fbt/sbase
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Audit tar(1), add DIRFIRST-flag to recurse()

Browse Source 
I've been wanting to do this for a while now, as tar(1) used to
be one of messiest and cruftiest tools.
First off, before walking through the audit, I'll talk about
what the DIRFIRST-flag for recurse() does.
It basically calls fn() on the first-level-dir before calling
it's subentries. It's necessary here, because else the order
of the tar-files would've been wrong (it would try to create
dir/file before creating dir/).

Now, to the audit:
1)  Update manpage, fix mistake that compression is also available
    for compressing. It's only available for extracting.
2)  Define the major, minor and makedev macros from glibc by ourselves.
    No need to rely on them, as they are common sense.

decomp()
3)  Simple refactorization.

putoctal()
4)  Add a truncation check for snprintf().

archive()
5)  BUGFIX: Add checks to any checkable function, don't blindly call
    them, this is harmful and there are 100 ways to exploit that.
6)  Use estrlcpy() instead of snprintf() wherever possible, fix
    alignment.
7)  BUGFIX: Terminate the result-buffer of readlink(), check if
    it even succeeded.
8)  Fix sizeof()-formatting.

unarchive()
9)  BUGFIX: Add checks to any checkable function, don't blindly call
    them, this is harmful and there are 100 ways to exploit that.
10) BUGFIX: strtoul can happily return negative numbers. Add checks
    for that and also if the full string has been processed.
11) Remove calls to perror(). We have eprintf, use it.
12) BUGFIX: "minor = strtoul(h->mode, 0, 8);". We need h->minor of
    course.
13) Fix typo "usupported", remove fprintf-call.

print()
14) Check fread().

xt()
15) Get rid of snprintf-magic. Use estrlcat().
16) BUGFIX: check for ferror() on the tarfile.

usage()
17) Update it. The old usage() was like 1000 years old.

main()
18) Add DIRFIRST-flag to the recursor.
19) Don't print usage() when a mode is re-set. We allow this in
    general.
20) Add function checks and fix error messages.
21) Add tarfilename-global for proper error-messages.
This commit is contained in:
FRIGN 2015-03-21 01:03:35 +01:00
parent a531865fe5
commit b6b977f63d
5 changed files with 181 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README
View File

@ -72,7 +72,7 @@ The following tools are implemented ('*' == finished, '#' == UTF-8 support,
#*| strings yes none #*| strings yes none
=*| sync non-posix none =*| sync non-posix none
=*| tail yes none =*| tail yes none
=* tar non-posix none =*| tar non-posix none
=*| tee yes none =*| tee yes none
=*| test yes none =*| test yes none
=*| time yes none =*| time yes none

1
fs.h
View File

@ -18,6 +18,7 @@ struct recursor {
enum { enum {
SAMEDEV = 1 << 0, SAMEDEV = 1 << 0,
DIRFIRST = 1 << 1,
}; };
extern int cp_aflag; extern int cp_aflag;

4
libutil/recurse.c
View File

@ -58,6 +58,9 @@ recurse(const char *path, void *data, struct recursor *r)
return; return;
} }
if (!r->depth && (r->flags & DIRFIRST))
(r->fn)(path, &st, data, r);
while ((d = readdir(dp))) { while ((d = readdir(dp))) {
if (r->follow == 'H') { if (r->follow == 'H') {
statf_name = "lstat"; statf_name = "lstat";
@ -82,6 +85,7 @@ recurse(const char *path, void *data, struct recursor *r)
} }
if (!r->depth) { if (!r->depth) {
if (!(r->flags & DIRFIRST))
(r->fn)(path, &st, data, r); (r->fn)(path, &st, data, r);
for (; r->hist; ) { for (; r->hist; ) {

11
tar.1
View File

@ -1,4 +1,4 @@
.Dd February 8, 2015 .Dd March 21, 2015
.Dt TAR 1 .Dt TAR 1
.Os sbase .Os sbase
.Sh NAME .Sh NAME
@ -13,15 +13,8 @@
.Nm .Nm
.Op Fl C Ar dir .Op Fl C Ar dir
.Op Fl h .Op Fl h
.Op Fl j | Fl z
.Fl c Ar dir .Fl c Ar dir
.Op Fl f Ar file .Op Fl f Ar file
.Nm
.Op Fl C Ar dir
.Op Fl h
.Op Fl j | Fl z
.Fl cf
.Ar file Ar dir
.Sh DESCRIPTION .Sh DESCRIPTION
.Nm .Nm
is the standard file archiver. is the standard file archiver.
@ -47,7 +40,7 @@ Extract archive.
.It Fl h .It Fl h
Always dereference symbolic links while recursively traversing directories. Always dereference symbolic links while recursively traversing directories.
.It Fl j | Fl z .It Fl j | Fl z
Use bzip2 | gzip compression. The Use bzip2 | gzip decompression. The
.Xr bzip2 1 | .Xr bzip2 1 |
.Xr gzip 1 .Xr gzip 1
utilities must be installed separately. utilities must be installed separately.

251
tar.c
View File

@ -2,6 +2,7 @@
#include <sys/stat.h> #include <sys/stat.h>
#include <sys/time.h> #include <sys/time.h>
#include <errno.h>
#include <grp.h> #include <grp.h>
#include <pwd.h> #include <pwd.h>
#include <stdio.h> #include <stdio.h>
@ -33,12 +34,20 @@ struct header {
#define BLKSIZ 512 #define BLKSIZ 512
#undef major
#define major(dev) ((int)(((unsigned int)(dev) >> 8) & 0xff))
#undef minor
#define minor(dev) ((int)((dev) & 0xff))
#undef makedev
#define makedev(major, minor) (((major) << 8) | (minor))
enum Type { enum Type {
REG = '0', AREG = '\0', HARDLINK = '1', SYMLINK = '2', CHARDEV = '3', REG = '0', AREG = '\0', HARDLINK = '1', SYMLINK = '2', CHARDEV = '3',
BLOCKDEV = '4', DIRECTORY = '5', FIFO = '6' BLOCKDEV = '4', DIRECTORY = '5', FIFO = '6'
}; };
static FILE *tarfile; static FILE *tarfile;
static char *tarfilename;
static ino_t tarinode; static ino_t tarinode;
static dev_t tardev; static dev_t tardev;
@ -49,6 +58,7 @@ static FILE *
decomp(FILE *fp) decomp(FILE *fp)
{ {
int fds[2]; int fds[2];
char *tool;
if (pipe(fds) < 0) if (pipe(fds) < 0)
eprintf("pipe:"); eprintf("pipe:");
@ -62,51 +72,56 @@ decomp(FILE *fp)
close(fds[0]); close(fds[0]);
close(fds[1]); close(fds[1]);
switch (filtermode) { tool = (filtermode == 'j') ? "bzip2" : "gzip";
case 'j': execlp(tool, tool, "-cd", NULL);
execlp("bzip2", "bzip2", "-cd", NULL); weprintf("execlp %s:", tool);
weprintf("execlp bzip2:");
_exit(1); _exit(1);
case 'z':
execlp("gzip", "gzip", "-cd", NULL);
weprintf("execlp gzip:");
_exit(1);
}
} }
close(fds[1]); close(fds[1]);
return fdopen(fds[0], "r"); return fdopen(fds[0], "r");
} }
static void static void
putoctal(char *dst, unsigned num, int n) putoctal(char *dst, unsigned num, int size)
{ {
snprintf(dst, n, "%.*o", n - 1, num); if (snprintf(dst, size, "%.*o", size - 1, num) >= size)
eprintf("snprintf: input number too large\n");
} }
static int static int
archive(const char *path) archive(const char *path)
{ {
FILE *f = NULL; FILE *f = NULL;
mode_t mode;
struct group *gr; struct group *gr;
struct header *h; struct header *h;
struct passwd *pw; struct passwd *pw;
struct stat st; struct stat st;
size_t chksum, x; size_t chksum, x;
ssize_t l; ssize_t l, r;
unsigned char b[BLKSIZ]; unsigned char b[BLKSIZ];
lstat(path, &st); if (lstat(path, &st) < 0) {
if (st.st_ino == tarinode && st.st_dev == tardev) { weprintf("lstat %s:", path);
fprintf(stderr, "ignoring '%s'\n", path); return 0;
} else if (st.st_ino == tarinode && st.st_dev == tardev) {
weprintf("ignoring %s\n", path);
return 0;
}
errno = 0;
if (!(pw = getpwuid(st.st_uid)) && errno) {
weprintf("getpwuid:");
return 0;
}
errno = 0;
if (!(gr = getgrgid(st.st_gid)) && errno) {
weprintf("getgrgid:");
return 0; return 0;
} }
pw = getpwuid(st.st_uid);
gr = getgrgid(st.st_gid);
h = (void *)b; h = (void *)b;
memset(b, 0, sizeof(b)); memset(b, 0, sizeof(b));
snprintf(h->name, sizeof(h->name), "%s", path); estrlcpy(h->name, path, sizeof(h->name));
putoctal(h->mode, (unsigned)st.st_mode & 0777, sizeof(h->mode)); putoctal(h->mode, (unsigned)st.st_mode & 0777, sizeof(h->mode));
putoctal(h->uid, (unsigned)st.st_uid, sizeof(h->uid)); putoctal(h->uid, (unsigned)st.st_uid, sizeof(h->uid));
putoctal(h->gid, (unsigned)st.st_gid, sizeof(h->gid)); putoctal(h->gid, (unsigned)st.st_gid, sizeof(h->gid));
@ -114,123 +129,145 @@ archive(const char* path)
putoctal(h->mtime, (unsigned)st.st_mtime, sizeof(h->mtime)); putoctal(h->mtime, (unsigned)st.st_mtime, sizeof(h->mtime));
memcpy( h->magic, "ustar", sizeof(h->magic)); memcpy( h->magic, "ustar", sizeof(h->magic));
memcpy( h->version, "00", sizeof(h->version)); memcpy( h->version, "00", sizeof(h->version));
snprintf(h->uname, sizeof h->uname, "%s", pw ? pw->pw_name : ""); estrlcpy(h->uname, pw ? pw->pw_name : "", sizeof(h->uname));
snprintf(h->gname, sizeof h->gname, "%s", gr ? gr->gr_name : ""); estrlcpy(h->gname, gr ? gr->gr_name : "", sizeof(h->gname));
mode = st.st_mode; if (S_ISREG(st.st_mode)) {
if (S_ISREG(mode)) {
h->type = REG; h->type = REG;
putoctal(h->size, (unsigned)st.st_size, sizeof h->size); putoctal(h->size, (unsigned)st.st_size, sizeof(h->size));
f = fopen(path, "r"); f = fopen(path, "r");
} else if (S_ISDIR(mode)) { } else if (S_ISDIR(st.st_mode)) {
h->type = DIRECTORY; h->type = DIRECTORY;
} else if (S_ISLNK(mode)) { } else if (S_ISLNK(st.st_mode)) {
h->type = SYMLINK; h->type = SYMLINK;
readlink(path, h->link, (sizeof h->link)-1); if ((r = readlink(path, h->link, sizeof(h->link) - 1)) < 0)
} else if (S_ISCHR(mode) || S_ISBLK(mode)) { eprintf("readlink %s:", path);
h->type = S_ISCHR(mode) ? CHARDEV : BLOCKDEV; h->link[r] = '\0';
#if defined(major) && defined(minor) } else if (S_ISCHR(st.st_mode) || S_ISBLK(st.st_mode)) {
putoctal(h->major, (unsigned)major(st.st_dev), sizeof h->major); h->type = S_ISCHR(st.st_mode) ? CHARDEV : BLOCKDEV;
putoctal(h->minor, (unsigned)minor(st.st_dev), sizeof h->minor); putoctal(h->major, (unsigned)major(st.st_dev), sizeof(h->major));
#else putoctal(h->minor, (unsigned)minor(st.st_dev), sizeof(h->minor));
return 0; } else if (S_ISFIFO(st.st_mode)) {
#endif
} else if (S_ISFIFO(mode)) {
h->type = FIFO; h->type = FIFO;
} }
memset(h->chksum, ' ', sizeof h->chksum); memset(h->chksum, ' ', sizeof(h->chksum));
for (x = 0, chksum = 0; x < sizeof *h; x++) for (x = 0, chksum = 0; x < sizeof(*h); x++)
chksum += b[x]; chksum += b[x];
putoctal(h->chksum, chksum, sizeof h->chksum); putoctal(h->chksum, chksum, sizeof(h->chksum));
fwrite(b, BLKSIZ, 1, tarfile); if (fwrite(b, BLKSIZ, 1, tarfile) != 1)
if (!f) eprintf("fwrite:");
return 0;
if (f) {
while ((l = fread(b, 1, BLKSIZ, f)) > 0) { while ((l = fread(b, 1, BLKSIZ, f)) > 0) {
if (l < BLKSIZ) if (l < BLKSIZ)
memset(b + l, 0, BLKSIZ - l); memset(b + l, 0, BLKSIZ - l);
fwrite(b, BLKSIZ, 1, tarfile); if (fwrite(b, BLKSIZ, 1, tarfile) != 1)
eprintf("fwrite:");
} }
fclose(f); if (fclose(f) == EOF)
eprintf("fclose %s:", path);
}
return 0; return 0;
} }
static int static int
unarchive(char *fname, int l, char b[BLKSIZ]) unarchive(char *fname, ssize_t l, char b[BLKSIZ])
{ {
FILE *f = NULL; FILE *f = NULL;
struct timeval times[2]; struct timeval times[2];
struct header *h = (void *)b; struct header *h = (void *)b;
unsigned long mode, major, minor, type, mtime; long mode, major, minor, type, mtime, uid, gid;
char lname[101]; char lname[101], *p;
if (!mflag && ((mtime = strtoul(h->mtime, &p, 8)) < 0 || *p != '\0'))
eprintf("strtoul %s: invalid number\n", h->mtime);
if (unlink(fname) < 0 && errno != ENOENT && errno != EISDIR)
eprintf("unlink %s:", fname);
if (!mflag)
mtime = strtoul(h->mtime, 0, 8);
unlink(fname);
switch (h->type) { switch (h->type) {
case REG: case REG:
case AREG: case AREG:
mode = strtoul(h->mode, 0, 8); if ((mode = strtoul(h->mode, &p, 8)) < 0 || *p != '\0')
if (!(f = fopen(fname, "w")) || chmod(fname, mode)) eprintf("strtoul %s: invalid number\n", h->mode);
perror(fname); if (!(f = fopen(fname, "w")))
eprintf("fopen %s:", fname);
if (chmod(fname, mode) < 0)
eprintf("chmod %s:", fname);
break; break;
case HARDLINK: case HARDLINK:
case SYMLINK: case SYMLINK:
snprintf(lname, sizeof lname, "%s", h->link); estrlcpy(lname, h->link, sizeof(lname));
if (!((h->type == HARDLINK) ? link : symlink)(lname, fname)) if (((h->type == HARDLINK) ? link : symlink)(lname, fname) < 0)
perror(fname); eprintf("%s %s -> %s:",
(h->type == HARDLINK) ? "link" : "symlink",
fname, lname);
break; break;
case DIRECTORY: case DIRECTORY:
mode = strtoul(h->mode, 0, 8); if ((mode = strtoul(h->mode, &p, 8)) < 0 || *p != '\0')
if (mkdir(fname, (mode_t)mode)) eprintf("strtoul %s: invalid number\n", h->mode);
perror(fname); if (mkdir(fname, (mode_t)mode) < 0 && errno != EEXIST)
eprintf("mkdir %s:", fname);
break; break;
case CHARDEV: case CHARDEV:
case BLOCKDEV: case BLOCKDEV:
#ifdef makedev if ((mode = strtoul(h->mode, &p, 8)) < 0 || *p != '\0')
mode = strtoul(h->mode, 0, 8); eprintf("strtoul %s: invalid number\n", h->mode);
major = strtoul(h->major, 0, 8); if ((major = strtoul(h->major, &p, 8)) < 0 || *p != '\0')
minor = strtoul(h->mode, 0, 8); eprintf("strtoul %s: invalid number\n", h->major);
if ((minor = strtoul(h->minor, &p, 8)) < 0 || *p != '\0')
eprintf("strtoul %s: invalid number\n", h->minor);
type = (h->type == CHARDEV) ? S_IFCHR : S_IFBLK; type = (h->type == CHARDEV) ? S_IFCHR : S_IFBLK;
if (mknod(fname, type | mode, makedev(major, minor))) if (mknod(fname, type | mode, makedev(major, minor)) < 0)
perror(fname); eprintf("mknod %s:", fname);
#endif
break; break;
case FIFO: case FIFO:
mode = strtoul(h->mode, 0, 8); if ((mode = strtoul(h->mode, &p, 8)) < 0 || *p != '\0')
if (mknod(fname, S_IFIFO | mode, 0)) eprintf("strtoul %s: invalid number\n", h->mode);
perror(fname); if (mknod(fname, S_IFIFO | mode, 0) < 0)
eprintf("mknod %s:", fname);
break; break;
default: default:
fprintf(stderr, "usupported tarfiletype %c\n", h->type); eprintf("unsupported tar-filetype %c\n", h->type);
} }
if (getuid() == 0 && chown(fname, strtoul(h->uid, 0, 8), strtoul(h->gid, 0, 8)))
perror(fname); if ((uid = strtoul(h->uid, &p, 8)) < 0 || *p != '\0')
eprintf("strtoul %s: invalid number\n", h->uid);
if ((gid = strtoul(h->gid, &p, 8)) < 0 || *p != '\0')
eprintf("strtoul %s: invalid number\n", h->gid);
if (!getuid() && chown(fname, uid, gid))
eprintf("chown %s:", fname);
for (; l > 0; l -= BLKSIZ) { for (; l > 0; l -= BLKSIZ) {
fread(b, BLKSIZ, 1, tarfile); if (fread(b, BLKSIZ, 1, tarfile) != 1)
if (f) eprintf("fread %s:", tarfilename);
fwrite(b, MIN(l, 512), 1, f); if (f && fwrite(b, MIN(l, BLKSIZ), 1, f) != 1)
eprintf("fwrite %s:", fname);
} }
if (f) if (f && fclose(f) == EOF)
fclose(f); eprintf("fclose %s:", fname);
if (!mflag) { if (!mflag) {
times[0].tv_sec = times[1].tv_sec = mtime; times[0].tv_sec = times[1].tv_sec = mtime;
times[0].tv_usec = times[1].tv_usec = 0; times[0].tv_usec = times[1].tv_usec = 0;
if (utimes(fname, times)) if (utimes(fname, times) < 0)
perror(fname); eprintf("utimes %s:", fname);
} }
return 0; return 0;
} }
static int static int
print(char * fname, int l, char b[BLKSIZ]) print(char *fname, ssize_t l, char b[BLKSIZ])
{ {
puts(fname); puts(fname);
for (; l > 0; l -= BLKSIZ) for (; l > 0; l -= BLKSIZ)
fread(b, BLKSIZ, 1, tarfile); if (fread(b, BLKSIZ, 1, tarfile) != 1)
eprintf("fread %s:", tarfilename);
return 0; return 0;
} }
@ -244,32 +281,42 @@ c(const char *path, struct stat *st, void *data, struct recursor *r)
} }
static void static void
xt(int (*fn)(char *, int, char[BLKSIZ])) xt(int (*fn)(char *, ssize_t, char[BLKSIZ]))
{ {
char b[BLKSIZ], fname[257], *s; struct header *h;
struct header *h = (void*)b; long size;
char b[BLKSIZ], fname[256 + 1], *p;
while (fread(b, BLKSIZ, 1, tarfile) && h->name[0] != '\0') { h = (void *)b;
s = fname;
if (h->prefix[0] != '\0') while (fread(b, BLKSIZ, 1, tarfile) == 1 && *(h->name)) {
s += sprintf(s, "%.*s/", (int)sizeof h->prefix, h->prefix); fname[0] = '\0';
sprintf(s, "%.*s", (int)sizeof h->name, h->name); if (*(h->prefix)) {
fn(fname, strtol(h->size, 0, 8), b); estrlcat(fname, h->prefix, sizeof(fname));
estrlcat(fname, "/", sizeof(fname));
} }
estrlcat(fname, h->name, sizeof(fname));
if ((size = strtoul(h->size, &p, 8)) < 0 || *p != '\0')
eprintf("strtoul %s: invalid number\n", h->size);
fn(fname, size, b);
}
if (ferror(tarfile))
eprintf("fread %s:", tarfilename);
} }
static void static void
usage(void) usage(void)
{ {
eprintf("usage: tar [-f tarfile] [-C dir] -j|z -x[m]|t\n" eprintf("usage: %s [-C dir] [-j | -z] -x [-m | -t] [-f file]\n"
" tar [-f tarfile] [-C dir] -c dir\n"); " %s [-C dir] [-h] -c dir [-f file]\n", argv0, argv0);
} }
int int
main(int argc, char *argv[]) main(int argc, char *argv[])
{ {
FILE *fp; FILE *fp;
struct recursor r = { .fn = c, .hist = NULL, .depth = 0, .follow = 'P', .flags = 0}; struct recursor r = { .fn = c, .hist = NULL, .depth = 0, .follow = 'P', .flags = DIRFIRST};
struct stat st; struct stat st;
char *file = NULL, *dir = ".", mode = '\0'; char *file = NULL, *dir = ".", mode = '\0';
@ -277,8 +324,6 @@ main(int argc, char *argv[])
case 'x': case 'x':
case 'c': case 'c':
case 't': case 't':
if (mode)
usage();
mode = ARGC(); mode = ARGC();
break; break;
case 'C': case 'C':
@ -292,8 +337,6 @@ main(int argc, char *argv[])
break; break;
case 'j': case 'j':
case 'z': case 'z':
if (filtermode)
usage();
filtermode = ARGC(); filtermode = ARGC();
break; break;
case 'h': case 'h':
@ -312,14 +355,17 @@ main(int argc, char *argv[])
if (!(fp = fopen(file, "w"))) if (!(fp = fopen(file, "w")))
eprintf("fopen %s:", file); eprintf("fopen %s:", file);
if (lstat(file, &st) < 0) if (lstat(file, &st) < 0)
eprintf("tar: stat '%s':", file); eprintf("lstat %s:", file);
tarinode = st.st_ino; tarinode = st.st_ino;
tardev = st.st_dev; tardev = st.st_dev;
tarfile = fp; tarfile = fp;
tarfilename = file;
} else { } else {
tarfile = stdout; tarfile = stdout;
tarfilename = "<stdout>";
} }
chdir(dir); if (chdir(dir) < 0)
eprintf("chdir %s:", dir);
recurse(argv[0], NULL, &r); recurse(argv[0], NULL, &r);
break; break;
case 't': case 't':
@ -331,6 +377,8 @@ main(int argc, char *argv[])
fp = stdin; fp = stdin;
} }
tarfilename = file;
switch (filtermode) { switch (filtermode) {
case 'j': case 'j':
case 'z': case 'z':
@ -341,8 +389,9 @@ main(int argc, char *argv[])
break; break;
} }
chdir(dir); if (chdir(dir) < 0)
xt(mode == 'x' ? unarchive : print); eprintf("chdir %s:", dir);
xt((mode == 'x') ? unarchive : print);
break; break;
} }