1 /* $OpenBSD: tar.c,v 1.63 2016/08/26 04:11:16 guenther Exp $ */ 2 /* $NetBSD: tar.c,v 1.5 1995/03/21 09:07:49 cgd Exp $ */ 3 4 /*- 5 * Copyright (c) 1992 Keith Muller. 6 * Copyright (c) 1992, 1993 7 * The Regents of the University of California. All rights reserved. 8 * 9 * This code is derived from software contributed to Berkeley by 10 * Keith Muller of the University of California, San Diego. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 1. Redistributions of source code must retain the above copyright 16 * notice, this list of conditions and the following disclaimer. 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 3. Neither the name of the University nor the names of its contributors 21 * may be used to endorse or promote products derived from this software 22 * without specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 25 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * SUCH DAMAGE. 35 */ 36 37 #include <sys/types.h> 38 #include <sys/stat.h> 39 #include <ctype.h> 40 #include <errno.h> 41 #include <grp.h> 42 #include <limits.h> 43 #include <pwd.h> 44 #include <stdio.h> 45 #include <stdlib.h> 46 #include <string.h> 47 #include <unistd.h> 48 49 #include "pax.h" 50 #include "extern.h" 51 #include "tar.h" 52 53 /* 54 * Routines for reading, writing and header identify of various versions of tar 55 */ 56 57 static size_t expandname(char *, size_t, char **, const char *, size_t); 58 static u_long tar_chksm(char *, int); 59 static char *name_split(char *, int); 60 static int ul_oct(u_long, char *, int, int); 61 static int ull_oct(unsigned long long, char *, int, int); 62 #ifndef SMALL 63 static int rd_xheader(ARCHD *arcn, int, off_t); 64 #endif 65 66 static uid_t uid_nobody; 67 static uid_t uid_warn; 68 static gid_t gid_nobody; 69 static gid_t gid_warn; 70 71 /* 72 * Routines common to all versions of tar 73 */ 74 75 int tar_nodir; /* do not write dirs under old tar */ 76 char *gnu_name_string; /* GNU ././@LongLink hackery name */ 77 char *gnu_link_string; /* GNU ././@LongLink hackery link */ 78 79 /* 80 * tar_endwr() 81 * add the tar trailer of two null blocks 82 * Return: 83 * 0 if ok, -1 otherwise (what wr_skip returns) 84 */ 85 86 int 87 tar_endwr(void) 88 { 89 return wr_skip(NULLCNT * BLKMULT); 90 } 91 92 /* 93 * tar_endrd() 94 * no cleanup needed here, just return size of trailer (for append) 95 * Return: 96 * size of trailer (2 * BLKMULT) 97 */ 98 99 off_t 100 tar_endrd(void) 101 { 102 return NULLCNT * BLKMULT; 103 } 104 105 /* 106 * tar_trail() 107 * Called to determine if a header block is a valid trailer. We are passed 108 * the block, the in_sync flag (which tells us we are in resync mode; 109 * looking for a valid header), and cnt (which starts at zero) which is 110 * used to count the number of empty blocks we have seen so far. 111 * Return: 112 * 0 if a valid trailer, -1 if not a valid trailer, or 1 if the block 113 * could never contain a header. 114 */ 115 116 int 117 tar_trail(ARCHD *ignore, char *buf, int in_resync, int *cnt) 118 { 119 int i; 120 121 /* 122 * look for all zero, trailer is two consecutive blocks of zero 123 */ 124 for (i = 0; i < BLKMULT; ++i) { 125 if (buf[i] != '\0') 126 break; 127 } 128 129 /* 130 * if not all zero it is not a trailer, but MIGHT be a header. 131 */ 132 if (i != BLKMULT) 133 return(-1); 134 135 /* 136 * When given a zero block, we must be careful! 137 * If we are not in resync mode, check for the trailer. Have to watch 138 * out that we do not mis-identify file data as the trailer, so we do 139 * NOT try to id a trailer during resync mode. During resync mode we 140 * might as well throw this block out since a valid header can NEVER be 141 * a block of all 0 (we must have a valid file name). 142 */ 143 if (!in_resync && (++*cnt >= NULLCNT)) 144 return(0); 145 return(1); 146 } 147 148 /* 149 * ul_oct() 150 * convert an unsigned long to an octal string. many oddball field 151 * termination characters are used by the various versions of tar in the 152 * different fields. term selects which kind to use. str is '0' padded 153 * at the front to len. we are unable to use only one format as many old 154 * tar readers are very cranky about this. 155 * Return: 156 * 0 if the number fit into the string, -1 otherwise 157 */ 158 159 static int 160 ul_oct(u_long val, char *str, int len, int term) 161 { 162 char *pt; 163 164 /* 165 * term selects the appropriate character(s) for the end of the string 166 */ 167 pt = str + len - 1; 168 switch (term) { 169 case 3: 170 *pt-- = '\0'; 171 break; 172 case 2: 173 *pt-- = ' '; 174 *pt-- = '\0'; 175 break; 176 case 1: 177 *pt-- = ' '; 178 break; 179 case 0: 180 default: 181 *pt-- = '\0'; 182 *pt-- = ' '; 183 break; 184 } 185 186 /* 187 * convert and blank pad if there is space 188 */ 189 while (pt >= str) { 190 *pt-- = '0' + (char)(val & 0x7); 191 val >>= 3; 192 if (val == 0) 193 break; 194 } 195 196 while (pt >= str) 197 *pt-- = '0'; 198 if (val != 0) 199 return(-1); 200 return(0); 201 } 202 203 /* 204 * ull_oct() 205 * Convert an unsigned long long to an octal string. One of many oddball 206 * field termination characters are used by the various versions of tar 207 * in the different fields. term selects which kind to use. str is 208 * '0' padded at the front to len. We are unable to use only one format 209 * as many old tar readers are very cranky about this. 210 * Return: 211 * 0 if the number fit into the string, -1 otherwise 212 */ 213 214 static int 215 ull_oct(unsigned long long val, char *str, int len, int term) 216 { 217 char *pt; 218 219 /* 220 * term selects the appropriate character(s) for the end of the string 221 */ 222 pt = str + len - 1; 223 switch (term) { 224 case 3: 225 *pt-- = '\0'; 226 break; 227 case 2: 228 *pt-- = ' '; 229 *pt-- = '\0'; 230 break; 231 case 1: 232 *pt-- = ' '; 233 break; 234 case 0: 235 default: 236 *pt-- = '\0'; 237 *pt-- = ' '; 238 break; 239 } 240 241 /* 242 * convert and blank pad if there is space 243 */ 244 while (pt >= str) { 245 *pt-- = '0' + (char)(val & 0x7); 246 val >>= 3; 247 if (val == 0) 248 break; 249 } 250 251 while (pt >= str) 252 *pt-- = '0'; 253 if (val != 0) 254 return(-1); 255 return(0); 256 } 257 258 /* 259 * tar_chksm() 260 * calculate the checksum for a tar block counting the checksum field as 261 * all blanks (BLNKSUM is that value pre-calculated, the sum of 8 blanks). 262 * NOTE: we use len to short circuit summing 0's on write since we ALWAYS 263 * pad headers with 0. 264 * Return: 265 * unsigned long checksum 266 */ 267 268 static u_long 269 tar_chksm(char *blk, int len) 270 { 271 char *stop; 272 char *pt; 273 u_long chksm = BLNKSUM; /* initial value is checksum field sum */ 274 275 /* 276 * add the part of the block before the checksum field 277 */ 278 pt = blk; 279 stop = blk + CHK_OFFSET; 280 while (pt < stop) 281 chksm += (u_long)(*pt++ & 0xff); 282 /* 283 * move past the checksum field and keep going, spec counts the 284 * checksum field as the sum of 8 blanks (which is pre-computed as 285 * BLNKSUM). 286 * ASSUMED: len is greater than CHK_OFFSET. (len is where our 0 padding 287 * starts, no point in summing zero's) 288 */ 289 pt += CHK_LEN; 290 stop = blk + len; 291 while (pt < stop) 292 chksm += (u_long)(*pt++ & 0xff); 293 return(chksm); 294 } 295 296 /* 297 * Routines for old BSD style tar (also made portable to sysV tar) 298 */ 299 300 /* 301 * tar_id() 302 * determine if a block given to us is a valid tar header (and not a USTAR 303 * header). We have to be on the lookout for those pesky blocks of all 304 * zero's. 305 * Return: 306 * 0 if a tar header, -1 otherwise 307 */ 308 309 int 310 tar_id(char *blk, int size) 311 { 312 HD_TAR *hd; 313 HD_USTAR *uhd; 314 315 if (size < BLKMULT) 316 return(-1); 317 hd = (HD_TAR *)blk; 318 uhd = (HD_USTAR *)blk; 319 320 /* 321 * check for block of zero's first, a simple and fast test, then make 322 * sure this is not a ustar header by looking for the ustar magic 323 * cookie. We should use TMAGLEN, but some USTAR archive programs are 324 * wrong and create archives missing the \0. Last we check the 325 * checksum. If this is ok we have to assume it is a valid header. 326 */ 327 if (hd->name[0] == '\0') 328 return(-1); 329 if (strncmp(uhd->magic, TMAGIC, TMAGLEN - 1) == 0) 330 return(-1); 331 if (asc_ul(hd->chksum,sizeof(hd->chksum),OCT) != tar_chksm(blk,BLKMULT)) 332 return(-1); 333 force_one_volume = 1; 334 return(0); 335 } 336 337 /* 338 * tar_opt() 339 * handle tar format specific -o options 340 * Return: 341 * 0 if ok -1 otherwise 342 */ 343 344 int 345 tar_opt(void) 346 { 347 OPLIST *opt; 348 349 while ((opt = opt_next()) != NULL) { 350 if (strcmp(opt->name, TAR_OPTION) || 351 strcmp(opt->value, TAR_NODIR)) { 352 paxwarn(1, "Unknown tar format -o option/value pair %s=%s", 353 opt->name, opt->value); 354 paxwarn(1,"%s=%s is the only supported tar format option", 355 TAR_OPTION, TAR_NODIR); 356 return(-1); 357 } 358 359 /* 360 * we only support one option, and only when writing 361 */ 362 if ((act != APPND) && (act != ARCHIVE)) { 363 paxwarn(1, "%s=%s is only supported when writing.", 364 opt->name, opt->value); 365 return(-1); 366 } 367 tar_nodir = 1; 368 } 369 return(0); 370 } 371 372 373 /* 374 * tar_rd() 375 * extract the values out of block already determined to be a tar header. 376 * store the values in the ARCHD parameter. 377 * Return: 378 * 0 379 */ 380 381 int 382 tar_rd(ARCHD *arcn, char *buf) 383 { 384 HD_TAR *hd; 385 unsigned long long val; 386 char *pt; 387 388 /* 389 * we only get proper sized buffers passed to us 390 */ 391 if (tar_id(buf, BLKMULT) < 0) 392 return(-1); 393 memset(arcn, 0, sizeof(*arcn)); 394 arcn->org_name = arcn->name; 395 arcn->sb.st_nlink = 1; 396 397 /* 398 * copy out the name and values in the stat buffer 399 */ 400 hd = (HD_TAR *)buf; 401 if (hd->linkflag != LONGLINKTYPE && hd->linkflag != LONGNAMETYPE) { 402 arcn->nlen = expandname(arcn->name, sizeof(arcn->name), 403 &gnu_name_string, hd->name, sizeof(hd->name)); 404 arcn->ln_nlen = expandname(arcn->ln_name, sizeof(arcn->ln_name), 405 &gnu_link_string, hd->linkname, sizeof(hd->linkname)); 406 } 407 arcn->sb.st_mode = (mode_t)(asc_ul(hd->mode,sizeof(hd->mode),OCT) & 408 0xfff); 409 arcn->sb.st_uid = (uid_t)asc_ul(hd->uid, sizeof(hd->uid), OCT); 410 arcn->sb.st_gid = (gid_t)asc_ul(hd->gid, sizeof(hd->gid), OCT); 411 arcn->sb.st_size = (off_t)asc_ull(hd->size, sizeof(hd->size), OCT); 412 val = asc_ull(hd->mtime, sizeof(hd->mtime), OCT); 413 if ((time_t)val < 0 || (time_t)val != val) 414 arcn->sb.st_mtime = INT_MAX; /* XXX 2038 */ 415 else 416 arcn->sb.st_mtime = val; 417 arcn->sb.st_ctime = arcn->sb.st_atime = arcn->sb.st_mtime; 418 419 /* 420 * have to look at the last character, it may be a '/' and that is used 421 * to encode this as a directory 422 */ 423 pt = &(arcn->name[arcn->nlen - 1]); 424 arcn->pad = 0; 425 arcn->skip = 0; 426 switch (hd->linkflag) { 427 case SYMTYPE: 428 /* 429 * symbolic link, need to get the link name and set the type in 430 * the st_mode so -v printing will look correct. 431 */ 432 arcn->type = PAX_SLK; 433 arcn->sb.st_mode |= S_IFLNK; 434 break; 435 case LNKTYPE: 436 /* 437 * hard link, need to get the link name, set the type in the 438 * st_mode and st_nlink so -v printing will look better. 439 */ 440 arcn->type = PAX_HLK; 441 arcn->sb.st_nlink = 2; 442 443 /* 444 * no idea of what type this thing really points at, but 445 * we set something for printing only. 446 */ 447 arcn->sb.st_mode |= S_IFREG; 448 break; 449 case LONGLINKTYPE: 450 case LONGNAMETYPE: 451 /* 452 * GNU long link/file; we tag these here and let the 453 * pax internals deal with it -- too ugly otherwise. 454 */ 455 arcn->type = 456 hd->linkflag == LONGLINKTYPE ? PAX_GLL : PAX_GLF; 457 arcn->pad = TAR_PAD(arcn->sb.st_size); 458 arcn->skip = arcn->sb.st_size; 459 break; 460 case DIRTYPE: 461 /* 462 * It is a directory, set the mode for -v printing 463 */ 464 arcn->type = PAX_DIR; 465 arcn->sb.st_mode |= S_IFDIR; 466 arcn->sb.st_nlink = 2; 467 break; 468 case AREGTYPE: 469 case REGTYPE: 470 default: 471 /* 472 * If we have a trailing / this is a directory and NOT a file. 473 */ 474 arcn->ln_name[0] = '\0'; 475 arcn->ln_nlen = 0; 476 if (*pt == '/') { 477 /* 478 * it is a directory, set the mode for -v printing 479 */ 480 arcn->type = PAX_DIR; 481 arcn->sb.st_mode |= S_IFDIR; 482 arcn->sb.st_nlink = 2; 483 } else { 484 /* 485 * have a file that will be followed by data. Set the 486 * skip value to the size field and calculate the size 487 * of the padding. 488 */ 489 arcn->type = PAX_REG; 490 arcn->sb.st_mode |= S_IFREG; 491 arcn->pad = TAR_PAD(arcn->sb.st_size); 492 arcn->skip = arcn->sb.st_size; 493 } 494 break; 495 } 496 497 /* 498 * strip off any trailing slash. 499 */ 500 if (*pt == '/') { 501 *pt = '\0'; 502 --arcn->nlen; 503 } 504 return(0); 505 } 506 507 /* 508 * tar_wr() 509 * write a tar header for the file specified in the ARCHD to the archive. 510 * Have to check for file types that cannot be stored and file names that 511 * are too long. Be careful of the term (last arg) to ul_oct, each field 512 * of tar has it own spec for the termination character(s). 513 * ASSUMED: space after header in header block is zero filled 514 * Return: 515 * 0 if file has data to be written after the header, 1 if file has NO 516 * data to write after the header, -1 if archive write failed 517 */ 518 519 int 520 tar_wr(ARCHD *arcn) 521 { 522 HD_TAR *hd; 523 int len; 524 char hdblk[sizeof(HD_TAR)]; 525 526 /* 527 * check for those file system types which tar cannot store 528 */ 529 switch (arcn->type) { 530 case PAX_DIR: 531 /* 532 * user asked that dirs not be written to the archive 533 */ 534 if (tar_nodir) 535 return(1); 536 break; 537 case PAX_CHR: 538 paxwarn(1, "Tar cannot archive a character device %s", 539 arcn->org_name); 540 return(1); 541 case PAX_BLK: 542 paxwarn(1, "Tar cannot archive a block device %s", arcn->org_name); 543 return(1); 544 case PAX_SCK: 545 paxwarn(1, "Tar cannot archive a socket %s", arcn->org_name); 546 return(1); 547 case PAX_FIF: 548 paxwarn(1, "Tar cannot archive a fifo %s", arcn->org_name); 549 return(1); 550 case PAX_SLK: 551 case PAX_HLK: 552 case PAX_HRG: 553 if (arcn->ln_nlen > sizeof(hd->linkname)) { 554 paxwarn(1, "Link name too long for tar %s", 555 arcn->ln_name); 556 return(1); 557 } 558 break; 559 case PAX_REG: 560 case PAX_CTG: 561 default: 562 break; 563 } 564 565 /* 566 * check file name len, remember extra char for dirs (the / at the end) 567 */ 568 len = arcn->nlen; 569 if (arcn->type == PAX_DIR) 570 ++len; 571 if (len > sizeof(hd->name)) { 572 paxwarn(1, "File name too long for tar %s", arcn->name); 573 return(1); 574 } 575 576 /* 577 * Copy the data out of the ARCHD into the tar header based on the type 578 * of the file. Remember, many tar readers want all fields to be 579 * padded with zero so we zero the header first. We then set the 580 * linkflag field (type), the linkname, the size, and set the padding 581 * (if any) to be added after the file data (0 for all other types, 582 * as they only have a header). 583 */ 584 memset(hdblk, 0, sizeof(hdblk)); 585 hd = (HD_TAR *)hdblk; 586 fieldcpy(hd->name, sizeof(hd->name), arcn->name, sizeof(arcn->name)); 587 arcn->pad = 0; 588 589 if (arcn->type == PAX_DIR) { 590 /* 591 * directories are the same as files, except have a filename 592 * that ends with a /, we add the slash here. No data follows 593 * dirs, so no pad. 594 */ 595 hd->linkflag = AREGTYPE; 596 hd->name[len-1] = '/'; 597 if (ul_oct(0, hd->size, sizeof(hd->size), 1)) 598 goto out; 599 } else if (arcn->type == PAX_SLK) { 600 /* 601 * no data follows this file, so no pad 602 */ 603 hd->linkflag = SYMTYPE; 604 fieldcpy(hd->linkname, sizeof(hd->linkname), arcn->ln_name, 605 sizeof(arcn->ln_name)); 606 if (ul_oct(0, hd->size, sizeof(hd->size), 1)) 607 goto out; 608 } else if (PAX_IS_HARDLINK(arcn->type)) { 609 /* 610 * no data follows this file, so no pad 611 */ 612 hd->linkflag = LNKTYPE; 613 fieldcpy(hd->linkname, sizeof(hd->linkname), arcn->ln_name, 614 sizeof(arcn->ln_name)); 615 if (ul_oct(0, hd->size, sizeof(hd->size), 1)) 616 goto out; 617 } else { 618 /* 619 * data follows this file, so set the pad 620 */ 621 hd->linkflag = AREGTYPE; 622 if (ull_oct(arcn->sb.st_size, hd->size, sizeof(hd->size), 1)) { 623 paxwarn(1, "File is too large for tar %s", 624 arcn->org_name); 625 return(1); 626 } 627 arcn->pad = TAR_PAD(arcn->sb.st_size); 628 } 629 630 /* 631 * copy those fields that are independent of the type 632 */ 633 if (ul_oct(arcn->sb.st_mode, hd->mode, sizeof(hd->mode), 0) || 634 ull_oct(arcn->sb.st_mtime < 0 ? 0 : arcn->sb.st_mtime, hd->mtime, 635 sizeof(hd->mtime), 1) || 636 ul_oct(arcn->sb.st_uid, hd->uid, sizeof(hd->uid), 0) || 637 ul_oct(arcn->sb.st_gid, hd->gid, sizeof(hd->gid), 0)) 638 goto out; 639 640 /* 641 * calculate and add the checksum, then write the header. A return of 642 * 0 tells the caller to now write the file data, 1 says no data needs 643 * to be written 644 */ 645 if (ul_oct(tar_chksm(hdblk, sizeof(HD_TAR)), hd->chksum, 646 sizeof(hd->chksum), 3)) 647 goto out; 648 if (wr_rdbuf(hdblk, sizeof(HD_TAR)) < 0) 649 return(-1); 650 if (wr_skip(BLKMULT - sizeof(HD_TAR)) < 0) 651 return(-1); 652 if (PAX_IS_REG(arcn->type)) 653 return(0); 654 return(1); 655 656 out: 657 /* 658 * header field is out of range 659 */ 660 paxwarn(1, "Tar header field is too small for %s", arcn->org_name); 661 return(1); 662 } 663 664 /* 665 * Routines for POSIX ustar 666 */ 667 668 /* 669 * ustar_strd() 670 * initialization for ustar read 671 * Return: 672 * 0 if ok, -1 otherwise 673 */ 674 675 int 676 ustar_strd(void) 677 { 678 if ((usrtb_start() < 0) || (grptb_start() < 0)) 679 return(-1); 680 return(0); 681 } 682 683 /* 684 * ustar_id() 685 * determine if a block given to us is a valid ustar header. We have to 686 * be on the lookout for those pesky blocks of all zero's 687 * Return: 688 * 0 if a ustar header, -1 otherwise 689 */ 690 691 int 692 ustar_id(char *blk, int size) 693 { 694 HD_USTAR *hd; 695 696 if (size < BLKMULT) 697 return(-1); 698 hd = (HD_USTAR *)blk; 699 700 /* 701 * check for block of zero's first, a simple and fast test then check 702 * ustar magic cookie. We should use TMAGLEN, but some USTAR archive 703 * programs are fouled up and create archives missing the \0. Last we 704 * check the checksum. If ok we have to assume it is a valid header. 705 */ 706 if (hd->prefix[0] == '\0' && hd->name[0] == '\0') 707 return(-1); 708 if (strncmp(hd->magic, TMAGIC, TMAGLEN - 1) != 0) 709 return(-1); 710 if (asc_ul(hd->chksum,sizeof(hd->chksum),OCT) != tar_chksm(blk,BLKMULT)) 711 return(-1); 712 return(0); 713 } 714 715 /* 716 * ustar_rd() 717 * extract the values out of block already determined to be a ustar header. 718 * store the values in the ARCHD parameter. 719 * Return: 720 * 0 721 */ 722 723 int 724 ustar_rd(ARCHD *arcn, char *buf) 725 { 726 HD_USTAR *hd = (HD_USTAR *)buf; 727 char *dest; 728 int cnt = 0; 729 dev_t devmajor; 730 dev_t devminor; 731 unsigned long long val; 732 733 /* 734 * we only get proper sized buffers 735 */ 736 if (ustar_id(buf, BLKMULT) < 0) 737 return(-1); 738 739 #ifndef SMALL 740 reset: 741 #endif 742 memset(arcn, 0, sizeof(*arcn)); 743 arcn->org_name = arcn->name; 744 arcn->sb.st_nlink = 1; 745 746 #ifndef SMALL 747 /* Process Extended headers. */ 748 if (hd->typeflag == XHDRTYPE || hd->typeflag == GHDRTYPE) { 749 if (rd_xheader(arcn, hd->typeflag == GHDRTYPE, 750 (off_t)asc_ul(hd->size, sizeof(hd->size), OCT)) < 0) 751 return (-1); 752 753 /* Update and check the ustar header. */ 754 if (rd_wrbuf(buf, BLKMULT) != BLKMULT) 755 return (-1); 756 if (ustar_id(buf, BLKMULT) < 0) 757 return(-1); 758 759 /* if the next block is another extension, reset the values */ 760 if (hd->typeflag == XHDRTYPE || hd->typeflag == GHDRTYPE) 761 goto reset; 762 } 763 #endif 764 765 if (!arcn->nlen) { 766 /* 767 * See if the filename is split into two parts. if, so join 768 * the parts. We copy the prefix first and add a / between 769 * the prefix and name. 770 */ 771 dest = arcn->name; 772 if (*(hd->prefix) != '\0') { 773 cnt = fieldcpy(dest, sizeof(arcn->name) - 1, 774 hd->prefix, sizeof(hd->prefix)); 775 dest += cnt; 776 *dest++ = '/'; 777 cnt++; 778 } else 779 cnt = 0; 780 781 if (hd->typeflag != LONGLINKTYPE && 782 hd->typeflag != LONGNAMETYPE) { 783 arcn->nlen = cnt + expandname(dest, 784 sizeof(arcn->name) - cnt, &gnu_name_string, 785 hd->name, sizeof(hd->name)); 786 } 787 } 788 789 if (!arcn->ln_nlen && 790 hd->typeflag != LONGLINKTYPE && hd->typeflag != LONGNAMETYPE) { 791 arcn->ln_nlen = expandname(arcn->ln_name, sizeof(arcn->ln_name), 792 &gnu_link_string, hd->linkname, sizeof(hd->linkname)); 793 } 794 795 /* 796 * follow the spec to the letter. we should only have mode bits, strip 797 * off all other crud we may be passed. 798 */ 799 arcn->sb.st_mode = (mode_t)(asc_ul(hd->mode, sizeof(hd->mode), OCT) & 800 0xfff); 801 arcn->sb.st_size = (off_t)asc_ull(hd->size, sizeof(hd->size), OCT); 802 val = asc_ull(hd->mtime, sizeof(hd->mtime), OCT); 803 if ((time_t)val < 0 || (time_t)val != val) 804 arcn->sb.st_mtime = INT_MAX; /* XXX 2038 */ 805 else 806 arcn->sb.st_mtime = val; 807 arcn->sb.st_ctime = arcn->sb.st_atime = arcn->sb.st_mtime; 808 809 /* 810 * If we can find the ascii names for gname and uname in the password 811 * and group files we will use the uid's and gid they bind. Otherwise 812 * we use the uid and gid values stored in the header. (This is what 813 * the posix spec wants). 814 */ 815 hd->gname[sizeof(hd->gname) - 1] = '\0'; 816 if (Nflag || gid_name(hd->gname, &(arcn->sb.st_gid)) < 0) 817 arcn->sb.st_gid = (gid_t)asc_ul(hd->gid, sizeof(hd->gid), OCT); 818 hd->uname[sizeof(hd->uname) - 1] = '\0'; 819 if (Nflag || uid_name(hd->uname, &(arcn->sb.st_uid)) < 0) 820 arcn->sb.st_uid = (uid_t)asc_ul(hd->uid, sizeof(hd->uid), OCT); 821 822 /* 823 * set the defaults, these may be changed depending on the file type 824 */ 825 arcn->pad = 0; 826 arcn->skip = 0; 827 arcn->sb.st_rdev = (dev_t)0; 828 829 /* 830 * set the mode and PAX type according to the typeflag in the header 831 */ 832 switch (hd->typeflag) { 833 case FIFOTYPE: 834 arcn->type = PAX_FIF; 835 arcn->sb.st_mode |= S_IFIFO; 836 break; 837 case DIRTYPE: 838 arcn->type = PAX_DIR; 839 arcn->sb.st_mode |= S_IFDIR; 840 arcn->sb.st_nlink = 2; 841 842 /* 843 * Some programs that create ustar archives append a '/' 844 * to the pathname for directories. This clearly violates 845 * ustar specs, but we will silently strip it off anyway. 846 */ 847 if (arcn->name[arcn->nlen - 1] == '/') 848 arcn->name[--arcn->nlen] = '\0'; 849 break; 850 case BLKTYPE: 851 case CHRTYPE: 852 /* 853 * this type requires the rdev field to be set. 854 */ 855 if (hd->typeflag == BLKTYPE) { 856 arcn->type = PAX_BLK; 857 arcn->sb.st_mode |= S_IFBLK; 858 } else { 859 arcn->type = PAX_CHR; 860 arcn->sb.st_mode |= S_IFCHR; 861 } 862 devmajor = (dev_t)asc_ul(hd->devmajor,sizeof(hd->devmajor),OCT); 863 devminor = (dev_t)asc_ul(hd->devminor,sizeof(hd->devminor),OCT); 864 arcn->sb.st_rdev = TODEV(devmajor, devminor); 865 break; 866 case SYMTYPE: 867 case LNKTYPE: 868 if (hd->typeflag == SYMTYPE) { 869 arcn->type = PAX_SLK; 870 arcn->sb.st_mode |= S_IFLNK; 871 } else { 872 arcn->type = PAX_HLK; 873 /* 874 * so printing looks better 875 */ 876 arcn->sb.st_mode |= S_IFREG; 877 arcn->sb.st_nlink = 2; 878 } 879 break; 880 case LONGLINKTYPE: 881 case LONGNAMETYPE: 882 /* 883 * GNU long link/file; we tag these here and let the 884 * pax internals deal with it -- too ugly otherwise. 885 */ 886 arcn->type = 887 hd->typeflag == LONGLINKTYPE ? PAX_GLL : PAX_GLF; 888 arcn->pad = TAR_PAD(arcn->sb.st_size); 889 arcn->skip = arcn->sb.st_size; 890 break; 891 case CONTTYPE: 892 case AREGTYPE: 893 case REGTYPE: 894 default: 895 /* 896 * these types have file data that follows. Set the skip and 897 * pad fields. 898 */ 899 arcn->type = PAX_REG; 900 arcn->pad = TAR_PAD(arcn->sb.st_size); 901 arcn->skip = arcn->sb.st_size; 902 arcn->sb.st_mode |= S_IFREG; 903 break; 904 } 905 return(0); 906 } 907 908 /* 909 * ustar_wr() 910 * write a ustar header for the file specified in the ARCHD to the archive 911 * Have to check for file types that cannot be stored and file names that 912 * are too long. Be careful of the term (last arg) to ul_oct, we only use 913 * '\0' for the termination character (this is different than picky tar) 914 * ASSUMED: space after header in header block is zero filled 915 * Return: 916 * 0 if file has data to be written after the header, 1 if file has NO 917 * data to write after the header, -1 if archive write failed 918 */ 919 920 int 921 ustar_wr(ARCHD *arcn) 922 { 923 HD_USTAR *hd; 924 char *pt, *name; 925 char hdblk[sizeof(HD_USTAR)]; 926 927 /* 928 * check for those file system types ustar cannot store 929 */ 930 if (arcn->type == PAX_SCK) { 931 paxwarn(1, "Ustar cannot archive a socket %s", arcn->org_name); 932 return(1); 933 } 934 935 /* 936 * user asked that dirs not be written to the archive 937 */ 938 if (arcn->type == PAX_DIR && tar_nodir) 939 return (1); 940 941 /* 942 * check the length of the linkname 943 */ 944 if (PAX_IS_LINK(arcn->type) && (arcn->ln_nlen > sizeof(hd->linkname))) { 945 paxwarn(1, "Link name too long for ustar %s", arcn->ln_name); 946 return(1); 947 } 948 949 /* 950 * split the path name into prefix and name fields (if needed). if 951 * pt != arcn->name, the name has to be split 952 */ 953 if ((pt = name_split(arcn->name, arcn->nlen)) == NULL) { 954 paxwarn(1, "File name too long for ustar %s", arcn->name); 955 return(1); 956 } 957 958 /* 959 * zero out the header so we don't have to worry about zero fill below 960 */ 961 memset(hdblk, 0, sizeof(hdblk)); 962 hd = (HD_USTAR *)hdblk; 963 arcn->pad = 0; 964 965 /* 966 * split the name, or zero out the prefix 967 */ 968 if (pt != arcn->name) { 969 /* 970 * name was split, pt points at the / where the split is to 971 * occur, we remove the / and copy the first part to the prefix 972 */ 973 *pt = '\0'; 974 fieldcpy(hd->prefix, sizeof(hd->prefix), arcn->name, 975 sizeof(arcn->name)); 976 *pt++ = '/'; 977 } 978 979 /* 980 * copy the name part. this may be the whole path or the part after 981 * the prefix 982 */ 983 fieldcpy(hd->name, sizeof(hd->name), pt, 984 sizeof(arcn->name) - (pt - arcn->name)); 985 986 /* 987 * set the fields in the header that are type dependent 988 */ 989 switch (arcn->type) { 990 case PAX_DIR: 991 hd->typeflag = DIRTYPE; 992 if (ul_oct(0, hd->size, sizeof(hd->size), 3)) 993 goto out; 994 break; 995 case PAX_CHR: 996 case PAX_BLK: 997 if (arcn->type == PAX_CHR) 998 hd->typeflag = CHRTYPE; 999 else 1000 hd->typeflag = BLKTYPE; 1001 if (ul_oct(MAJOR(arcn->sb.st_rdev), hd->devmajor, 1002 sizeof(hd->devmajor), 3) || 1003 ul_oct(MINOR(arcn->sb.st_rdev), hd->devminor, 1004 sizeof(hd->devminor), 3) || 1005 ul_oct(0, hd->size, sizeof(hd->size), 3)) 1006 goto out; 1007 break; 1008 case PAX_FIF: 1009 hd->typeflag = FIFOTYPE; 1010 if (ul_oct(0, hd->size, sizeof(hd->size), 3)) 1011 goto out; 1012 break; 1013 case PAX_SLK: 1014 case PAX_HLK: 1015 case PAX_HRG: 1016 if (arcn->type == PAX_SLK) 1017 hd->typeflag = SYMTYPE; 1018 else 1019 hd->typeflag = LNKTYPE; 1020 fieldcpy(hd->linkname, sizeof(hd->linkname), arcn->ln_name, 1021 sizeof(arcn->ln_name)); 1022 if (ul_oct(0, hd->size, sizeof(hd->size), 3)) 1023 goto out; 1024 break; 1025 case PAX_REG: 1026 case PAX_CTG: 1027 default: 1028 /* 1029 * file data with this type, set the padding 1030 */ 1031 if (arcn->type == PAX_CTG) 1032 hd->typeflag = CONTTYPE; 1033 else 1034 hd->typeflag = REGTYPE; 1035 arcn->pad = TAR_PAD(arcn->sb.st_size); 1036 if (ull_oct(arcn->sb.st_size, hd->size, sizeof(hd->size), 3)) { 1037 paxwarn(1, "File is too long for ustar %s", 1038 arcn->org_name); 1039 return(1); 1040 } 1041 break; 1042 } 1043 1044 strncpy(hd->magic, TMAGIC, TMAGLEN); 1045 strncpy(hd->version, TVERSION, TVERSLEN); 1046 1047 /* 1048 * set the remaining fields. Some versions want all 16 bits of mode 1049 * we better humor them (they really do not meet spec though).... 1050 */ 1051 if (ul_oct(arcn->sb.st_uid, hd->uid, sizeof(hd->uid), 3)) { 1052 if (uid_nobody == 0) { 1053 if (uid_name("nobody", &uid_nobody) == -1) 1054 goto out; 1055 } 1056 if (uid_warn != arcn->sb.st_uid) { 1057 uid_warn = arcn->sb.st_uid; 1058 paxwarn(1, 1059 "Ustar header field is too small for uid %lu, " 1060 "using nobody", (u_long)arcn->sb.st_uid); 1061 } 1062 if (ul_oct(uid_nobody, hd->uid, sizeof(hd->uid), 3)) 1063 goto out; 1064 } 1065 if (ul_oct(arcn->sb.st_gid, hd->gid, sizeof(hd->gid), 3)) { 1066 if (gid_nobody == 0) { 1067 if (gid_name("nobody", &gid_nobody) == -1) 1068 goto out; 1069 } 1070 if (gid_warn != arcn->sb.st_gid) { 1071 gid_warn = arcn->sb.st_gid; 1072 paxwarn(1, 1073 "Ustar header field is too small for gid %lu, " 1074 "using nobody", (u_long)arcn->sb.st_gid); 1075 } 1076 if (ul_oct(gid_nobody, hd->gid, sizeof(hd->gid), 3)) 1077 goto out; 1078 } 1079 if (ull_oct(arcn->sb.st_mtime < 0 ? 0 : arcn->sb.st_mtime, hd->mtime, 1080 sizeof(hd->mtime), 3) || 1081 ul_oct(arcn->sb.st_mode, hd->mode, sizeof(hd->mode), 3)) 1082 goto out; 1083 if (!Nflag) { 1084 if ((name = user_from_uid(arcn->sb.st_uid, 1)) != NULL) 1085 strncpy(hd->uname, name, sizeof(hd->uname)); 1086 if ((name = group_from_gid(arcn->sb.st_gid, 1)) != NULL) 1087 strncpy(hd->gname, name, sizeof(hd->gname)); 1088 } 1089 1090 /* 1091 * calculate and store the checksum write the header to the archive 1092 * return 0 tells the caller to now write the file data, 1 says no data 1093 * needs to be written 1094 */ 1095 if (ul_oct(tar_chksm(hdblk, sizeof(HD_USTAR)), hd->chksum, 1096 sizeof(hd->chksum), 3)) 1097 goto out; 1098 if (wr_rdbuf(hdblk, sizeof(HD_USTAR)) < 0) 1099 return(-1); 1100 if (wr_skip(BLKMULT - sizeof(HD_USTAR)) < 0) 1101 return(-1); 1102 if (PAX_IS_REG(arcn->type)) 1103 return(0); 1104 return(1); 1105 1106 out: 1107 /* 1108 * header field is out of range 1109 */ 1110 paxwarn(1, "Ustar header field is too small for %s", arcn->org_name); 1111 return(1); 1112 } 1113 1114 /* 1115 * name_split() 1116 * see if the name has to be split for storage in a ustar header. We try 1117 * to fit the entire name in the name field without splitting if we can. 1118 * The split point is always at a / 1119 * Return 1120 * character pointer to split point (always the / that is to be removed 1121 * if the split is not needed, the points is set to the start of the file 1122 * name (it would violate the spec to split there). A NULL is returned if 1123 * the file name is too long 1124 */ 1125 1126 static char * 1127 name_split(char *name, int len) 1128 { 1129 char *start; 1130 1131 /* 1132 * check to see if the file name is small enough to fit in the name 1133 * field. if so just return a pointer to the name. 1134 * The strings can fill the complete name and prefix fields 1135 * without a NUL terminator. 1136 */ 1137 if (len <= TNMSZ) 1138 return(name); 1139 if (len > (TPFSZ + TNMSZ + 1)) 1140 return(NULL); 1141 1142 /* 1143 * we start looking at the biggest sized piece that fits in the name 1144 * field. We walk forward looking for a slash to split at. The idea is 1145 * to find the biggest piece to fit in the name field (or the smallest 1146 * prefix we can find) (the -1 is correct the biggest piece would 1147 * include the slash between the two parts that gets thrown away) 1148 */ 1149 start = name + len - TNMSZ - 1; 1150 1151 /* 1152 * the prefix may not be empty, so skip the first character when 1153 * trying to split a path of exactly TNMSZ+1 characters. 1154 * NOTE: This means the ustar format can't store /str if 1155 * str contains no slashes and the length of str == TNMSZ 1156 */ 1157 if (start == name) 1158 ++start; 1159 1160 while ((*start != '\0') && (*start != '/')) 1161 ++start; 1162 1163 /* 1164 * if we hit the end of the string, this name cannot be split, so we 1165 * cannot store this file. 1166 */ 1167 if (*start == '\0') 1168 return(NULL); 1169 1170 /* 1171 * the split point isn't valid if it results in a prefix 1172 * longer than TPFSZ 1173 */ 1174 if ((start - name) > TPFSZ) 1175 return(NULL); 1176 1177 /* 1178 * ok have a split point, return it to the caller 1179 */ 1180 return(start); 1181 } 1182 1183 static size_t 1184 expandname(char *buf, size_t len, char **gnu_name, const char *name, 1185 size_t limit) 1186 { 1187 size_t nlen; 1188 1189 if (*gnu_name) { 1190 /* *gnu_name is NUL terminated */ 1191 if ((nlen = strlcpy(buf, *gnu_name, len)) >= len) 1192 nlen = len - 1; 1193 free(*gnu_name); 1194 *gnu_name = NULL; 1195 } else 1196 nlen = fieldcpy(buf, len, name, limit); 1197 return(nlen); 1198 } 1199 1200 #ifndef SMALL 1201 1202 /* shortest possible extended record: "5 a=\n" */ 1203 #define MINXHDRSZ 5 1204 1205 /* longest record we'll accept */ 1206 #define MAXXHDRSZ BLKMULT 1207 1208 static int 1209 rd_xheader(ARCHD *arcn, int global, off_t size) 1210 { 1211 char buf[MAXXHDRSZ]; 1212 unsigned long len; 1213 char *delim, *keyword; 1214 char *nextp, *p, *end; 1215 int pad, ret = 0; 1216 1217 /* before we alter size, make note of how much we have to skip */ 1218 pad = TAR_PAD((unsigned)size); 1219 1220 p = end = buf; 1221 while (size > 0 || p < end) { 1222 if (size > 0) { 1223 int rdlen; 1224 1225 /* shift stuff down */ 1226 if (p > buf) { 1227 memmove(buf, p, end - p); 1228 end -= p - buf; 1229 p = buf; 1230 } 1231 1232 /* fill starting at end */ 1233 rdlen = MINIMUM(size, (buf + sizeof buf) - end); 1234 if (rd_wrbuf(end, rdlen) != rdlen) { 1235 ret = -1; 1236 break; 1237 } 1238 size -= rdlen; 1239 end += rdlen; 1240 } 1241 1242 /* [p, end) is good */ 1243 if (memchr(p, ' ', end - p) == NULL || 1244 !isdigit((unsigned char)*p)) { 1245 paxwarn(1, "Invalid extended header record"); 1246 ret = -1; 1247 break; 1248 } 1249 errno = 0; 1250 len = strtoul(p, &delim, 10); 1251 if (*delim != ' ' || (errno == ERANGE && len == ULONG_MAX) || 1252 len < MINXHDRSZ) { 1253 paxwarn(1, "Invalid extended header record length"); 1254 ret = -1; 1255 break; 1256 } 1257 if (len > end - p) { 1258 paxwarn(1, "Extended header record length %lu is " 1259 "out of range", len); 1260 /* if we can just toss this record, do so */ 1261 len -= end - p; 1262 if (len <= size && rd_skip(len) == 0) { 1263 size -= len; 1264 p = end = buf; 1265 continue; 1266 } 1267 ret = -1; 1268 break; 1269 } 1270 nextp = p + len; 1271 keyword = p = delim + 1; 1272 p = memchr(p, '=', len); 1273 if (!p || nextp[-1] != '\n') { 1274 paxwarn(1, "Malformed extended header record"); 1275 ret = -1; 1276 break; 1277 } 1278 *p++ = nextp[-1] = '\0'; 1279 if (!global) { 1280 if (!strcmp(keyword, "path")) { 1281 arcn->nlen = strlcpy(arcn->name, p, 1282 sizeof(arcn->name)); 1283 } else if (!strcmp(keyword, "linkpath")) { 1284 arcn->ln_nlen = strlcpy(arcn->ln_name, p, 1285 sizeof(arcn->ln_name)); 1286 } 1287 } 1288 p = nextp; 1289 } 1290 1291 if (rd_skip(size + pad) < 0) 1292 return (-1); 1293 return (ret); 1294 } 1295 #endif 1296