[dragonfly/vkernel-mp.git] / contrib / libarchive-2.0 / libarchive / archive_read_support_format_tar.c
| blob | b57ac567015740e02505ffaa496a85a5237db28e |
1 /*-
2 * Copyright (c) 2003-2007 Tim Kientzle
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
27 __FBSDID("$FreeBSD: src/lib/libarchive/archive_read_support_format_tar.c,v 1.52 2007/04/03 23:53:55 cperciva Exp $");
29 #ifdef HAVE_SYS_STAT_H
30 #include <sys/stat.h>
31 #endif
32 #ifdef MAJOR_IN_MKDEV
33 #include <sys/mkdev.h>
34 #else
35 #ifdef MAJOR_IN_SYSMACROS
36 #include <sys/sysmacros.h>
37 #endif
38 #endif
39 #ifdef HAVE_ERRNO_H
40 #include <errno.h>
41 #endif
42 #include <stddef.h>
44 #ifdef HAVE_STDLIB_H
45 #include <stdlib.h>
46 #endif
47 #ifdef HAVE_STRING_H
48 #include <string.h>
49 #endif
50 #ifdef HAVE_UNISTD_H
51 #include <unistd.h>
52 #endif
54 /* Obtain suitable wide-character manipulation functions. */
55 #ifdef HAVE_WCHAR_H
56 #include <wchar.h>
57 #else
58 /* Good enough for equality testing, which is all we need. */
60 {
65 }
66 /* Good enough for equality testing, which is all we need. */
68 {
73 }
75 {
78 p++;
80 }
81 #endif
88 /*
89 * Layout of POSIX 'ustar' tar header.
90 */
108 };
110 /*
111 * Structure of GNU tar header
112 */
116 };
141 /*
142 * GNU doesn't use POSIX 'prefix' field; they use the 'L' (longname)
143 * entry instead.
144 */
145 };
147 /*
148 * Data specific to this format.
149 */
152 off_t offset;
153 off_t remaining;
154 };
169 off_t entry_bytes_remaining;
170 off_t entry_offset;
171 off_t entry_padding;
173 };
228 /*
229 * ANSI C99 defines constants for these, but not everyone supports
230 * those constants, so I define a couple of static variables here and
231 * compute the values. These calculations should be portable to any
232 * 2s-complement architecture.
233 */
234 #ifdef UINT64_MAX
236 #else
238 #endif
239 #ifdef INT64_MAX
241 #else
243 #endif
244 #ifdef INT64_MIN
246 #else
248 #endif
250 int
252 {
254 }
257 int
259 {
269 }
273 archive_read_format_tar_bid,
274 archive_read_format_tar_read_header,
275 archive_read_format_tar_read_data,
276 archive_read_format_tar_skip,
277 archive_read_format_tar_cleanup);
282 }
284 static int
286 {
302 }
305 static int
307 {
309 ssize_t bytes_read;
313 /*
314 * If we're already reading a non-tar file, don't
315 * bother to bid.
316 */
319 ARCHIVE_FORMAT_TAR)
323 /*
324 * If we're already reading a tar format, start the bid at 1 as
325 * a failsafe.
326 */
328 ARCHIVE_FORMAT_TAR)
329 bid++;
331 /* Now let's look at the actual header and see if it matches. */
334 else
339 /* An archive without a proper end-of-archive marker. */
340 /* Hold our nose and bid 1 anyway. */
342 }
344 /* If it's a new archive, then just return a zero bid. */
347 /*
348 * If we already know this is a tar archive,
349 * then we have a problem.
350 */
354 }
356 /* If it's an end-of-archive mark, we can handle it. */
358 /* If it's a known tar file, end-of-archive is definite. */
360 ARCHIVE_FORMAT_TAR)
362 /* Empty archive? */
364 }
366 /* If it's not an end-of-archive mark, it must have a valid checksum.*/
373 /* Recognize POSIX formats. */
378 /* Recognize GNU tar format. */
383 /* Type flag must be null, digit or A-Z, a-z. */
391 /* Sanity check: Look at first byte of mode field. */
394 /* Base-256 value: No further verification possible! */
400 /* Octal Value. */
401 /* TODO: Check format of remainder of this field. */
404 /* Not a valid mode; bail out here. */
406 }
407 /* TODO: Sanity test uid/gid/size/mtime/rdevmajor/rdevminor fields. */
410 }
412 /*
413 * The function invoked by archive_read_header(). This
414 * just sets up a few things and then calls the internal
415 * tar_read_header() function below.
416 */
417 static int
420 {
421 /*
422 * When converting tar archives to cpio archives, it is
423 * essential that each distinct file have a distinct inode
424 * number. To simplify this, we keep a static count here to
425 * assign fake dev/inode numbers to each tar entry. Note that
426 * pax format archives may overwrite this with something more
427 * useful.
428 *
429 * Ideally, we would track every file read from the archive so
430 * that we could assign the same dev/ino pair to hardlinks,
431 * but the memory required to store a complete lookup table is
432 * probably not worthwhile just to support the relatively
433 * obscure tar->cpio conversion case.
434 */
444 /* Assign default device/inode values. */
447 /* Limit generated st_ino number to 16 bits. */
451 }
459 /*
460 * "Regular" entry with trailing '/' is really
461 * directory: This is needed for certain old tar
462 * variants and even for some broken newer ones.
463 */
469 }
471 /* Copy the final stat data into the entry. */
473 }
475 }
477 static int
480 {
481 ssize_t bytes_read;
487 /* Remove exhausted entries from sparse list. */
493 }
495 /* We exhausted the entire sparse list. */
497 }
498 }
506 }
512 /* Don't read more than is available in the
513 * current sparse block. */
519 }
534 }
535 }
537 static int
539 {
540 off_t bytes_skipped;
546 /*
547 * Compression layer skip functions are required to either skip the
548 * length requested or fail, so we can rely upon the entire entry
549 * plus padding being skipped.
550 */
559 /* Free the sparse list. */
564 }
567 }
569 /*
570 * This function recursively interprets all of the headers associated
571 * with a single entry.
572 */
573 static int
576 {
577 ssize_t bytes;
582 /* Read 512-byte header record */
585 /*
586 * If we're here, it's becase the _bid function accepted
587 * this file. So just call a short read end-of-archive
588 * and be done with it.
589 */
591 }
594 /* Check for end-of-archive mark. */
596 /* Try to consume a second all-null record, as well. */
602 }
604 /*
605 * Note: If the checksum fails and we return ARCHIVE_RETRY,
606 * then the client is likely to just retry. This is a very
607 * crude way to search for the next valid header!
608 *
609 * TODO: Improve this by implementing a real header scan.
610 */
614 }
619 }
621 /* Determine the format variant. */
663 }
669 }
670 }
673 }
675 /*
676 * Return true if block checksum is correct.
677 */
678 static int
680 {
689 /*
690 * Test the checksum. Note that POSIX specifies _unsigned_
691 * bytes for this calculation.
692 */
704 /*
705 * Repeat test with _signed_ bytes, just in case this archive
706 * was created by an old BSD, Solaris, or HP-UX tar with a
707 * broken checksum calculation.
708 */
720 }
722 /*
723 * Return true if this block contains only nulls.
724 */
725 static int
727 {
734 }
736 /*
737 * Interpret 'A' Solaris ACL header
738 */
739 static int
742 {
751 /* XXX Ensure p doesn't overrun acl_text */
753 /* Skip leading octal number. */
754 /* XXX TODO: Parse the octal number and sanity-check it. */
757 p++;
758 p++;
764 ARCHIVE_ENTRY_ACL_TYPE_ACCESS);
767 }
770 }
772 /*
773 * Interpret 'K' long linkname header.
774 */
775 static int
778 {
784 /* Set symlink if symlink already set, else hardlink. */
786 }
788 }
790 /*
791 * Interpret 'L' long filename header.
792 */
793 static int
796 {
800 /* Read and parse "real" header, then override name. */
805 }
808 /*
809 * Interpret 'V' GNU tar volume header.
810 */
811 static int
814 {
817 /* Just skip this and read the next header. */
819 }
821 /*
822 * Read body of an archive entry into an archive_string object.
823 */
824 static int
827 {
838 /* Read the body into the string. */
856 }
859 }
861 /*
862 * Parse out common header elements.
863 *
864 * This would be the same as header_old_tar, except that the
865 * filename is handled slightly differently for old and POSIX
866 * entries (POSIX entries support a 'prefix'). This factoring
867 * allows header_old_tar and header_ustar
868 * to handle filenames differently, while still putting most of the
869 * common parsing into one place.
870 */
871 static int
874 {
884 else
887 /* Parse out the numeric fields (all are octal) */
894 /* Handle the tar type flag appropriately. */
901 /*
902 * The following may seem odd, but: Technically, tar
903 * does not store the file type for a "hard link"
904 * entry, only the fact that it is a hard link. So, I
905 * leave the type zero normally. But, pax interchange
906 * format allows hard links to have data, which
907 * implies that the underlying entry is a regular
908 * file.
909 */
913 /*
914 * A tricky point: Traditionally, tar readers have
915 * ignored the size field when reading hardlink
916 * entries, and some writers put non-zero sizes even
917 * though the body is empty. POSIX.1-2001 broke with
918 * this tradition by permitting hardlink entries to
919 * store valid bodies in pax interchange format, but
920 * not in ustar format. Since there is no hard and
921 * fast way to distinguish pax interchange from
922 * earlier archives (the 'x' and 'g' entries are
923 * optional, after all), we need a heuristic. Here, I
924 * use the bid function to test whether or not there's
925 * a valid header following. Of course, if we know
926 * this is pax interchange format, then we must obey
927 * the size.
928 *
929 * This heuristic will only fail for a pax interchange
930 * archive that is storing hardlink bodies, no pax
931 * extended attribute entries have yet occurred, and
932 * we encounter a hardlink entry for a file that is
933 * itself an uncompressed tar archive.
934 */
962 /*
963 * No special handling is actually required here.
964 * It might be nice someday to preprocess the file list and
965 * provide it to the client, though.
966 */
970 /*
971 * As far as I can tell, this is just like a regular file
972 * entry, except that the contents should be _appended_ to
973 * the indicated file at the indicated offset. This may
974 * require some API work to fully support.
975 */
978 /* The body of this entry is a script for renaming
979 * previously-extracted entries. Ugh. It will never
980 * be supported by libarchive. */
984 /*
985 * Sparse files are really just regular files with
986 * sparse information in the extended area.
987 */
988 /* FALL THROUGH */
990 /*
991 * Per POSIX: non-recognized types should always be
992 * treated as regular files.
993 */
996 }
998 }
1000 /*
1001 * Parse out header elements for "old-style" tar archives.
1002 */
1003 static int
1006 {
1009 /* Copy filename over (to ensure null termination). */
1014 /* Grab rest of common fields */
1020 }
1022 /*
1023 * Parse a file header for a pax extended archive entry.
1024 */
1025 static int
1028 {
1034 }
1036 static int
1039 {
1044 /* Parse the next header. */
1047 /*
1048 * TODO: Parse global/default options into 'entry' struct here
1049 * before handling file-specific options.
1050 *
1051 * This design (parse standard header, then overwrite with pax
1052 * extended attribute data) usually works well, but isn't ideal;
1053 * it would be better to parse the pax extended attributes first
1054 * and then skip any fields in the standard header that were
1055 * defined in the pax header.
1056 */
1062 }
1065 /*
1066 * Parse a file header for a Posix "ustar" archive entry. This also
1067 * handles "pax" or "extended ustar" entries.
1068 */
1069 static int
1072 {
1078 /* Copy name into an internal buffer to ensure null-termination. */
1090 /* Handle rest of common fields. */
1093 /* Handle POSIX ustar fields. */
1102 /* Parse out device numbers only for char and block specials. */
1107 }
1113 }
1116 /*
1117 * Parse the pax extended attributes record.
1118 *
1119 * Returns non-zero if there's an error in the data.
1120 */
1121 static int
1124 {
1133 /* Parse decimal length field at start of line. */
1139 p++;
1140 l--;
1142 }
1151 }
1152 p++;
1153 l--;
1154 }
1159 /* Ensure pax_entry buffer is big enough. */
1176 }
1177 }
1179 /* Decode UTF-8 to wchar_t, null-terminate result. */
1185 }
1187 /* Null-terminate 'key' value. */
1197 }
1200 /* Identify null-terminated 'value' portion. */
1203 /* Identify this attribute and set it in the entry. */
1207 /* Skip to next line */
1210 }
1212 }
1214 static int
1217 {
1227 /* URL-decode name */
1236 /* Base-64 decode value */
1241 }
1249 }
1251 /*
1252 * Parse a single key=value attribute. key/value pointers are
1253 * assumed to point into reasonably long-lived storage.
1254 *
1255 * Note that POSIX reserves all-lowercase keywords. Vendor-specific
1256 * extensions should always have keywords of the form "VENDOR.attribute"
1257 * In particular, it's quite feasible to support many different
1258 * vendor extensions here. I'm using "LIBARCHIVE" for extensions
1259 * unique to this library (currently, there are none).
1260 *
1261 * Investigate other vendor-specific extensions, as well and see if
1262 * any of them look useful.
1263 */
1264 static int
1267 {
1273 /* Our extensions */
1274 /* TODO: Handle arbitrary extended attributes... */
1275 /*
1276 if (strcmp(key, "LIBARCHIVE.xxxxxxx")==0)
1277 archive_entry_set_xxxxxx(entry, value);
1278 */
1283 /* We support some keys used by the "star" archiver */
1286 ARCHIVE_ENTRY_ACL_TYPE_ACCESS);
1289 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT);
1310 }
1318 /* TODO: Publish charset information in entry. */
1320 /* TODO: Publish comment in entry. */
1321 }
1330 /* pax interchange doesn't distinguish hardlink vs. symlink. */
1334 else
1336 }
1343 }
1350 /* POSIX has reserved 'realtime.*' */
1353 /* POSIX has reserved 'security.*' */
1354 /* Someday: if (wcscmp(key, L"security.acl")==0) { ... } */
1364 }
1366 }
1370 /*
1371 * parse a decimal time value, which may include a fractional portion
1372 */
1373 static void
1375 {
1389 p++;
1390 }
1397 }
1400 }
1404 /* Calculate nanoseconds. */
1415 else
1418 }
1420 /*
1421 * Parse GNU tar header
1422 */
1423 static int
1426 {
1431 /*
1432 * GNU header is like POSIX ustar, except 'prefix' is
1433 * replaced with some other fields. This also means the
1434 * filename is stored as in old-style archives.
1435 */
1437 /* Grab fields common to all tar variants. */
1440 /* Copy filename over (to ensure null termination). */
1446 /* Fields common to ustar and GNU */
1447 /* XXX Can the following be factored out since it's common
1448 * to ustar and gnu tar? Is it okay to move it down into
1449 * header_common, perhaps? */
1458 /* Parse out device numbers only for char and block specials */
1463 else
1469 /* Grab GNU-specific fields. */
1475 }
1481 /* XXX WTF? XXX */
1482 }
1483 }
1486 }
1488 static int
1491 {
1492 ssize_t bytes_read;
1498 };
1511 "Truncated tar archive "
1514 }
1522 }
1524 static void
1527 {
1544 else
1550 sparse++;
1551 length--;
1552 }
1553 }
1555 /*-
1556 * Convert text->integer.
1557 *
1558 * Traditional tar formats (including POSIX) specify base-8 for
1559 * all of the standard numeric fields. This is a significant limitation
1560 * in practice:
1561 * = file size is limited to 8GB
1562 * = rdevmajor and rdevminor are limited to 21 bits
1563 * = uid/gid are limited to 21 bits
1564 *
1565 * There are two workarounds for this:
1566 * = pax extended headers, which use variable-length string fields
1567 * = GNU tar and STAR both allow either base-8 or base-256 in
1568 * most fields. The high bit is set to indicate base-256.
1569 *
1570 * On read, this implementation supports both extensions.
1571 */
1572 static int64_t
1574 {
1575 /*
1576 * Technically, GNU tar considers a field to be in base-256
1577 * only if the first byte is 0xff or 0x80.
1578 */
1582 }
1584 /*
1585 * Note that this implementation does not (and should not!) obey
1586 * locale settings; you cannot simply substitute strtol here, since
1587 * it does obey locale.
1588 */
1589 static int64_t
1591 {
1600 p++;
1603 p++;
1613 }
1616 }
1618 }
1621 /*
1622 * Note that this implementation does not (and should not!) obey
1623 * locale settings; you cannot simply substitute strtol here, since
1624 * it does obey locale.
1625 */
1626 static int64_t
1628 {
1637 p++;
1640 p++;
1650 }
1653 }
1655 }
1657 /*
1658 * Parse a base-256 integer. This is just a straight signed binary
1659 * value in big-endian order, except that the high-order bit is
1660 * ignored. Remember that "int64_t" may or may not be exactly 64
1661 * bits; the implementation here tries to avoid making any assumptions
1662 * about the actual size of an int64_t. It does assume we're using
1663 * twos-complement arithmetic, though.
1664 */
1665 static int64_t
1667 {
1674 /* Pad with 1 or 0 bits, depending on sign. */
1677 else
1687 }
1689 }
1691 }
1693 static int
1695 {
1704 dest++;
1707 }
1710 }
1712 /*
1713 * Copied and simplified from FreeBSD libc/locale.
1714 */
1715 static size_t
1717 {
1724 /*
1725 * Determine the number of octets that make up this character from
1726 * the first octet, and a mask that extracts the interesting bits of
1727 * the first octet.
1728 */
1749 /* Invalid first byte; convert to '?' */
1752 }
1755 /* Invalid first byte; convert to '?' */
1758 }
1760 /*
1761 * Decode the octet sequence representing the character in chunks
1762 * of 6 bits, most significant first.
1763 */
1768 /* Invalid intermediate byte; consume one byte and
1769 * emit '?' */
1772 }
1775 }
1777 /* Assign the value to the output; out-of-range values
1778 * just get truncated. */
1780 #ifdef WCHAR_MAX
1781 /*
1782 * If platform has WCHAR_MAX, we can do something
1783 * more sensible with out-of-range values.
1784 */
1787 #endif
1788 /* Return number of bytes input consumed: 0 for end-of-string. */
1790 }
1793 /*
1794 * base64_decode - Base64 decode
1795 *
1796 * This accepts most variations of base-64 encoding, including:
1797 * * with or without line breaks
1798 * * with or without the final group padded with '=' or '_' characters
1799 * (The most economical Base-64 variant does not pad the last group and
1800 * omits line breaks; RFC1341 used for MIME requires both.)
1801 */
1804 {
1814 /* If the decode table is not yet initialized, prepare it. */
1820 }
1822 /* Allocate enough space to hold the entire output. */
1823 /* Note that we may not use all of this... */
1828 }
1832 /* Collect the next group of (up to) four characters. */
1836 /* '=' or '_' padding indicates final group. */
1840 }
1841 /* Skip illegal characters (including line breaks) */
1844 len--;
1845 src++;
1847 }
1850 len --;
1851 group_size++;
1852 }
1853 /* Align a short group properly. */
1855 /* Unpack the group we just collected. */
1858 /* FALLTHROUGH */
1860 /* FALLTHROUGH */
1865 }
1867 }
1871 }
1873 /*
1874 * This is a little tricky because the C99 standard wcstombs()
1875 * function returns the number of bytes that were converted,
1876 * not the number that should be converted. As a result,
1877 * we can never accurately size the output buffer (without
1878 * doing a tedious output size calculation in advance).
1879 * This approach (try a conversion, then try again if it fails)
1880 * will almost always succeed on the first try, and is thus
1881 * much faster, at the cost of sometimes requiring multiple
1882 * passes while we expand the buffer.
1883 */
1886 {
1888 /* Guess an output buffer size and try the conversion. */
1895 /* If we exhausted the buffer, resize and try again. */
1903 }
1905 /* Ensure a trailing null and return the final string. */
1908 }
1912 {
1921 /* Try to convert % escape */
1925 /* Looks good, consume three chars */
1927 /* Convert output */
1930 }
1931 /* Else fall through and treat '%' as normal char */
1932 }
1934 }
1937 }
1939 static int
1941 {
1948 else
1950 }