1285 block_count = 1286 (a->filesize + MAX_DECMPFS_BLOCK_SIZE -1) / 1287 MAX_DECMPFS_BLOCK_SIZE; 1288 /* 1289 * Allocate buffer for resource fork. 1290 * Set up related pointers; 1291 */ 1292 new_size = 1293 RSRC_H_SIZE + /* header */ 1294 4 + /* Block count */ 1295 (block_count * sizeof(uint32_t) * 2) + 1296 RSRC_F_SIZE; /* footer */ 1297 if (new_size > a->resource_fork_allocated_size) { 1298 new_block = realloc(a->resource_fork, new_size); 1299 if (new_block == NULL) { 1300 archive_set_error(&a->archive, ENOMEM, 1301 "Can't allocate memory for ResourceFork"); 1302 return (ARCHIVE_FATAL); 1303 } 1304 a->resource_fork_allocated_size = new_size; 1305 a->resource_fork = new_block; 1306 } 1307 1308 /* Allocate uncompressed buffer */ 1309 if (a->uncompressed_buffer == NULL) { 1310 new_block = malloc(MAX_DECMPFS_BLOCK_SIZE); 1311 if (new_block == NULL) { 1312 archive_set_error(&a->archive, ENOMEM, 1313 "Can't allocate memory for decmpfs"); 1314 return (ARCHIVE_FATAL); 1315 } 1316 a->uncompressed_buffer = new_block; 1317 } 1318 a->block_remaining_bytes = MAX_DECMPFS_BLOCK_SIZE; 1319 a->file_remaining_bytes = a->filesize; 1320 a->compressed_buffer_remaining = a->compressed_buffer_size; 1321 1322 /* 1323 * Set up a resource fork. 1324 */ 1325 a->rsrc_xattr_options = XATTR_CREATE; 1326 /* Get the position where we are going to set a bunch 1327 * of block info. */ 1328 a->decmpfs_block_info = 1329 (uint32_t *)(a->resource_fork + RSRC_H_SIZE); 1330 /* Set the block count to the resource fork. */ 1331 archive_le32enc(a->decmpfs_block_info++, block_count); 1332 /* Get the position where we are goint to set compressed 1333 * data. */ 1334 a->compressed_rsrc_position = 1335 RSRC_H_SIZE + 4 + (block_count * 8); 1336 a->compressed_rsrc_position_v = a->compressed_rsrc_position; 1337 a->decmpfs_block_count = block_count; 1338 } 1339 1340 /* Ignore redundant bytes. */ 1341 if (a->file_remaining_bytes == 0) 1342 return ((ssize_t)size); 1343 1344 /* Do not overrun a block size. */ 1345 if (size > a->block_remaining_bytes) 1346 bytes_to_write = a->block_remaining_bytes; 1347 else 1348 bytes_to_write = size; 1349 /* Do not overrun the file size. */ 1350 if (bytes_to_write > a->file_remaining_bytes) 1351 bytes_to_write = a->file_remaining_bytes; 1352 1353 /* For efficiency, if a copy length is full of the uncompressed 1354 * buffer size, do not copy writing data to it. */ 1355 if (bytes_to_write == MAX_DECMPFS_BLOCK_SIZE) 1356 buffer_to_write = buff; 1357 else { 1358 memcpy(a->uncompressed_buffer + 1359 MAX_DECMPFS_BLOCK_SIZE - a->block_remaining_bytes, 1360 buff, bytes_to_write); 1361 buffer_to_write = a->uncompressed_buffer; 1362 } 1363 a->block_remaining_bytes -= bytes_to_write; 1364 a->file_remaining_bytes -= bytes_to_write; 1365 1366 if (a->block_remaining_bytes == 0 || a->file_remaining_bytes == 0) { 1367 ret = hfs_drive_compressor(a, buffer_to_write, 1368 MAX_DECMPFS_BLOCK_SIZE - a->block_remaining_bytes); 1369 if (ret < 0) 1370 return (ret); 1371 a->block_remaining_bytes = MAX_DECMPFS_BLOCK_SIZE; 1372 } 1373 /* Ignore redundant bytes. */ 1374 if (a->file_remaining_bytes == 0) 1375 return ((ssize_t)size); 1376 return (bytes_to_write); 1377 } 1378 1379 static ssize_t 1380 hfs_write_data_block(struct archive_write_disk *a, const char *buff, 1381 size_t size) 1382 { 1383 uint64_t start_size = size; 1384 ssize_t bytes_written = 0; 1385 ssize_t bytes_to_write; 1386 1387 if (size == 0) 1388 return (ARCHIVE_OK); 1389 1390 if (a->filesize == 0 || a->fd < 0) { 1391 archive_set_error(&a->archive, 0, 1392 "Attempt to write to an empty file"); 1393 return (ARCHIVE_WARN); 1394 } 1395 1396 /* If this write would run beyond the file size, truncate it. */ 1397 if (a->filesize >= 0 && (int64_t)(a->offset + size) > a->filesize) 1398 start_size = size = (size_t)(a->filesize - a->offset); 1399 1400 /* Write the data. */ 1401 while (size > 0) { 1402 bytes_to_write = size; 1403 /* Seek if necessary to the specified offset. */ 1404 if (a->offset < a->fd_offset) { 1405 /* Can't support backword move. */ 1406 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1407 "Seek failed"); 1408 return (ARCHIVE_FATAL); 1409 } else if (a->offset > a->fd_offset) { 1410 int64_t skip = a->offset - a->fd_offset; 1411 char nullblock[1024]; 1412 1413 memset(nullblock, 0, sizeof(nullblock)); 1414 while (skip > 0) { 1415 if (skip > (int64_t)sizeof(nullblock)) 1416 bytes_written = hfs_write_decmpfs_block( 1417 a, nullblock, sizeof(nullblock)); 1418 else 1419 bytes_written = hfs_write_decmpfs_block( 1420 a, nullblock, skip); 1421 if (bytes_written < 0) { 1422 archive_set_error(&a->archive, errno, 1423 "Write failed"); 1424 return (ARCHIVE_WARN); 1425 } 1426 skip -= bytes_written; 1427 } 1428 1429 a->fd_offset = a->offset; 1430 } 1431 bytes_written = 1432 hfs_write_decmpfs_block(a, buff, bytes_to_write); 1433 if (bytes_written < 0) 1434 return (bytes_written); 1435 buff += bytes_written; 1436 size -= bytes_written; 1437 a->total_bytes_written += bytes_written; 1438 a->offset += bytes_written; 1439 a->fd_offset = a->offset; 1440 } 1441 return (start_size - size); 1442 } 1443 #else 1444 static ssize_t 1445 hfs_write_data_block(struct archive_write_disk *a, const char *buff, 1446 size_t size) 1447 { 1448 return (write_data_block(a, buff, size)); 1449 } 1450 #endif 1451 1452 static ssize_t 1453 _archive_write_disk_data_block(struct archive *_a, 1454 const void *buff, size_t size, int64_t offset) 1455 { 1456 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1457 ssize_t r; 1458 1459 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1460 ARCHIVE_STATE_DATA, "archive_write_data_block"); 1461 1462 a->offset = offset; 1463 if (a->todo & TODO_HFS_COMPRESSION) 1464 r = hfs_write_data_block(a, buff, size); 1465 else 1466 r = write_data_block(a, buff, size); 1467 if (r < ARCHIVE_OK) 1468 return (r); 1469 if ((size_t)r < size) { 1470 archive_set_error(&a->archive, 0, 1471 "Too much data: Truncating file at %ju bytes", (uintmax_t)a->filesize); 1472 return (ARCHIVE_WARN); 1473 } 1474 #if ARCHIVE_VERSION_NUMBER < 3999000 1475 return (ARCHIVE_OK); 1476 #else 1477 return (size); 1478 #endif 1479 } 1480 1481 static ssize_t 1482 _archive_write_disk_data(struct archive *_a, const void *buff, size_t size) 1483 { 1484 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1485 1486 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1487 ARCHIVE_STATE_DATA, "archive_write_data"); 1488 1489 if (a->todo & TODO_HFS_COMPRESSION) 1490 return (hfs_write_data_block(a, buff, size)); 1491 return (write_data_block(a, buff, size)); 1492 } 1493 1494 static int 1495 _archive_write_disk_finish_entry(struct archive *_a) 1496 { 1497 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1498 int ret = ARCHIVE_OK; 1499 1500 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1501 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 1502 "archive_write_finish_entry"); 1503 if (a->archive.state & ARCHIVE_STATE_HEADER) 1504 return (ARCHIVE_OK); 1505 archive_clear_error(&a->archive); 1506 1507 /* Pad or truncate file to the right size. */ 1508 if (a->fd < 0) { 1509 /* There's no file. */ 1510 } else if (a->filesize < 0) { 1511 /* File size is unknown, so we can't set the size. */ 1512 } else if (a->fd_offset == a->filesize) { 1513 /* Last write ended at exactly the filesize; we're done. */ 1514 /* Hopefully, this is the common case. */ 1515 #if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 1516 } else if (a->todo & TODO_HFS_COMPRESSION) { 1517 char null_d[1024]; 1518 ssize_t r; 1519 1520 if (a->file_remaining_bytes) 1521 memset(null_d, 0, sizeof(null_d)); 1522 while (a->file_remaining_bytes) { 1523 if (a->file_remaining_bytes > sizeof(null_d)) 1524 r = hfs_write_data_block( 1525 a, null_d, sizeof(null_d)); 1526 else 1527 r = hfs_write_data_block( 1528 a, null_d, a->file_remaining_bytes); 1529 if (r < 0) 1530 return ((int)r); 1531 } 1532 #endif 1533 } else { 1534 #if HAVE_FTRUNCATE 1535 if (ftruncate(a->fd, a->filesize) == -1 && 1536 a->filesize == 0) { 1537 archive_set_error(&a->archive, errno, 1538 "File size could not be restored"); 1539 return (ARCHIVE_FAILED); 1540 } 1541 #endif 1542 /* 1543 * Not all platforms implement the XSI option to 1544 * extend files via ftruncate. Stat() the file again 1545 * to see what happened. 1546 */ 1547 a->pst = NULL; 1548 if ((ret = lazy_stat(a)) != ARCHIVE_OK) 1549 return (ret); 1550 /* We can use lseek()/write() to extend the file if 1551 * ftruncate didn't work or isn't available. */ 1552 if (a->st.st_size < a->filesize) { 1553 const char nul = '\0'; 1554 if (lseek(a->fd, a->filesize - 1, SEEK_SET) < 0) { 1555 archive_set_error(&a->archive, errno, 1556 "Seek failed"); 1557 return (ARCHIVE_FATAL); 1558 } 1559 if (write(a->fd, &nul, 1) < 0) { 1560 archive_set_error(&a->archive, errno, 1561 "Write to restore size failed"); 1562 return (ARCHIVE_FATAL); 1563 } 1564 a->pst = NULL; 1565 } 1566 } 1567 1568 /* Restore metadata. */ 1569 1570 /* 1571 * This is specific to Mac OS X. 1572 * If the current file is an AppleDouble file, it should be 1573 * linked with the data fork file and remove it. 1574 */ 1575 if (a->todo & TODO_APPLEDOUBLE) { 1576 int r2 = fixup_appledouble(a, a->name); 1577 if (r2 == ARCHIVE_EOF) { 1578 /* The current file has been successfully linked 1579 * with the data fork file and removed. So there 1580 * is nothing to do on the current file. */ 1581 goto finish_metadata; 1582 } 1583 if (r2 < ret) ret = r2; 1584 } 1585 1586 /* 1587 * Look up the "real" UID only if we're going to need it. 1588 * TODO: the TODO_SGID condition can be dropped here, can't it? 1589 */ 1590 if (a->todo & (TODO_OWNER | TODO_SUID | TODO_SGID)) { 1591 a->uid = archive_write_disk_uid(&a->archive, 1592 archive_entry_uname(a->entry), 1593 archive_entry_uid(a->entry)); 1594 } 1595 /* Look up the "real" GID only if we're going to need it. */ 1596 /* TODO: the TODO_SUID condition can be dropped here, can't it? */ 1597 if (a->todo & (TODO_OWNER | TODO_SGID | TODO_SUID)) { 1598 a->gid = archive_write_disk_gid(&a->archive, 1599 archive_entry_gname(a->entry), 1600 archive_entry_gid(a->entry)); 1601 } 1602 1603 /* 1604 * Restore ownership before set_mode tries to restore suid/sgid 1605 * bits. If we set the owner, we know what it is and can skip 1606 * a stat() call to examine the ownership of the file on disk. 1607 */ 1608 if (a->todo & TODO_OWNER) { 1609 int r2 = set_ownership(a); 1610 if (r2 < ret) ret = r2; 1611 } 1612 1613 /* 1614 * set_mode must precede ACLs on systems such as Solaris and 1615 * FreeBSD where setting the mode implicitly clears extended ACLs 1616 */ 1617 if (a->todo & TODO_MODE) { 1618 int r2 = set_mode(a, a->mode); 1619 if (r2 < ret) ret = r2; 1620 } 1621 1622 /* 1623 * Security-related extended attributes (such as 1624 * security.capability on Linux) have to be restored last, 1625 * since they're implicitly removed by other file changes. 1626 */ 1627 if (a->todo & TODO_XATTR) { 1628 int r2 = set_xattrs(a); 1629 if (r2 < ret) ret = r2; 1630 } 1631 1632 /* 1633 * Some flags prevent file modification; they must be restored after 1634 * file contents are written. 1635 */ 1636 if (a->todo & TODO_FFLAGS) { 1637 int r2 = set_fflags(a); 1638 if (r2 < ret) ret = r2; 1639 } 1640 1641 /* 1642 * Time must follow most other metadata; 1643 * otherwise atime will get changed. 1644 */ 1645 if (a->todo & TODO_TIMES) { 1646 int r2 = set_times_from_entry(a); 1647 if (r2 < ret) ret = r2; 1648 } 1649 1650 /* 1651 * Mac extended metadata includes ACLs. 1652 */ 1653 if (a->todo & TODO_MAC_METADATA) { 1654 const void *metadata; 1655 size_t metadata_size; 1656 metadata = archive_entry_mac_metadata(a->entry, &metadata_size); 1657 if (metadata != NULL && metadata_size > 0) { 1658 int r2 = set_mac_metadata(a, archive_entry_pathname( 1659 a->entry), metadata, metadata_size); 1660 if (r2 < ret) ret = r2; 1661 } 1662 } 1663 1664 /* 1665 * ACLs must be restored after timestamps because there are 1666 * ACLs that prevent attribute changes (including time). 1667 */ 1668 if (a->todo & TODO_ACLS) { 1669 int r2 = archive_write_disk_set_acls(&a->archive, a->fd, 1670 archive_entry_pathname(a->entry), 1671 archive_entry_acl(a->entry)); 1672 if (r2 < ret) ret = r2; 1673 } 1674 1675 finish_metadata: 1676 /* If there's an fd, we can close it now. */ 1677 if (a->fd >= 0) { 1678 close(a->fd); 1679 a->fd = -1; 1680 } 1681 /* If there's an entry, we can release it now. */ 1682 if (a->entry) { 1683 archive_entry_free(a->entry); 1684 a->entry = NULL; 1685 } 1686 a->archive.state = ARCHIVE_STATE_HEADER; 1687 return (ret); 1688 } 1689 1690 int 1691 archive_write_disk_set_group_lookup(struct archive *_a, 1692 void *private_data, 1693 int64_t (*lookup_gid)(void *private, const char *gname, int64_t gid), 1694 void (*cleanup_gid)(void *private)) 1695 { 1696 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1697 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1698 ARCHIVE_STATE_ANY, "archive_write_disk_set_group_lookup"); 1699 1700 if (a->cleanup_gid != NULL && a->lookup_gid_data != NULL) 1701 (a->cleanup_gid)(a->lookup_gid_data); 1702 1703 a->lookup_gid = lookup_gid; 1704 a->cleanup_gid = cleanup_gid; 1705 a->lookup_gid_data = private_data; 1706 return (ARCHIVE_OK); 1707 } 1708 1709 int 1710 archive_write_disk_set_user_lookup(struct archive *_a, 1711 void *private_data, 1712 int64_t (*lookup_uid)(void *private, const char *uname, int64_t uid), 1713 void (*cleanup_uid)(void *private)) 1714 { 1715 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1716 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1717 ARCHIVE_STATE_ANY, "archive_write_disk_set_user_lookup"); 1718 1719 if (a->cleanup_uid != NULL && a->lookup_uid_data != NULL) 1720 (a->cleanup_uid)(a->lookup_uid_data); 1721 1722 a->lookup_uid = lookup_uid; 1723 a->cleanup_uid = cleanup_uid; 1724 a->lookup_uid_data = private_data; 1725 return (ARCHIVE_OK); 1726 } 1727 1728 int64_t 1729 archive_write_disk_gid(struct archive *_a, const char *name, int64_t id) 1730 { 1731 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1732 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1733 ARCHIVE_STATE_ANY, "archive_write_disk_gid"); 1734 if (a->lookup_gid) 1735 return (a->lookup_gid)(a->lookup_gid_data, name, id); 1736 return (id); 1737 } 1738 1739 int64_t 1740 archive_write_disk_uid(struct archive *_a, const char *name, int64_t id) 1741 { 1742 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1743 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1744 ARCHIVE_STATE_ANY, "archive_write_disk_uid"); 1745 if (a->lookup_uid) 1746 return (a->lookup_uid)(a->lookup_uid_data, name, id); 1747 return (id); 1748 } 1749 1750 /* 1751 * Create a new archive_write_disk object and initialize it with global state. 1752 */ 1753 struct archive * 1754 archive_write_disk_new(void) 1755 { 1756 struct archive_write_disk *a; 1757 1758 a = (struct archive_write_disk *)malloc(sizeof(*a)); 1759 if (a == NULL) 1760 return (NULL); 1761 memset(a, 0, sizeof(*a)); 1762 a->archive.magic = ARCHIVE_WRITE_DISK_MAGIC; 1763 /* We're ready to write a header immediately. */ 1764 a->archive.state = ARCHIVE_STATE_HEADER; 1765 a->archive.vtable = archive_write_disk_vtable(); 1766 a->start_time = time(NULL); 1767 /* Query and restore the umask. */ 1768 umask(a->user_umask = umask(0)); 1769 #ifdef HAVE_GETEUID 1770 a->user_uid = geteuid(); 1771 #endif /* HAVE_GETEUID */ 1772 if (archive_string_ensure(&a->path_safe, 512) == NULL) { 1773 free(a); 1774 return (NULL); 1775 } 1776 #ifdef HAVE_ZLIB_H 1777 a->decmpfs_compression_level = 5; 1778 #endif 1779 return (&a->archive); 1780 } 1781 1782 1783 /* 1784 * If pathname is longer than PATH_MAX, chdir to a suitable 1785 * intermediate dir and edit the path down to a shorter suffix. Note 1786 * that this routine never returns an error; if the chdir() attempt 1787 * fails for any reason, we just go ahead with the long pathname. The 1788 * object creation is likely to fail, but any error will get handled 1789 * at that time. 1790 */ 1791 #if defined(HAVE_FCHDIR) && defined(PATH_MAX) 1792 static void 1793 edit_deep_directories(struct archive_write_disk *a) 1794 { 1795 int ret; 1796 char *tail = a->name; 1797 1798 /* If path is short, avoid the open() below. */ 1799 if (strlen(tail) <= PATH_MAX) 1800 return; 1801 1802 /* Try to record our starting dir. */ 1803 a->restore_pwd = open(".", O_RDONLY | O_BINARY | O_CLOEXEC); 1804 __archive_ensure_cloexec_flag(a->restore_pwd); 1805 if (a->restore_pwd < 0) 1806 return; 1807 1808 /* As long as the path is too long... */ 1809 while (strlen(tail) > PATH_MAX) { 1810 /* Locate a dir prefix shorter than PATH_MAX. */ 1811 tail += PATH_MAX - 8; 1812 while (tail > a->name && *tail != '/') 1813 tail--; 1814 /* Exit if we find a too-long path component. */ 1815 if (tail <= a->name) 1816 return; 1817 /* Create the intermediate dir and chdir to it. */ 1818 *tail = '\0'; /* Terminate dir portion */ 1819 ret = create_dir(a, a->name); 1820 if (ret == ARCHIVE_OK && chdir(a->name) != 0) 1821 ret = ARCHIVE_FAILED; 1822 *tail = '/'; /* Restore the / we removed. */ 1823 if (ret != ARCHIVE_OK) 1824 return; 1825 tail++; 1826 /* The chdir() succeeded; we've now shortened the path. */ 1827 a->name = tail; 1828 } 1829 return; 1830 } 1831 #endif 1832 1833 /* 1834 * The main restore function. 1835 */ 1836 static int 1837 restore_entry(struct archive_write_disk *a) 1838 { 1839 int ret = ARCHIVE_OK, en; 1840 1841 if (a->flags & ARCHIVE_EXTRACT_UNLINK && !S_ISDIR(a->mode)) { 1842 /* 1843 * TODO: Fix this. Apparently, there are platforms 1844 * that still allow root to hose the entire filesystem 1845 * by unlinking a dir. The S_ISDIR() test above 1846 * prevents us from using unlink() here if the new 1847 * object is a dir, but that doesn't mean the old 1848 * object isn't a dir. 1849 */ 1850 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 1851 (void)clear_nochange_fflags(a); 1852 if (unlink(a->name) == 0) { 1853 /* We removed it, reset cached stat. */ 1854 a->pst = NULL; 1855 } else if (errno == ENOENT) { 1856 /* File didn't exist, that's just as good. */ 1857 } else if (rmdir(a->name) == 0) { 1858 /* It was a dir, but now it's gone. */ 1859 a->pst = NULL; 1860 } else { 1861 /* We tried, but couldn't get rid of it. */ 1862 archive_set_error(&a->archive, errno, 1863 "Could not unlink"); 1864 return(ARCHIVE_FAILED); 1865 } 1866 } 1867 1868 /* Try creating it first; if this fails, we'll try to recover. */ 1869 en = create_filesystem_object(a); 1870 1871 if ((en == ENOTDIR || en == ENOENT) 1872 && !(a->flags & ARCHIVE_EXTRACT_NO_AUTODIR)) { 1873 /* If the parent dir doesn't exist, try creating it. */ 1874 create_parent_dir(a, a->name); 1875 /* Now try to create the object again. */ 1876 en = create_filesystem_object(a); 1877 } 1878 1879 if ((en == ENOENT) && (archive_entry_hardlink(a->entry) != NULL)) { 1880 archive_set_error(&a->archive, en, 1881 "Hard-link target '%s' does not exist.", 1882 archive_entry_hardlink(a->entry)); 1883 return (ARCHIVE_FAILED); 1884 } 1885 1886 if ((en == EISDIR || en == EEXIST) 1887 && (a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE)) { 1888 /* If we're not overwriting, we're done. */ 1889 archive_entry_unset_size(a->entry); 1890 return (ARCHIVE_OK); 1891 } 1892 1893 /* 1894 * Some platforms return EISDIR if you call 1895 * open(O_WRONLY | O_EXCL | O_CREAT) on a directory, some 1896 * return EEXIST. POSIX is ambiguous, requiring EISDIR 1897 * for open(O_WRONLY) on a dir and EEXIST for open(O_EXCL | O_CREAT) 1898 * on an existing item. 1899 */ 1900 if (en == EISDIR) { 1901 /* A dir is in the way of a non-dir, rmdir it. */ 1902 if (rmdir(a->name) != 0) { 1903 archive_set_error(&a->archive, errno, 1904 "Can't remove already-existing dir"); 1905 return (ARCHIVE_FAILED); 1906 } 1907 a->pst = NULL; 1908 /* Try again. */ 1909 en = create_filesystem_object(a); 1910 } else if (en == EEXIST) { 1911 /* 1912 * We know something is in the way, but we don't know what; 1913 * we need to find out before we go any further. 1914 */ 1915 int r = 0; 1916 /* 1917 * The SECURE_SYMLINKS logic has already removed a 1918 * symlink to a dir if the client wants that. So 1919 * follow the symlink if we're creating a dir. 1920 */ 1921 if (S_ISDIR(a->mode)) 1922 r = stat(a->name, &a->st); 1923 /* 1924 * If it's not a dir (or it's a broken symlink), 1925 * then don't follow it. 1926 */ 1927 if (r != 0 || !S_ISDIR(a->mode)) 1928 r = lstat(a->name, &a->st); 1929 if (r != 0) { 1930 archive_set_error(&a->archive, errno, 1931 "Can't stat existing object"); 1932 return (ARCHIVE_FAILED); 1933 } 1934 1935 /* 1936 * NO_OVERWRITE_NEWER doesn't apply to directories. 1937 */ 1938 if ((a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER) 1939 && !S_ISDIR(a->st.st_mode)) { 1940 if (!older(&(a->st), a->entry)) { 1941 archive_entry_unset_size(a->entry); 1942 return (ARCHIVE_OK); 1943 } 1944 } 1945 1946 /* If it's our archive, we're done. */ 1947 if (a->skip_file_set && 1948 a->st.st_dev == (dev_t)a->skip_file_dev && 1949 a->st.st_ino == (ino_t)a->skip_file_ino) { 1950 archive_set_error(&a->archive, 0, 1951 "Refusing to overwrite archive"); 1952 return (ARCHIVE_FAILED); 1953 } 1954 1955 if (!S_ISDIR(a->st.st_mode)) { 1956 /* A non-dir is in the way, unlink it. */ 1957 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 1958 (void)clear_nochange_fflags(a); 1959 if (unlink(a->name) != 0) { 1960 archive_set_error(&a->archive, errno, 1961 "Can't unlink already-existing object"); 1962 return (ARCHIVE_FAILED); 1963 } 1964 a->pst = NULL; 1965 /* Try again. */ 1966 en = create_filesystem_object(a); 1967 } else if (!S_ISDIR(a->mode)) { 1968 /* A dir is in the way of a non-dir, rmdir it. */ 1969 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 1970 (void)clear_nochange_fflags(a); 1971 if (rmdir(a->name) != 0) { 1972 archive_set_error(&a->archive, errno, 1973 "Can't replace existing directory with non-directory"); 1974 return (ARCHIVE_FAILED); 1975 } 1976 /* Try again. */ 1977 en = create_filesystem_object(a); 1978 } else { 1979 /* 1980 * There's a dir in the way of a dir. Don't 1981 * waste time with rmdir()/mkdir(), just fix 1982 * up the permissions on the existing dir. 1983 * Note that we don't change perms on existing 1984 * dirs unless _EXTRACT_PERM is specified. 1985 */ 1986 if ((a->mode != a->st.st_mode) 1987 && (a->todo & TODO_MODE_FORCE)) 1988 a->deferred |= (a->todo & TODO_MODE); 1989 /* Ownership doesn't need deferred fixup. */ 1990 en = 0; /* Forget the EEXIST. */ 1991 } 1992 } 1993 1994 if (en) { 1995 /* Everything failed; give up here. */ 1996 archive_set_error(&a->archive, en, "Can't create '%s'", 1997 a->name); 1998 return (ARCHIVE_FAILED); 1999 } 2000 2001 a->pst = NULL; /* Cached stat data no longer valid. */ 2002 return (ret); 2003 } 2004 2005 /* 2006 * Returns 0 if creation succeeds, or else returns errno value from 2007 * the failed system call. Note: This function should only ever perform 2008 * a single system call. 2009 */ 2010 static int 2011 create_filesystem_object(struct archive_write_disk *a) 2012 { 2013 /* Create the entry. */ 2014 const char *linkname; 2015 mode_t final_mode, mode; 2016 int r; 2017 2018 /* We identify hard/symlinks according to the link names. */ 2019 /* Since link(2) and symlink(2) don't handle modes, we're done here. */ 2020 linkname = archive_entry_hardlink(a->entry); 2021 if (linkname != NULL) { 2022 #if !HAVE_LINK 2023 return (EPERM); 2024 #else 2025 r = link(linkname, a->name) ? errno : 0; 2026 /* 2027 * New cpio and pax formats allow hardlink entries 2028 * to carry data, so we may have to open the file 2029 * for hardlink entries. 2030 * 2031 * If the hardlink was successfully created and 2032 * the archive doesn't have carry data for it, 2033 * consider it to be non-authoritative for meta data. 2034 * This is consistent with GNU tar and BSD pax. 2035 * If the hardlink does carry data, let the last 2036 * archive entry decide ownership. 2037 */ 2038 if (r == 0 && a->filesize <= 0) { 2039 a->todo = 0; 2040 a->deferred = 0; 2041 } else if (r == 0 && a->filesize > 0) { 2042 a->fd = open(a->name, 2043 O_WRONLY | O_TRUNC | O_BINARY | O_CLOEXEC); 2044 __archive_ensure_cloexec_flag(a->fd); 2045 if (a->fd < 0) 2046 r = errno; 2047 } 2048 return (r); 2049 #endif 2050 } 2051 linkname = archive_entry_symlink(a->entry); 2052 if (linkname != NULL) { 2053 #if HAVE_SYMLINK 2054 return symlink(linkname, a->name) ? errno : 0; 2055 #else 2056 return (EPERM); 2057 #endif 2058 } 2059 2060 /* 2061 * The remaining system calls all set permissions, so let's 2062 * try to take advantage of that to avoid an extra chmod() 2063 * call. (Recall that umask is set to zero right now!) 2064 */ 2065 2066 /* Mode we want for the final restored object (w/o file type bits). */ 2067 final_mode = a->mode & 07777; 2068 /* 2069 * The mode that will actually be restored in this step. Note 2070 * that SUID, SGID, etc, require additional work to ensure 2071 * security, so we never restore them at this point. 2072 */ 2073 mode = final_mode & 0777 & ~a->user_umask; 2074 2075 switch (a->mode & AE_IFMT) { 2076 default: 2077 /* POSIX requires that we fall through here. */ 2078 /* FALLTHROUGH */ 2079 case AE_IFREG: 2080 a->fd = open(a->name, 2081 O_WRONLY | O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC, mode); 2082 __archive_ensure_cloexec_flag(a->fd); 2083 r = (a->fd < 0); 2084 break; 2085 case AE_IFCHR: 2086 #ifdef HAVE_MKNOD 2087 /* Note: we use AE_IFCHR for the case label, and 2088 * S_IFCHR for the mknod() call. This is correct. */ 2089 r = mknod(a->name, mode | S_IFCHR, 2090 archive_entry_rdev(a->entry)); 2091 break; 2092 #else 2093 /* TODO: Find a better way to warn about our inability 2094 * to restore a char device node. */ 2095 return (EINVAL); 2096 #endif /* HAVE_MKNOD */ 2097 case AE_IFBLK: 2098 #ifdef HAVE_MKNOD 2099 r = mknod(a->name, mode | S_IFBLK, 2100 archive_entry_rdev(a->entry)); 2101 break; 2102 #else 2103 /* TODO: Find a better way to warn about our inability 2104 * to restore a block device node. */ 2105 return (EINVAL); 2106 #endif /* HAVE_MKNOD */ 2107 case AE_IFDIR: 2108 mode = (mode | MINIMUM_DIR_MODE) & MAXIMUM_DIR_MODE; 2109 r = mkdir(a->name, mode); 2110 if (r == 0) { 2111 /* Defer setting dir times. */ 2112 a->deferred |= (a->todo & TODO_TIMES); 2113 a->todo &= ~TODO_TIMES; 2114 /* Never use an immediate chmod(). */ 2115 /* We can't avoid the chmod() entirely if EXTRACT_PERM 2116 * because of SysV SGID inheritance. */ 2117 if ((mode != final_mode) 2118 || (a->flags & ARCHIVE_EXTRACT_PERM)) 2119 a->deferred |= (a->todo & TODO_MODE); 2120 a->todo &= ~TODO_MODE; 2121 } 2122 break; 2123 case AE_IFIFO: 2124 #ifdef HAVE_MKFIFO 2125 r = mkfifo(a->name, mode); 2126 break; 2127 #else 2128 /* TODO: Find a better way to warn about our inability 2129 * to restore a fifo. */ 2130 return (EINVAL); 2131 #endif /* HAVE_MKFIFO */ 2132 } 2133 2134 /* All the system calls above set errno on failure. */ 2135 if (r) 2136 return (errno); 2137 2138 /* If we managed to set the final mode, we've avoided a chmod(). */ 2139 if (mode == final_mode) 2140 a->todo &= ~TODO_MODE; 2141 return (0); 2142 } 2143 2144 /* 2145 * Cleanup function for archive_extract. Mostly, this involves processing 2146 * the fixup list, which is used to address a number of problems: 2147 * * Dir permissions might prevent us from restoring a file in that 2148 * dir, so we restore the dir with minimum 0700 permissions first, 2149 * then correct the mode at the end. 2150 * * Similarly, the act of restoring a file touches the directory 2151 * and changes the timestamp on the dir, so we have to touch-up dir 2152 * timestamps at the end as well. 2153 * * Some file flags can interfere with the restore by, for example, 2154 * preventing the creation of hardlinks to those files. 2155 * * Mac OS extended metadata includes ACLs, so must be deferred on dirs. 2156 * 2157 * Note that tar/cpio do not require that archives be in a particular 2158 * order; there is no way to know when the last file has been restored 2159 * within a directory, so there's no way to optimize the memory usage 2160 * here by fixing up the directory any earlier than the 2161 * end-of-archive. 2162 * 2163 * XXX TODO: Directory ACLs should be restored here, for the same 2164 * reason we set directory perms here. XXX 2165 */ 2166 static int 2167 _archive_write_disk_close(struct archive *_a) 2168 { 2169 struct archive_write_disk *a = (struct archive_write_disk *)_a; 2170 struct fixup_entry *next, *p; 2171 int ret; 2172 2173 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 2174 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 2175 "archive_write_disk_close"); 2176 ret = _archive_write_disk_finish_entry(&a->archive); 2177 2178 /* Sort dir list so directories are fixed up in depth-first order. */ 2179 p = sort_dir_list(a->fixup_list); 2180 2181 while (p != NULL) { 2182 a->pst = NULL; /* Mark stat cache as out-of-date. */ 2183 if (p->fixup & TODO_TIMES) { 2184 set_times(a, -1, p->mode, p->name, 2185 p->atime, p->atime_nanos, 2186 p->birthtime, p->birthtime_nanos, 2187 p->mtime, p->mtime_nanos, 2188 p->ctime, p->ctime_nanos); 2189 } 2190 if (p->fixup & TODO_MODE_BASE) 2191 chmod(p->name, p->mode); 2192 if (p->fixup & TODO_ACLS) 2193 archive_write_disk_set_acls(&a->archive, 2194 -1, p->name, &p->acl); 2195 if (p->fixup & TODO_FFLAGS) 2196 set_fflags_platform(a, -1, p->name, 2197 p->mode, p->fflags_set, 0); 2198 if (p->fixup & TODO_MAC_METADATA) 2199 set_mac_metadata(a, p->name, p->mac_metadata, 2200 p->mac_metadata_size); 2201 next = p->next; 2202 archive_acl_clear(&p->acl); 2203 free(p->mac_metadata); 2204 free(p->name); 2205 free(p); 2206 p = next; 2207 } 2208 a->fixup_list = NULL; 2209 return (ret); 2210 } 2211 2212 static int 2213 _archive_write_disk_free(struct archive *_a) 2214 { 2215 struct archive_write_disk *a; 2216 int ret; 2217 if (_a == NULL) 2218 return (ARCHIVE_OK); 2219 archive_check_magic(_a, ARCHIVE_WRITE_DISK_MAGIC, 2220 ARCHIVE_STATE_ANY | ARCHIVE_STATE_FATAL, "archive_write_disk_free"); 2221 a = (struct archive_write_disk *)_a; 2222 ret = _archive_write_disk_close(&a->archive); 2223 archive_write_disk_set_group_lookup(&a->archive, NULL, NULL, NULL); 2224 archive_write_disk_set_user_lookup(&a->archive, NULL, NULL, NULL); 2225 if (a->entry) 2226 archive_entry_free(a->entry); 2227 archive_string_free(&a->_name_data); 2228 archive_string_free(&a->archive.error_string); 2229 archive_string_free(&a->path_safe); 2230 a->archive.magic = 0; 2231 __archive_clean(&a->archive); 2232 free(a->decmpfs_header_p); 2233 free(a->resource_fork); 2234 free(a->compressed_buffer); 2235 free(a->uncompressed_buffer); 2236 #if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_SYS_XATTR_H)\ 2237 && defined(HAVE_ZLIB_H) 2238 if (a->stream_valid) { 2239 switch (deflateEnd(&a->stream)) { 2240 case Z_OK: 2241 break; 2242 default: 2243 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2244 "Failed to clean up compressor"); 2245 ret = ARCHIVE_FATAL; 2246 break; 2247 } 2248 } 2249 #endif 2250 free(a); 2251 return (ret); 2252 } 2253 2254 /* 2255 * Simple O(n log n) merge sort to order the fixup list. In 2256 * particular, we want to restore dir timestamps depth-first. 2257 */ 2258 static struct fixup_entry * 2259 sort_dir_list(struct fixup_entry *p) 2260 { 2261 struct fixup_entry *a, *b, *t; 2262 2263 if (p == NULL) 2264 return (NULL); 2265 /* A one-item list is already sorted. */ 2266 if (p->next == NULL) 2267 return (p); 2268 2269 /* Step 1: split the list. */ 2270 t = p; 2271 a = p->next->next; 2272 while (a != NULL) { 2273 /* Step a twice, t once. */ 2274 a = a->next; 2275 if (a != NULL) 2276 a = a->next; 2277 t = t->next; 2278 } 2279 /* Now, t is at the mid-point, so break the list here. */ 2280 b = t->next; 2281 t->next = NULL; 2282 a = p; 2283 2284 /* Step 2: Recursively sort the two sub-lists. */ 2285 a = sort_dir_list(a); 2286 b = sort_dir_list(b); 2287 2288 /* Step 3: Merge the returned lists. */ 2289 /* Pick the first element for the merged list. */ 2290 if (strcmp(a->name, b->name) > 0) { 2291 t = p = a; 2292 a = a->next; 2293 } else { 2294 t = p = b; 2295 b = b->next; 2296 } 2297 2298 /* Always put the later element on the list first. */ 2299 while (a != NULL && b != NULL) { 2300 if (strcmp(a->name, b->name) > 0) { 2301 t->next = a; 2302 a = a->next; 2303 } else { 2304 t->next = b; 2305 b = b->next; 2306 } 2307 t = t->next; 2308 } 2309 2310 /* Only one list is non-empty, so just splice it on. */ 2311 if (a != NULL) 2312 t->next = a; 2313 if (b != NULL) 2314 t->next = b; 2315 2316 return (p); 2317 } 2318 2319 /* 2320 * Returns a new, initialized fixup entry. 2321 * 2322 * TODO: Reduce the memory requirements for this list by using a tree 2323 * structure rather than a simple list of names. 2324 */ 2325 static struct fixup_entry * 2326 new_fixup(struct archive_write_disk *a, const char *pathname) 2327 { 2328 struct fixup_entry *fe; 2329 2330 fe = (struct fixup_entry *)calloc(1, sizeof(struct fixup_entry)); 2331 if (fe == NULL) { 2332 archive_set_error(&a->archive, ENOMEM, 2333 "Can't allocate memory for a fixup"); 2334 return (NULL); 2335 } 2336 fe->next = a->fixup_list; 2337 a->fixup_list = fe; 2338 fe->fixup = 0; 2339 fe->name = strdup(pathname); 2340 return (fe); 2341 } 2342 2343 /* 2344 * Returns a fixup structure for the current entry. 2345 */ 2346 static struct fixup_entry * 2347 current_fixup(struct archive_write_disk *a, const char *pathname) 2348 { 2349 if (a->current_fixup == NULL) 2350 a->current_fixup = new_fixup(a, pathname); 2351 return (a->current_fixup); 2352 } 2353 2354 /* TODO: Make this work. */ 2355 /* 2356 * TODO: The deep-directory support bypasses this; disable deep directory 2357 * support if we're doing symlink checks. 2358 */ 2359 /* 2360 * TODO: Someday, integrate this with the deep dir support; they both 2361 * scan the path and both can be optimized by comparing against other 2362 * recent paths. 2363 */ 2364 /* TODO: Extend this to support symlinks on Windows Vista and later. */ 2365 static int 2366 check_symlinks(struct archive_write_disk *a) 2367 { 2368 #if !defined(HAVE_LSTAT) 2369 /* Platform doesn't have lstat, so we can't look for symlinks. */ 2370 (void)a; /* UNUSED */ 2371 return (ARCHIVE_OK); 2372 #else 2373 char *pn; 2374 char c; 2375 int r; 2376 struct stat st; 2377 2378 /* 2379 * Guard against symlink tricks. Reject any archive entry whose 2380 * destination would be altered by a symlink. 2381 */ 2382 /* Whatever we checked last time doesn't need to be re-checked. */ 2383 pn = a->name; 2384 if (archive_strlen(&(a->path_safe)) > 0) { 2385 char *p = a->path_safe.s; 2386 while ((*pn != '\0') && (*p == *pn)) 2387 ++p, ++pn; 2388 } 2389 /* Skip the root directory if the path is absolute. */ 2390 if(pn == a->name && pn[0] == '/') 2391 ++pn; 2392 c = pn[0]; 2393 /* Keep going until we've checked the entire name. */ 2394 while (pn[0] != '\0' && (pn[0] != '/' || pn[1] != '\0')) { 2395 /* Skip the next path element. */ 2396 while (*pn != '\0' && *pn != '/') 2397 ++pn; 2398 c = pn[0]; 2399 pn[0] = '\0'; 2400 /* Check that we haven't hit a symlink. */ 2401 r = lstat(a->name, &st); 2402 if (r != 0) { 2403 /* We've hit a dir that doesn't exist; stop now. */ 2404 if (errno == ENOENT) 2405 break; 2406 } else if (S_ISLNK(st.st_mode)) { 2407 if (c == '\0') { 2408 /* 2409 * Last element is symlink; remove it 2410 * so we can overwrite it with the 2411 * item being extracted. 2412 */ 2413 if (unlink(a->name)) { 2414 archive_set_error(&a->archive, errno, 2415 "Could not remove symlink %s", 2416 a->name); 2417 pn[0] = c; 2418 return (ARCHIVE_FAILED); 2419 } 2420 a->pst = NULL; 2421 /* 2422 * Even if we did remove it, a warning 2423 * is in order. The warning is silly, 2424 * though, if we're just replacing one 2425 * symlink with another symlink. 2426 */ 2427 if (!S_ISLNK(a->mode)) { 2428 archive_set_error(&a->archive, 0, 2429 "Removing symlink %s", 2430 a->name); 2431 } 2432 /* Symlink gone. No more problem! */ 2433 pn[0] = c; 2434 return (0); 2435 } else if (a->flags & ARCHIVE_EXTRACT_UNLINK) { 2436 /* User asked us to remove problems. */ 2437 if (unlink(a->name) != 0) { 2438 archive_set_error(&a->archive, 0, 2439 "Cannot remove intervening symlink %s", 2440 a->name); 2441 pn[0] = c; 2442 return (ARCHIVE_FAILED); 2443 } 2444 a->pst = NULL; 2445 } else { 2446 archive_set_error(&a->archive, 0, 2447 "Cannot extract through symlink %s", 2448 a->name); 2449 pn[0] = c; 2450 return (ARCHIVE_FAILED); 2451 } 2452 } 2453 pn[0] = c; 2454 if (pn[0] != '\0') 2455 pn++; /* Advance to the next segment. */ 2456 } 2457 pn[0] = c; 2458 /* We've checked and/or cleaned the whole path, so remember it. */ 2459 archive_strcpy(&a->path_safe, a->name); 2460 return (ARCHIVE_OK); 2461 #endif 2462 } 2463 2464 #if defined(__CYGWIN__) 2465 /* 2466 * 1. Convert a path separator from '\' to '/' . 2467 * We shouldn't check multibyte character directly because some 2468 * character-set have been using the '\' character for a part of 2469 * its multibyte character code. 2470 * 2. Replace unusable characters in Windows with underscore('_'). 2471 * See also : http://msdn.microsoft.com/en-us/library/aa365247.aspx 2472 */ 2473 static void 2474 cleanup_pathname_win(struct archive_write_disk *a) 2475 { 2476 wchar_t wc; 2477 char *p; 2478 size_t alen, l; 2479 int mb, complete, utf8; 2480 2481 alen = 0; 2482 mb = 0; 2483 complete = 1; 2484 utf8 = (strcmp(nl_langinfo(CODESET), "UTF-8") == 0)? 1: 0; 2485 for (p = a->name; *p != '\0'; p++) { 2486 ++alen; 2487 if (*p == '\\') { 2488 /* If previous byte is smaller than 128, 2489 * this is not second byte of multibyte characters, 2490 * so we can replace '\' with '/'. */ 2491 if (utf8 || !mb) 2492 *p = '/'; 2493 else 2494 complete = 0;/* uncompleted. */ 2495 } else if (*(unsigned char *)p > 127) 2496 mb = 1; 2497 else 2498 mb = 0; 2499 /* Rewrite the path name if its next character is unusable. */ 2500 if (*p == ':' || *p == '*' || *p == '?' || *p == '"' || 2501 *p == '<' || *p == '>' || *p == '|') 2502 *p = '_'; 2503 } 2504 if (complete) 2505 return; 2506 2507 /* 2508 * Convert path separator in wide-character. 2509 */ 2510 p = a->name; 2511 while (*p != '\0' && alen) { 2512 l = mbtowc(&wc, p, alen); 2513 if (l == (size_t)-1) { 2514 while (*p != '\0') { 2515 if (*p == '\\') 2516 *p = '/'; 2517 ++p; 2518 } 2519 break; 2520 } 2521 if (l == 1 && wc == L'\\') 2522 *p = '/'; 2523 p += l; 2524 alen -= l; 2525 } 2526 } 2527 #endif 2528 2529 /* 2530 * Canonicalize the pathname. In particular, this strips duplicate 2531 * '/' characters, '.' elements, and trailing '/'. It also raises an 2532 * error for an empty path, a trailing '..', (if _SECURE_NODOTDOT is 2533 * set) any '..' in the path or (if ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS 2534 * is set) if the path is absolute. 2535 */ 2536 static int 2537 cleanup_pathname(struct archive_write_disk *a) 2538 { 2539 char *dest, *src; 2540 char separator = '\0'; 2541 2542 dest = src = a->name; 2543 if (*src == '\0') { 2544 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2545 "Invalid empty pathname"); 2546 return (ARCHIVE_FAILED); 2547 } 2548 2549 #if defined(__CYGWIN__) 2550 cleanup_pathname_win(a); 2551 #endif 2552 /* Skip leading '/'. */ 2553 if (*src == '/') { 2554 if (a->flags & ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS) { 2555 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2556 "Path is absolute"); 2557 return (ARCHIVE_FAILED); 2558 } 2559 2560 separator = *src++; 2561 } 2562 2563 /* Scan the pathname one element at a time. */ 2564 for (;;) { 2565 /* src points to first char after '/' */ 2566 if (src[0] == '\0') { 2567 break; 2568 } else if (src[0] == '/') { 2569 /* Found '//', ignore second one. */ 2570 src++; 2571 continue; 2572 } else if (src[0] == '.') { 2573 if (src[1] == '\0') { 2574 /* Ignore trailing '.' */ 2575 break; 2576 } else if (src[1] == '/') { 2577 /* Skip './'. */ 2578 src += 2; 2579 continue; 2580 } else if (src[1] == '.') { 2581 if (src[2] == '/' || src[2] == '\0') { 2582 /* Conditionally warn about '..' */ 2583 if (a->flags & ARCHIVE_EXTRACT_SECURE_NODOTDOT) { 2584 archive_set_error(&a->archive, 2585 ARCHIVE_ERRNO_MISC, 2586 "Path contains '..'"); 2587 return (ARCHIVE_FAILED); 2588 } 2589 } 2590 /* 2591 * Note: Under no circumstances do we 2592 * remove '..' elements. In 2593 * particular, restoring 2594 * '/foo/../bar/' should create the 2595 * 'foo' dir as a side-effect. 2596 */ 2597 } 2598 } 2599 2600 /* Copy current element, including leading '/'. */ 2601 if (separator) 2602 *dest++ = '/'; 2603 while (*src != '\0' && *src != '/') { 2604 *dest++ = *src++; 2605 } 2606 2607 if (*src == '\0') 2608 break; 2609 2610 /* Skip '/' separator. */ 2611 separator = *src++; 2612 } 2613 /* 2614 * We've just copied zero or more path elements, not including the 2615 * final '/'. 2616 */ 2617 if (dest == a->name) { 2618 /* 2619 * Nothing got copied. The path must have been something 2620 * like '.' or '/' or './' or '/././././/./'. 2621 */ 2622 if (separator) 2623 *dest++ = '/'; 2624 else 2625 *dest++ = '.'; 2626 } 2627 /* Terminate the result. */ 2628 *dest = '\0'; 2629 return (ARCHIVE_OK); 2630 } 2631 2632 /* 2633 * Create the parent directory of the specified path, assuming path 2634 * is already in mutable storage. 2635 */ 2636 static int 2637 create_parent_dir(struct archive_write_disk *a, char *path) 2638 { 2639 char *slash; 2640 int r; 2641 2642 /* Remove tail element to obtain parent name. */ 2643 slash = strrchr(path, '/'); 2644 if (slash == NULL) 2645 return (ARCHIVE_OK); 2646 *slash = '\0'; 2647 r = create_dir(a, path); 2648 *slash = '/'; 2649 return (r); 2650 } 2651 2652 /* 2653 * Create the specified dir, recursing to create parents as necessary. 2654 * 2655 * Returns ARCHIVE_OK if the path exists when we're done here. 2656 * Otherwise, returns ARCHIVE_FAILED. 2657 * Assumes path is in mutable storage; path is unchanged on exit. 2658 */ 2659 static int 2660 create_dir(struct archive_write_disk *a, char *path) 2661 { 2662 struct stat st; 2663 struct fixup_entry *le; 2664 char *slash, *base; 2665 mode_t mode_final, mode; 2666 int r; 2667 2668 /* Check for special names and just skip them. */ 2669 slash = strrchr(path, '/'); 2670 if (slash == NULL) 2671 base = path; 2672 else 2673 base = slash + 1; 2674 2675 if (base[0] == '\0' || 2676 (base[0] == '.' && base[1] == '\0') || 2677 (base[0] == '.' && base[1] == '.' && base[2] == '\0')) { 2678 /* Don't bother trying to create null path, '.', or '..'. */ 2679 if (slash != NULL) { 2680 *slash = '\0'; 2681 r = create_dir(a, path); 2682 *slash = '/'; 2683 return (r); 2684 } 2685 return (ARCHIVE_OK); 2686 } 2687 2688 /* 2689 * Yes, this should be stat() and not lstat(). Using lstat() 2690 * here loses the ability to extract through symlinks. Also note 2691 * that this should not use the a->st cache. 2692 */ 2693 if (stat(path, &st) == 0) { 2694 if (S_ISDIR(st.st_mode)) 2695 return (ARCHIVE_OK); 2696 if ((a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE)) { 2697 archive_set_error(&a->archive, EEXIST, 2698 "Can't create directory '%s'", path); 2699 return (ARCHIVE_FAILED); 2700 } 2701 if (unlink(path) != 0) { 2702 archive_set_error(&a->archive, errno, 2703 "Can't create directory '%s': " 2704 "Conflicting file cannot be removed", 2705 path); 2706 return (ARCHIVE_FAILED); 2707 } 2708 } else if (errno != ENOENT && errno != ENOTDIR) { 2709 /* Stat failed? */ 2710 archive_set_error(&a->archive, errno, "Can't test directory '%s'", path); 2711 return (ARCHIVE_FAILED); 2712 } else if (slash != NULL) { 2713 *slash = '\0'; 2714 r = create_dir(a, path); 2715 *slash = '/'; 2716 if (r != ARCHIVE_OK) 2717 return (r); 2718 } 2719 2720 /* 2721 * Mode we want for the final restored directory. Per POSIX, 2722 * implicitly-created dirs must be created obeying the umask. 2723 * There's no mention whether this is different for privileged 2724 * restores (which the rest of this code handles by pretending 2725 * umask=0). I've chosen here to always obey the user's umask for 2726 * implicit dirs, even if _EXTRACT_PERM was specified. 2727 */ 2728 mode_final = DEFAULT_DIR_MODE & ~a->user_umask; 2729 /* Mode we want on disk during the restore process. */ 2730 mode = mode_final; 2731 mode |= MINIMUM_DIR_MODE; 2732 mode &= MAXIMUM_DIR_MODE; 2733 if (mkdir(path, mode) == 0) { 2734 if (mode != mode_final) { 2735 le = new_fixup(a, path); 2736 if (le == NULL) 2737 return (ARCHIVE_FATAL); 2738 le->fixup |=TODO_MODE_BASE; 2739 le->mode = mode_final; 2740 } 2741 return (ARCHIVE_OK); 2742 } 2743 2744 /* 2745 * Without the following check, a/b/../b/c/d fails at the 2746 * second visit to 'b', so 'd' can't be created. Note that we 2747 * don't add it to the fixup list here, as it's already been 2748 * added. 2749 */ 2750 if (stat(path, &st) == 0 && S_ISDIR(st.st_mode)) 2751 return (ARCHIVE_OK); 2752 2753 archive_set_error(&a->archive, errno, "Failed to create dir '%s'", 2754 path); 2755 return (ARCHIVE_FAILED); 2756 } 2757 2758 /* 2759 * Note: Although we can skip setting the user id if the desired user 2760 * id matches the current user, we cannot skip setting the group, as 2761 * many systems set the gid based on the containing directory. So 2762 * we have to perform a chown syscall if we want to set the SGID 2763 * bit. (The alternative is to stat() and then possibly chown(); it's 2764 * more efficient to skip the stat() and just always chown().) Note 2765 * that a successful chown() here clears the TODO_SGID_CHECK bit, which 2766 * allows set_mode to skip the stat() check for the GID. 2767 */ 2768 static int 2769 set_ownership(struct archive_write_disk *a) 2770 { 2771 #ifndef __CYGWIN__ 2772 /* unfortunately, on win32 there is no 'root' user with uid 0, 2773 so we just have to try the chown and see if it works */ 2774 2775 /* If we know we can't change it, don't bother trying. */ 2776 if (a->user_uid != 0 && a->user_uid != a->uid) { 2777 archive_set_error(&a->archive, errno, 2778 "Can't set UID=%jd", (intmax_t)a->uid); 2779 return (ARCHIVE_WARN); 2780 } 2781 #endif 2782 2783 #ifdef HAVE_FCHOWN 2784 /* If we have an fd, we can avoid a race. */ 2785 if (a->fd >= 0 && fchown(a->fd, a->uid, a->gid) == 0) { 2786 /* We've set owner and know uid/gid are correct. */ 2787 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 2788 return (ARCHIVE_OK); 2789 } 2790 #endif 2791 2792 /* We prefer lchown() but will use chown() if that's all we have. */ 2793 /* Of course, if we have neither, this will always fail. */ 2794 #ifdef HAVE_LCHOWN 2795 if (lchown(a->name, a->uid, a->gid) == 0) { 2796 /* We've set owner and know uid/gid are correct. */ 2797 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 2798 return (ARCHIVE_OK); 2799 } 2800 #elif HAVE_CHOWN 2801 if (!S_ISLNK(a->mode) && chown(a->name, a->uid, a->gid) == 0) { 2802 /* We've set owner and know uid/gid are correct. */ 2803 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 2804 return (ARCHIVE_OK); 2805 } 2806 #endif 2807 2808 archive_set_error(&a->archive, errno, 2809 "Can't set user=%jd/group=%jd for %s", 2810 (intmax_t)a->uid, (intmax_t)a->gid, a->name); 2811 return (ARCHIVE_WARN); 2812 } 2813 2814 /* 2815 * Note: Returns 0 on success, non-zero on failure. 2816 */ 2817 static int 2818 set_time(int fd, int mode, const char *name, 2819 time_t atime, long atime_nsec, 2820 time_t mtime, long mtime_nsec) 2821 { 2822 /* Select the best implementation for this platform. */ 2823 #if defined(HAVE_UTIMENSAT) && defined(HAVE_FUTIMENS) 2824 /* 2825 * utimensat() and futimens() are defined in 2826 * POSIX.1-2008. They support ns resolution and setting times 2827 * on fds and symlinks. 2828 */ 2829 struct timespec ts[2]; 2830 (void)mode; /* UNUSED */ 2831 if (atime == (time_t)-1) { 2832 ts[0].tv_sec = 0; 2833 ts[0].tv_nsec = UTIME_OMIT; 2834 } else { 2835 ts[0].tv_sec = atime; 2836 ts[0].tv_nsec = atime_nsec; 2837 } 2838 if (mtime == (time_t)-1) { 2839 ts[1].tv_sec = 0; 2840 ts[1].tv_nsec = UTIME_OMIT; 2841 } else { 2842 ts[1].tv_sec = mtime; 2843 ts[1].tv_nsec = mtime_nsec; 2844 } 2845 if (fd >= 0) 2846 return futimens(fd, ts); 2847 return utimensat(AT_FDCWD, name, ts, AT_SYMLINK_NOFOLLOW); 2848 2849 #elif HAVE_UTIMES 2850 /* 2851 * The utimes()-family functions support µs-resolution and 2852 * setting times fds and symlinks. utimes() is documented as 2853 * LEGACY by POSIX, futimes() and lutimes() are not described 2854 * in POSIX. 2855 */ 2856 struct timeval times[2]; 2857 2858 times[0].tv_sec = atime; 2859 times[0].tv_usec = atime_nsec / 1000; 2860 times[1].tv_sec = mtime; 2861 times[1].tv_usec = mtime_nsec / 1000; 2862 2863 #ifdef HAVE_FUTIMES 2864 if (fd >= 0) 2865 return (futimes(fd, times)); 2866 #else 2867 (void)fd; /* UNUSED */ 2868 #endif 2869 #ifdef HAVE_LUTIMES 2870 (void)mode; /* UNUSED */ 2871 return (lutimes(name, times)); 2872 #else 2873 if (S_ISLNK(mode)) 2874 return (0); 2875 return (utimes(name, times)); 2876 #endif 2877 2878 #elif defined(HAVE_UTIME) 2879 /* 2880 * utime() is POSIX-standard but only supports 1s resolution and 2881 * does not support fds or symlinks. 2882 */ 2883 struct utimbuf times; 2884 (void)fd; /* UNUSED */ 2885 (void)name; /* UNUSED */ 2886 (void)atime_nsec; /* UNUSED */ 2887 (void)mtime_nsec; /* UNUSED */ 2888 times.actime = atime; 2889 times.modtime = mtime; 2890 if (S_ISLNK(mode)) 2891 return (ARCHIVE_OK); 2892 return (utime(name, ×)); 2893 2894 #else 2895 /* 2896 * We don't know how to set the time on this platform. 2897 */ 2898 (void)fd; /* UNUSED */ 2899 (void)mode; /* UNUSED */ 2900 (void)name; /* UNUSED */ 2901 (void)atime_nsec; /* UNUSED */ 2902 (void)mtime_nsec; /* UNUSED */ 2903 return (ARCHIVE_WARN); 2904 #endif 2905 } 2906 2907 #ifdef F_SETTIMES 2908 static int 2909 set_time_tru64(int fd, int mode, const char *name, 2910 time_t atime, long atime_nsec, 2911 time_t mtime, long mtime_nsec, 2912 time_t ctime, long ctime_nsec) 2913 { 2914 struct attr_timbuf tstamp; 2915 tstamp.atime.tv_sec = atime; 2916 tstamp.mtime.tv_sec = mtime; 2917 tstamp.ctime.tv_sec = ctime; 2918 #if defined (__hpux) && defined (__ia64) 2919 tstamp.atime.tv_nsec = atime_nsec; 2920 tstamp.mtime.tv_nsec = mtime_nsec; 2921 tstamp.ctime.tv_nsec = ctime_nsec; 2922 #else 2923 tstamp.atime.tv_usec = atime_nsec / 1000; 2924 tstamp.mtime.tv_usec = mtime_nsec / 1000; 2925 tstamp.ctime.tv_usec = ctime_nsec / 1000; 2926 #endif 2927 return (fcntl(fd,F_SETTIMES,&tstamp)); 2928 } 2929 #endif /* F_SETTIMES */ 2930 2931 static int 2932 set_times(struct archive_write_disk *a, 2933 int fd, int mode, const char *name, 2934 time_t atime, long atime_nanos, 2935 time_t birthtime, long birthtime_nanos, 2936 time_t mtime, long mtime_nanos, 2937 time_t cctime, long ctime_nanos) 2938 { 2939 /* Note: set_time doesn't use libarchive return conventions! 2940 * It uses syscall conventions. So 0 here instead of ARCHIVE_OK. */ 2941 int r1 = 0, r2 = 0; 2942 2943 #ifdef F_SETTIMES 2944 /* 2945 * on Tru64 try own fcntl first which can restore even the 2946 * ctime, fall back to default code path below if it fails 2947 * or if we are not running as root 2948 */ 2949 if (a->user_uid == 0 && 2950 set_time_tru64(fd, mode, name, 2951 atime, atime_nanos, mtime, 2952 mtime_nanos, cctime, ctime_nanos) == 0) { 2953 return (ARCHIVE_OK); 2954 } 2955 #else /* Tru64 */ 2956 (void)cctime; /* UNUSED */ 2957 (void)ctime_nanos; /* UNUSED */ 2958 #endif /* Tru64 */ 2959 2960 #ifdef HAVE_STRUCT_STAT_ST_BIRTHTIME 2961 /* 2962 * If you have struct stat.st_birthtime, we assume BSD 2963 * birthtime semantics, in which {f,l,}utimes() updates 2964 * birthtime to earliest mtime. So we set the time twice, 2965 * first using the birthtime, then using the mtime. If 2966 * birthtime == mtime, this isn't necessary, so we skip it. 2967 * If birthtime > mtime, then this won't work, so we skip it. 2968 */ 2969 if (birthtime < mtime 2970 || (birthtime == mtime && birthtime_nanos < mtime_nanos)) 2971 r1 = set_time(fd, mode, name, 2972 atime, atime_nanos, 2973 birthtime, birthtime_nanos); 2974 #else 2975 (void)birthtime; /* UNUSED */ 2976 (void)birthtime_nanos; /* UNUSED */ 2977 #endif 2978 r2 = set_time(fd, mode, name, 2979 atime, atime_nanos, 2980 mtime, mtime_nanos); 2981 if (r1 != 0 || r2 != 0) { 2982 archive_set_error(&a->archive, errno, 2983 "Can't restore time"); 2984 return (ARCHIVE_WARN); 2985 } 2986 return (ARCHIVE_OK); 2987 } 2988 2989 static int 2990 set_times_from_entry(struct archive_write_disk *a) 2991 { 2992 time_t atime, birthtime, mtime, cctime; 2993 long atime_nsec, birthtime_nsec, mtime_nsec, ctime_nsec; 2994 2995 /* Suitable defaults. */ 2996 atime = birthtime = mtime = cctime = a->start_time; 2997 atime_nsec = birthtime_nsec = mtime_nsec = ctime_nsec = 0; 2998 2999 /* If no time was provided, we're done. */ 3000 if (!archive_entry_atime_is_set(a->entry) 3001 #if HAVE_STRUCT_STAT_ST_BIRTHTIME 3002 && !archive_entry_birthtime_is_set(a->entry) 3003 #endif 3004 && !archive_entry_mtime_is_set(a->entry)) 3005 return (ARCHIVE_OK); 3006 3007 if (archive_entry_atime_is_set(a->entry)) { 3008 atime = archive_entry_atime(a->entry); 3009 atime_nsec = archive_entry_atime_nsec(a->entry); 3010 } 3011 if (archive_entry_birthtime_is_set(a->entry)) { 3012 birthtime = archive_entry_birthtime(a->entry); 3013 birthtime_nsec = archive_entry_birthtime_nsec(a->entry); 3014 } 3015 if (archive_entry_mtime_is_set(a->entry)) { 3016 mtime = archive_entry_mtime(a->entry); 3017 mtime_nsec = archive_entry_mtime_nsec(a->entry); 3018 } 3019 if (archive_entry_ctime_is_set(a->entry)) { 3020 cctime = archive_entry_ctime(a->entry); 3021 ctime_nsec = archive_entry_ctime_nsec(a->entry); 3022 } 3023 3024 return set_times(a, a->fd, a->mode, a->name, 3025 atime, atime_nsec, 3026 birthtime, birthtime_nsec, 3027 mtime, mtime_nsec, 3028 cctime, ctime_nsec); 3029 } 3030 3031 static int 3032 set_mode(struct archive_write_disk *a, int mode) 3033 { 3034 int r = ARCHIVE_OK; 3035 mode &= 07777; /* Strip off file type bits. */ 3036 3037 if (a->todo & TODO_SGID_CHECK) { 3038 /* 3039 * If we don't know the GID is right, we must stat() 3040 * to verify it. We can't just check the GID of this 3041 * process, since systems sometimes set GID from 3042 * the enclosing dir or based on ACLs. 3043 */ 3044 if ((r = lazy_stat(a)) != ARCHIVE_OK) 3045 return (r); 3046 if (a->pst->st_gid != a->gid) { 3047 mode &= ~ S_ISGID; 3048 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3049 /* 3050 * This is only an error if you 3051 * requested owner restore. If you 3052 * didn't, we'll try to restore 3053 * sgid/suid, but won't consider it a 3054 * problem if we can't. 3055 */ 3056 archive_set_error(&a->archive, -1, 3057 "Can't restore SGID bit"); 3058 r = ARCHIVE_WARN; 3059 } 3060 } 3061 /* While we're here, double-check the UID. */ 3062 if (a->pst->st_uid != a->uid 3063 && (a->todo & TODO_SUID)) { 3064 mode &= ~ S_ISUID; 3065 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3066 archive_set_error(&a->archive, -1, 3067 "Can't restore SUID bit"); 3068 r = ARCHIVE_WARN; 3069 } 3070 } 3071 a->todo &= ~TODO_SGID_CHECK; 3072 a->todo &= ~TODO_SUID_CHECK; 3073 } else if (a->todo & TODO_SUID_CHECK) { 3074 /* 3075 * If we don't know the UID is right, we can just check 3076 * the user, since all systems set the file UID from 3077 * the process UID. 3078 */ 3079 if (a->user_uid != a->uid) { 3080 mode &= ~ S_ISUID; 3081 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3082 archive_set_error(&a->archive, -1, 3083 "Can't make file SUID"); 3084 r = ARCHIVE_WARN; 3085 } 3086 } 3087 a->todo &= ~TODO_SUID_CHECK; 3088 } 3089 3090 if (S_ISLNK(a->mode)) { 3091 #ifdef HAVE_LCHMOD 3092 /* 3093 * If this is a symlink, use lchmod(). If the 3094 * platform doesn't support lchmod(), just skip it. A 3095 * platform that doesn't provide a way to set 3096 * permissions on symlinks probably ignores 3097 * permissions on symlinks, so a failure here has no 3098 * impact. 3099 */ 3100 if (lchmod(a->name, mode) != 0) { 3101 switch (errno) { 3102 case ENOTSUP: 3103 case ENOSYS: 3104 #if ENOTSUP != EOPNOTSUPP 3105 case EOPNOTSUPP: 3106 #endif 3107 /* 3108 * if lchmod is defined but the platform 3109 * doesn't support it, silently ignore 3110 * error 3111 */ 3112 break; 3113 default: 3114 archive_set_error(&a->archive, errno, 3115 "Can't set permissions to 0%o", (int)mode); 3116 r = ARCHIVE_WARN; 3117 } 3118 } 3119 #endif 3120 } else if (!S_ISDIR(a->mode)) { 3121 /* 3122 * If it's not a symlink and not a dir, then use 3123 * fchmod() or chmod(), depending on whether we have 3124 * an fd. Dirs get their perms set during the 3125 * post-extract fixup, which is handled elsewhere. 3126 */ 3127 #ifdef HAVE_FCHMOD 3128 if (a->fd >= 0) { 3129 if (fchmod(a->fd, mode) != 0) { 3130 archive_set_error(&a->archive, errno, 3131 "Can't set permissions to 0%o", (int)mode); 3132 r = ARCHIVE_WARN; 3133 } 3134 } else 3135 #endif 3136 /* If this platform lacks fchmod(), then 3137 * we'll just use chmod(). */ 3138 if (chmod(a->name, mode) != 0) { 3139 archive_set_error(&a->archive, errno, 3140 "Can't set permissions to 0%o", (int)mode); 3141 r = ARCHIVE_WARN; 3142 } 3143 } 3144 return (r); 3145 } 3146 3147 static int 3148 set_fflags(struct archive_write_disk *a) 3149 { 3150 struct fixup_entry *le; 3151 unsigned long set, clear; 3152 int r; 3153 int critical_flags; 3154 mode_t mode = archive_entry_mode(a->entry); 3155 3156 /* 3157 * Make 'critical_flags' hold all file flags that can't be 3158 * immediately restored. For example, on BSD systems, 3159 * SF_IMMUTABLE prevents hardlinks from being created, so 3160 * should not be set until after any hardlinks are created. To 3161 * preserve some semblance of portability, this uses #ifdef 3162 * extensively. Ugly, but it works. 3163 * 3164 * Yes, Virginia, this does create a security race. It's mitigated 3165 * somewhat by the practice of creating dirs 0700 until the extract 3166 * is done, but it would be nice if we could do more than that. 3167 * People restoring critical file systems should be wary of 3168 * other programs that might try to muck with files as they're 3169 * being restored. 3170 */ 3171 /* Hopefully, the compiler will optimize this mess into a constant. */ 3172 critical_flags = 0; 3173 #ifdef SF_IMMUTABLE 3174 critical_flags |= SF_IMMUTABLE; 3175 #endif 3176 #ifdef UF_IMMUTABLE 3177 critical_flags |= UF_IMMUTABLE; 3178 #endif 3179 #ifdef SF_APPEND 3180 critical_flags |= SF_APPEND; 3181 #endif 3182 #ifdef UF_APPEND 3183 critical_flags |= UF_APPEND; 3184 #endif 3185 #ifdef EXT2_APPEND_FL 3186 critical_flags |= EXT2_APPEND_FL; 3187 #endif 3188 #ifdef EXT2_IMMUTABLE_FL 3189 critical_flags |= EXT2_IMMUTABLE_FL; 3190 #endif 3191 3192 if (a->todo & TODO_FFLAGS) { 3193 archive_entry_fflags(a->entry, &set, &clear); 3194 3195 /* 3196 * The first test encourages the compiler to eliminate 3197 * all of this if it's not necessary. 3198 */ 3199 if ((critical_flags != 0) && (set & critical_flags)) { 3200 le = current_fixup(a, a->name); 3201 if (le == NULL) 3202 return (ARCHIVE_FATAL); 3203 le->fixup |= TODO_FFLAGS; 3204 le->fflags_set = set; 3205 /* Store the mode if it's not already there. */ 3206 if ((le->fixup & TODO_MODE) == 0) 3207 le->mode = mode; 3208 } else { 3209 r = set_fflags_platform(a, a->fd, 3210 a->name, mode, set, clear); 3211 if (r != ARCHIVE_OK) 3212 return (r); 3213 } 3214 } 3215 return (ARCHIVE_OK); 3216 } 3217 3218 static int 3219 clear_nochange_fflags(struct archive_write_disk *a) 3220 { 3221 int nochange_flags; 3222 mode_t mode = archive_entry_mode(a->entry); 3223 3224 /* Hopefully, the compiler will optimize this mess into a constant. */ 3225 nochange_flags = 0; 3226 #ifdef SF_IMMUTABLE 3227 nochange_flags |= SF_IMMUTABLE; 3228 #endif 3229 #ifdef UF_IMMUTABLE 3230 nochange_flags |= UF_IMMUTABLE; 3231 #endif 3232 #ifdef SF_APPEND 3233 nochange_flags |= SF_APPEND; 3234 #endif 3235 #ifdef UF_APPEND 3236 nochange_flags |= UF_APPEND; 3237 #endif 3238 #ifdef EXT2_APPEND_FL 3239 nochange_flags |= EXT2_APPEND_FL; 3240 #endif 3241 #ifdef EXT2_IMMUTABLE_FL 3242 nochange_flags |= EXT2_IMMUTABLE_FL; 3243 #endif 3244 3245 return (set_fflags_platform(a, a->fd, a->name, mode, 0, nochange_flags)); 3246 } 3247 3248 3249 #if ( defined(HAVE_LCHFLAGS) || defined(HAVE_CHFLAGS) || defined(HAVE_FCHFLAGS) ) && defined(HAVE_STRUCT_STAT_ST_FLAGS) 3250 /* 3251 * BSD reads flags using stat() and sets them with one of {f,l,}chflags() 3252 */ 3253 static int 3254 set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3255 mode_t mode, unsigned long set, unsigned long clear) 3256 { 3257 int r; 3258 3259 (void)mode; /* UNUSED */ 3260 if (set == 0 && clear == 0) 3261 return (ARCHIVE_OK); 3262 3263 /* 3264 * XXX Is the stat here really necessary? Or can I just use 3265 * the 'set' flags directly? In particular, I'm not sure 3266 * about the correct approach if we're overwriting an existing 3267 * file that already has flags on it. XXX 3268 */ 3269 if ((r = lazy_stat(a)) != ARCHIVE_OK) 3270 return (r); 3271 3272 a->st.st_flags &= ~clear; 3273 a->st.st_flags |= set; 3274 #ifdef HAVE_FCHFLAGS 3275 /* If platform has fchflags() and we were given an fd, use it. */ 3276 if (fd >= 0 && fchflags(fd, a->st.st_flags) == 0) 3277 return (ARCHIVE_OK); 3278 #endif 3279 /* 3280 * If we can't use the fd to set the flags, we'll use the 3281 * pathname to set flags. We prefer lchflags() but will use 3282 * chflags() if we must. 3283 */ 3284 #ifdef HAVE_LCHFLAGS 3285 if (lchflags(name, a->st.st_flags) == 0) 3286 return (ARCHIVE_OK); 3287 #elif defined(HAVE_CHFLAGS) 3288 if (S_ISLNK(a->st.st_mode)) { 3289 archive_set_error(&a->archive, errno, 3290 "Can't set file flags on symlink."); 3291 return (ARCHIVE_WARN); 3292 } 3293 if (chflags(name, a->st.st_flags) == 0) 3294 return (ARCHIVE_OK); 3295 #endif 3296 archive_set_error(&a->archive, errno, 3297 "Failed to set file flags"); 3298 return (ARCHIVE_WARN); 3299 } 3300 3301 #elif defined(EXT2_IOC_GETFLAGS) && defined(EXT2_IOC_SETFLAGS) && defined(HAVE_WORKING_EXT2_IOC_GETFLAGS) 3302 /* 3303 * Linux uses ioctl() to read and write file flags. 3304 */ 3305 static int 3306 set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3307 mode_t mode, unsigned long set, unsigned long clear) 3308 { 3309 int ret; 3310 int myfd = fd; 3311 int newflags, oldflags; 3312 int sf_mask = 0; 3313 3314 if (set == 0 && clear == 0) 3315 return (ARCHIVE_OK); 3316 /* Only regular files and dirs can have flags. */ 3317 if (!S_ISREG(mode) && !S_ISDIR(mode)) 3318 return (ARCHIVE_OK); 3319 3320 /* If we weren't given an fd, open it ourselves. */ 3321 if (myfd < 0) { 3322 myfd = open(name, O_RDONLY | O_NONBLOCK | O_BINARY | O_CLOEXEC); 3323 __archive_ensure_cloexec_flag(myfd); 3324 } 3325 if (myfd < 0) 3326 return (ARCHIVE_OK); 3327 3328 /* 3329 * Linux has no define for the flags that are only settable by 3330 * the root user. This code may seem a little complex, but 3331 * there seem to be some Linux systems that lack these 3332 * defines. (?) The code below degrades reasonably gracefully 3333 * if sf_mask is incomplete. 3334 */ 3335 #ifdef EXT2_IMMUTABLE_FL 3336 sf_mask |= EXT2_IMMUTABLE_FL; 3337 #endif 3338 #ifdef EXT2_APPEND_FL 3339 sf_mask |= EXT2_APPEND_FL; 3340 #endif 3341 /* 3342 * XXX As above, this would be way simpler if we didn't have 3343 * to read the current flags from disk. XXX 3344 */ 3345 ret = ARCHIVE_OK; 3346 3347 /* Read the current file flags. */ 3348 if (ioctl(myfd, EXT2_IOC_GETFLAGS, &oldflags) < 0) 3349 goto fail; 3350 3351 /* Try setting the flags as given. */ 3352 newflags = (oldflags & ~clear) | set; 3353 if (ioctl(myfd, EXT2_IOC_SETFLAGS, &newflags) >= 0) 3354 goto cleanup; 3355 if (errno != EPERM) 3356 goto fail; 3357 3358 /* If we couldn't set all the flags, try again with a subset. */ 3359 newflags &= ~sf_mask; 3360 oldflags &= sf_mask; 3361 newflags |= oldflags; 3362 if (ioctl(myfd, EXT2_IOC_SETFLAGS, &newflags) >= 0) 3363 goto cleanup; 3364 3365 /* We couldn't set the flags, so report the failure. */ 3366 fail: 3367 archive_set_error(&a->archive, errno, 3368 "Failed to set file flags"); 3369 ret = ARCHIVE_WARN; 3370 cleanup: 3371 if (fd < 0) 3372 close(myfd); 3373 return (ret); 3374 } 3375 3376 #else 3377 3378 /* 3379 * Of course, some systems have neither BSD chflags() nor Linux' flags 3380 * support through ioctl(). 3381 */ 3382 static int 3383 set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3384 mode_t mode, unsigned long set, unsigned long clear) 3385 { 3386 (void)a; /* UNUSED */ 3387 (void)fd; /* UNUSED */ 3388 (void)name; /* UNUSED */ 3389 (void)mode; /* UNUSED */ 3390 (void)set; /* UNUSED */ 3391 (void)clear; /* UNUSED */ 3392 return (ARCHIVE_OK); 3393 } 3394 3395 #endif /* __linux */ 3396 3397 #ifndef HAVE_COPYFILE_H 3398 /* Default is to simply drop Mac extended metadata. */ 3399 static int 3400 set_mac_metadata(struct archive_write_disk *a, const char *pathname, 3401 const void *metadata, size_t metadata_size) 3402 { 3403 (void)a; /* UNUSED */ 3404 (void)pathname; /* UNUSED */ 3405 (void)metadata; /* UNUSED */ 3406 (void)metadata_size; /* UNUSED */ 3407 return (ARCHIVE_OK); 3408 } 3409 3410 static int 3411 fixup_appledouble(struct archive_write_disk *a, const char *pathname) 3412 { 3413 (void)a; /* UNUSED */ 3414 (void)pathname; /* UNUSED */ 3415 return (ARCHIVE_OK); 3416 } 3417 #else 3418 3419 /* 3420 * On Mac OS, we use copyfile() to unpack the metadata and 3421 * apply it to the target file. 3422 */ 3423 3424 #if defined(HAVE_SYS_XATTR_H) 3425 static int 3426 copy_xattrs(struct archive_write_disk *a, int tmpfd, int dffd) 3427 { 3428 ssize_t xattr_size; 3429 char *xattr_names = NULL, *xattr_val = NULL; 3430 int ret = ARCHIVE_OK, xattr_i; 3431 3432 xattr_size = flistxattr(tmpfd, NULL, 0, 0); 3433 if (xattr_size == -1) { 3434 archive_set_error(&a->archive, errno, 3435 "Failed to read metadata(xattr)"); 3436 ret = ARCHIVE_WARN; 3437 goto exit_xattr; 3438 } 3439 xattr_names = malloc(xattr_size); 3440 if (xattr_names == NULL) { 3441 archive_set_error(&a->archive, ENOMEM, 3442 "Can't allocate memory for metadata(xattr)"); 3443 ret = ARCHIVE_FATAL; 3444 goto exit_xattr; 3445 } 3446 xattr_size = flistxattr(tmpfd, xattr_names, xattr_size, 0); 3447 if (xattr_size == -1) { 3448 archive_set_error(&a->archive, errno, 3449 "Failed to read metadata(xattr)"); 3450 ret = ARCHIVE_WARN; 3451 goto exit_xattr; 3452 } 3453 for (xattr_i = 0; xattr_i < xattr_size; 3454 xattr_i += strlen(xattr_names + xattr_i) + 1) { 3455 char *xattr_val_saved; 3456 ssize_t s; 3457 int f; 3458 3459 s = fgetxattr(tmpfd, xattr_names + xattr_i, NULL, 0, 0, 0); 3460 if (s == -1) { 3461 archive_set_error(&a->archive, errno, 3462 "Failed to get metadata(xattr)"); 3463 ret = ARCHIVE_WARN; 3464 goto exit_xattr; 3465 } 3466 xattr_val_saved = xattr_val; 3467 xattr_val = realloc(xattr_val, s); 3468 if (xattr_val == NULL) { 3469 archive_set_error(&a->archive, ENOMEM, 3470 "Failed to get metadata(xattr)"); 3471 ret = ARCHIVE_WARN; 3472 free(xattr_val_saved); 3473 goto exit_xattr; 3474 } 3475 s = fgetxattr(tmpfd, xattr_names + xattr_i, xattr_val, s, 0, 0); 3476 if (s == -1) { 3477 archive_set_error(&a->archive, errno, 3478 "Failed to get metadata(xattr)"); 3479 ret = ARCHIVE_WARN; 3480 goto exit_xattr; 3481 } 3482 f = fsetxattr(dffd, xattr_names + xattr_i, xattr_val, s, 0, 0); 3483 if (f == -1) { 3484 archive_set_error(&a->archive, errno, 3485 "Failed to get metadata(xattr)"); 3486 ret = ARCHIVE_WARN; 3487 goto exit_xattr; 3488 } 3489 } 3490 exit_xattr: 3491 free(xattr_names); 3492 free(xattr_val); 3493 return (ret); 3494 } 3495 #endif 3496 3497 static int 3498 copy_acls(struct archive_write_disk *a, int tmpfd, int dffd) 3499 { 3500 acl_t acl, dfacl = NULL; 3501 int acl_r, ret = ARCHIVE_OK; 3502 3503 acl = acl_get_fd(tmpfd); 3504 if (acl == NULL) { 3505 if (errno == ENOENT) 3506 /* There are not any ACLs. */ 3507 return (ret); 3508 archive_set_error(&a->archive, errno, 3509 "Failed to get metadata(acl)"); 3510 ret = ARCHIVE_WARN; 3511 goto exit_acl; 3512 } 3513 dfacl = acl_dup(acl); 3514 acl_r = acl_set_fd(dffd, dfacl); 3515 if (acl_r == -1) { 3516 archive_set_error(&a->archive, errno, 3517 "Failed to get metadata(acl)"); 3518 ret = ARCHIVE_WARN; 3519 goto exit_acl; 3520 } 3521 exit_acl: 3522 if (acl) 3523 acl_free(acl); 3524 if (dfacl) 3525 acl_free(dfacl); 3526 return (ret); 3527 } 3528 3529 static int 3530 create_tempdatafork(struct archive_write_disk *a, const char *pathname) 3531 { 3532 struct archive_string tmpdatafork; 3533 int tmpfd; 3534 3535 archive_string_init(&tmpdatafork); 3536 archive_strcpy(&tmpdatafork, "tar.md.XXXXXX"); 3537 tmpfd = mkstemp(tmpdatafork.s); 3538 if (tmpfd < 0) { 3539 archive_set_error(&a->archive, errno, 3540 "Failed to mkstemp"); 3541 archive_string_free(&tmpdatafork); 3542 return (-1); 3543 } 3544 if (copyfile(pathname, tmpdatafork.s, 0, 3545 COPYFILE_UNPACK | COPYFILE_NOFOLLOW 3546 | COPYFILE_ACL | COPYFILE_XATTR) < 0) { 3547 archive_set_error(&a->archive, errno, 3548 "Failed to restore metadata"); 3549 close(tmpfd); 3550 tmpfd = -1; 3551 } 3552 unlink(tmpdatafork.s); 3553 archive_string_free(&tmpdatafork); 3554 return (tmpfd); 3555 } 3556 3557 static int 3558 copy_metadata(struct archive_write_disk *a, const char *metadata, 3559 const char *datafork, int datafork_compressed) 3560 { 3561 int ret = ARCHIVE_OK; 3562 3563 if (datafork_compressed) { 3564 int dffd, tmpfd; 3565 3566 tmpfd = create_tempdatafork(a, metadata); 3567 if (tmpfd == -1) 3568 return (ARCHIVE_WARN); 3569 3570 /* 3571 * Do not open the data fork compressed by HFS+ compression 3572 * with at least a writing mode(O_RDWR or O_WRONLY). it 3573 * makes the data fork uncompressed. 3574 */ 3575 dffd = open(datafork, 0); 3576 if (dffd == -1) { 3577 archive_set_error(&a->archive, errno, 3578 "Failed to open the data fork for metadata"); 3579 close(tmpfd); 3580 return (ARCHIVE_WARN); 3581 } 3582 3583 #if defined(HAVE_SYS_XATTR_H) 3584 ret = copy_xattrs(a, tmpfd, dffd); 3585 if (ret == ARCHIVE_OK) 3586 #endif 3587 ret = copy_acls(a, tmpfd, dffd); 3588 close(tmpfd); 3589 close(dffd); 3590 } else { 3591 if (copyfile(metadata, datafork, 0, 3592 COPYFILE_UNPACK | COPYFILE_NOFOLLOW 3593 | COPYFILE_ACL | COPYFILE_XATTR) < 0) { 3594 archive_set_error(&a->archive, errno, 3595 "Failed to restore metadata"); 3596 ret = ARCHIVE_WARN; 3597 } 3598 } 3599 return (ret); 3600 } 3601 3602 static int 3603 set_mac_metadata(struct archive_write_disk *a, const char *pathname, 3604 const void *metadata, size_t metadata_size) 3605 { 3606 struct archive_string tmp; 3607 ssize_t written; 3608 int fd; 3609 int ret = ARCHIVE_OK; 3610 3611 /* This would be simpler if copyfile() could just accept the 3612 * metadata as a block of memory; then we could sidestep this 3613 * silly dance of writing the data to disk just so that 3614 * copyfile() can read it back in again. */ 3615 archive_string_init(&tmp); 3616 archive_strcpy(&tmp, pathname); 3617 archive_strcat(&tmp, ".XXXXXX"); 3618 fd = mkstemp(tmp.s); 3619 3620 if (fd < 0) { 3621 archive_set_error(&a->archive, errno, 3622 "Failed to restore metadata"); 3623 archive_string_free(&tmp); 3624 return (ARCHIVE_WARN); 3625 } 3626 written = write(fd, metadata, metadata_size); 3627 close(fd); 3628 if ((size_t)written != metadata_size) { 3629 archive_set_error(&a->archive, errno, 3630 "Failed to restore metadata"); 3631 ret = ARCHIVE_WARN; 3632 } else { 3633 int compressed; 3634 3635 #if defined(UF_COMPRESSED) 3636 if ((a->todo & TODO_HFS_COMPRESSION) != 0 && 3637 (ret = lazy_stat(a)) == ARCHIVE_OK) 3638 compressed = a->st.st_flags & UF_COMPRESSED; 3639 else 3640 #endif 3641 compressed = 0; 3642 ret = copy_metadata(a, tmp.s, pathname, compressed); 3643 } 3644 unlink(tmp.s); 3645 archive_string_free(&tmp); 3646 return (ret); 3647 } 3648 3649 static int 3650 fixup_appledouble(struct archive_write_disk *a, const char *pathname) 3651 { 3652 char buff[8]; 3653 struct stat st; 3654 const char *p; 3655 struct archive_string datafork; 3656 int fd = -1, ret = ARCHIVE_OK; 3657 3658 archive_string_init(&datafork); 3659 /* Check if the current file name is a type of the resource 3660 * fork file. */ 3661 p = strrchr(pathname, '/'); 3662 if (p == NULL) 3663 p = pathname; 3664 else 3665 p++; 3666 if (p[0] != '.' || p[1] != '_') 3667 goto skip_appledouble; 3668 3669 /* 3670 * Check if the data fork file exists. 3671 * 3672 * TODO: Check if this write disk object has handled it. 3673 */ 3674 archive_strncpy(&datafork, pathname, p - pathname); 3675 archive_strcat(&datafork, p + 2); 3676 if (lstat(datafork.s, &st) == -1 || 3677 (st.st_mode & AE_IFMT) != AE_IFREG) 3678 goto skip_appledouble; 3679 3680 /* 3681 * Check if the file is in the AppleDouble form. 3682 */ 3683 fd = open(pathname, O_RDONLY | O_BINARY | O_CLOEXEC); 3684 __archive_ensure_cloexec_flag(fd); 3685 if (fd == -1) { 3686 archive_set_error(&a->archive, errno, 3687 "Failed to open a restoring file"); 3688 ret = ARCHIVE_WARN; 3689 goto skip_appledouble; 3690 } 3691 if (read(fd, buff, 8) == -1) { 3692 archive_set_error(&a->archive, errno, 3693 "Failed to read a restoring file"); 3694 close(fd); 3695 ret = ARCHIVE_WARN; 3696 goto skip_appledouble; 3697 } 3698 close(fd); 3699 /* Check AppleDouble Magic Code. */ 3700 if (archive_be32dec(buff) != 0x00051607) 3701 goto skip_appledouble; 3702 /* Check AppleDouble Version. */ 3703 if (archive_be32dec(buff+4) != 0x00020000) 3704 goto skip_appledouble; 3705 3706 ret = copy_metadata(a, pathname, datafork.s, 3707 #if defined(UF_COMPRESSED) 3708 st.st_flags & UF_COMPRESSED); 3709 #else 3710 0); 3711 #endif 3712 if (ret == ARCHIVE_OK) { 3713 unlink(pathname); 3714 ret = ARCHIVE_EOF; 3715 } 3716 skip_appledouble: 3717 archive_string_free(&datafork); 3718 return (ret); 3719 } 3720 #endif 3721 3722 #if HAVE_LSETXATTR || HAVE_LSETEA 3723 /* 3724 * Restore extended attributes - Linux and AIX implementations: 3725 * AIX' ea interface is syntaxwise identical to the Linux xattr interface. 3726 */ 3727 static int 3728 set_xattrs(struct archive_write_disk *a) 3729 { 3730 struct archive_entry *entry = a->entry; 3731 static int warning_done = 0; 3732 int ret = ARCHIVE_OK; 3733 int i = archive_entry_xattr_reset(entry); 3734 3735 while (i--) { 3736 const char *name; 3737 const void *value; 3738 size_t size; 3739 archive_entry_xattr_next(entry, &name, &value, &size); 3740 if (name != NULL && 3741 strncmp(name, "xfsroot.", 8) != 0 && 3742 strncmp(name, "system.", 7) != 0) { 3743 int e; 3744 #if HAVE_FSETXATTR 3745 if (a->fd >= 0) 3746 e = fsetxattr(a->fd, name, value, size, 0); 3747 else 3748 #elif HAVE_FSETEA 3749 if (a->fd >= 0) 3750 e = fsetea(a->fd, name, value, size, 0); 3751 else 3752 #endif 3753 { 3754 #if HAVE_LSETXATTR 3755 e = lsetxattr(archive_entry_pathname(entry), 3756 name, value, size, 0); 3757 #elif HAVE_LSETEA 3758 e = lsetea(archive_entry_pathname(entry), 3759 name, value, size, 0); 3760 #endif 3761 } 3762 if (e == -1) { 3763 if (errno == ENOTSUP || errno == ENOSYS) { 3764 if (!warning_done) { 3765 warning_done = 1; 3766 archive_set_error(&a->archive, errno, 3767 "Cannot restore extended " 3768 "attributes on this file " 3769 "system"); 3770 } 3771 } else 3772 archive_set_error(&a->archive, errno, 3773 "Failed to set extended attribute"); 3774 ret = ARCHIVE_WARN; 3775 } 3776 } else { 3777 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 3778 "Invalid extended attribute encountered"); 3779 ret = ARCHIVE_WARN; 3780 } 3781 } 3782 return (ret); 3783 } 3784 #elif HAVE_EXTATTR_SET_FILE && HAVE_DECL_EXTATTR_NAMESPACE_USER 3785 /* 3786 * Restore extended attributes - FreeBSD implementation 3787 */ 3788 static int 3789 set_xattrs(struct archive_write_disk *a) 3790 { 3791 struct archive_entry *entry = a->entry; 3792 static int warning_done = 0; 3793 int ret = ARCHIVE_OK; 3794 int i = archive_entry_xattr_reset(entry); 3795 3796 while (i--) { 3797 const char *name; 3798 const void *value; 3799 size_t size; 3800 archive_entry_xattr_next(entry, &name, &value, &size); 3801 if (name != NULL) { 3802 int e; 3803 int namespace; 3804 3805 if (strncmp(name, "user.", 5) == 0) { 3806 /* "user." attributes go to user namespace */ 3807 name += 5; 3808 namespace = EXTATTR_NAMESPACE_USER; 3809 } else { 3810 /* Warn about other extended attributes. */ 3811 archive_set_error(&a->archive, 3812 ARCHIVE_ERRNO_FILE_FORMAT, 3813 "Can't restore extended attribute ``%s''", 3814 name); 3815 ret = ARCHIVE_WARN; 3816 continue; 3817 } 3818 errno = 0; 3819 #if HAVE_EXTATTR_SET_FD 3820 if (a->fd >= 0) 3821 e = extattr_set_fd(a->fd, namespace, name, value, size); 3822 else 3823 #endif 3824 /* TODO: should we use extattr_set_link() instead? */ 3825 { 3826 e = extattr_set_file(archive_entry_pathname(entry), 3827 namespace, name, value, size); 3828 } 3829 if (e != (int)size) { 3830 if (errno == ENOTSUP || errno == ENOSYS) { 3831 if (!warning_done) { 3832 warning_done = 1; 3833 archive_set_error(&a->archive, errno, 3834 "Cannot restore extended " 3835 "attributes on this file " 3836 "system"); 3837 } 3838 } else { 3839 archive_set_error(&a->archive, errno, 3840 "Failed to set extended attribute"); 3841 } 3842 3843 ret = ARCHIVE_WARN; 3844 } 3845 } 3846 } 3847 return (ret); 3848 } 3849 #else 3850 /* 3851 * Restore extended attributes - stub implementation for unsupported systems 3852 */ 3853 static int 3854 set_xattrs(struct archive_write_disk *a) 3855 { 3856 static int warning_done = 0; 3857 3858 /* If there aren't any extended attributes, then it's okay not 3859 * to extract them, otherwise, issue a single warning. */ 3860 if (archive_entry_xattr_count(a->entry) != 0 && !warning_done) { 3861 warning_done = 1; 3862 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 3863 "Cannot restore extended attributes on this system"); 3864 return (ARCHIVE_WARN); 3865 } 3866 /* Warning was already emitted; suppress further warnings. */ 3867 return (ARCHIVE_OK); 3868 } 3869 #endif 3870 3871 /* 3872 * Test if file on disk is older than entry. 3873 */ 3874 static int 3875 older(struct stat *st, struct archive_entry *entry) 3876 { 3877 /* First, test the seconds and return if we have a definite answer. */ 3878 /* Definitely older. */ 3879 if (st->st_mtime < archive_entry_mtime(entry)) 3880 return (1); 3881 /* Definitely younger. */ 3882 if (st->st_mtime > archive_entry_mtime(entry)) 3883 return (0); 3884 /* If this platform supports fractional seconds, try those. */ 3885 #if HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC 3886 /* Definitely older. */ 3887 if (st->st_mtimespec.tv_nsec < archive_entry_mtime_nsec(entry)) 3888 return (1); 3889 #elif HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC 3890 /* Definitely older. */ 3891 if (st->st_mtim.tv_nsec < archive_entry_mtime_nsec(entry)) 3892 return (1); 3893 #elif HAVE_STRUCT_STAT_ST_MTIME_N 3894 /* older. */ 3895 if (st->st_mtime_n < archive_entry_mtime_nsec(entry)) 3896 return (1); 3897 #elif HAVE_STRUCT_STAT_ST_UMTIME 3898 /* older. */ 3899 if (st->st_umtime * 1000 < archive_entry_mtime_nsec(entry)) 3900 return (1); 3901 #elif HAVE_STRUCT_STAT_ST_MTIME_USEC 3902 /* older. */ 3903 if (st->st_mtime_usec * 1000 < archive_entry_mtime_nsec(entry)) 3904 return (1); 3905 #else 3906 /* This system doesn't have high-res timestamps. */ 3907 #endif 3908 /* Same age or newer, so not older. */ 3909 return (0); 3910 } 3911 3912 #endif /* !_WIN32 || __CYGWIN__ */ 3913 3914