diff options
| author | Ron Yorston <rmy@pobox.com> | 2017-07-29 09:55:08 +0100 |
|---|---|---|
| committer | Ron Yorston <rmy@pobox.com> | 2017-07-29 09:55:08 +0100 |
| commit | 86d60bb0ceb277e500a8daabd995bc713bbdadc9 (patch) | |
| tree | 3e439f92d5a3fec2546d526579cc85e98f066e40 /archival/tar.c | |
| parent | b30c60a9786a1608211a96755996bd6c02951a27 (diff) | |
| parent | 69be994de69d794f038f10a3e7a67519b2006581 (diff) | |
| download | busybox-w32-86d60bb0ceb277e500a8daabd995bc713bbdadc9.tar.gz busybox-w32-86d60bb0ceb277e500a8daabd995bc713bbdadc9.tar.bz2 busybox-w32-86d60bb0ceb277e500a8daabd995bc713bbdadc9.zip | |
Merge branch 'busybox' into merge
Diffstat (limited to 'archival/tar.c')
| -rw-r--r-- | archival/tar.c | 37 |
1 files changed, 19 insertions, 18 deletions
diff --git a/archival/tar.c b/archival/tar.c index 4d1db4934..d90a5dc4f 100644 --- a/archival/tar.c +++ b/archival/tar.c | |||
| @@ -22,24 +22,6 @@ | |||
| 22 | * | 22 | * |
| 23 | * Licensed under GPLv2 or later, see file LICENSE in this source tree. | 23 | * Licensed under GPLv2 or later, see file LICENSE in this source tree. |
| 24 | */ | 24 | */ |
| 25 | /* TODO: security with -C DESTDIR option can be enhanced. | ||
| 26 | * Consider tar file created via: | ||
| 27 | * $ tar cvf bug.tar anything.txt | ||
| 28 | * $ ln -s /tmp symlink | ||
| 29 | * $ tar --append -f bug.tar symlink | ||
| 30 | * $ rm symlink | ||
| 31 | * $ mkdir symlink | ||
| 32 | * $ tar --append -f bug.tar symlink/evil.py | ||
| 33 | * | ||
| 34 | * This will result in an archive which contains: | ||
| 35 | * $ tar --list -f bug.tar | ||
| 36 | * anything.txt | ||
| 37 | * symlink | ||
| 38 | * symlink/evil.py | ||
| 39 | * | ||
| 40 | * Untarring it puts evil.py in '/tmp' even if the -C DESTDIR is given. | ||
| 41 | * This doesn't feel right, and IIRC GNU tar doesn't do that. | ||
| 42 | */ | ||
| 43 | 25 | ||
| 44 | //config:config TAR | 26 | //config:config TAR |
| 45 | //config: bool "tar (40 kb)" | 27 | //config: bool "tar (40 kb)" |
| @@ -296,6 +278,23 @@ static void chksum_and_xwrite(int fd, struct tar_header_t* hp) | |||
| 296 | xwrite(fd, hp, sizeof(*hp)); | 278 | xwrite(fd, hp, sizeof(*hp)); |
| 297 | } | 279 | } |
| 298 | 280 | ||
| 281 | static void replace_symlink_placeholders(llist_t *list) | ||
| 282 | { | ||
| 283 | while (list) { | ||
| 284 | char *target; | ||
| 285 | |||
| 286 | target = list->data + strlen(list->data) + 1; | ||
| 287 | if (symlink(target, list->data)) { | ||
| 288 | /* shared message */ | ||
| 289 | bb_error_msg_and_die("can't create %slink '%s' to '%s'", | ||
| 290 | "sym", | ||
| 291 | list->data, target | ||
| 292 | ); | ||
| 293 | } | ||
| 294 | list = list->link; | ||
| 295 | } | ||
| 296 | } | ||
| 297 | |||
| 299 | #if ENABLE_FEATURE_TAR_GNU_EXTENSIONS | 298 | #if ENABLE_FEATURE_TAR_GNU_EXTENSIONS |
| 300 | static void writeLongname(int fd, int type, const char *name, int dir) | 299 | static void writeLongname(int fd, int type, const char *name, int dir) |
| 301 | { | 300 | { |
| @@ -1281,6 +1280,8 @@ int tar_main(int argc UNUSED_PARAM, char **argv) | |||
| 1281 | while (get_header_tar(tar_handle) == EXIT_SUCCESS) | 1280 | while (get_header_tar(tar_handle) == EXIT_SUCCESS) |
| 1282 | bb_got_signal = EXIT_SUCCESS; /* saw at least one header, good */ | 1281 | bb_got_signal = EXIT_SUCCESS; /* saw at least one header, good */ |
| 1283 | 1282 | ||
| 1283 | replace_symlink_placeholders(tar_handle->symlink_placeholders); | ||
| 1284 | |||
| 1284 | /* Check that every file that should have been extracted was */ | 1285 | /* Check that every file that should have been extracted was */ |
| 1285 | while (tar_handle->accept) { | 1286 | while (tar_handle->accept) { |
| 1286 | if (!find_list_entry(tar_handle->reject, tar_handle->accept->data) | 1287 | if (!find_list_entry(tar_handle->reject, tar_handle->accept->data) |