3
0

get_header_tar.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449
  1. /* vi: set sw=4 ts=4: */
  2. /* Licensed under GPLv2 or later, see file LICENSE in this tarball for details.
  3. *
  4. * FIXME:
  5. * In privileged mode if uname and gname map to a uid and gid then use the
  6. * mapped value instead of the uid/gid values in tar header
  7. *
  8. * References:
  9. * GNU tar and star man pages,
  10. * Opengroup's ustar interchange format,
  11. * http://www.opengroup.org/onlinepubs/007904975/utilities/pax.html
  12. */
  13. #include "libbb.h"
  14. #include "unarchive.h"
  15. /*
  16. * GNU tar uses "base-256 encoding" for very large numbers (>8 billion).
  17. * Encoding is binary, with highest bit always set as a marker
  18. * and sign in next-highest bit:
  19. * 80 00 .. 00 - zero
  20. * bf ff .. ff - largest positive number
  21. * ff ff .. ff - minus 1
  22. * c0 00 .. 00 - smallest negative number
  23. *
  24. * We expect it only in size field, where negative numbers don't make sense.
  25. */
  26. static off_t getBase256_len12(const char *str)
  27. {
  28. off_t value;
  29. int len;
  30. /* if (*str & 0x40) error; - caller prevents this */
  31. if (sizeof(off_t) >= 12) {
  32. /* Probably 128-bit (16 byte) off_t. Can be optimized. */
  33. len = 12;
  34. value = *str++ & 0x3f;
  35. while (--len)
  36. value = (value << 8) + (unsigned char) *str++;
  37. return value;
  38. }
  39. #ifdef CHECK_FOR_OVERFLOW
  40. /* Can be optimized to eat 32-bit chunks */
  41. char c = *str++ & 0x3f;
  42. len = 12;
  43. while (1) {
  44. if (c)
  45. bb_error_msg_and_die("overflow in base-256 encoded file size");
  46. if (--len == sizeof(off_t))
  47. break;
  48. c = *str++;
  49. }
  50. #else
  51. str += (12 - sizeof(off_t));
  52. #endif
  53. /* Now str points to sizeof(off_t) least significant bytes.
  54. *
  55. * Example of tar file with 8914993153 (0x213600001) byte file.
  56. * Field starts at offset 7c:
  57. * 00070 30 30 30 00 30 30 30 30 30 30 30 00 80 00 00 00 |000.0000000.....|
  58. * 00080 00 00 00 02 13 60 00 01 31 31 31 32 30 33 33 36 |.....`..11120336|
  59. *
  60. * str is at offset 80 or 84 now (64-bit or 32-bit off_t).
  61. * We (ab)use the fact that value happens to be aligned,
  62. * and fetch it in one go:
  63. */
  64. if (sizeof(off_t) == 8) {
  65. value = *(off_t*)str;
  66. value = SWAP_BE64(value);
  67. } else if (sizeof(off_t) == 4) {
  68. value = *(off_t*)str;
  69. value = SWAP_BE32(value);
  70. } else {
  71. value = 0;
  72. len = sizeof(off_t);
  73. while (--len)
  74. value = (value << 8) + (unsigned char) *str++;
  75. }
  76. return value;
  77. }
  78. /* NB: _DESTROYS_ str[len] character! */
  79. static unsigned long long getOctal(char *str, int len)
  80. {
  81. unsigned long long v;
  82. /* NB: leading spaces are allowed. Using strtoull to handle that.
  83. * The downside is that we accept e.g. "-123" too :(
  84. */
  85. str[len] = '\0';
  86. v = strtoull(str, &str, 8);
  87. /* std: "Each numeric field is terminated by one or more
  88. * <space> or NUL characters". We must support ' '! */
  89. if (*str != '\0' && *str != ' ')
  90. bb_error_msg_and_die("corrupted octal value in tar header");
  91. return v;
  92. }
  93. #define GET_OCTAL(a) getOctal((a), sizeof(a))
  94. void BUG_tar_header_size(void);
  95. char FAST_FUNC get_header_tar(archive_handle_t *archive_handle)
  96. {
  97. file_header_t *file_header = archive_handle->file_header;
  98. struct {
  99. /* ustar header, Posix 1003.1 */
  100. char name[100]; /* 0-99 */
  101. char mode[8]; /* 100-107 */
  102. char uid[8]; /* 108-115 */
  103. char gid[8]; /* 116-123 */
  104. char size[12]; /* 124-135 */
  105. char mtime[12]; /* 136-147 */
  106. char chksum[8]; /* 148-155 */
  107. char typeflag; /* 156-156 */
  108. char linkname[100]; /* 157-256 */
  109. /* POSIX: "ustar" NUL "00" */
  110. /* GNU tar: "ustar " NUL */
  111. /* Normally it's defined as magic[6] followed by
  112. * version[2], but we put them together to simplify code
  113. */
  114. char magic[8]; /* 257-264 */
  115. char uname[32]; /* 265-296 */
  116. char gname[32]; /* 297-328 */
  117. char devmajor[8]; /* 329-336 */
  118. char devminor[8]; /* 337-344 */
  119. char prefix[155]; /* 345-499 */
  120. char padding[12]; /* 500-512 */
  121. } tar;
  122. char *cp;
  123. int i, sum_u, sum;
  124. #if ENABLE_FEATURE_TAR_OLDSUN_COMPATIBILITY
  125. int sum_s;
  126. #endif
  127. int parse_names;
  128. /* Our "private data" */
  129. #if ENABLE_FEATURE_TAR_GNU_EXTENSIONS
  130. # define p_longname (archive_handle->tar__longname)
  131. # define p_linkname (archive_handle->tar__linkname)
  132. #else
  133. # define p_longname 0
  134. # define p_linkname 0
  135. #endif
  136. if (sizeof(tar) != 512)
  137. BUG_tar_header_size();
  138. #if ENABLE_FEATURE_TAR_GNU_EXTENSIONS
  139. again:
  140. #endif
  141. /* Align header */
  142. data_align(archive_handle, 512);
  143. again_after_align:
  144. #if ENABLE_DESKTOP || ENABLE_FEATURE_TAR_AUTODETECT
  145. /* to prevent misdetection of bz2 sig */
  146. *(uint32_t*)(&tar) = 0;
  147. i = full_read(archive_handle->src_fd, &tar, 512);
  148. /* If GNU tar sees EOF in above read, it says:
  149. * "tar: A lone zero block at N", where N = kilobyte
  150. * where EOF was met (not EOF block, actual EOF!),
  151. * and exits with EXIT_SUCCESS.
  152. * We will mimic exit(EXIT_SUCCESS), although we will not mimic
  153. * the message and we don't check whether we indeed
  154. * saw zero block directly before this. */
  155. if (i == 0) {
  156. xfunc_error_retval = 0;
  157. short_read:
  158. bb_error_msg_and_die("short read");
  159. }
  160. if (i != 512) {
  161. IF_FEATURE_TAR_AUTODETECT(goto autodetect;)
  162. goto short_read;
  163. }
  164. #else
  165. i = 512;
  166. xread(archive_handle->src_fd, &tar, i);
  167. #endif
  168. archive_handle->offset += i;
  169. /* If there is no filename its an empty header */
  170. if (tar.name[0] == 0 && tar.prefix[0] == 0) {
  171. if (archive_handle->tar__end) {
  172. /* Second consecutive empty header - end of archive.
  173. * Read until the end to empty the pipe from gz or bz2
  174. */
  175. while (full_read(archive_handle->src_fd, &tar, 512) == 512)
  176. continue;
  177. return EXIT_FAILURE;
  178. }
  179. archive_handle->tar__end = 1;
  180. return EXIT_SUCCESS;
  181. }
  182. archive_handle->tar__end = 0;
  183. /* Check header has valid magic, "ustar" is for the proper tar,
  184. * five NULs are for the old tar format */
  185. if (strncmp(tar.magic, "ustar", 5) != 0
  186. && (!ENABLE_FEATURE_TAR_OLDGNU_COMPATIBILITY
  187. || memcmp(tar.magic, "\0\0\0\0", 5) != 0)
  188. ) {
  189. #if ENABLE_FEATURE_TAR_AUTODETECT
  190. char FAST_FUNC (*get_header_ptr)(archive_handle_t *);
  191. autodetect:
  192. /* tar gz/bz autodetect: check for gz/bz2 magic.
  193. * If we see the magic, and it is the very first block,
  194. * we can switch to get_header_tar_gz/bz2/lzma().
  195. * Needs seekable fd. I wish recv(MSG_PEEK) works
  196. * on any fd... */
  197. #if ENABLE_FEATURE_SEAMLESS_GZ
  198. if (tar.name[0] == 0x1f && tar.name[1] == (char)0x8b) { /* gzip */
  199. get_header_ptr = get_header_tar_gz;
  200. } else
  201. #endif
  202. #if ENABLE_FEATURE_SEAMLESS_BZ2
  203. if (tar.name[0] == 'B' && tar.name[1] == 'Z'
  204. && tar.name[2] == 'h' && isdigit(tar.name[3])
  205. ) { /* bzip2 */
  206. get_header_ptr = get_header_tar_bz2;
  207. } else
  208. #endif
  209. goto err;
  210. /* Two different causes for lseek() != 0:
  211. * unseekable fd (would like to support that too, but...),
  212. * or not first block (false positive, it's not .gz/.bz2!) */
  213. if (lseek(archive_handle->src_fd, -i, SEEK_CUR) != 0)
  214. goto err;
  215. while (get_header_ptr(archive_handle) == EXIT_SUCCESS)
  216. continue;
  217. return EXIT_FAILURE;
  218. err:
  219. #endif /* FEATURE_TAR_AUTODETECT */
  220. bb_error_msg_and_die("invalid tar magic");
  221. }
  222. /* Do checksum on headers.
  223. * POSIX says that checksum is done on unsigned bytes, but
  224. * Sun and HP-UX gets it wrong... more details in
  225. * GNU tar source. */
  226. #if ENABLE_FEATURE_TAR_OLDSUN_COMPATIBILITY
  227. sum_s = ' ' * sizeof(tar.chksum);
  228. #endif
  229. sum_u = ' ' * sizeof(tar.chksum);
  230. for (i = 0; i < 148; i++) {
  231. sum_u += ((unsigned char*)&tar)[i];
  232. #if ENABLE_FEATURE_TAR_OLDSUN_COMPATIBILITY
  233. sum_s += ((signed char*)&tar)[i];
  234. #endif
  235. }
  236. for (i = 156; i < 512; i++) {
  237. sum_u += ((unsigned char*)&tar)[i];
  238. #if ENABLE_FEATURE_TAR_OLDSUN_COMPATIBILITY
  239. sum_s += ((signed char*)&tar)[i];
  240. #endif
  241. }
  242. /* This field does not need special treatment (getOctal) */
  243. {
  244. char *endp; /* gcc likes temp var for &endp */
  245. sum = strtoul(tar.chksum, &endp, 8);
  246. if ((*endp != '\0' && *endp != ' ')
  247. || (sum_u != sum IF_FEATURE_TAR_OLDSUN_COMPATIBILITY(&& sum_s != sum))
  248. ) {
  249. bb_error_msg_and_die("invalid tar header checksum");
  250. }
  251. }
  252. /* don't use xstrtoul, tar.chksum may have leading spaces */
  253. sum = strtoul(tar.chksum, NULL, 8);
  254. if (sum_u != sum IF_FEATURE_TAR_OLDSUN_COMPATIBILITY(&& sum_s != sum)) {
  255. bb_error_msg_and_die("invalid tar header checksum");
  256. }
  257. /* 0 is reserved for high perf file, treat as normal file */
  258. if (!tar.typeflag) tar.typeflag = '0';
  259. parse_names = (tar.typeflag >= '0' && tar.typeflag <= '7');
  260. /* getOctal trashes subsequent field, therefore we call it
  261. * on fields in reverse order */
  262. if (tar.devmajor[0]) {
  263. char t = tar.prefix[0];
  264. /* we trash prefix[0] here, but we DO need it later! */
  265. unsigned minor = GET_OCTAL(tar.devminor);
  266. unsigned major = GET_OCTAL(tar.devmajor);
  267. file_header->device = makedev(major, minor);
  268. tar.prefix[0] = t;
  269. }
  270. file_header->link_target = NULL;
  271. if (!p_linkname && parse_names && tar.linkname[0]) {
  272. file_header->link_target = xstrndup(tar.linkname, sizeof(tar.linkname));
  273. /* FIXME: what if we have non-link object with link_target? */
  274. /* Will link_target be free()ed? */
  275. }
  276. #if ENABLE_FEATURE_TAR_UNAME_GNAME
  277. file_header->tar__uname = tar.uname[0] ? xstrndup(tar.uname, sizeof(tar.uname)) : NULL;
  278. file_header->tar__gname = tar.gname[0] ? xstrndup(tar.gname, sizeof(tar.gname)) : NULL;
  279. #endif
  280. /* mtime: rudimentally handle GNU tar's "base256 encoding"
  281. * People report tarballs with NEGATIVE unix times encoded that way */
  282. file_header->mtime = (tar.mtime[0] & 0x80) /* base256? */
  283. ? 0 /* bogus */
  284. : GET_OCTAL(tar.mtime);
  285. /* size: handle GNU tar's "base256 encoding" */
  286. file_header->size = (tar.size[0] & 0xc0) == 0x80 /* positive base256? */
  287. ? getBase256_len12(tar.size)
  288. : GET_OCTAL(tar.size);
  289. file_header->gid = GET_OCTAL(tar.gid);
  290. file_header->uid = GET_OCTAL(tar.uid);
  291. /* Set bits 0-11 of the files mode */
  292. file_header->mode = 07777 & GET_OCTAL(tar.mode);
  293. file_header->name = NULL;
  294. if (!p_longname && parse_names) {
  295. /* we trash mode[0] here, it's ok */
  296. //tar.name[sizeof(tar.name)] = '\0'; - gcc 4.3.0 would complain
  297. tar.mode[0] = '\0';
  298. if (tar.prefix[0]) {
  299. /* and padding[0] */
  300. //tar.prefix[sizeof(tar.prefix)] = '\0'; - gcc 4.3.0 would complain
  301. tar.padding[0] = '\0';
  302. file_header->name = concat_path_file(tar.prefix, tar.name);
  303. } else
  304. file_header->name = xstrdup(tar.name);
  305. }
  306. /* Set bits 12-15 of the files mode */
  307. /* (typeflag was not trashed because chksum does not use getOctal) */
  308. switch (tar.typeflag) {
  309. /* busybox identifies hard links as being regular files with 0 size and a link name */
  310. case '1':
  311. file_header->mode |= S_IFREG;
  312. break;
  313. case '7':
  314. /* case 0: */
  315. case '0':
  316. #if ENABLE_FEATURE_TAR_OLDGNU_COMPATIBILITY
  317. if (last_char_is(file_header->name, '/')) {
  318. goto set_dir;
  319. }
  320. #endif
  321. file_header->mode |= S_IFREG;
  322. break;
  323. case '2':
  324. file_header->mode |= S_IFLNK;
  325. /* have seen tarballs with size field containing
  326. * the size of the link target's name */
  327. size0:
  328. file_header->size = 0;
  329. break;
  330. case '3':
  331. file_header->mode |= S_IFCHR;
  332. goto size0; /* paranoia */
  333. case '4':
  334. file_header->mode |= S_IFBLK;
  335. goto size0;
  336. case '5':
  337. IF_FEATURE_TAR_OLDGNU_COMPATIBILITY(set_dir:)
  338. file_header->mode |= S_IFDIR;
  339. goto size0;
  340. case '6':
  341. file_header->mode |= S_IFIFO;
  342. goto size0;
  343. #if ENABLE_FEATURE_TAR_GNU_EXTENSIONS
  344. case 'L':
  345. /* free: paranoia: tar with several consecutive longnames */
  346. free(p_longname);
  347. /* For paranoia reasons we allocate extra NUL char */
  348. p_longname = xzalloc(file_header->size + 1);
  349. /* We read ASCIZ string, including NUL */
  350. xread(archive_handle->src_fd, p_longname, file_header->size);
  351. archive_handle->offset += file_header->size;
  352. /* return get_header_tar(archive_handle); */
  353. /* gcc 4.1.1 didn't optimize it into jump */
  354. /* so we will do it ourself, this also saves stack */
  355. goto again;
  356. case 'K':
  357. free(p_linkname);
  358. p_linkname = xzalloc(file_header->size + 1);
  359. xread(archive_handle->src_fd, p_linkname, file_header->size);
  360. archive_handle->offset += file_header->size;
  361. /* return get_header_tar(archive_handle); */
  362. goto again;
  363. case 'D': /* GNU dump dir */
  364. case 'M': /* Continuation of multi volume archive */
  365. case 'N': /* Old GNU for names > 100 characters */
  366. case 'S': /* Sparse file */
  367. case 'V': /* Volume header */
  368. #endif
  369. case 'g': /* pax global header */
  370. case 'x': { /* pax extended header */
  371. off_t sz;
  372. bb_error_msg("warning: skipping header '%c'", tar.typeflag);
  373. sz = (file_header->size + 511) & ~(off_t)511;
  374. archive_handle->offset += sz;
  375. sz >>= 9; /* sz /= 512 but w/o contortions for signed div */
  376. while (sz--)
  377. xread(archive_handle->src_fd, &tar, 512);
  378. /* return get_header_tar(archive_handle); */
  379. goto again_after_align;
  380. }
  381. default:
  382. bb_error_msg_and_die("unknown typeflag: 0x%x", tar.typeflag);
  383. }
  384. #if ENABLE_FEATURE_TAR_GNU_EXTENSIONS
  385. if (p_longname) {
  386. file_header->name = p_longname;
  387. p_longname = NULL;
  388. }
  389. if (p_linkname) {
  390. file_header->link_target = p_linkname;
  391. p_linkname = NULL;
  392. }
  393. #endif
  394. if (strncmp(file_header->name, "/../"+1, 3) == 0
  395. || strstr(file_header->name, "/../")
  396. ) {
  397. bb_error_msg_and_die("name with '..' encountered: '%s'",
  398. file_header->name);
  399. }
  400. /* Strip trailing '/' in directories */
  401. /* Must be done after mode is set as '/' is used to check if it's a directory */
  402. cp = last_char_is(file_header->name, '/');
  403. if (archive_handle->filter(archive_handle) == EXIT_SUCCESS) {
  404. archive_handle->action_header(/*archive_handle->*/ file_header);
  405. /* Note that we kill the '/' only after action_header() */
  406. /* (like GNU tar 1.15.1: verbose mode outputs "dir/dir/") */
  407. if (cp) *cp = '\0';
  408. archive_handle->ah_flags |= ARCHIVE_EXTRACT_QUIET;
  409. archive_handle->action_data(archive_handle);
  410. llist_add_to(&(archive_handle->passed), file_header->name);
  411. } else {
  412. data_skip(archive_handle);
  413. free(file_header->name);
  414. }
  415. archive_handle->offset += file_header->size;
  416. free(file_header->link_target);
  417. /* Do not free(file_header->name)! (why?) */
  418. #if ENABLE_FEATURE_TAR_UNAME_GNAME
  419. free(file_header->tar__uname);
  420. free(file_header->tar__gname);
  421. #endif
  422. return EXIT_SUCCESS;
  423. }