Merge from vendor branch BSDTAR:
[dragonfly.git] / contrib / bsdtar / read.c
1 /*-
2  * Copyright (c) 2003-2004 Tim Kientzle
3  * All rights reserved.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions
7  * are met:
8  * 1. Redistributions of source code must retain the above copyright
9  *    notice, this list of conditions and the following disclaimer
10  *    in this position and unchanged.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18  * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
19  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25  */
26
27 #include "bsdtar_platform.h"
28 __FBSDID("$FreeBSD: src/usr.bin/tar/read.c,v 1.21 2004/10/17 23:57:10 kientzle Exp $");
29
30 #include <sys/param.h>
31 #include <sys/types.h>
32 #include <sys/stat.h>
33
34 #include <archive.h>
35 #include <archive_entry.h>
36 #include <errno.h>
37 #include <grp.h>
38 #include <limits.h>
39 #include <pwd.h>
40 #include <stdio.h>
41 #include <stdlib.h>
42 #include <string.h>
43 #include <time.h>
44 #include <unistd.h>
45
46 #include "bsdtar.h"
47
48 static void     cleanup_security(struct bsdtar *);
49 static void     list_item_verbose(struct bsdtar *, FILE *,
50                     struct archive_entry *);
51 static void     read_archive(struct bsdtar *bsdtar, char mode);
52 static int      security_problem(struct bsdtar *, struct archive_entry *);
53
54 void
55 tar_mode_t(struct bsdtar *bsdtar)
56 {
57         read_archive(bsdtar, 't');
58 }
59
60 void
61 tar_mode_x(struct bsdtar *bsdtar)
62 {
63         read_archive(bsdtar, 'x');
64 }
65
66 /*
67  * Handle 'x' and 't' modes.
68  */
69 static void
70 read_archive(struct bsdtar *bsdtar, char mode)
71 {
72         FILE                     *out;
73         struct archive           *a;
74         struct archive_entry     *entry;
75         int                       r;
76
77         while (*bsdtar->argv) {
78                 include(bsdtar, *bsdtar->argv);
79                 bsdtar->argv++;
80         }
81
82         if (bsdtar->names_from_file != NULL)
83                 include_from_file(bsdtar, bsdtar->names_from_file);
84
85         a = archive_read_new();
86         archive_read_support_compression_all(a);
87         archive_read_support_format_all(a);
88         if (archive_read_open_file(a, bsdtar->filename,
89             bsdtar->bytes_per_block != 0 ? bsdtar->bytes_per_block :
90             DEFAULT_BYTES_PER_BLOCK))
91                 bsdtar_errc(bsdtar, 1, 0, "Error opening archive: %s",
92                     archive_error_string(a));
93
94         do_chdir(bsdtar);
95         for (;;) {
96                 /* Support --fast-read option */
97                 if (bsdtar->option_fast_read &&
98                     unmatched_inclusions(bsdtar) == 0)
99                         break;
100
101                 r = archive_read_next_header(a, &entry);
102                 if (r == ARCHIVE_EOF)
103                         break;
104                 if (r == ARCHIVE_WARN)
105                         bsdtar_warnc(bsdtar, 0, "%s", archive_error_string(a));
106                 if (r == ARCHIVE_FATAL) {
107                         bsdtar->return_value = 1;
108                         bsdtar_warnc(bsdtar, 0, "%s", archive_error_string(a));
109                         break;
110                 }
111                 if (r == ARCHIVE_RETRY) {
112                         /* Retryable error: try again */
113                         bsdtar_warnc(bsdtar, 0, "%s", archive_error_string(a));
114                         bsdtar_warnc(bsdtar, 0, "Retrying...");
115                         continue;
116                 }
117
118                 if (excluded(bsdtar, archive_entry_pathname(entry)))
119                         continue;
120
121                 if (mode == 't') {
122                         /* Perversely, gtar uses -O to mean "send to stderr"
123                          * when used with -t. */
124                         out = bsdtar->option_stdout ? stderr : stdout;
125
126                         if (bsdtar->verbose < 2)
127                                 safe_fprintf(out, "%s",
128                                     archive_entry_pathname(entry));
129                         else
130                                 list_item_verbose(bsdtar, out, entry);
131                         fflush(out);
132                         r = archive_read_data_skip(a);
133                         if (r == ARCHIVE_WARN) {
134                                 fprintf(out, "\n");
135                                 bsdtar_warnc(bsdtar, 0, "%s",
136                                     archive_error_string(a));
137                         }
138                         if (r == ARCHIVE_RETRY) {
139                                 fprintf(out, "\n");
140                                 bsdtar_warnc(bsdtar, 0, "%s",
141                                     archive_error_string(a));
142                         }
143                         if (r == ARCHIVE_FATAL) {
144                                 fprintf(out, "\n");
145                                 bsdtar_warnc(bsdtar, 0, "%s",
146                                     archive_error_string(a));
147                                 break;
148                         }
149                         fprintf(out, "\n");
150                 } else {
151                         if (bsdtar->option_interactive &&
152                             !yes("extract '%s'", archive_entry_pathname(entry)))
153                                 continue;
154
155                         if (security_problem(bsdtar, entry))
156                                 continue;
157
158                         /*
159                          * Format here is from SUSv2, including the
160                          * deferred '\n'.
161                          */
162                         if (bsdtar->verbose) {
163                                 safe_fprintf(stderr, "x %s",
164                                     archive_entry_pathname(entry));
165                                 fflush(stderr);
166                         }
167                         if (bsdtar->option_stdout) {
168                                 /* TODO: Catch/recover any errors here. */
169                                 archive_read_data_into_fd(a, 1);
170                         } else if (archive_read_extract(a, entry,
171                                        bsdtar->extract_flags)) {
172                                 if (!bsdtar->verbose)
173                                         safe_fprintf(stderr, "%s",
174                                             archive_entry_pathname(entry));
175                                 safe_fprintf(stderr, ": %s",
176                                     archive_error_string(a));
177                                 if (!bsdtar->verbose)
178                                         fprintf(stderr, "\n");
179                                 /*
180                                  * TODO: Decide how to handle
181                                  * extraction error... <sigh>
182                                  */
183                                 bsdtar->return_value = 1;
184                         }
185                         if (bsdtar->verbose)
186                                 fprintf(stderr, "\n");
187                 }
188         }
189
190         if (bsdtar->verbose > 2)
191                 fprintf(stdout, "Archive Format: %s,  Compression: %s\n",
192                     archive_format_name(a), archive_compression_name(a));
193
194         archive_read_finish(a);
195         cleanup_security(bsdtar);
196 }
197
198
199 /*
200  * Display information about the current file.
201  *
202  * The format here roughly duplicates the output of 'ls -l'.
203  * This is based on SUSv2, where 'tar tv' is documented as
204  * listing additional information in an "unspecified format,"
205  * and 'pax -l' is documented as using the same format as 'ls -l'.
206  */
207 static void
208 list_item_verbose(struct bsdtar *bsdtar, FILE *out, struct archive_entry *entry)
209 {
210         const struct stat       *st;
211         char                     tmp[100];
212         size_t                   w;
213         const char              *p;
214         const char              *fmt;
215         time_t                   tim;
216         static time_t            now;
217
218         st = archive_entry_stat(entry);
219
220         /*
221          * We avoid collecting the entire list in memory at once by
222          * listing things as we see them.  However, that also means we can't
223          * just pre-compute the field widths.  Instead, we start with guesses
224          * and just widen them as necessary.  These numbers are completely
225          * arbitrary.
226          */
227         if (!bsdtar->u_width) {
228                 bsdtar->u_width = 6;
229                 bsdtar->gs_width = 13;
230         }
231         if (!now)
232                 time(&now);
233         bsdtar_strmode(entry, tmp);
234         fprintf(out, "%s %d ", tmp, st->st_nlink);
235
236         /* Use uname if it's present, else uid. */
237         p = archive_entry_uname(entry);
238         if ((p == NULL) || (*p == '\0')) {
239                 sprintf(tmp, "%d ", st->st_uid);
240                 p = tmp;
241         }
242         w = strlen(p);
243         if (w > bsdtar->u_width)
244                 bsdtar->u_width = w;
245         fprintf(out, "%-*s ", (int)bsdtar->u_width, p);
246
247         /* Use gname if it's present, else gid. */
248         p = archive_entry_gname(entry);
249         if (p != NULL && p[0] != '\0') {
250                 fprintf(out, "%s", p);
251                 w = strlen(p);
252         } else {
253                 sprintf(tmp, "%d", st->st_gid);
254                 w = strlen(tmp);
255                 fprintf(out, "%s", tmp);
256         }
257
258         /*
259          * Print device number or file size, right-aligned so as to make
260          * total width of group and devnum/filesize fields be gs_width.
261          * If gs_width is too small, grow it.
262          */
263         if (S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode)) {
264                 sprintf(tmp, "%d,%u",
265                     major(st->st_rdev),
266                     (unsigned)minor(st->st_rdev)); /* ls(1) also casts here. */
267         } else {
268                 /*
269                  * Note the use of platform-dependent macros to format
270                  * the filesize here.  We need the format string and the
271                  * corresponding type for the cast.
272                  */
273                 sprintf(tmp, BSDTAR_FILESIZE_PRINTF,
274                     (BSDTAR_FILESIZE_TYPE)st->st_size);
275         }
276         if (w + strlen(tmp) >= bsdtar->gs_width)
277                 bsdtar->gs_width = w+strlen(tmp)+1;
278         fprintf(out, "%*s", (int)(bsdtar->gs_width - w), tmp);
279
280         /* Format the time using 'ls -l' conventions. */
281         tim = (time_t)st->st_mtime;
282         if (abs(tim - now) > (365/2)*86400)
283                 fmt = bsdtar->day_first ? "%e %b  %Y" : "%b %e  %Y";
284         else
285                 fmt = bsdtar->day_first ? "%e %b %R" : "%b %e %R";
286         strftime(tmp, sizeof(tmp), fmt, localtime(&tim));
287         fprintf(out, " %s ", tmp);
288         safe_fprintf(out, "%s", archive_entry_pathname(entry));
289
290         /* Extra information for links. */
291         if (archive_entry_hardlink(entry)) /* Hard link */
292                 safe_fprintf(out, " link to %s",
293                     archive_entry_hardlink(entry));
294         else if (S_ISLNK(st->st_mode)) /* Symbolic link */
295                 safe_fprintf(out, " -> %s", archive_entry_symlink(entry));
296 }
297
298 struct security {
299         char    *path;
300         size_t   path_size;
301 };
302
303 /*
304  * Check for a variety of security issues.  Fix what we can here,
305  * generate warnings as appropriate, return non-zero to prevent
306  * this entry from being extracted.
307  */
308 static int
309 security_problem(struct bsdtar *bsdtar, struct archive_entry *entry)
310 {
311         struct stat st;
312         const char *name, *pn;
313         char *p;
314         int r;
315
316         /* -P option forces us to just accept all pathnames. */
317         if (bsdtar->option_absolute_paths)
318                 return (0);
319
320         /* Strip leading '/'. */
321         name = archive_entry_pathname(entry);
322         if (name[0] == '/') {
323                 /* Generate a warning the first time this happens. */
324                 if (!bsdtar->warned_lead_slash) {
325                         bsdtar_warnc(bsdtar, 0,
326                             "Removing leading '/' from member names");
327                         bsdtar->warned_lead_slash = 1;
328                 }
329                 while (name[0] == '/')
330                         name++;
331                 archive_entry_set_pathname(entry, name);
332         }
333
334         /* Reject any archive entry with '..' as a path element. */
335         pn = name;
336         while (pn != NULL && pn[0] != '\0') {
337                 if (pn[0] == '.' && pn[1] == '.' &&
338                     (pn[2] == '\0' || pn[2] == '/')) {
339                         bsdtar_warnc(bsdtar, 0,
340                             "Skipping pathname containing ..");
341                         bsdtar->return_value = 1;
342                         return (1);
343                 }
344                 pn = strchr(pn, '/');
345                 if (pn != NULL)
346                         pn++;
347         }
348
349         /*
350          * Gaurd against symlink tricks.  Reject any archive entry whose
351          * destination would be altered by a symlink.
352          */
353         /* XXX TODO: Make this faster by comparing current path to
354          * prefix of last successful check to avoid duplicate lstat()
355          * calls. XXX */
356         pn = name;
357         if (bsdtar->security == NULL) {
358                 bsdtar->security = malloc(sizeof(*bsdtar->security));
359                 if (bsdtar->security == NULL)
360                         bsdtar_errc(bsdtar, 1, errno, "No Memory");
361                 bsdtar->security->path_size = MAXPATHLEN + 1;
362                 bsdtar->security->path = malloc(bsdtar->security->path_size);
363                 if (bsdtar->security->path == NULL)
364                         bsdtar_errc(bsdtar, 1, errno, "No Memory");
365         }
366         if (strlen(name) >= bsdtar->security->path_size) {
367                 free(bsdtar->security->path);
368                 while (strlen(name) >= bsdtar->security->path_size)
369                         bsdtar->security->path_size *= 2;
370                 bsdtar->security->path = malloc(bsdtar->security->path_size);
371                 if (bsdtar->security->path == NULL)
372                         bsdtar_errc(bsdtar, 1, errno, "No Memory");
373         }
374         p = bsdtar->security->path;
375         while (pn != NULL && pn[0] != '\0') {
376                 *p++ = *pn++;
377                 while (*pn != '\0' && *pn != '/')
378                         *p++ = *pn++;
379                 p[0] = '\0';
380                 r = lstat(bsdtar->security->path, &st);
381                 if (r != 0) {
382                         if (errno == ENOENT)
383                                 break;
384                 } else if (S_ISLNK(st.st_mode)) {
385                         if (pn[0] == '\0') {
386                                 /*
387                                  * Last element is symlink; remove it
388                                  * so we can overwrite it with the
389                                  * item being extracted.
390                                  */
391                                 if (!S_ISLNK(archive_entry_mode(entry))) {
392                                         /*
393                                          * Warn only if the symlink is being
394                                          * replaced with a non-symlink.
395                                          */
396                                         bsdtar_warnc(bsdtar, 0,
397                                             "Removing symlink %s",
398                                             bsdtar->security->path);
399                                 }
400                                 if (unlink(bsdtar->security->path))
401                                         bsdtar_errc(bsdtar, 1, errno,
402                                             "Unlink failed");
403                                 /* Symlink gone.  No more problem! */
404                                 return (0);
405                         } else if (bsdtar->option_unlink_first) {
406                                 /* User asked us to remove problems. */
407                                 if (unlink(bsdtar->security->path))
408                                         bsdtar_errc(bsdtar, 1, errno,
409                                             "Unlink failed");
410                         } else {
411                                 bsdtar_warnc(bsdtar, 0,
412                                     "Cannot extract %s through symlink %s",
413                                     name, bsdtar->security->path);
414                                 bsdtar->return_value = 1;
415                                 return (1);
416                         }
417                 }
418         }
419
420         return (0);
421 }
422
423 static void
424 cleanup_security(struct bsdtar *bsdtar)
425 {
426         if (bsdtar->security != NULL) {
427                 free(bsdtar->security->path);
428                 free(bsdtar->security);
429         }
430 }