archive_write_disk_posix.c revision 305188
1/*- 2 * Copyright (c) 2003-2010 Tim Kientzle 3 * Copyright (c) 2012 Michihiro NAKAJIMA 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer 11 * in this position and unchanged. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28#include "archive_platform.h" 29__FBSDID("$FreeBSD$"); 30 31#if !defined(_WIN32) || defined(__CYGWIN__) 32 33#ifdef HAVE_SYS_TYPES_H 34#include <sys/types.h> 35#endif 36#ifdef HAVE_SYS_ACL_H 37#include <sys/acl.h> 38#endif 39#ifdef HAVE_SYS_EXTATTR_H 40#include <sys/extattr.h> 41#endif 42#if defined(HAVE_SYS_XATTR_H) 43#include <sys/xattr.h> 44#elif defined(HAVE_ATTR_XATTR_H) 45#include <attr/xattr.h> 46#endif 47#ifdef HAVE_SYS_EA_H 48#include <sys/ea.h> 49#endif 50#ifdef HAVE_SYS_IOCTL_H 51#include <sys/ioctl.h> 52#endif 53#ifdef HAVE_SYS_STAT_H 54#include <sys/stat.h> 55#endif 56#ifdef HAVE_SYS_TIME_H 57#include <sys/time.h> 58#endif 59#ifdef HAVE_SYS_UTIME_H 60#include <sys/utime.h> 61#endif 62#ifdef HAVE_COPYFILE_H 63#include <copyfile.h> 64#endif 65#ifdef HAVE_ERRNO_H 66#include <errno.h> 67#endif 68#ifdef HAVE_FCNTL_H 69#include <fcntl.h> 70#endif 71#ifdef HAVE_GRP_H 72#include <grp.h> 73#endif 74#ifdef HAVE_LANGINFO_H 75#include <langinfo.h> 76#endif 77#ifdef HAVE_LINUX_FS_H 78#include <linux/fs.h> /* for Linux file flags */ 79#endif 80/* 81 * Some Linux distributions have both linux/ext2_fs.h and ext2fs/ext2_fs.h. 82 * As the include guards don't agree, the order of include is important. 83 */ 84#ifdef HAVE_LINUX_EXT2_FS_H 85#include <linux/ext2_fs.h> /* for Linux file flags */ 86#endif 87#if defined(HAVE_EXT2FS_EXT2_FS_H) && !defined(__CYGWIN__) 88#include <ext2fs/ext2_fs.h> /* Linux file flags, broken on Cygwin */ 89#endif 90#ifdef HAVE_LIMITS_H 91#include <limits.h> 92#endif 93#ifdef HAVE_PWD_H 94#include <pwd.h> 95#endif 96#include <stdio.h> 97#ifdef HAVE_STDLIB_H 98#include <stdlib.h> 99#endif 100#ifdef HAVE_STRING_H 101#include <string.h> 102#endif 103#ifdef HAVE_UNISTD_H 104#include <unistd.h> 105#endif 106#ifdef HAVE_UTIME_H 107#include <utime.h> 108#endif 109#ifdef F_GETTIMES /* Tru64 specific */ 110#include <sys/fcntl1.h> 111#endif 112 113#if __APPLE__ 114#include <TargetConditionals.h> 115#if TARGET_OS_MAC && !TARGET_OS_EMBEDDED && HAVE_QUARANTINE_H 116#include <quarantine.h> 117#define HAVE_QUARANTINE 1 118#endif 119#endif 120 121#ifdef HAVE_ZLIB_H 122#include <zlib.h> 123#endif 124 125/* TODO: Support Mac OS 'quarantine' feature. This is really just a 126 * standard tag to mark files that have been downloaded as "tainted". 127 * On Mac OS, we should mark the extracted files as tainted if the 128 * archive being read was tainted. Windows has a similar feature; we 129 * should investigate ways to support this generically. */ 130 131#include "archive.h" 132#include "archive_acl_private.h" 133#include "archive_string.h" 134#include "archive_endian.h" 135#include "archive_entry.h" 136#include "archive_private.h" 137#include "archive_write_disk_private.h" 138 139#ifndef O_BINARY 140#define O_BINARY 0 141#endif 142#ifndef O_CLOEXEC 143#define O_CLOEXEC 0 144#endif 145 146struct fixup_entry { 147 struct fixup_entry *next; 148 struct archive_acl acl; 149 mode_t mode; 150 int64_t atime; 151 int64_t birthtime; 152 int64_t mtime; 153 int64_t ctime; 154 unsigned long atime_nanos; 155 unsigned long birthtime_nanos; 156 unsigned long mtime_nanos; 157 unsigned long ctime_nanos; 158 unsigned long fflags_set; 159 size_t mac_metadata_size; 160 void *mac_metadata; 161 int fixup; /* bitmask of what needs fixing */ 162 char *name; 163}; 164 165/* 166 * We use a bitmask to track which operations remain to be done for 167 * this file. In particular, this helps us avoid unnecessary 168 * operations when it's possible to take care of one step as a 169 * side-effect of another. For example, mkdir() can specify the mode 170 * for the newly-created object but symlink() cannot. This means we 171 * can skip chmod() if mkdir() succeeded, but we must explicitly 172 * chmod() if we're trying to create a directory that already exists 173 * (mkdir() failed) or if we're restoring a symlink. Similarly, we 174 * need to verify UID/GID before trying to restore SUID/SGID bits; 175 * that verification can occur explicitly through a stat() call or 176 * implicitly because of a successful chown() call. 177 */ 178#define TODO_MODE_FORCE 0x40000000 179#define TODO_MODE_BASE 0x20000000 180#define TODO_SUID 0x10000000 181#define TODO_SUID_CHECK 0x08000000 182#define TODO_SGID 0x04000000 183#define TODO_SGID_CHECK 0x02000000 184#define TODO_APPLEDOUBLE 0x01000000 185#define TODO_MODE (TODO_MODE_BASE|TODO_SUID|TODO_SGID) 186#define TODO_TIMES ARCHIVE_EXTRACT_TIME 187#define TODO_OWNER ARCHIVE_EXTRACT_OWNER 188#define TODO_FFLAGS ARCHIVE_EXTRACT_FFLAGS 189#define TODO_ACLS ARCHIVE_EXTRACT_ACL 190#define TODO_XATTR ARCHIVE_EXTRACT_XATTR 191#define TODO_MAC_METADATA ARCHIVE_EXTRACT_MAC_METADATA 192#define TODO_HFS_COMPRESSION ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED 193 194struct archive_write_disk { 195 struct archive archive; 196 197 mode_t user_umask; 198 struct fixup_entry *fixup_list; 199 struct fixup_entry *current_fixup; 200 int64_t user_uid; 201 int skip_file_set; 202 int64_t skip_file_dev; 203 int64_t skip_file_ino; 204 time_t start_time; 205 206 int64_t (*lookup_gid)(void *private, const char *gname, int64_t gid); 207 void (*cleanup_gid)(void *private); 208 void *lookup_gid_data; 209 int64_t (*lookup_uid)(void *private, const char *uname, int64_t uid); 210 void (*cleanup_uid)(void *private); 211 void *lookup_uid_data; 212 213 /* 214 * Full path of last file to satisfy symlink checks. 215 */ 216 struct archive_string path_safe; 217 218 /* 219 * Cached stat data from disk for the current entry. 220 * If this is valid, pst points to st. Otherwise, 221 * pst is null. 222 */ 223 struct stat st; 224 struct stat *pst; 225 226 /* Information about the object being restored right now. */ 227 struct archive_entry *entry; /* Entry being extracted. */ 228 char *name; /* Name of entry, possibly edited. */ 229 struct archive_string _name_data; /* backing store for 'name' */ 230 /* Tasks remaining for this object. */ 231 int todo; 232 /* Tasks deferred until end-of-archive. */ 233 int deferred; 234 /* Options requested by the client. */ 235 int flags; 236 /* Handle for the file we're restoring. */ 237 int fd; 238 /* Current offset for writing data to the file. */ 239 int64_t offset; 240 /* Last offset actually written to disk. */ 241 int64_t fd_offset; 242 /* Total bytes actually written to files. */ 243 int64_t total_bytes_written; 244 /* Maximum size of file, -1 if unknown. */ 245 int64_t filesize; 246 /* Dir we were in before this restore; only for deep paths. */ 247 int restore_pwd; 248 /* Mode we should use for this entry; affected by _PERM and umask. */ 249 mode_t mode; 250 /* UID/GID to use in restoring this entry. */ 251 int64_t uid; 252 int64_t gid; 253 /* 254 * HFS+ Compression. 255 */ 256 /* Xattr "com.apple.decmpfs". */ 257 uint32_t decmpfs_attr_size; 258 unsigned char *decmpfs_header_p; 259 /* ResourceFork set options used for fsetxattr. */ 260 int rsrc_xattr_options; 261 /* Xattr "com.apple.ResourceFork". */ 262 unsigned char *resource_fork; 263 size_t resource_fork_allocated_size; 264 unsigned int decmpfs_block_count; 265 uint32_t *decmpfs_block_info; 266 /* Buffer for compressed data. */ 267 unsigned char *compressed_buffer; 268 size_t compressed_buffer_size; 269 size_t compressed_buffer_remaining; 270 /* The offset of the ResourceFork where compressed data will 271 * be placed. */ 272 uint32_t compressed_rsrc_position; 273 uint32_t compressed_rsrc_position_v; 274 /* Buffer for uncompressed data. */ 275 char *uncompressed_buffer; 276 size_t block_remaining_bytes; 277 size_t file_remaining_bytes; 278#ifdef HAVE_ZLIB_H 279 z_stream stream; 280 int stream_valid; 281 int decmpfs_compression_level; 282#endif 283}; 284 285/* 286 * Default mode for dirs created automatically (will be modified by umask). 287 * Note that POSIX specifies 0777 for implicitly-created dirs, "modified 288 * by the process' file creation mask." 289 */ 290#define DEFAULT_DIR_MODE 0777 291/* 292 * Dir modes are restored in two steps: During the extraction, the permissions 293 * in the archive are modified to match the following limits. During 294 * the post-extract fixup pass, the permissions from the archive are 295 * applied. 296 */ 297#define MINIMUM_DIR_MODE 0700 298#define MAXIMUM_DIR_MODE 0775 299 300/* 301 * Maxinum uncompressed size of a decmpfs block. 302 */ 303#define MAX_DECMPFS_BLOCK_SIZE (64 * 1024) 304/* 305 * HFS+ compression type. 306 */ 307#define CMP_XATTR 3/* Compressed data in xattr. */ 308#define CMP_RESOURCE_FORK 4/* Compressed data in resource fork. */ 309/* 310 * HFS+ compression resource fork. 311 */ 312#define RSRC_H_SIZE 260 /* Base size of Resource fork header. */ 313#define RSRC_F_SIZE 50 /* Size of Resource fork footer. */ 314/* Size to write compressed data to resource fork. */ 315#define COMPRESSED_W_SIZE (64 * 1024) 316/* decmpfs difinitions. */ 317#define MAX_DECMPFS_XATTR_SIZE 3802 318#ifndef DECMPFS_XATTR_NAME 319#define DECMPFS_XATTR_NAME "com.apple.decmpfs" 320#endif 321#define DECMPFS_MAGIC 0x636d7066 322#define DECMPFS_COMPRESSION_MAGIC 0 323#define DECMPFS_COMPRESSION_TYPE 4 324#define DECMPFS_UNCOMPRESSED_SIZE 8 325#define DECMPFS_HEADER_SIZE 16 326 327#define HFS_BLOCKS(s) ((s) >> 12) 328 329static int check_symlinks(struct archive_write_disk *); 330static int create_filesystem_object(struct archive_write_disk *); 331static struct fixup_entry *current_fixup(struct archive_write_disk *, const char *pathname); 332#if defined(HAVE_FCHDIR) && defined(PATH_MAX) 333static void edit_deep_directories(struct archive_write_disk *ad); 334#endif 335static int cleanup_pathname(struct archive_write_disk *); 336static int create_dir(struct archive_write_disk *, char *); 337static int create_parent_dir(struct archive_write_disk *, char *); 338static ssize_t hfs_write_data_block(struct archive_write_disk *, 339 const char *, size_t); 340static int fixup_appledouble(struct archive_write_disk *, const char *); 341static int older(struct stat *, struct archive_entry *); 342static int restore_entry(struct archive_write_disk *); 343static int set_mac_metadata(struct archive_write_disk *, const char *, 344 const void *, size_t); 345static int set_xattrs(struct archive_write_disk *); 346static int clear_nochange_fflags(struct archive_write_disk *); 347static int set_fflags(struct archive_write_disk *); 348static int set_fflags_platform(struct archive_write_disk *, int fd, 349 const char *name, mode_t mode, 350 unsigned long fflags_set, unsigned long fflags_clear); 351static int set_ownership(struct archive_write_disk *); 352static int set_mode(struct archive_write_disk *, int mode); 353static int set_time(int, int, const char *, time_t, long, time_t, long); 354static int set_times(struct archive_write_disk *, int, int, const char *, 355 time_t, long, time_t, long, time_t, long, time_t, long); 356static int set_times_from_entry(struct archive_write_disk *); 357static struct fixup_entry *sort_dir_list(struct fixup_entry *p); 358static ssize_t write_data_block(struct archive_write_disk *, 359 const char *, size_t); 360 361static struct archive_vtable *archive_write_disk_vtable(void); 362 363static int _archive_write_disk_close(struct archive *); 364static int _archive_write_disk_free(struct archive *); 365static int _archive_write_disk_header(struct archive *, struct archive_entry *); 366static int64_t _archive_write_disk_filter_bytes(struct archive *, int); 367static int _archive_write_disk_finish_entry(struct archive *); 368static ssize_t _archive_write_disk_data(struct archive *, const void *, size_t); 369static ssize_t _archive_write_disk_data_block(struct archive *, const void *, size_t, int64_t); 370 371static int 372lazy_stat(struct archive_write_disk *a) 373{ 374 if (a->pst != NULL) { 375 /* Already have stat() data available. */ 376 return (ARCHIVE_OK); 377 } 378#ifdef HAVE_FSTAT 379 if (a->fd >= 0 && fstat(a->fd, &a->st) == 0) { 380 a->pst = &a->st; 381 return (ARCHIVE_OK); 382 } 383#endif 384 /* 385 * XXX At this point, symlinks should not be hit, otherwise 386 * XXX a race occurred. Do we want to check explicitly for that? 387 */ 388 if (lstat(a->name, &a->st) == 0) { 389 a->pst = &a->st; 390 return (ARCHIVE_OK); 391 } 392 archive_set_error(&a->archive, errno, "Couldn't stat file"); 393 return (ARCHIVE_WARN); 394} 395 396static struct archive_vtable * 397archive_write_disk_vtable(void) 398{ 399 static struct archive_vtable av; 400 static int inited = 0; 401 402 if (!inited) { 403 av.archive_close = _archive_write_disk_close; 404 av.archive_filter_bytes = _archive_write_disk_filter_bytes; 405 av.archive_free = _archive_write_disk_free; 406 av.archive_write_header = _archive_write_disk_header; 407 av.archive_write_finish_entry 408 = _archive_write_disk_finish_entry; 409 av.archive_write_data = _archive_write_disk_data; 410 av.archive_write_data_block = _archive_write_disk_data_block; 411 inited = 1; 412 } 413 return (&av); 414} 415 416static int64_t 417_archive_write_disk_filter_bytes(struct archive *_a, int n) 418{ 419 struct archive_write_disk *a = (struct archive_write_disk *)_a; 420 (void)n; /* UNUSED */ 421 if (n == -1 || n == 0) 422 return (a->total_bytes_written); 423 return (-1); 424} 425 426 427int 428archive_write_disk_set_options(struct archive *_a, int flags) 429{ 430 struct archive_write_disk *a = (struct archive_write_disk *)_a; 431 432 a->flags = flags; 433 return (ARCHIVE_OK); 434} 435 436 437/* 438 * Extract this entry to disk. 439 * 440 * TODO: Validate hardlinks. According to the standards, we're 441 * supposed to check each extracted hardlink and squawk if it refers 442 * to a file that we didn't restore. I'm not entirely convinced this 443 * is a good idea, but more importantly: Is there any way to validate 444 * hardlinks without keeping a complete list of filenames from the 445 * entire archive?? Ugh. 446 * 447 */ 448static int 449_archive_write_disk_header(struct archive *_a, struct archive_entry *entry) 450{ 451 struct archive_write_disk *a = (struct archive_write_disk *)_a; 452 struct fixup_entry *fe; 453 int ret, r; 454 455 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 456 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 457 "archive_write_disk_header"); 458 archive_clear_error(&a->archive); 459 if (a->archive.state & ARCHIVE_STATE_DATA) { 460 r = _archive_write_disk_finish_entry(&a->archive); 461 if (r == ARCHIVE_FATAL) 462 return (r); 463 } 464 465 /* Set up for this particular entry. */ 466 a->pst = NULL; 467 a->current_fixup = NULL; 468 a->deferred = 0; 469 if (a->entry) { 470 archive_entry_free(a->entry); 471 a->entry = NULL; 472 } 473 a->entry = archive_entry_clone(entry); 474 a->fd = -1; 475 a->fd_offset = 0; 476 a->offset = 0; 477 a->restore_pwd = -1; 478 a->uid = a->user_uid; 479 a->mode = archive_entry_mode(a->entry); 480 if (archive_entry_size_is_set(a->entry)) 481 a->filesize = archive_entry_size(a->entry); 482 else 483 a->filesize = -1; 484 archive_strcpy(&(a->_name_data), archive_entry_pathname(a->entry)); 485 a->name = a->_name_data.s; 486 archive_clear_error(&a->archive); 487 488 /* 489 * Clean up the requested path. This is necessary for correct 490 * dir restores; the dir restore logic otherwise gets messed 491 * up by nonsense like "dir/.". 492 */ 493 ret = cleanup_pathname(a); 494 if (ret != ARCHIVE_OK) 495 return (ret); 496 497 /* 498 * Query the umask so we get predictable mode settings. 499 * This gets done on every call to _write_header in case the 500 * user edits their umask during the extraction for some 501 * reason. 502 */ 503 umask(a->user_umask = umask(0)); 504 505 /* Figure out what we need to do for this entry. */ 506 a->todo = TODO_MODE_BASE; 507 if (a->flags & ARCHIVE_EXTRACT_PERM) { 508 a->todo |= TODO_MODE_FORCE; /* Be pushy about permissions. */ 509 /* 510 * SGID requires an extra "check" step because we 511 * cannot easily predict the GID that the system will 512 * assign. (Different systems assign GIDs to files 513 * based on a variety of criteria, including process 514 * credentials and the gid of the enclosing 515 * directory.) We can only restore the SGID bit if 516 * the file has the right GID, and we only know the 517 * GID if we either set it (see set_ownership) or if 518 * we've actually called stat() on the file after it 519 * was restored. Since there are several places at 520 * which we might verify the GID, we need a TODO bit 521 * to keep track. 522 */ 523 if (a->mode & S_ISGID) 524 a->todo |= TODO_SGID | TODO_SGID_CHECK; 525 /* 526 * Verifying the SUID is simpler, but can still be 527 * done in multiple ways, hence the separate "check" bit. 528 */ 529 if (a->mode & S_ISUID) 530 a->todo |= TODO_SUID | TODO_SUID_CHECK; 531 } else { 532 /* 533 * User didn't request full permissions, so don't 534 * restore SUID, SGID bits and obey umask. 535 */ 536 a->mode &= ~S_ISUID; 537 a->mode &= ~S_ISGID; 538 a->mode &= ~S_ISVTX; 539 a->mode &= ~a->user_umask; 540 } 541 if (a->flags & ARCHIVE_EXTRACT_OWNER) 542 a->todo |= TODO_OWNER; 543 if (a->flags & ARCHIVE_EXTRACT_TIME) 544 a->todo |= TODO_TIMES; 545 if (a->flags & ARCHIVE_EXTRACT_ACL) { 546 if (archive_entry_filetype(a->entry) == AE_IFDIR) 547 a->deferred |= TODO_ACLS; 548 else 549 a->todo |= TODO_ACLS; 550 } 551 if (a->flags & ARCHIVE_EXTRACT_MAC_METADATA) { 552 if (archive_entry_filetype(a->entry) == AE_IFDIR) 553 a->deferred |= TODO_MAC_METADATA; 554 else 555 a->todo |= TODO_MAC_METADATA; 556 } 557#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 558 if ((a->flags & ARCHIVE_EXTRACT_NO_HFS_COMPRESSION) == 0) { 559 unsigned long set, clear; 560 archive_entry_fflags(a->entry, &set, &clear); 561 if ((set & ~clear) & UF_COMPRESSED) { 562 a->todo |= TODO_HFS_COMPRESSION; 563 a->decmpfs_block_count = (unsigned)-1; 564 } 565 } 566 if ((a->flags & ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED) != 0 && 567 (a->mode & AE_IFMT) == AE_IFREG && a->filesize > 0) { 568 a->todo |= TODO_HFS_COMPRESSION; 569 a->decmpfs_block_count = (unsigned)-1; 570 } 571 { 572 const char *p; 573 574 /* Check if the current file name is a type of the 575 * resource fork file. */ 576 p = strrchr(a->name, '/'); 577 if (p == NULL) 578 p = a->name; 579 else 580 p++; 581 if (p[0] == '.' && p[1] == '_') { 582 /* Do not compress "._XXX" files. */ 583 a->todo &= ~TODO_HFS_COMPRESSION; 584 if (a->filesize > 0) 585 a->todo |= TODO_APPLEDOUBLE; 586 } 587 } 588#endif 589 590 if (a->flags & ARCHIVE_EXTRACT_XATTR) 591 a->todo |= TODO_XATTR; 592 if (a->flags & ARCHIVE_EXTRACT_FFLAGS) 593 a->todo |= TODO_FFLAGS; 594 if (a->flags & ARCHIVE_EXTRACT_SECURE_SYMLINKS) { 595 ret = check_symlinks(a); 596 if (ret != ARCHIVE_OK) 597 return (ret); 598 } 599#if defined(HAVE_FCHDIR) && defined(PATH_MAX) 600 /* If path exceeds PATH_MAX, shorten the path. */ 601 edit_deep_directories(a); 602#endif 603 604 ret = restore_entry(a); 605 606#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 607 /* 608 * Check if the filesystem the file is restoring on supports 609 * HFS+ Compression. If not, cancel HFS+ Compression. 610 */ 611 if (a->todo | TODO_HFS_COMPRESSION) { 612 /* 613 * NOTE: UF_COMPRESSED is ignored even if the filesystem 614 * supports HFS+ Compression because the file should 615 * have at least an extended attriute "com.apple.decmpfs" 616 * before the flag is set to indicate that the file have 617 * been compressed. If hte filesystem does not support 618 * HFS+ Compression the system call will fail. 619 */ 620 if (a->fd < 0 || fchflags(a->fd, UF_COMPRESSED) != 0) 621 a->todo &= ~TODO_HFS_COMPRESSION; 622 } 623#endif 624 625 /* 626 * TODO: There are rumours that some extended attributes must 627 * be restored before file data is written. If this is true, 628 * then we either need to write all extended attributes both 629 * before and after restoring the data, or find some rule for 630 * determining which must go first and which last. Due to the 631 * many ways people are using xattrs, this may prove to be an 632 * intractable problem. 633 */ 634 635#ifdef HAVE_FCHDIR 636 /* If we changed directory above, restore it here. */ 637 if (a->restore_pwd >= 0) { 638 r = fchdir(a->restore_pwd); 639 if (r != 0) { 640 archive_set_error(&a->archive, errno, "chdir() failure"); 641 ret = ARCHIVE_FATAL; 642 } 643 close(a->restore_pwd); 644 a->restore_pwd = -1; 645 } 646#endif 647 648 /* 649 * Fixup uses the unedited pathname from archive_entry_pathname(), 650 * because it is relative to the base dir and the edited path 651 * might be relative to some intermediate dir as a result of the 652 * deep restore logic. 653 */ 654 if (a->deferred & TODO_MODE) { 655 fe = current_fixup(a, archive_entry_pathname(entry)); 656 if (fe == NULL) 657 return (ARCHIVE_FATAL); 658 fe->fixup |= TODO_MODE_BASE; 659 fe->mode = a->mode; 660 } 661 662 if ((a->deferred & TODO_TIMES) 663 && (archive_entry_mtime_is_set(entry) 664 || archive_entry_atime_is_set(entry))) { 665 fe = current_fixup(a, archive_entry_pathname(entry)); 666 if (fe == NULL) 667 return (ARCHIVE_FATAL); 668 fe->mode = a->mode; 669 fe->fixup |= TODO_TIMES; 670 if (archive_entry_atime_is_set(entry)) { 671 fe->atime = archive_entry_atime(entry); 672 fe->atime_nanos = archive_entry_atime_nsec(entry); 673 } else { 674 /* If atime is unset, use start time. */ 675 fe->atime = a->start_time; 676 fe->atime_nanos = 0; 677 } 678 if (archive_entry_mtime_is_set(entry)) { 679 fe->mtime = archive_entry_mtime(entry); 680 fe->mtime_nanos = archive_entry_mtime_nsec(entry); 681 } else { 682 /* If mtime is unset, use start time. */ 683 fe->mtime = a->start_time; 684 fe->mtime_nanos = 0; 685 } 686 if (archive_entry_birthtime_is_set(entry)) { 687 fe->birthtime = archive_entry_birthtime(entry); 688 fe->birthtime_nanos = archive_entry_birthtime_nsec(entry); 689 } else { 690 /* If birthtime is unset, use mtime. */ 691 fe->birthtime = fe->mtime; 692 fe->birthtime_nanos = fe->mtime_nanos; 693 } 694 } 695 696 if (a->deferred & TODO_ACLS) { 697 fe = current_fixup(a, archive_entry_pathname(entry)); 698 if (fe == NULL) 699 return (ARCHIVE_FATAL); 700 fe->fixup |= TODO_ACLS; 701 archive_acl_copy(&fe->acl, archive_entry_acl(entry)); 702 } 703 704 if (a->deferred & TODO_MAC_METADATA) { 705 const void *metadata; 706 size_t metadata_size; 707 metadata = archive_entry_mac_metadata(a->entry, &metadata_size); 708 if (metadata != NULL && metadata_size > 0) { 709 fe = current_fixup(a, archive_entry_pathname(entry)); 710 if (fe == NULL) 711 return (ARCHIVE_FATAL); 712 fe->mac_metadata = malloc(metadata_size); 713 if (fe->mac_metadata != NULL) { 714 memcpy(fe->mac_metadata, metadata, metadata_size); 715 fe->mac_metadata_size = metadata_size; 716 fe->fixup |= TODO_MAC_METADATA; 717 } 718 } 719 } 720 721 if (a->deferred & TODO_FFLAGS) { 722 fe = current_fixup(a, archive_entry_pathname(entry)); 723 if (fe == NULL) 724 return (ARCHIVE_FATAL); 725 fe->fixup |= TODO_FFLAGS; 726 /* TODO: Complete this.. defer fflags from below. */ 727 } 728 729 /* We've created the object and are ready to pour data into it. */ 730 if (ret >= ARCHIVE_WARN) 731 a->archive.state = ARCHIVE_STATE_DATA; 732 /* 733 * If it's not open, tell our client not to try writing. 734 * In particular, dirs, links, etc, don't get written to. 735 */ 736 if (a->fd < 0) { 737 archive_entry_set_size(entry, 0); 738 a->filesize = 0; 739 } 740 741 return (ret); 742} 743 744int 745archive_write_disk_set_skip_file(struct archive *_a, int64_t d, int64_t i) 746{ 747 struct archive_write_disk *a = (struct archive_write_disk *)_a; 748 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 749 ARCHIVE_STATE_ANY, "archive_write_disk_set_skip_file"); 750 a->skip_file_set = 1; 751 a->skip_file_dev = d; 752 a->skip_file_ino = i; 753 return (ARCHIVE_OK); 754} 755 756static ssize_t 757write_data_block(struct archive_write_disk *a, const char *buff, size_t size) 758{ 759 uint64_t start_size = size; 760 ssize_t bytes_written = 0; 761 ssize_t block_size = 0, bytes_to_write; 762 763 if (size == 0) 764 return (ARCHIVE_OK); 765 766 if (a->filesize == 0 || a->fd < 0) { 767 archive_set_error(&a->archive, 0, 768 "Attempt to write to an empty file"); 769 return (ARCHIVE_WARN); 770 } 771 772 if (a->flags & ARCHIVE_EXTRACT_SPARSE) { 773#if HAVE_STRUCT_STAT_ST_BLKSIZE 774 int r; 775 if ((r = lazy_stat(a)) != ARCHIVE_OK) 776 return (r); 777 block_size = a->pst->st_blksize; 778#else 779 /* XXX TODO XXX Is there a more appropriate choice here ? */ 780 /* This needn't match the filesystem allocation size. */ 781 block_size = 16*1024; 782#endif 783 } 784 785 /* If this write would run beyond the file size, truncate it. */ 786 if (a->filesize >= 0 && (int64_t)(a->offset + size) > a->filesize) 787 start_size = size = (size_t)(a->filesize - a->offset); 788 789 /* Write the data. */ 790 while (size > 0) { 791 if (block_size == 0) { 792 bytes_to_write = size; 793 } else { 794 /* We're sparsifying the file. */ 795 const char *p, *end; 796 int64_t block_end; 797 798 /* Skip leading zero bytes. */ 799 for (p = buff, end = buff + size; p < end; ++p) { 800 if (*p != '\0') 801 break; 802 } 803 a->offset += p - buff; 804 size -= p - buff; 805 buff = p; 806 if (size == 0) 807 break; 808 809 /* Calculate next block boundary after offset. */ 810 block_end 811 = (a->offset / block_size + 1) * block_size; 812 813 /* If the adjusted write would cross block boundary, 814 * truncate it to the block boundary. */ 815 bytes_to_write = size; 816 if (a->offset + bytes_to_write > block_end) 817 bytes_to_write = block_end - a->offset; 818 } 819 /* Seek if necessary to the specified offset. */ 820 if (a->offset != a->fd_offset) { 821 if (lseek(a->fd, a->offset, SEEK_SET) < 0) { 822 archive_set_error(&a->archive, errno, 823 "Seek failed"); 824 return (ARCHIVE_FATAL); 825 } 826 a->fd_offset = a->offset; 827 } 828 bytes_written = write(a->fd, buff, bytes_to_write); 829 if (bytes_written < 0) { 830 archive_set_error(&a->archive, errno, "Write failed"); 831 return (ARCHIVE_WARN); 832 } 833 buff += bytes_written; 834 size -= bytes_written; 835 a->total_bytes_written += bytes_written; 836 a->offset += bytes_written; 837 a->fd_offset = a->offset; 838 } 839 return (start_size - size); 840} 841 842#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_SYS_XATTR_H)\ 843 && defined(HAVE_ZLIB_H) 844 845/* 846 * Set UF_COMPRESSED file flag. 847 * This have to be called after hfs_write_decmpfs() because if the 848 * file does not have "com.apple.decmpfs" xattr the flag is ignored. 849 */ 850static int 851hfs_set_compressed_fflag(struct archive_write_disk *a) 852{ 853 int r; 854 855 if ((r = lazy_stat(a)) != ARCHIVE_OK) 856 return (r); 857 858 a->st.st_flags |= UF_COMPRESSED; 859 if (fchflags(a->fd, a->st.st_flags) != 0) { 860 archive_set_error(&a->archive, errno, 861 "Failed to set UF_COMPRESSED file flag"); 862 return (ARCHIVE_WARN); 863 } 864 return (ARCHIVE_OK); 865} 866 867/* 868 * HFS+ Compression decmpfs 869 * 870 * +------------------------------+ +0 871 * | Magic(LE 4 bytes) | 872 * +------------------------------+ 873 * | Type(LE 4 bytes) | 874 * +------------------------------+ 875 * | Uncompressed size(LE 8 bytes)| 876 * +------------------------------+ +16 877 * | | 878 * | Compressed data | 879 * | (Placed only if Type == 3) | 880 * | | 881 * +------------------------------+ +3802 = MAX_DECMPFS_XATTR_SIZE 882 * 883 * Type is 3: decmpfs has compressed data. 884 * Type is 4: Resource Fork has compressed data. 885 */ 886/* 887 * Write "com.apple.decmpfs" 888 */ 889static int 890hfs_write_decmpfs(struct archive_write_disk *a) 891{ 892 int r; 893 uint32_t compression_type; 894 895 r = fsetxattr(a->fd, DECMPFS_XATTR_NAME, a->decmpfs_header_p, 896 a->decmpfs_attr_size, 0, 0); 897 if (r < 0) { 898 archive_set_error(&a->archive, errno, 899 "Cannot restore xattr:%s", DECMPFS_XATTR_NAME); 900 compression_type = archive_le32dec( 901 &a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE]); 902 if (compression_type == CMP_RESOURCE_FORK) 903 fremovexattr(a->fd, XATTR_RESOURCEFORK_NAME, 904 XATTR_SHOWCOMPRESSION); 905 return (ARCHIVE_WARN); 906 } 907 return (ARCHIVE_OK); 908} 909 910/* 911 * HFS+ Compression Resource Fork 912 * 913 * +-----------------------------+ 914 * | Header(260 bytes) | 915 * +-----------------------------+ 916 * | Block count(LE 4 bytes) | 917 * +-----------------------------+ --+ 918 * +-- | Offset (LE 4 bytes) | | 919 * | | [distance from Block count] | | Block 0 920 * | +-----------------------------+ | 921 * | | Compressed size(LE 4 bytes) | | 922 * | +-----------------------------+ --+ 923 * | | | 924 * | | .................. | 925 * | | | 926 * | +-----------------------------+ --+ 927 * | | Offset (LE 4 bytes) | | 928 * | +-----------------------------+ | Block (Block count -1) 929 * | | Compressed size(LE 4 bytes) | | 930 * +-> +-----------------------------+ --+ 931 * | Compressed data(n bytes) | Block 0 932 * +-----------------------------+ 933 * | | 934 * | .................. | 935 * | | 936 * +-----------------------------+ 937 * | Compressed data(n bytes) | Block (Block count -1) 938 * +-----------------------------+ 939 * | Footer(50 bytes) | 940 * +-----------------------------+ 941 * 942 */ 943/* 944 * Write the header of "com.apple.ResourceFork" 945 */ 946static int 947hfs_write_resource_fork(struct archive_write_disk *a, unsigned char *buff, 948 size_t bytes, uint32_t position) 949{ 950 int ret; 951 952 ret = fsetxattr(a->fd, XATTR_RESOURCEFORK_NAME, buff, bytes, 953 position, a->rsrc_xattr_options); 954 if (ret < 0) { 955 archive_set_error(&a->archive, errno, 956 "Cannot restore xattr: %s at %u pos %u bytes", 957 XATTR_RESOURCEFORK_NAME, 958 (unsigned)position, 959 (unsigned)bytes); 960 return (ARCHIVE_WARN); 961 } 962 a->rsrc_xattr_options &= ~XATTR_CREATE; 963 return (ARCHIVE_OK); 964} 965 966static int 967hfs_write_compressed_data(struct archive_write_disk *a, size_t bytes_compressed) 968{ 969 int ret; 970 971 ret = hfs_write_resource_fork(a, a->compressed_buffer, 972 bytes_compressed, a->compressed_rsrc_position); 973 if (ret == ARCHIVE_OK) 974 a->compressed_rsrc_position += bytes_compressed; 975 return (ret); 976} 977 978static int 979hfs_write_resource_fork_header(struct archive_write_disk *a) 980{ 981 unsigned char *buff; 982 uint32_t rsrc_bytes; 983 uint32_t rsrc_header_bytes; 984 985 /* 986 * Write resource fork header + block info. 987 */ 988 buff = a->resource_fork; 989 rsrc_bytes = a->compressed_rsrc_position - RSRC_F_SIZE; 990 rsrc_header_bytes = 991 RSRC_H_SIZE + /* Header base size. */ 992 4 + /* Block count. */ 993 (a->decmpfs_block_count * 8);/* Block info */ 994 archive_be32enc(buff, 0x100); 995 archive_be32enc(buff + 4, rsrc_bytes); 996 archive_be32enc(buff + 8, rsrc_bytes - 256); 997 archive_be32enc(buff + 12, 0x32); 998 memset(buff + 16, 0, 240); 999 archive_be32enc(buff + 256, rsrc_bytes - 260); 1000 return hfs_write_resource_fork(a, buff, rsrc_header_bytes, 0); 1001} 1002 1003static size_t 1004hfs_set_resource_fork_footer(unsigned char *buff, size_t buff_size) 1005{ 1006 static const char rsrc_footer[RSRC_F_SIZE] = { 1007 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1008 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1009 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1010 0x00, 0x1c, 0x00, 0x32, 0x00, 0x00, 'c', 'm', 1011 'p', 'f', 0x00, 0x00, 0x00, 0x0a, 0x00, 0x01, 1012 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1013 0x00, 0x00 1014 }; 1015 if (buff_size < sizeof(rsrc_footer)) 1016 return (0); 1017 memcpy(buff, rsrc_footer, sizeof(rsrc_footer)); 1018 return (sizeof(rsrc_footer)); 1019} 1020 1021static int 1022hfs_reset_compressor(struct archive_write_disk *a) 1023{ 1024 int ret; 1025 1026 if (a->stream_valid) 1027 ret = deflateReset(&a->stream); 1028 else 1029 ret = deflateInit(&a->stream, a->decmpfs_compression_level); 1030 1031 if (ret != Z_OK) { 1032 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1033 "Failed to initialize compressor"); 1034 return (ARCHIVE_FATAL); 1035 } else 1036 a->stream_valid = 1; 1037 1038 return (ARCHIVE_OK); 1039} 1040 1041static int 1042hfs_decompress(struct archive_write_disk *a) 1043{ 1044 uint32_t *block_info; 1045 unsigned int block_count; 1046 uint32_t data_pos, data_size; 1047 ssize_t r; 1048 ssize_t bytes_written, bytes_to_write; 1049 unsigned char *b; 1050 1051 block_info = (uint32_t *)(a->resource_fork + RSRC_H_SIZE); 1052 block_count = archive_le32dec(block_info++); 1053 while (block_count--) { 1054 data_pos = RSRC_H_SIZE + archive_le32dec(block_info++); 1055 data_size = archive_le32dec(block_info++); 1056 r = fgetxattr(a->fd, XATTR_RESOURCEFORK_NAME, 1057 a->compressed_buffer, data_size, data_pos, 0); 1058 if (r != data_size) { 1059 archive_set_error(&a->archive, 1060 (r < 0)?errno:ARCHIVE_ERRNO_MISC, 1061 "Failed to read resource fork"); 1062 return (ARCHIVE_WARN); 1063 } 1064 if (a->compressed_buffer[0] == 0xff) { 1065 bytes_to_write = data_size -1; 1066 b = a->compressed_buffer + 1; 1067 } else { 1068 uLong dest_len = MAX_DECMPFS_BLOCK_SIZE; 1069 int zr; 1070 1071 zr = uncompress((Bytef *)a->uncompressed_buffer, 1072 &dest_len, a->compressed_buffer, data_size); 1073 if (zr != Z_OK) { 1074 archive_set_error(&a->archive, 1075 ARCHIVE_ERRNO_MISC, 1076 "Failed to decompress resource fork"); 1077 return (ARCHIVE_WARN); 1078 } 1079 bytes_to_write = dest_len; 1080 b = (unsigned char *)a->uncompressed_buffer; 1081 } 1082 do { 1083 bytes_written = write(a->fd, b, bytes_to_write); 1084 if (bytes_written < 0) { 1085 archive_set_error(&a->archive, errno, 1086 "Write failed"); 1087 return (ARCHIVE_WARN); 1088 } 1089 bytes_to_write -= bytes_written; 1090 b += bytes_written; 1091 } while (bytes_to_write > 0); 1092 } 1093 r = fremovexattr(a->fd, XATTR_RESOURCEFORK_NAME, 0); 1094 if (r == -1) { 1095 archive_set_error(&a->archive, errno, 1096 "Failed to remove resource fork"); 1097 return (ARCHIVE_WARN); 1098 } 1099 return (ARCHIVE_OK); 1100} 1101 1102static int 1103hfs_drive_compressor(struct archive_write_disk *a, const char *buff, 1104 size_t size) 1105{ 1106 unsigned char *buffer_compressed; 1107 size_t bytes_compressed; 1108 size_t bytes_used; 1109 int ret; 1110 1111 ret = hfs_reset_compressor(a); 1112 if (ret != ARCHIVE_OK) 1113 return (ret); 1114 1115 if (a->compressed_buffer == NULL) { 1116 size_t block_size; 1117 1118 block_size = COMPRESSED_W_SIZE + RSRC_F_SIZE + 1119 + compressBound(MAX_DECMPFS_BLOCK_SIZE); 1120 a->compressed_buffer = malloc(block_size); 1121 if (a->compressed_buffer == NULL) { 1122 archive_set_error(&a->archive, ENOMEM, 1123 "Can't allocate memory for Resource Fork"); 1124 return (ARCHIVE_FATAL); 1125 } 1126 a->compressed_buffer_size = block_size; 1127 a->compressed_buffer_remaining = block_size; 1128 } 1129 1130 buffer_compressed = a->compressed_buffer + 1131 a->compressed_buffer_size - a->compressed_buffer_remaining; 1132 a->stream.next_in = (Bytef *)(uintptr_t)(const void *)buff; 1133 a->stream.avail_in = size; 1134 a->stream.next_out = buffer_compressed; 1135 a->stream.avail_out = a->compressed_buffer_remaining; 1136 do { 1137 ret = deflate(&a->stream, Z_FINISH); 1138 switch (ret) { 1139 case Z_OK: 1140 case Z_STREAM_END: 1141 break; 1142 default: 1143 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1144 "Failed to compress data"); 1145 return (ARCHIVE_FAILED); 1146 } 1147 } while (ret == Z_OK); 1148 bytes_compressed = a->compressed_buffer_remaining - a->stream.avail_out; 1149 1150 /* 1151 * If the compressed size is larger than the original size, 1152 * throw away compressed data, use uncompressed data instead. 1153 */ 1154 if (bytes_compressed > size) { 1155 buffer_compressed[0] = 0xFF;/* uncompressed marker. */ 1156 memcpy(buffer_compressed + 1, buff, size); 1157 bytes_compressed = size + 1; 1158 } 1159 a->compressed_buffer_remaining -= bytes_compressed; 1160 1161 /* 1162 * If the compressed size is smaller than MAX_DECMPFS_XATTR_SIZE 1163 * and the block count in the file is only one, store compressed 1164 * data to decmpfs xattr instead of the resource fork. 1165 */ 1166 if (a->decmpfs_block_count == 1 && 1167 (a->decmpfs_attr_size + bytes_compressed) 1168 <= MAX_DECMPFS_XATTR_SIZE) { 1169 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE], 1170 CMP_XATTR); 1171 memcpy(a->decmpfs_header_p + DECMPFS_HEADER_SIZE, 1172 buffer_compressed, bytes_compressed); 1173 a->decmpfs_attr_size += bytes_compressed; 1174 a->compressed_buffer_remaining = a->compressed_buffer_size; 1175 /* 1176 * Finish HFS+ Compression. 1177 * - Write the decmpfs xattr. 1178 * - Set the UF_COMPRESSED file flag. 1179 */ 1180 ret = hfs_write_decmpfs(a); 1181 if (ret == ARCHIVE_OK) 1182 ret = hfs_set_compressed_fflag(a); 1183 return (ret); 1184 } 1185 1186 /* Update block info. */ 1187 archive_le32enc(a->decmpfs_block_info++, 1188 a->compressed_rsrc_position_v - RSRC_H_SIZE); 1189 archive_le32enc(a->decmpfs_block_info++, bytes_compressed); 1190 a->compressed_rsrc_position_v += bytes_compressed; 1191 1192 /* 1193 * Write the compressed data to the resource fork. 1194 */ 1195 bytes_used = a->compressed_buffer_size - a->compressed_buffer_remaining; 1196 while (bytes_used >= COMPRESSED_W_SIZE) { 1197 ret = hfs_write_compressed_data(a, COMPRESSED_W_SIZE); 1198 if (ret != ARCHIVE_OK) 1199 return (ret); 1200 bytes_used -= COMPRESSED_W_SIZE; 1201 if (bytes_used > COMPRESSED_W_SIZE) 1202 memmove(a->compressed_buffer, 1203 a->compressed_buffer + COMPRESSED_W_SIZE, 1204 bytes_used); 1205 else 1206 memcpy(a->compressed_buffer, 1207 a->compressed_buffer + COMPRESSED_W_SIZE, 1208 bytes_used); 1209 } 1210 a->compressed_buffer_remaining = a->compressed_buffer_size - bytes_used; 1211 1212 /* 1213 * If the current block is the last block, write the remaining 1214 * compressed data and the resource fork footer. 1215 */ 1216 if (a->file_remaining_bytes == 0) { 1217 size_t rsrc_size; 1218 int64_t bk; 1219 1220 /* Append the resource footer. */ 1221 rsrc_size = hfs_set_resource_fork_footer( 1222 a->compressed_buffer + bytes_used, 1223 a->compressed_buffer_remaining); 1224 ret = hfs_write_compressed_data(a, bytes_used + rsrc_size); 1225 a->compressed_buffer_remaining = a->compressed_buffer_size; 1226 1227 /* If the compressed size is not enouph smaller than 1228 * the uncompressed size. cancel HFS+ compression. 1229 * TODO: study a behavior of ditto utility and improve 1230 * the condition to fall back into no HFS+ compression. */ 1231 bk = HFS_BLOCKS(a->compressed_rsrc_position); 1232 bk += bk >> 7; 1233 if (bk > HFS_BLOCKS(a->filesize)) 1234 return hfs_decompress(a); 1235 /* 1236 * Write the resourcefork header. 1237 */ 1238 if (ret == ARCHIVE_OK) 1239 ret = hfs_write_resource_fork_header(a); 1240 /* 1241 * Finish HFS+ Compression. 1242 * - Write the decmpfs xattr. 1243 * - Set the UF_COMPRESSED file flag. 1244 */ 1245 if (ret == ARCHIVE_OK) 1246 ret = hfs_write_decmpfs(a); 1247 if (ret == ARCHIVE_OK) 1248 ret = hfs_set_compressed_fflag(a); 1249 } 1250 return (ret); 1251} 1252 1253static ssize_t 1254hfs_write_decmpfs_block(struct archive_write_disk *a, const char *buff, 1255 size_t size) 1256{ 1257 const char *buffer_to_write; 1258 size_t bytes_to_write; 1259 int ret; 1260 1261 if (a->decmpfs_block_count == (unsigned)-1) { 1262 void *new_block; 1263 size_t new_size; 1264 unsigned int block_count; 1265 1266 if (a->decmpfs_header_p == NULL) { 1267 new_block = malloc(MAX_DECMPFS_XATTR_SIZE 1268 + sizeof(uint32_t)); 1269 if (new_block == NULL) { 1270 archive_set_error(&a->archive, ENOMEM, 1271 "Can't allocate memory for decmpfs"); 1272 return (ARCHIVE_FATAL); 1273 } 1274 a->decmpfs_header_p = new_block; 1275 } 1276 a->decmpfs_attr_size = DECMPFS_HEADER_SIZE; 1277 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_MAGIC], 1278 DECMPFS_MAGIC); 1279 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE], 1280 CMP_RESOURCE_FORK); 1281 archive_le64enc(&a->decmpfs_header_p[DECMPFS_UNCOMPRESSED_SIZE], 1282 a->filesize); 1283 1284 /* Calculate a block count of the file. */ 1285 block_count = 1286 (a->filesize + MAX_DECMPFS_BLOCK_SIZE -1) / 1287 MAX_DECMPFS_BLOCK_SIZE; 1288 /* 1289 * Allocate buffer for resource fork. 1290 * Set up related pointers; 1291 */ 1292 new_size = 1293 RSRC_H_SIZE + /* header */ 1294 4 + /* Block count */ 1295 (block_count * sizeof(uint32_t) * 2) + 1296 RSRC_F_SIZE; /* footer */ 1297 if (new_size > a->resource_fork_allocated_size) { 1298 new_block = realloc(a->resource_fork, new_size); 1299 if (new_block == NULL) { 1300 archive_set_error(&a->archive, ENOMEM, 1301 "Can't allocate memory for ResourceFork"); 1302 return (ARCHIVE_FATAL); 1303 } 1304 a->resource_fork_allocated_size = new_size; 1305 a->resource_fork = new_block; 1306 } 1307 1308 /* Allocate uncompressed buffer */ 1309 if (a->uncompressed_buffer == NULL) { 1310 new_block = malloc(MAX_DECMPFS_BLOCK_SIZE); 1311 if (new_block == NULL) { 1312 archive_set_error(&a->archive, ENOMEM, 1313 "Can't allocate memory for decmpfs"); 1314 return (ARCHIVE_FATAL); 1315 } 1316 a->uncompressed_buffer = new_block; 1317 } 1318 a->block_remaining_bytes = MAX_DECMPFS_BLOCK_SIZE; 1319 a->file_remaining_bytes = a->filesize; 1320 a->compressed_buffer_remaining = a->compressed_buffer_size; 1321 1322 /* 1323 * Set up a resource fork. 1324 */ 1325 a->rsrc_xattr_options = XATTR_CREATE; 1326 /* Get the position where we are going to set a bunch 1327 * of block info. */ 1328 a->decmpfs_block_info = 1329 (uint32_t *)(a->resource_fork + RSRC_H_SIZE); 1330 /* Set the block count to the resource fork. */ 1331 archive_le32enc(a->decmpfs_block_info++, block_count); 1332 /* Get the position where we are goint to set compressed 1333 * data. */ 1334 a->compressed_rsrc_position = 1335 RSRC_H_SIZE + 4 + (block_count * 8); 1336 a->compressed_rsrc_position_v = a->compressed_rsrc_position; 1337 a->decmpfs_block_count = block_count; 1338 } 1339 1340 /* Ignore redundant bytes. */ 1341 if (a->file_remaining_bytes == 0) 1342 return ((ssize_t)size); 1343 1344 /* Do not overrun a block size. */ 1345 if (size > a->block_remaining_bytes) 1346 bytes_to_write = a->block_remaining_bytes; 1347 else 1348 bytes_to_write = size; 1349 /* Do not overrun the file size. */ 1350 if (bytes_to_write > a->file_remaining_bytes) 1351 bytes_to_write = a->file_remaining_bytes; 1352 1353 /* For efficiency, if a copy length is full of the uncompressed 1354 * buffer size, do not copy writing data to it. */ 1355 if (bytes_to_write == MAX_DECMPFS_BLOCK_SIZE) 1356 buffer_to_write = buff; 1357 else { 1358 memcpy(a->uncompressed_buffer + 1359 MAX_DECMPFS_BLOCK_SIZE - a->block_remaining_bytes, 1360 buff, bytes_to_write); 1361 buffer_to_write = a->uncompressed_buffer; 1362 } 1363 a->block_remaining_bytes -= bytes_to_write; 1364 a->file_remaining_bytes -= bytes_to_write; 1365 1366 if (a->block_remaining_bytes == 0 || a->file_remaining_bytes == 0) { 1367 ret = hfs_drive_compressor(a, buffer_to_write, 1368 MAX_DECMPFS_BLOCK_SIZE - a->block_remaining_bytes); 1369 if (ret < 0) 1370 return (ret); 1371 a->block_remaining_bytes = MAX_DECMPFS_BLOCK_SIZE; 1372 } 1373 /* Ignore redundant bytes. */ 1374 if (a->file_remaining_bytes == 0) 1375 return ((ssize_t)size); 1376 return (bytes_to_write); 1377} 1378 1379static ssize_t 1380hfs_write_data_block(struct archive_write_disk *a, const char *buff, 1381 size_t size) 1382{ 1383 uint64_t start_size = size; 1384 ssize_t bytes_written = 0; 1385 ssize_t bytes_to_write; 1386 1387 if (size == 0) 1388 return (ARCHIVE_OK); 1389 1390 if (a->filesize == 0 || a->fd < 0) { 1391 archive_set_error(&a->archive, 0, 1392 "Attempt to write to an empty file"); 1393 return (ARCHIVE_WARN); 1394 } 1395 1396 /* If this write would run beyond the file size, truncate it. */ 1397 if (a->filesize >= 0 && (int64_t)(a->offset + size) > a->filesize) 1398 start_size = size = (size_t)(a->filesize - a->offset); 1399 1400 /* Write the data. */ 1401 while (size > 0) { 1402 bytes_to_write = size; 1403 /* Seek if necessary to the specified offset. */ 1404 if (a->offset < a->fd_offset) { 1405 /* Can't support backword move. */ 1406 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1407 "Seek failed"); 1408 return (ARCHIVE_FATAL); 1409 } else if (a->offset > a->fd_offset) { 1410 int64_t skip = a->offset - a->fd_offset; 1411 char nullblock[1024]; 1412 1413 memset(nullblock, 0, sizeof(nullblock)); 1414 while (skip > 0) { 1415 if (skip > (int64_t)sizeof(nullblock)) 1416 bytes_written = hfs_write_decmpfs_block( 1417 a, nullblock, sizeof(nullblock)); 1418 else 1419 bytes_written = hfs_write_decmpfs_block( 1420 a, nullblock, skip); 1421 if (bytes_written < 0) { 1422 archive_set_error(&a->archive, errno, 1423 "Write failed"); 1424 return (ARCHIVE_WARN); 1425 } 1426 skip -= bytes_written; 1427 } 1428 1429 a->fd_offset = a->offset; 1430 } 1431 bytes_written = 1432 hfs_write_decmpfs_block(a, buff, bytes_to_write); 1433 if (bytes_written < 0) 1434 return (bytes_written); 1435 buff += bytes_written; 1436 size -= bytes_written; 1437 a->total_bytes_written += bytes_written; 1438 a->offset += bytes_written; 1439 a->fd_offset = a->offset; 1440 } 1441 return (start_size - size); 1442} 1443#else 1444static ssize_t 1445hfs_write_data_block(struct archive_write_disk *a, const char *buff, 1446 size_t size) 1447{ 1448 return (write_data_block(a, buff, size)); 1449} 1450#endif 1451 1452static ssize_t 1453_archive_write_disk_data_block(struct archive *_a, 1454 const void *buff, size_t size, int64_t offset) 1455{ 1456 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1457 ssize_t r; 1458 1459 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1460 ARCHIVE_STATE_DATA, "archive_write_data_block"); 1461 1462 a->offset = offset; 1463 if (a->todo & TODO_HFS_COMPRESSION) 1464 r = hfs_write_data_block(a, buff, size); 1465 else 1466 r = write_data_block(a, buff, size); 1467 if (r < ARCHIVE_OK) 1468 return (r); 1469 if ((size_t)r < size) { 1470 archive_set_error(&a->archive, 0, 1471 "Too much data: Truncating file at %ju bytes", (uintmax_t)a->filesize); 1472 return (ARCHIVE_WARN); 1473 } 1474#if ARCHIVE_VERSION_NUMBER < 3999000 1475 return (ARCHIVE_OK); 1476#else 1477 return (size); 1478#endif 1479} 1480 1481static ssize_t 1482_archive_write_disk_data(struct archive *_a, const void *buff, size_t size) 1483{ 1484 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1485 1486 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1487 ARCHIVE_STATE_DATA, "archive_write_data"); 1488 1489 if (a->todo & TODO_HFS_COMPRESSION) 1490 return (hfs_write_data_block(a, buff, size)); 1491 return (write_data_block(a, buff, size)); 1492} 1493 1494static int 1495_archive_write_disk_finish_entry(struct archive *_a) 1496{ 1497 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1498 int ret = ARCHIVE_OK; 1499 1500 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1501 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 1502 "archive_write_finish_entry"); 1503 if (a->archive.state & ARCHIVE_STATE_HEADER) 1504 return (ARCHIVE_OK); 1505 archive_clear_error(&a->archive); 1506 1507 /* Pad or truncate file to the right size. */ 1508 if (a->fd < 0) { 1509 /* There's no file. */ 1510 } else if (a->filesize < 0) { 1511 /* File size is unknown, so we can't set the size. */ 1512 } else if (a->fd_offset == a->filesize) { 1513 /* Last write ended at exactly the filesize; we're done. */ 1514 /* Hopefully, this is the common case. */ 1515#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 1516 } else if (a->todo & TODO_HFS_COMPRESSION) { 1517 char null_d[1024]; 1518 ssize_t r; 1519 1520 if (a->file_remaining_bytes) 1521 memset(null_d, 0, sizeof(null_d)); 1522 while (a->file_remaining_bytes) { 1523 if (a->file_remaining_bytes > sizeof(null_d)) 1524 r = hfs_write_data_block( 1525 a, null_d, sizeof(null_d)); 1526 else 1527 r = hfs_write_data_block( 1528 a, null_d, a->file_remaining_bytes); 1529 if (r < 0) 1530 return ((int)r); 1531 } 1532#endif 1533 } else { 1534#if HAVE_FTRUNCATE 1535 if (ftruncate(a->fd, a->filesize) == -1 && 1536 a->filesize == 0) { 1537 archive_set_error(&a->archive, errno, 1538 "File size could not be restored"); 1539 return (ARCHIVE_FAILED); 1540 } 1541#endif 1542 /* 1543 * Not all platforms implement the XSI option to 1544 * extend files via ftruncate. Stat() the file again 1545 * to see what happened. 1546 */ 1547 a->pst = NULL; 1548 if ((ret = lazy_stat(a)) != ARCHIVE_OK) 1549 return (ret); 1550 /* We can use lseek()/write() to extend the file if 1551 * ftruncate didn't work or isn't available. */ 1552 if (a->st.st_size < a->filesize) { 1553 const char nul = '\0'; 1554 if (lseek(a->fd, a->filesize - 1, SEEK_SET) < 0) { 1555 archive_set_error(&a->archive, errno, 1556 "Seek failed"); 1557 return (ARCHIVE_FATAL); 1558 } 1559 if (write(a->fd, &nul, 1) < 0) { 1560 archive_set_error(&a->archive, errno, 1561 "Write to restore size failed"); 1562 return (ARCHIVE_FATAL); 1563 } 1564 a->pst = NULL; 1565 } 1566 } 1567 1568 /* Restore metadata. */ 1569 1570 /* 1571 * This is specific to Mac OS X. 1572 * If the current file is an AppleDouble file, it should be 1573 * linked with the data fork file and remove it. 1574 */ 1575 if (a->todo & TODO_APPLEDOUBLE) { 1576 int r2 = fixup_appledouble(a, a->name); 1577 if (r2 == ARCHIVE_EOF) { 1578 /* The current file has been successfully linked 1579 * with the data fork file and removed. So there 1580 * is nothing to do on the current file. */ 1581 goto finish_metadata; 1582 } 1583 if (r2 < ret) ret = r2; 1584 } 1585 1586 /* 1587 * Look up the "real" UID only if we're going to need it. 1588 * TODO: the TODO_SGID condition can be dropped here, can't it? 1589 */ 1590 if (a->todo & (TODO_OWNER | TODO_SUID | TODO_SGID)) { 1591 a->uid = archive_write_disk_uid(&a->archive, 1592 archive_entry_uname(a->entry), 1593 archive_entry_uid(a->entry)); 1594 } 1595 /* Look up the "real" GID only if we're going to need it. */ 1596 /* TODO: the TODO_SUID condition can be dropped here, can't it? */ 1597 if (a->todo & (TODO_OWNER | TODO_SGID | TODO_SUID)) { 1598 a->gid = archive_write_disk_gid(&a->archive, 1599 archive_entry_gname(a->entry), 1600 archive_entry_gid(a->entry)); 1601 } 1602 1603 /* 1604 * Restore ownership before set_mode tries to restore suid/sgid 1605 * bits. If we set the owner, we know what it is and can skip 1606 * a stat() call to examine the ownership of the file on disk. 1607 */ 1608 if (a->todo & TODO_OWNER) { 1609 int r2 = set_ownership(a); 1610 if (r2 < ret) ret = r2; 1611 } 1612 1613 /* 1614 * set_mode must precede ACLs on systems such as Solaris and 1615 * FreeBSD where setting the mode implicitly clears extended ACLs 1616 */ 1617 if (a->todo & TODO_MODE) { 1618 int r2 = set_mode(a, a->mode); 1619 if (r2 < ret) ret = r2; 1620 } 1621 1622 /* 1623 * Security-related extended attributes (such as 1624 * security.capability on Linux) have to be restored last, 1625 * since they're implicitly removed by other file changes. 1626 */ 1627 if (a->todo & TODO_XATTR) { 1628 int r2 = set_xattrs(a); 1629 if (r2 < ret) ret = r2; 1630 } 1631 1632 /* 1633 * Some flags prevent file modification; they must be restored after 1634 * file contents are written. 1635 */ 1636 if (a->todo & TODO_FFLAGS) { 1637 int r2 = set_fflags(a); 1638 if (r2 < ret) ret = r2; 1639 } 1640 1641 /* 1642 * Time must follow most other metadata; 1643 * otherwise atime will get changed. 1644 */ 1645 if (a->todo & TODO_TIMES) { 1646 int r2 = set_times_from_entry(a); 1647 if (r2 < ret) ret = r2; 1648 } 1649 1650 /* 1651 * Mac extended metadata includes ACLs. 1652 */ 1653 if (a->todo & TODO_MAC_METADATA) { 1654 const void *metadata; 1655 size_t metadata_size; 1656 metadata = archive_entry_mac_metadata(a->entry, &metadata_size); 1657 if (metadata != NULL && metadata_size > 0) { 1658 int r2 = set_mac_metadata(a, archive_entry_pathname( 1659 a->entry), metadata, metadata_size); 1660 if (r2 < ret) ret = r2; 1661 } 1662 } 1663 1664 /* 1665 * ACLs must be restored after timestamps because there are 1666 * ACLs that prevent attribute changes (including time). 1667 */ 1668 if (a->todo & TODO_ACLS) { 1669 int r2 = archive_write_disk_set_acls(&a->archive, a->fd, 1670 archive_entry_pathname(a->entry), 1671 archive_entry_acl(a->entry)); 1672 if (r2 < ret) ret = r2; 1673 } 1674 1675finish_metadata: 1676 /* If there's an fd, we can close it now. */ 1677 if (a->fd >= 0) { 1678 close(a->fd); 1679 a->fd = -1; 1680 } 1681 /* If there's an entry, we can release it now. */ 1682 if (a->entry) { 1683 archive_entry_free(a->entry); 1684 a->entry = NULL; 1685 } 1686 a->archive.state = ARCHIVE_STATE_HEADER; 1687 return (ret); 1688} 1689 1690int 1691archive_write_disk_set_group_lookup(struct archive *_a, 1692 void *private_data, 1693 int64_t (*lookup_gid)(void *private, const char *gname, int64_t gid), 1694 void (*cleanup_gid)(void *private)) 1695{ 1696 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1697 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1698 ARCHIVE_STATE_ANY, "archive_write_disk_set_group_lookup"); 1699 1700 if (a->cleanup_gid != NULL && a->lookup_gid_data != NULL) 1701 (a->cleanup_gid)(a->lookup_gid_data); 1702 1703 a->lookup_gid = lookup_gid; 1704 a->cleanup_gid = cleanup_gid; 1705 a->lookup_gid_data = private_data; 1706 return (ARCHIVE_OK); 1707} 1708 1709int 1710archive_write_disk_set_user_lookup(struct archive *_a, 1711 void *private_data, 1712 int64_t (*lookup_uid)(void *private, const char *uname, int64_t uid), 1713 void (*cleanup_uid)(void *private)) 1714{ 1715 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1716 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1717 ARCHIVE_STATE_ANY, "archive_write_disk_set_user_lookup"); 1718 1719 if (a->cleanup_uid != NULL && a->lookup_uid_data != NULL) 1720 (a->cleanup_uid)(a->lookup_uid_data); 1721 1722 a->lookup_uid = lookup_uid; 1723 a->cleanup_uid = cleanup_uid; 1724 a->lookup_uid_data = private_data; 1725 return (ARCHIVE_OK); 1726} 1727 1728int64_t 1729archive_write_disk_gid(struct archive *_a, const char *name, int64_t id) 1730{ 1731 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1732 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1733 ARCHIVE_STATE_ANY, "archive_write_disk_gid"); 1734 if (a->lookup_gid) 1735 return (a->lookup_gid)(a->lookup_gid_data, name, id); 1736 return (id); 1737} 1738 1739int64_t 1740archive_write_disk_uid(struct archive *_a, const char *name, int64_t id) 1741{ 1742 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1743 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1744 ARCHIVE_STATE_ANY, "archive_write_disk_uid"); 1745 if (a->lookup_uid) 1746 return (a->lookup_uid)(a->lookup_uid_data, name, id); 1747 return (id); 1748} 1749 1750/* 1751 * Create a new archive_write_disk object and initialize it with global state. 1752 */ 1753struct archive * 1754archive_write_disk_new(void) 1755{ 1756 struct archive_write_disk *a; 1757 1758 a = (struct archive_write_disk *)malloc(sizeof(*a)); 1759 if (a == NULL) 1760 return (NULL); 1761 memset(a, 0, sizeof(*a)); 1762 a->archive.magic = ARCHIVE_WRITE_DISK_MAGIC; 1763 /* We're ready to write a header immediately. */ 1764 a->archive.state = ARCHIVE_STATE_HEADER; 1765 a->archive.vtable = archive_write_disk_vtable(); 1766 a->start_time = time(NULL); 1767 /* Query and restore the umask. */ 1768 umask(a->user_umask = umask(0)); 1769#ifdef HAVE_GETEUID 1770 a->user_uid = geteuid(); 1771#endif /* HAVE_GETEUID */ 1772 if (archive_string_ensure(&a->path_safe, 512) == NULL) { 1773 free(a); 1774 return (NULL); 1775 } 1776#ifdef HAVE_ZLIB_H 1777 a->decmpfs_compression_level = 5; 1778#endif 1779 return (&a->archive); 1780} 1781 1782 1783/* 1784 * If pathname is longer than PATH_MAX, chdir to a suitable 1785 * intermediate dir and edit the path down to a shorter suffix. Note 1786 * that this routine never returns an error; if the chdir() attempt 1787 * fails for any reason, we just go ahead with the long pathname. The 1788 * object creation is likely to fail, but any error will get handled 1789 * at that time. 1790 */ 1791#if defined(HAVE_FCHDIR) && defined(PATH_MAX) 1792static void 1793edit_deep_directories(struct archive_write_disk *a) 1794{ 1795 int ret; 1796 char *tail = a->name; 1797 1798 /* If path is short, avoid the open() below. */ 1799 if (strlen(tail) < PATH_MAX) 1800 return; 1801 1802 /* Try to record our starting dir. */ 1803 a->restore_pwd = open(".", O_RDONLY | O_BINARY | O_CLOEXEC); 1804 __archive_ensure_cloexec_flag(a->restore_pwd); 1805 if (a->restore_pwd < 0) 1806 return; 1807 1808 /* As long as the path is too long... */ 1809 while (strlen(tail) >= PATH_MAX) { 1810 /* Locate a dir prefix shorter than PATH_MAX. */ 1811 tail += PATH_MAX - 8; 1812 while (tail > a->name && *tail != '/') 1813 tail--; 1814 /* Exit if we find a too-long path component. */ 1815 if (tail <= a->name) 1816 return; 1817 /* Create the intermediate dir and chdir to it. */ 1818 *tail = '\0'; /* Terminate dir portion */ 1819 ret = create_dir(a, a->name); 1820 if (ret == ARCHIVE_OK && chdir(a->name) != 0) 1821 ret = ARCHIVE_FAILED; 1822 *tail = '/'; /* Restore the / we removed. */ 1823 if (ret != ARCHIVE_OK) 1824 return; 1825 tail++; 1826 /* The chdir() succeeded; we've now shortened the path. */ 1827 a->name = tail; 1828 } 1829 return; 1830} 1831#endif 1832 1833/* 1834 * The main restore function. 1835 */ 1836static int 1837restore_entry(struct archive_write_disk *a) 1838{ 1839 int ret = ARCHIVE_OK, en; 1840 1841 if (a->flags & ARCHIVE_EXTRACT_UNLINK && !S_ISDIR(a->mode)) { 1842 /* 1843 * TODO: Fix this. Apparently, there are platforms 1844 * that still allow root to hose the entire filesystem 1845 * by unlinking a dir. The S_ISDIR() test above 1846 * prevents us from using unlink() here if the new 1847 * object is a dir, but that doesn't mean the old 1848 * object isn't a dir. 1849 */ 1850 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 1851 (void)clear_nochange_fflags(a); 1852 if (unlink(a->name) == 0) { 1853 /* We removed it, reset cached stat. */ 1854 a->pst = NULL; 1855 } else if (errno == ENOENT) { 1856 /* File didn't exist, that's just as good. */ 1857 } else if (rmdir(a->name) == 0) { 1858 /* It was a dir, but now it's gone. */ 1859 a->pst = NULL; 1860 } else { 1861 /* We tried, but couldn't get rid of it. */ 1862 archive_set_error(&a->archive, errno, 1863 "Could not unlink"); 1864 return(ARCHIVE_FAILED); 1865 } 1866 } 1867 1868 /* Try creating it first; if this fails, we'll try to recover. */ 1869 en = create_filesystem_object(a); 1870 1871 if ((en == ENOTDIR || en == ENOENT) 1872 && !(a->flags & ARCHIVE_EXTRACT_NO_AUTODIR)) { 1873 /* If the parent dir doesn't exist, try creating it. */ 1874 create_parent_dir(a, a->name); 1875 /* Now try to create the object again. */ 1876 en = create_filesystem_object(a); 1877 } 1878 1879 if ((en == ENOENT) && (archive_entry_hardlink(a->entry) != NULL)) { 1880 archive_set_error(&a->archive, en, 1881 "Hard-link target '%s' does not exist.", 1882 archive_entry_hardlink(a->entry)); 1883 return (ARCHIVE_FAILED); 1884 } 1885 1886 if ((en == EISDIR || en == EEXIST) 1887 && (a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE)) { 1888 /* If we're not overwriting, we're done. */ 1889 archive_entry_unset_size(a->entry); 1890 return (ARCHIVE_OK); 1891 } 1892 1893 /* 1894 * Some platforms return EISDIR if you call 1895 * open(O_WRONLY | O_EXCL | O_CREAT) on a directory, some 1896 * return EEXIST. POSIX is ambiguous, requiring EISDIR 1897 * for open(O_WRONLY) on a dir and EEXIST for open(O_EXCL | O_CREAT) 1898 * on an existing item. 1899 */ 1900 if (en == EISDIR) { 1901 /* A dir is in the way of a non-dir, rmdir it. */ 1902 if (rmdir(a->name) != 0) { 1903 archive_set_error(&a->archive, errno, 1904 "Can't remove already-existing dir"); 1905 return (ARCHIVE_FAILED); 1906 } 1907 a->pst = NULL; 1908 /* Try again. */ 1909 en = create_filesystem_object(a); 1910 } else if (en == EEXIST) { 1911 /* 1912 * We know something is in the way, but we don't know what; 1913 * we need to find out before we go any further. 1914 */ 1915 int r = 0; 1916 /* 1917 * The SECURE_SYMLINKS logic has already removed a 1918 * symlink to a dir if the client wants that. So 1919 * follow the symlink if we're creating a dir. 1920 */ 1921 if (S_ISDIR(a->mode)) 1922 r = stat(a->name, &a->st); 1923 /* 1924 * If it's not a dir (or it's a broken symlink), 1925 * then don't follow it. 1926 */ 1927 if (r != 0 || !S_ISDIR(a->mode)) 1928 r = lstat(a->name, &a->st); 1929 if (r != 0) { 1930 archive_set_error(&a->archive, errno, 1931 "Can't stat existing object"); 1932 return (ARCHIVE_FAILED); 1933 } 1934 1935 /* 1936 * NO_OVERWRITE_NEWER doesn't apply to directories. 1937 */ 1938 if ((a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER) 1939 && !S_ISDIR(a->st.st_mode)) { 1940 if (!older(&(a->st), a->entry)) { 1941 archive_entry_unset_size(a->entry); 1942 return (ARCHIVE_OK); 1943 } 1944 } 1945 1946 /* If it's our archive, we're done. */ 1947 if (a->skip_file_set && 1948 a->st.st_dev == (dev_t)a->skip_file_dev && 1949 a->st.st_ino == (ino_t)a->skip_file_ino) { 1950 archive_set_error(&a->archive, 0, 1951 "Refusing to overwrite archive"); 1952 return (ARCHIVE_FAILED); 1953 } 1954 1955 if (!S_ISDIR(a->st.st_mode)) { 1956 /* A non-dir is in the way, unlink it. */ 1957 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 1958 (void)clear_nochange_fflags(a); 1959 if (unlink(a->name) != 0) { 1960 archive_set_error(&a->archive, errno, 1961 "Can't unlink already-existing object"); 1962 return (ARCHIVE_FAILED); 1963 } 1964 a->pst = NULL; 1965 /* Try again. */ 1966 en = create_filesystem_object(a); 1967 } else if (!S_ISDIR(a->mode)) { 1968 /* A dir is in the way of a non-dir, rmdir it. */ 1969 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 1970 (void)clear_nochange_fflags(a); 1971 if (rmdir(a->name) != 0) { 1972 archive_set_error(&a->archive, errno, 1973 "Can't replace existing directory with non-directory"); 1974 return (ARCHIVE_FAILED); 1975 } 1976 /* Try again. */ 1977 en = create_filesystem_object(a); 1978 } else { 1979 /* 1980 * There's a dir in the way of a dir. Don't 1981 * waste time with rmdir()/mkdir(), just fix 1982 * up the permissions on the existing dir. 1983 * Note that we don't change perms on existing 1984 * dirs unless _EXTRACT_PERM is specified. 1985 */ 1986 if ((a->mode != a->st.st_mode) 1987 && (a->todo & TODO_MODE_FORCE)) 1988 a->deferred |= (a->todo & TODO_MODE); 1989 /* Ownership doesn't need deferred fixup. */ 1990 en = 0; /* Forget the EEXIST. */ 1991 } 1992 } 1993 1994 if (en) { 1995 /* Everything failed; give up here. */ 1996 archive_set_error(&a->archive, en, "Can't create '%s'", 1997 a->name); 1998 return (ARCHIVE_FAILED); 1999 } 2000 2001 a->pst = NULL; /* Cached stat data no longer valid. */ 2002 return (ret); 2003} 2004 2005/* 2006 * Returns 0 if creation succeeds, or else returns errno value from 2007 * the failed system call. Note: This function should only ever perform 2008 * a single system call. 2009 */ 2010static int 2011create_filesystem_object(struct archive_write_disk *a) 2012{ 2013 /* Create the entry. */ 2014 const char *linkname; 2015 mode_t final_mode, mode; 2016 int r; 2017 2018 /* We identify hard/symlinks according to the link names. */ 2019 /* Since link(2) and symlink(2) don't handle modes, we're done here. */ 2020 linkname = archive_entry_hardlink(a->entry); 2021 if (linkname != NULL) { 2022#if !HAVE_LINK 2023 return (EPERM); 2024#else 2025 r = link(linkname, a->name) ? errno : 0; 2026 /* 2027 * New cpio and pax formats allow hardlink entries 2028 * to carry data, so we may have to open the file 2029 * for hardlink entries. 2030 * 2031 * If the hardlink was successfully created and 2032 * the archive doesn't have carry data for it, 2033 * consider it to be non-authoritative for meta data. 2034 * This is consistent with GNU tar and BSD pax. 2035 * If the hardlink does carry data, let the last 2036 * archive entry decide ownership. 2037 */ 2038 if (r == 0 && a->filesize <= 0) { 2039 a->todo = 0; 2040 a->deferred = 0; 2041 } else if (r == 0 && a->filesize > 0) { 2042 a->fd = open(a->name, 2043 O_WRONLY | O_TRUNC | O_BINARY | O_CLOEXEC); 2044 __archive_ensure_cloexec_flag(a->fd); 2045 if (a->fd < 0) 2046 r = errno; 2047 } 2048 return (r); 2049#endif 2050 } 2051 linkname = archive_entry_symlink(a->entry); 2052 if (linkname != NULL) { 2053#if HAVE_SYMLINK 2054 return symlink(linkname, a->name) ? errno : 0; 2055#else 2056 return (EPERM); 2057#endif 2058 } 2059 2060 /* 2061 * The remaining system calls all set permissions, so let's 2062 * try to take advantage of that to avoid an extra chmod() 2063 * call. (Recall that umask is set to zero right now!) 2064 */ 2065 2066 /* Mode we want for the final restored object (w/o file type bits). */ 2067 final_mode = a->mode & 07777; 2068 /* 2069 * The mode that will actually be restored in this step. Note 2070 * that SUID, SGID, etc, require additional work to ensure 2071 * security, so we never restore them at this point. 2072 */ 2073 mode = final_mode & 0777 & ~a->user_umask; 2074 2075 switch (a->mode & AE_IFMT) { 2076 default: 2077 /* POSIX requires that we fall through here. */ 2078 /* FALLTHROUGH */ 2079 case AE_IFREG: 2080 a->fd = open(a->name, 2081 O_WRONLY | O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC, mode); 2082 __archive_ensure_cloexec_flag(a->fd); 2083 r = (a->fd < 0); 2084 break; 2085 case AE_IFCHR: 2086#ifdef HAVE_MKNOD 2087 /* Note: we use AE_IFCHR for the case label, and 2088 * S_IFCHR for the mknod() call. This is correct. */ 2089 r = mknod(a->name, mode | S_IFCHR, 2090 archive_entry_rdev(a->entry)); 2091 break; 2092#else 2093 /* TODO: Find a better way to warn about our inability 2094 * to restore a char device node. */ 2095 return (EINVAL); 2096#endif /* HAVE_MKNOD */ 2097 case AE_IFBLK: 2098#ifdef HAVE_MKNOD 2099 r = mknod(a->name, mode | S_IFBLK, 2100 archive_entry_rdev(a->entry)); 2101 break; 2102#else 2103 /* TODO: Find a better way to warn about our inability 2104 * to restore a block device node. */ 2105 return (EINVAL); 2106#endif /* HAVE_MKNOD */ 2107 case AE_IFDIR: 2108 mode = (mode | MINIMUM_DIR_MODE) & MAXIMUM_DIR_MODE; 2109 r = mkdir(a->name, mode); 2110 if (r == 0) { 2111 /* Defer setting dir times. */ 2112 a->deferred |= (a->todo & TODO_TIMES); 2113 a->todo &= ~TODO_TIMES; 2114 /* Never use an immediate chmod(). */ 2115 /* We can't avoid the chmod() entirely if EXTRACT_PERM 2116 * because of SysV SGID inheritance. */ 2117 if ((mode != final_mode) 2118 || (a->flags & ARCHIVE_EXTRACT_PERM)) 2119 a->deferred |= (a->todo & TODO_MODE); 2120 a->todo &= ~TODO_MODE; 2121 } 2122 break; 2123 case AE_IFIFO: 2124#ifdef HAVE_MKFIFO 2125 r = mkfifo(a->name, mode); 2126 break; 2127#else 2128 /* TODO: Find a better way to warn about our inability 2129 * to restore a fifo. */ 2130 return (EINVAL); 2131#endif /* HAVE_MKFIFO */ 2132 } 2133 2134 /* All the system calls above set errno on failure. */ 2135 if (r) 2136 return (errno); 2137 2138 /* If we managed to set the final mode, we've avoided a chmod(). */ 2139 if (mode == final_mode) 2140 a->todo &= ~TODO_MODE; 2141 return (0); 2142} 2143 2144/* 2145 * Cleanup function for archive_extract. Mostly, this involves processing 2146 * the fixup list, which is used to address a number of problems: 2147 * * Dir permissions might prevent us from restoring a file in that 2148 * dir, so we restore the dir with minimum 0700 permissions first, 2149 * then correct the mode at the end. 2150 * * Similarly, the act of restoring a file touches the directory 2151 * and changes the timestamp on the dir, so we have to touch-up dir 2152 * timestamps at the end as well. 2153 * * Some file flags can interfere with the restore by, for example, 2154 * preventing the creation of hardlinks to those files. 2155 * * Mac OS extended metadata includes ACLs, so must be deferred on dirs. 2156 * 2157 * Note that tar/cpio do not require that archives be in a particular 2158 * order; there is no way to know when the last file has been restored 2159 * within a directory, so there's no way to optimize the memory usage 2160 * here by fixing up the directory any earlier than the 2161 * end-of-archive. 2162 * 2163 * XXX TODO: Directory ACLs should be restored here, for the same 2164 * reason we set directory perms here. XXX 2165 */ 2166static int 2167_archive_write_disk_close(struct archive *_a) 2168{ 2169 struct archive_write_disk *a = (struct archive_write_disk *)_a; 2170 struct fixup_entry *next, *p; 2171 int ret; 2172 2173 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 2174 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 2175 "archive_write_disk_close"); 2176 ret = _archive_write_disk_finish_entry(&a->archive); 2177 2178 /* Sort dir list so directories are fixed up in depth-first order. */ 2179 p = sort_dir_list(a->fixup_list); 2180 2181 while (p != NULL) { 2182 a->pst = NULL; /* Mark stat cache as out-of-date. */ 2183 if (p->fixup & TODO_TIMES) { 2184 set_times(a, -1, p->mode, p->name, 2185 p->atime, p->atime_nanos, 2186 p->birthtime, p->birthtime_nanos, 2187 p->mtime, p->mtime_nanos, 2188 p->ctime, p->ctime_nanos); 2189 } 2190 if (p->fixup & TODO_MODE_BASE) 2191 chmod(p->name, p->mode); 2192 if (p->fixup & TODO_ACLS) 2193 archive_write_disk_set_acls(&a->archive, 2194 -1, p->name, &p->acl); 2195 if (p->fixup & TODO_FFLAGS) 2196 set_fflags_platform(a, -1, p->name, 2197 p->mode, p->fflags_set, 0); 2198 if (p->fixup & TODO_MAC_METADATA) 2199 set_mac_metadata(a, p->name, p->mac_metadata, 2200 p->mac_metadata_size); 2201 next = p->next; 2202 archive_acl_clear(&p->acl); 2203 free(p->mac_metadata); 2204 free(p->name); 2205 free(p); 2206 p = next; 2207 } 2208 a->fixup_list = NULL; 2209 return (ret); 2210} 2211 2212static int 2213_archive_write_disk_free(struct archive *_a) 2214{ 2215 struct archive_write_disk *a; 2216 int ret; 2217 if (_a == NULL) 2218 return (ARCHIVE_OK); 2219 archive_check_magic(_a, ARCHIVE_WRITE_DISK_MAGIC, 2220 ARCHIVE_STATE_ANY | ARCHIVE_STATE_FATAL, "archive_write_disk_free"); 2221 a = (struct archive_write_disk *)_a; 2222 ret = _archive_write_disk_close(&a->archive); 2223 archive_write_disk_set_group_lookup(&a->archive, NULL, NULL, NULL); 2224 archive_write_disk_set_user_lookup(&a->archive, NULL, NULL, NULL); 2225 if (a->entry) 2226 archive_entry_free(a->entry); 2227 archive_string_free(&a->_name_data); 2228 archive_string_free(&a->archive.error_string); 2229 archive_string_free(&a->path_safe); 2230 a->archive.magic = 0; 2231 __archive_clean(&a->archive); 2232 free(a->decmpfs_header_p); 2233 free(a->resource_fork); 2234 free(a->compressed_buffer); 2235 free(a->uncompressed_buffer); 2236#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_SYS_XATTR_H)\ 2237 && defined(HAVE_ZLIB_H) 2238 if (a->stream_valid) { 2239 switch (deflateEnd(&a->stream)) { 2240 case Z_OK: 2241 break; 2242 default: 2243 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2244 "Failed to clean up compressor"); 2245 ret = ARCHIVE_FATAL; 2246 break; 2247 } 2248 } 2249#endif 2250 free(a); 2251 return (ret); 2252} 2253 2254/* 2255 * Simple O(n log n) merge sort to order the fixup list. In 2256 * particular, we want to restore dir timestamps depth-first. 2257 */ 2258static struct fixup_entry * 2259sort_dir_list(struct fixup_entry *p) 2260{ 2261 struct fixup_entry *a, *b, *t; 2262 2263 if (p == NULL) 2264 return (NULL); 2265 /* A one-item list is already sorted. */ 2266 if (p->next == NULL) 2267 return (p); 2268 2269 /* Step 1: split the list. */ 2270 t = p; 2271 a = p->next->next; 2272 while (a != NULL) { 2273 /* Step a twice, t once. */ 2274 a = a->next; 2275 if (a != NULL) 2276 a = a->next; 2277 t = t->next; 2278 } 2279 /* Now, t is at the mid-point, so break the list here. */ 2280 b = t->next; 2281 t->next = NULL; 2282 a = p; 2283 2284 /* Step 2: Recursively sort the two sub-lists. */ 2285 a = sort_dir_list(a); 2286 b = sort_dir_list(b); 2287 2288 /* Step 3: Merge the returned lists. */ 2289 /* Pick the first element for the merged list. */ 2290 if (strcmp(a->name, b->name) > 0) { 2291 t = p = a; 2292 a = a->next; 2293 } else { 2294 t = p = b; 2295 b = b->next; 2296 } 2297 2298 /* Always put the later element on the list first. */ 2299 while (a != NULL && b != NULL) { 2300 if (strcmp(a->name, b->name) > 0) { 2301 t->next = a; 2302 a = a->next; 2303 } else { 2304 t->next = b; 2305 b = b->next; 2306 } 2307 t = t->next; 2308 } 2309 2310 /* Only one list is non-empty, so just splice it on. */ 2311 if (a != NULL) 2312 t->next = a; 2313 if (b != NULL) 2314 t->next = b; 2315 2316 return (p); 2317} 2318 2319/* 2320 * Returns a new, initialized fixup entry. 2321 * 2322 * TODO: Reduce the memory requirements for this list by using a tree 2323 * structure rather than a simple list of names. 2324 */ 2325static struct fixup_entry * 2326new_fixup(struct archive_write_disk *a, const char *pathname) 2327{ 2328 struct fixup_entry *fe; 2329 2330 fe = (struct fixup_entry *)calloc(1, sizeof(struct fixup_entry)); 2331 if (fe == NULL) { 2332 archive_set_error(&a->archive, ENOMEM, 2333 "Can't allocate memory for a fixup"); 2334 return (NULL); 2335 } 2336 fe->next = a->fixup_list; 2337 a->fixup_list = fe; 2338 fe->fixup = 0; 2339 fe->name = strdup(pathname); 2340 return (fe); 2341} 2342 2343/* 2344 * Returns a fixup structure for the current entry. 2345 */ 2346static struct fixup_entry * 2347current_fixup(struct archive_write_disk *a, const char *pathname) 2348{ 2349 if (a->current_fixup == NULL) 2350 a->current_fixup = new_fixup(a, pathname); 2351 return (a->current_fixup); 2352} 2353 2354/* TODO: Make this work. */ 2355/* 2356 * TODO: The deep-directory support bypasses this; disable deep directory 2357 * support if we're doing symlink checks. 2358 */ 2359/* 2360 * TODO: Someday, integrate this with the deep dir support; they both 2361 * scan the path and both can be optimized by comparing against other 2362 * recent paths. 2363 */ 2364/* TODO: Extend this to support symlinks on Windows Vista and later. */ 2365static int 2366check_symlinks(struct archive_write_disk *a) 2367{ 2368#if !defined(HAVE_LSTAT) 2369 /* Platform doesn't have lstat, so we can't look for symlinks. */ 2370 (void)a; /* UNUSED */ 2371 return (ARCHIVE_OK); 2372#else 2373 char *pn; 2374 char c; 2375 int r; 2376 struct stat st; 2377 2378 /* 2379 * Guard against symlink tricks. Reject any archive entry whose 2380 * destination would be altered by a symlink. 2381 */ 2382 /* Whatever we checked last time doesn't need to be re-checked. */ 2383 pn = a->name; 2384 if (archive_strlen(&(a->path_safe)) > 0) { 2385 char *p = a->path_safe.s; 2386 while ((*pn != '\0') && (*p == *pn)) 2387 ++p, ++pn; 2388 } 2389 /* Skip the root directory if the path is absolute. */ 2390 if(pn == a->name && pn[0] == '/') 2391 ++pn; 2392 c = pn[0]; 2393 /* Keep going until we've checked the entire name. */ 2394 while (pn[0] != '\0' && (pn[0] != '/' || pn[1] != '\0')) { 2395 /* Skip the next path element. */ 2396 while (*pn != '\0' && *pn != '/') 2397 ++pn; 2398 c = pn[0]; 2399 pn[0] = '\0'; 2400 /* Check that we haven't hit a symlink. */ 2401 r = lstat(a->name, &st); 2402 if (r != 0) { 2403 /* We've hit a dir that doesn't exist; stop now. */ 2404 if (errno == ENOENT) { 2405 break; 2406 } else { 2407 /* Note: This effectively disables deep directory 2408 * support when security checks are enabled. 2409 * Otherwise, very long pathnames that trigger 2410 * an error here could evade the sandbox. 2411 * TODO: We could do better, but it would probably 2412 * require merging the symlink checks with the 2413 * deep-directory editing. */ 2414 return (ARCHIVE_FAILED); 2415 } 2416 } else if (S_ISLNK(st.st_mode)) { 2417 if (c == '\0') { 2418 /* 2419 * Last element is symlink; remove it 2420 * so we can overwrite it with the 2421 * item being extracted. 2422 */ 2423 if (unlink(a->name)) { 2424 archive_set_error(&a->archive, errno, 2425 "Could not remove symlink %s", 2426 a->name); 2427 pn[0] = c; 2428 return (ARCHIVE_FAILED); 2429 } 2430 a->pst = NULL; 2431 /* 2432 * Even if we did remove it, a warning 2433 * is in order. The warning is silly, 2434 * though, if we're just replacing one 2435 * symlink with another symlink. 2436 */ 2437 if (!S_ISLNK(a->mode)) { 2438 archive_set_error(&a->archive, 0, 2439 "Removing symlink %s", 2440 a->name); 2441 } 2442 /* Symlink gone. No more problem! */ 2443 pn[0] = c; 2444 return (0); 2445 } else if (a->flags & ARCHIVE_EXTRACT_UNLINK) { 2446 /* User asked us to remove problems. */ 2447 if (unlink(a->name) != 0) { 2448 archive_set_error(&a->archive, 0, 2449 "Cannot remove intervening symlink %s", 2450 a->name); 2451 pn[0] = c; 2452 return (ARCHIVE_FAILED); 2453 } 2454 a->pst = NULL; 2455 } else { 2456 archive_set_error(&a->archive, 0, 2457 "Cannot extract through symlink %s", 2458 a->name); 2459 pn[0] = c; 2460 return (ARCHIVE_FAILED); 2461 } 2462 } 2463 pn[0] = c; 2464 if (pn[0] != '\0') 2465 pn++; /* Advance to the next segment. */ 2466 } 2467 pn[0] = c; 2468 /* We've checked and/or cleaned the whole path, so remember it. */ 2469 archive_strcpy(&a->path_safe, a->name); 2470 return (ARCHIVE_OK); 2471#endif 2472} 2473 2474#if defined(__CYGWIN__) 2475/* 2476 * 1. Convert a path separator from '\' to '/' . 2477 * We shouldn't check multibyte character directly because some 2478 * character-set have been using the '\' character for a part of 2479 * its multibyte character code. 2480 * 2. Replace unusable characters in Windows with underscore('_'). 2481 * See also : http://msdn.microsoft.com/en-us/library/aa365247.aspx 2482 */ 2483static void 2484cleanup_pathname_win(struct archive_write_disk *a) 2485{ 2486 wchar_t wc; 2487 char *p; 2488 size_t alen, l; 2489 int mb, complete, utf8; 2490 2491 alen = 0; 2492 mb = 0; 2493 complete = 1; 2494 utf8 = (strcmp(nl_langinfo(CODESET), "UTF-8") == 0)? 1: 0; 2495 for (p = a->name; *p != '\0'; p++) { 2496 ++alen; 2497 if (*p == '\\') { 2498 /* If previous byte is smaller than 128, 2499 * this is not second byte of multibyte characters, 2500 * so we can replace '\' with '/'. */ 2501 if (utf8 || !mb) 2502 *p = '/'; 2503 else 2504 complete = 0;/* uncompleted. */ 2505 } else if (*(unsigned char *)p > 127) 2506 mb = 1; 2507 else 2508 mb = 0; 2509 /* Rewrite the path name if its next character is unusable. */ 2510 if (*p == ':' || *p == '*' || *p == '?' || *p == '"' || 2511 *p == '<' || *p == '>' || *p == '|') 2512 *p = '_'; 2513 } 2514 if (complete) 2515 return; 2516 2517 /* 2518 * Convert path separator in wide-character. 2519 */ 2520 p = a->name; 2521 while (*p != '\0' && alen) { 2522 l = mbtowc(&wc, p, alen); 2523 if (l == (size_t)-1) { 2524 while (*p != '\0') { 2525 if (*p == '\\') 2526 *p = '/'; 2527 ++p; 2528 } 2529 break; 2530 } 2531 if (l == 1 && wc == L'\\') 2532 *p = '/'; 2533 p += l; 2534 alen -= l; 2535 } 2536} 2537#endif 2538 2539/* 2540 * Canonicalize the pathname. In particular, this strips duplicate 2541 * '/' characters, '.' elements, and trailing '/'. It also raises an 2542 * error for an empty path, a trailing '..', (if _SECURE_NODOTDOT is 2543 * set) any '..' in the path or (if ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS 2544 * is set) if the path is absolute. 2545 */ 2546static int 2547cleanup_pathname(struct archive_write_disk *a) 2548{ 2549 char *dest, *src; 2550 char separator = '\0'; 2551 2552 dest = src = a->name; 2553 if (*src == '\0') { 2554 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2555 "Invalid empty pathname"); 2556 return (ARCHIVE_FAILED); 2557 } 2558 2559#if defined(__CYGWIN__) 2560 cleanup_pathname_win(a); 2561#endif 2562 /* Skip leading '/'. */ 2563 if (*src == '/') { 2564 if (a->flags & ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS) { 2565 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2566 "Path is absolute"); 2567 return (ARCHIVE_FAILED); 2568 } 2569 2570 separator = *src++; 2571 } 2572 2573 /* Scan the pathname one element at a time. */ 2574 for (;;) { 2575 /* src points to first char after '/' */ 2576 if (src[0] == '\0') { 2577 break; 2578 } else if (src[0] == '/') { 2579 /* Found '//', ignore second one. */ 2580 src++; 2581 continue; 2582 } else if (src[0] == '.') { 2583 if (src[1] == '\0') { 2584 /* Ignore trailing '.' */ 2585 break; 2586 } else if (src[1] == '/') { 2587 /* Skip './'. */ 2588 src += 2; 2589 continue; 2590 } else if (src[1] == '.') { 2591 if (src[2] == '/' || src[2] == '\0') { 2592 /* Conditionally warn about '..' */ 2593 if (a->flags & ARCHIVE_EXTRACT_SECURE_NODOTDOT) { 2594 archive_set_error(&a->archive, 2595 ARCHIVE_ERRNO_MISC, 2596 "Path contains '..'"); 2597 return (ARCHIVE_FAILED); 2598 } 2599 } 2600 /* 2601 * Note: Under no circumstances do we 2602 * remove '..' elements. In 2603 * particular, restoring 2604 * '/foo/../bar/' should create the 2605 * 'foo' dir as a side-effect. 2606 */ 2607 } 2608 } 2609 2610 /* Copy current element, including leading '/'. */ 2611 if (separator) 2612 *dest++ = '/'; 2613 while (*src != '\0' && *src != '/') { 2614 *dest++ = *src++; 2615 } 2616 2617 if (*src == '\0') 2618 break; 2619 2620 /* Skip '/' separator. */ 2621 separator = *src++; 2622 } 2623 /* 2624 * We've just copied zero or more path elements, not including the 2625 * final '/'. 2626 */ 2627 if (dest == a->name) { 2628 /* 2629 * Nothing got copied. The path must have been something 2630 * like '.' or '/' or './' or '/././././/./'. 2631 */ 2632 if (separator) 2633 *dest++ = '/'; 2634 else 2635 *dest++ = '.'; 2636 } 2637 /* Terminate the result. */ 2638 *dest = '\0'; 2639 return (ARCHIVE_OK); 2640} 2641 2642/* 2643 * Create the parent directory of the specified path, assuming path 2644 * is already in mutable storage. 2645 */ 2646static int 2647create_parent_dir(struct archive_write_disk *a, char *path) 2648{ 2649 char *slash; 2650 int r; 2651 2652 /* Remove tail element to obtain parent name. */ 2653 slash = strrchr(path, '/'); 2654 if (slash == NULL) 2655 return (ARCHIVE_OK); 2656 *slash = '\0'; 2657 r = create_dir(a, path); 2658 *slash = '/'; 2659 return (r); 2660} 2661 2662/* 2663 * Create the specified dir, recursing to create parents as necessary. 2664 * 2665 * Returns ARCHIVE_OK if the path exists when we're done here. 2666 * Otherwise, returns ARCHIVE_FAILED. 2667 * Assumes path is in mutable storage; path is unchanged on exit. 2668 */ 2669static int 2670create_dir(struct archive_write_disk *a, char *path) 2671{ 2672 struct stat st; 2673 struct fixup_entry *le; 2674 char *slash, *base; 2675 mode_t mode_final, mode; 2676 int r; 2677 2678 /* Check for special names and just skip them. */ 2679 slash = strrchr(path, '/'); 2680 if (slash == NULL) 2681 base = path; 2682 else 2683 base = slash + 1; 2684 2685 if (base[0] == '\0' || 2686 (base[0] == '.' && base[1] == '\0') || 2687 (base[0] == '.' && base[1] == '.' && base[2] == '\0')) { 2688 /* Don't bother trying to create null path, '.', or '..'. */ 2689 if (slash != NULL) { 2690 *slash = '\0'; 2691 r = create_dir(a, path); 2692 *slash = '/'; 2693 return (r); 2694 } 2695 return (ARCHIVE_OK); 2696 } 2697 2698 /* 2699 * Yes, this should be stat() and not lstat(). Using lstat() 2700 * here loses the ability to extract through symlinks. Also note 2701 * that this should not use the a->st cache. 2702 */ 2703 if (stat(path, &st) == 0) { 2704 if (S_ISDIR(st.st_mode)) 2705 return (ARCHIVE_OK); 2706 if ((a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE)) { 2707 archive_set_error(&a->archive, EEXIST, 2708 "Can't create directory '%s'", path); 2709 return (ARCHIVE_FAILED); 2710 } 2711 if (unlink(path) != 0) { 2712 archive_set_error(&a->archive, errno, 2713 "Can't create directory '%s': " 2714 "Conflicting file cannot be removed", 2715 path); 2716 return (ARCHIVE_FAILED); 2717 } 2718 } else if (errno != ENOENT && errno != ENOTDIR) { 2719 /* Stat failed? */ 2720 archive_set_error(&a->archive, errno, "Can't test directory '%s'", path); 2721 return (ARCHIVE_FAILED); 2722 } else if (slash != NULL) { 2723 *slash = '\0'; 2724 r = create_dir(a, path); 2725 *slash = '/'; 2726 if (r != ARCHIVE_OK) 2727 return (r); 2728 } 2729 2730 /* 2731 * Mode we want for the final restored directory. Per POSIX, 2732 * implicitly-created dirs must be created obeying the umask. 2733 * There's no mention whether this is different for privileged 2734 * restores (which the rest of this code handles by pretending 2735 * umask=0). I've chosen here to always obey the user's umask for 2736 * implicit dirs, even if _EXTRACT_PERM was specified. 2737 */ 2738 mode_final = DEFAULT_DIR_MODE & ~a->user_umask; 2739 /* Mode we want on disk during the restore process. */ 2740 mode = mode_final; 2741 mode |= MINIMUM_DIR_MODE; 2742 mode &= MAXIMUM_DIR_MODE; 2743 if (mkdir(path, mode) == 0) { 2744 if (mode != mode_final) { 2745 le = new_fixup(a, path); 2746 if (le == NULL) 2747 return (ARCHIVE_FATAL); 2748 le->fixup |=TODO_MODE_BASE; 2749 le->mode = mode_final; 2750 } 2751 return (ARCHIVE_OK); 2752 } 2753 2754 /* 2755 * Without the following check, a/b/../b/c/d fails at the 2756 * second visit to 'b', so 'd' can't be created. Note that we 2757 * don't add it to the fixup list here, as it's already been 2758 * added. 2759 */ 2760 if (stat(path, &st) == 0 && S_ISDIR(st.st_mode)) 2761 return (ARCHIVE_OK); 2762 2763 archive_set_error(&a->archive, errno, "Failed to create dir '%s'", 2764 path); 2765 return (ARCHIVE_FAILED); 2766} 2767 2768/* 2769 * Note: Although we can skip setting the user id if the desired user 2770 * id matches the current user, we cannot skip setting the group, as 2771 * many systems set the gid based on the containing directory. So 2772 * we have to perform a chown syscall if we want to set the SGID 2773 * bit. (The alternative is to stat() and then possibly chown(); it's 2774 * more efficient to skip the stat() and just always chown().) Note 2775 * that a successful chown() here clears the TODO_SGID_CHECK bit, which 2776 * allows set_mode to skip the stat() check for the GID. 2777 */ 2778static int 2779set_ownership(struct archive_write_disk *a) 2780{ 2781#ifndef __CYGWIN__ 2782/* unfortunately, on win32 there is no 'root' user with uid 0, 2783 so we just have to try the chown and see if it works */ 2784 2785 /* If we know we can't change it, don't bother trying. */ 2786 if (a->user_uid != 0 && a->user_uid != a->uid) { 2787 archive_set_error(&a->archive, errno, 2788 "Can't set UID=%jd", (intmax_t)a->uid); 2789 return (ARCHIVE_WARN); 2790 } 2791#endif 2792 2793#ifdef HAVE_FCHOWN 2794 /* If we have an fd, we can avoid a race. */ 2795 if (a->fd >= 0 && fchown(a->fd, a->uid, a->gid) == 0) { 2796 /* We've set owner and know uid/gid are correct. */ 2797 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 2798 return (ARCHIVE_OK); 2799 } 2800#endif 2801 2802 /* We prefer lchown() but will use chown() if that's all we have. */ 2803 /* Of course, if we have neither, this will always fail. */ 2804#ifdef HAVE_LCHOWN 2805 if (lchown(a->name, a->uid, a->gid) == 0) { 2806 /* We've set owner and know uid/gid are correct. */ 2807 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 2808 return (ARCHIVE_OK); 2809 } 2810#elif HAVE_CHOWN 2811 if (!S_ISLNK(a->mode) && chown(a->name, a->uid, a->gid) == 0) { 2812 /* We've set owner and know uid/gid are correct. */ 2813 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 2814 return (ARCHIVE_OK); 2815 } 2816#endif 2817 2818 archive_set_error(&a->archive, errno, 2819 "Can't set user=%jd/group=%jd for %s", 2820 (intmax_t)a->uid, (intmax_t)a->gid, a->name); 2821 return (ARCHIVE_WARN); 2822} 2823 2824/* 2825 * Note: Returns 0 on success, non-zero on failure. 2826 */ 2827static int 2828set_time(int fd, int mode, const char *name, 2829 time_t atime, long atime_nsec, 2830 time_t mtime, long mtime_nsec) 2831{ 2832 /* Select the best implementation for this platform. */ 2833#if defined(HAVE_UTIMENSAT) && defined(HAVE_FUTIMENS) 2834 /* 2835 * utimensat() and futimens() are defined in 2836 * POSIX.1-2008. They support ns resolution and setting times 2837 * on fds and symlinks. 2838 */ 2839 struct timespec ts[2]; 2840 (void)mode; /* UNUSED */ 2841 ts[0].tv_sec = atime; 2842 ts[0].tv_nsec = atime_nsec; 2843 ts[1].tv_sec = mtime; 2844 ts[1].tv_nsec = mtime_nsec; 2845 if (fd >= 0) 2846 return futimens(fd, ts); 2847 return utimensat(AT_FDCWD, name, ts, AT_SYMLINK_NOFOLLOW); 2848 2849#elif HAVE_UTIMES 2850 /* 2851 * The utimes()-family functions support ��s-resolution and 2852 * setting times fds and symlinks. utimes() is documented as 2853 * LEGACY by POSIX, futimes() and lutimes() are not described 2854 * in POSIX. 2855 */ 2856 struct timeval times[2]; 2857 2858 times[0].tv_sec = atime; 2859 times[0].tv_usec = atime_nsec / 1000; 2860 times[1].tv_sec = mtime; 2861 times[1].tv_usec = mtime_nsec / 1000; 2862 2863#ifdef HAVE_FUTIMES 2864 if (fd >= 0) 2865 return (futimes(fd, times)); 2866#else 2867 (void)fd; /* UNUSED */ 2868#endif 2869#ifdef HAVE_LUTIMES 2870 (void)mode; /* UNUSED */ 2871 return (lutimes(name, times)); 2872#else 2873 if (S_ISLNK(mode)) 2874 return (0); 2875 return (utimes(name, times)); 2876#endif 2877 2878#elif defined(HAVE_UTIME) 2879 /* 2880 * utime() is POSIX-standard but only supports 1s resolution and 2881 * does not support fds or symlinks. 2882 */ 2883 struct utimbuf times; 2884 (void)fd; /* UNUSED */ 2885 (void)name; /* UNUSED */ 2886 (void)atime_nsec; /* UNUSED */ 2887 (void)mtime_nsec; /* UNUSED */ 2888 times.actime = atime; 2889 times.modtime = mtime; 2890 if (S_ISLNK(mode)) 2891 return (ARCHIVE_OK); 2892 return (utime(name, ×)); 2893 2894#else 2895 /* 2896 * We don't know how to set the time on this platform. 2897 */ 2898 (void)fd; /* UNUSED */ 2899 (void)mode; /* UNUSED */ 2900 (void)name; /* UNUSED */ 2901 (void)atime_nsec; /* UNUSED */ 2902 (void)mtime_nsec; /* UNUSED */ 2903 return (ARCHIVE_WARN); 2904#endif 2905} 2906 2907#ifdef F_SETTIMES 2908static int 2909set_time_tru64(int fd, int mode, const char *name, 2910 time_t atime, long atime_nsec, 2911 time_t mtime, long mtime_nsec, 2912 time_t ctime, long ctime_nsec) 2913{ 2914 struct attr_timbuf tstamp; 2915 tstamp.atime.tv_sec = atime; 2916 tstamp.mtime.tv_sec = mtime; 2917 tstamp.ctime.tv_sec = ctime; 2918#if defined (__hpux) && defined (__ia64) 2919 tstamp.atime.tv_nsec = atime_nsec; 2920 tstamp.mtime.tv_nsec = mtime_nsec; 2921 tstamp.ctime.tv_nsec = ctime_nsec; 2922#else 2923 tstamp.atime.tv_usec = atime_nsec / 1000; 2924 tstamp.mtime.tv_usec = mtime_nsec / 1000; 2925 tstamp.ctime.tv_usec = ctime_nsec / 1000; 2926#endif 2927 return (fcntl(fd,F_SETTIMES,&tstamp)); 2928} 2929#endif /* F_SETTIMES */ 2930 2931static int 2932set_times(struct archive_write_disk *a, 2933 int fd, int mode, const char *name, 2934 time_t atime, long atime_nanos, 2935 time_t birthtime, long birthtime_nanos, 2936 time_t mtime, long mtime_nanos, 2937 time_t cctime, long ctime_nanos) 2938{ 2939 /* Note: set_time doesn't use libarchive return conventions! 2940 * It uses syscall conventions. So 0 here instead of ARCHIVE_OK. */ 2941 int r1 = 0, r2 = 0; 2942 2943#ifdef F_SETTIMES 2944 /* 2945 * on Tru64 try own fcntl first which can restore even the 2946 * ctime, fall back to default code path below if it fails 2947 * or if we are not running as root 2948 */ 2949 if (a->user_uid == 0 && 2950 set_time_tru64(fd, mode, name, 2951 atime, atime_nanos, mtime, 2952 mtime_nanos, cctime, ctime_nanos) == 0) { 2953 return (ARCHIVE_OK); 2954 } 2955#else /* Tru64 */ 2956 (void)cctime; /* UNUSED */ 2957 (void)ctime_nanos; /* UNUSED */ 2958#endif /* Tru64 */ 2959 2960#ifdef HAVE_STRUCT_STAT_ST_BIRTHTIME 2961 /* 2962 * If you have struct stat.st_birthtime, we assume BSD 2963 * birthtime semantics, in which {f,l,}utimes() updates 2964 * birthtime to earliest mtime. So we set the time twice, 2965 * first using the birthtime, then using the mtime. If 2966 * birthtime == mtime, this isn't necessary, so we skip it. 2967 * If birthtime > mtime, then this won't work, so we skip it. 2968 */ 2969 if (birthtime < mtime 2970 || (birthtime == mtime && birthtime_nanos < mtime_nanos)) 2971 r1 = set_time(fd, mode, name, 2972 atime, atime_nanos, 2973 birthtime, birthtime_nanos); 2974#else 2975 (void)birthtime; /* UNUSED */ 2976 (void)birthtime_nanos; /* UNUSED */ 2977#endif 2978 r2 = set_time(fd, mode, name, 2979 atime, atime_nanos, 2980 mtime, mtime_nanos); 2981 if (r1 != 0 || r2 != 0) { 2982 archive_set_error(&a->archive, errno, 2983 "Can't restore time"); 2984 return (ARCHIVE_WARN); 2985 } 2986 return (ARCHIVE_OK); 2987} 2988 2989static int 2990set_times_from_entry(struct archive_write_disk *a) 2991{ 2992 time_t atime, birthtime, mtime, cctime; 2993 long atime_nsec, birthtime_nsec, mtime_nsec, ctime_nsec; 2994 2995 /* Suitable defaults. */ 2996 atime = birthtime = mtime = cctime = a->start_time; 2997 atime_nsec = birthtime_nsec = mtime_nsec = ctime_nsec = 0; 2998 2999 /* If no time was provided, we're done. */ 3000 if (!archive_entry_atime_is_set(a->entry) 3001#if HAVE_STRUCT_STAT_ST_BIRTHTIME 3002 && !archive_entry_birthtime_is_set(a->entry) 3003#endif 3004 && !archive_entry_mtime_is_set(a->entry)) 3005 return (ARCHIVE_OK); 3006 3007 if (archive_entry_atime_is_set(a->entry)) { 3008 atime = archive_entry_atime(a->entry); 3009 atime_nsec = archive_entry_atime_nsec(a->entry); 3010 } 3011 if (archive_entry_birthtime_is_set(a->entry)) { 3012 birthtime = archive_entry_birthtime(a->entry); 3013 birthtime_nsec = archive_entry_birthtime_nsec(a->entry); 3014 } 3015 if (archive_entry_mtime_is_set(a->entry)) { 3016 mtime = archive_entry_mtime(a->entry); 3017 mtime_nsec = archive_entry_mtime_nsec(a->entry); 3018 } 3019 if (archive_entry_ctime_is_set(a->entry)) { 3020 cctime = archive_entry_ctime(a->entry); 3021 ctime_nsec = archive_entry_ctime_nsec(a->entry); 3022 } 3023 3024 return set_times(a, a->fd, a->mode, a->name, 3025 atime, atime_nsec, 3026 birthtime, birthtime_nsec, 3027 mtime, mtime_nsec, 3028 cctime, ctime_nsec); 3029} 3030 3031static int 3032set_mode(struct archive_write_disk *a, int mode) 3033{ 3034 int r = ARCHIVE_OK; 3035 mode &= 07777; /* Strip off file type bits. */ 3036 3037 if (a->todo & TODO_SGID_CHECK) { 3038 /* 3039 * If we don't know the GID is right, we must stat() 3040 * to verify it. We can't just check the GID of this 3041 * process, since systems sometimes set GID from 3042 * the enclosing dir or based on ACLs. 3043 */ 3044 if ((r = lazy_stat(a)) != ARCHIVE_OK) 3045 return (r); 3046 if (a->pst->st_gid != a->gid) { 3047 mode &= ~ S_ISGID; 3048 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3049 /* 3050 * This is only an error if you 3051 * requested owner restore. If you 3052 * didn't, we'll try to restore 3053 * sgid/suid, but won't consider it a 3054 * problem if we can't. 3055 */ 3056 archive_set_error(&a->archive, -1, 3057 "Can't restore SGID bit"); 3058 r = ARCHIVE_WARN; 3059 } 3060 } 3061 /* While we're here, double-check the UID. */ 3062 if (a->pst->st_uid != a->uid 3063 && (a->todo & TODO_SUID)) { 3064 mode &= ~ S_ISUID; 3065 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3066 archive_set_error(&a->archive, -1, 3067 "Can't restore SUID bit"); 3068 r = ARCHIVE_WARN; 3069 } 3070 } 3071 a->todo &= ~TODO_SGID_CHECK; 3072 a->todo &= ~TODO_SUID_CHECK; 3073 } else if (a->todo & TODO_SUID_CHECK) { 3074 /* 3075 * If we don't know the UID is right, we can just check 3076 * the user, since all systems set the file UID from 3077 * the process UID. 3078 */ 3079 if (a->user_uid != a->uid) { 3080 mode &= ~ S_ISUID; 3081 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3082 archive_set_error(&a->archive, -1, 3083 "Can't make file SUID"); 3084 r = ARCHIVE_WARN; 3085 } 3086 } 3087 a->todo &= ~TODO_SUID_CHECK; 3088 } 3089 3090 if (S_ISLNK(a->mode)) { 3091#ifdef HAVE_LCHMOD 3092 /* 3093 * If this is a symlink, use lchmod(). If the 3094 * platform doesn't support lchmod(), just skip it. A 3095 * platform that doesn't provide a way to set 3096 * permissions on symlinks probably ignores 3097 * permissions on symlinks, so a failure here has no 3098 * impact. 3099 */ 3100 if (lchmod(a->name, mode) != 0) { 3101 switch (errno) { 3102 case ENOTSUP: 3103 case ENOSYS: 3104#if ENOTSUP != EOPNOTSUPP 3105 case EOPNOTSUPP: 3106#endif 3107 /* 3108 * if lchmod is defined but the platform 3109 * doesn't support it, silently ignore 3110 * error 3111 */ 3112 break; 3113 default: 3114 archive_set_error(&a->archive, errno, 3115 "Can't set permissions to 0%o", (int)mode); 3116 r = ARCHIVE_WARN; 3117 } 3118 } 3119#endif 3120 } else if (!S_ISDIR(a->mode)) { 3121 /* 3122 * If it's not a symlink and not a dir, then use 3123 * fchmod() or chmod(), depending on whether we have 3124 * an fd. Dirs get their perms set during the 3125 * post-extract fixup, which is handled elsewhere. 3126 */ 3127#ifdef HAVE_FCHMOD 3128 if (a->fd >= 0) { 3129 if (fchmod(a->fd, mode) != 0) { 3130 archive_set_error(&a->archive, errno, 3131 "Can't set permissions to 0%o", (int)mode); 3132 r = ARCHIVE_WARN; 3133 } 3134 } else 3135#endif 3136 /* If this platform lacks fchmod(), then 3137 * we'll just use chmod(). */ 3138 if (chmod(a->name, mode) != 0) { 3139 archive_set_error(&a->archive, errno, 3140 "Can't set permissions to 0%o", (int)mode); 3141 r = ARCHIVE_WARN; 3142 } 3143 } 3144 return (r); 3145} 3146 3147static int 3148set_fflags(struct archive_write_disk *a) 3149{ 3150 struct fixup_entry *le; 3151 unsigned long set, clear; 3152 int r; 3153 int critical_flags; 3154 mode_t mode = archive_entry_mode(a->entry); 3155 3156 /* 3157 * Make 'critical_flags' hold all file flags that can't be 3158 * immediately restored. For example, on BSD systems, 3159 * SF_IMMUTABLE prevents hardlinks from being created, so 3160 * should not be set until after any hardlinks are created. To 3161 * preserve some semblance of portability, this uses #ifdef 3162 * extensively. Ugly, but it works. 3163 * 3164 * Yes, Virginia, this does create a security race. It's mitigated 3165 * somewhat by the practice of creating dirs 0700 until the extract 3166 * is done, but it would be nice if we could do more than that. 3167 * People restoring critical file systems should be wary of 3168 * other programs that might try to muck with files as they're 3169 * being restored. 3170 */ 3171 /* Hopefully, the compiler will optimize this mess into a constant. */ 3172 critical_flags = 0; 3173#ifdef SF_IMMUTABLE 3174 critical_flags |= SF_IMMUTABLE; 3175#endif 3176#ifdef UF_IMMUTABLE 3177 critical_flags |= UF_IMMUTABLE; 3178#endif 3179#ifdef SF_APPEND 3180 critical_flags |= SF_APPEND; 3181#endif 3182#ifdef UF_APPEND 3183 critical_flags |= UF_APPEND; 3184#endif 3185#ifdef EXT2_APPEND_FL 3186 critical_flags |= EXT2_APPEND_FL; 3187#endif 3188#ifdef EXT2_IMMUTABLE_FL 3189 critical_flags |= EXT2_IMMUTABLE_FL; 3190#endif 3191 3192 if (a->todo & TODO_FFLAGS) { 3193 archive_entry_fflags(a->entry, &set, &clear); 3194 3195 /* 3196 * The first test encourages the compiler to eliminate 3197 * all of this if it's not necessary. 3198 */ 3199 if ((critical_flags != 0) && (set & critical_flags)) { 3200 le = current_fixup(a, a->name); 3201 if (le == NULL) 3202 return (ARCHIVE_FATAL); 3203 le->fixup |= TODO_FFLAGS; 3204 le->fflags_set = set; 3205 /* Store the mode if it's not already there. */ 3206 if ((le->fixup & TODO_MODE) == 0) 3207 le->mode = mode; 3208 } else { 3209 r = set_fflags_platform(a, a->fd, 3210 a->name, mode, set, clear); 3211 if (r != ARCHIVE_OK) 3212 return (r); 3213 } 3214 } 3215 return (ARCHIVE_OK); 3216} 3217 3218static int 3219clear_nochange_fflags(struct archive_write_disk *a) 3220{ 3221 int nochange_flags; 3222 mode_t mode = archive_entry_mode(a->entry); 3223 3224 /* Hopefully, the compiler will optimize this mess into a constant. */ 3225 nochange_flags = 0; 3226#ifdef SF_IMMUTABLE 3227 nochange_flags |= SF_IMMUTABLE; 3228#endif 3229#ifdef UF_IMMUTABLE 3230 nochange_flags |= UF_IMMUTABLE; 3231#endif 3232#ifdef SF_APPEND 3233 nochange_flags |= SF_APPEND; 3234#endif 3235#ifdef UF_APPEND 3236 nochange_flags |= UF_APPEND; 3237#endif 3238#ifdef EXT2_APPEND_FL 3239 nochange_flags |= EXT2_APPEND_FL; 3240#endif 3241#ifdef EXT2_IMMUTABLE_FL 3242 nochange_flags |= EXT2_IMMUTABLE_FL; 3243#endif 3244 3245 return (set_fflags_platform(a, a->fd, a->name, mode, 0, nochange_flags)); 3246} 3247 3248 3249#if ( defined(HAVE_LCHFLAGS) || defined(HAVE_CHFLAGS) || defined(HAVE_FCHFLAGS) ) && defined(HAVE_STRUCT_STAT_ST_FLAGS) 3250/* 3251 * BSD reads flags using stat() and sets them with one of {f,l,}chflags() 3252 */ 3253static int 3254set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3255 mode_t mode, unsigned long set, unsigned long clear) 3256{ 3257 int r; 3258 3259 (void)mode; /* UNUSED */ 3260 if (set == 0 && clear == 0) 3261 return (ARCHIVE_OK); 3262 3263 /* 3264 * XXX Is the stat here really necessary? Or can I just use 3265 * the 'set' flags directly? In particular, I'm not sure 3266 * about the correct approach if we're overwriting an existing 3267 * file that already has flags on it. XXX 3268 */ 3269 if ((r = lazy_stat(a)) != ARCHIVE_OK) 3270 return (r); 3271 3272 a->st.st_flags &= ~clear; 3273 a->st.st_flags |= set; 3274#ifdef HAVE_FCHFLAGS 3275 /* If platform has fchflags() and we were given an fd, use it. */ 3276 if (fd >= 0 && fchflags(fd, a->st.st_flags) == 0) 3277 return (ARCHIVE_OK); 3278#endif 3279 /* 3280 * If we can't use the fd to set the flags, we'll use the 3281 * pathname to set flags. We prefer lchflags() but will use 3282 * chflags() if we must. 3283 */ 3284#ifdef HAVE_LCHFLAGS 3285 if (lchflags(name, a->st.st_flags) == 0) 3286 return (ARCHIVE_OK); 3287#elif defined(HAVE_CHFLAGS) 3288 if (S_ISLNK(a->st.st_mode)) { 3289 archive_set_error(&a->archive, errno, 3290 "Can't set file flags on symlink."); 3291 return (ARCHIVE_WARN); 3292 } 3293 if (chflags(name, a->st.st_flags) == 0) 3294 return (ARCHIVE_OK); 3295#endif 3296 archive_set_error(&a->archive, errno, 3297 "Failed to set file flags"); 3298 return (ARCHIVE_WARN); 3299} 3300 3301#elif defined(EXT2_IOC_GETFLAGS) && defined(EXT2_IOC_SETFLAGS) && defined(HAVE_WORKING_EXT2_IOC_GETFLAGS) 3302/* 3303 * Linux uses ioctl() to read and write file flags. 3304 */ 3305static int 3306set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3307 mode_t mode, unsigned long set, unsigned long clear) 3308{ 3309 int ret; 3310 int myfd = fd; 3311 int newflags, oldflags; 3312 int sf_mask = 0; 3313 3314 if (set == 0 && clear == 0) 3315 return (ARCHIVE_OK); 3316 /* Only regular files and dirs can have flags. */ 3317 if (!S_ISREG(mode) && !S_ISDIR(mode)) 3318 return (ARCHIVE_OK); 3319 3320 /* If we weren't given an fd, open it ourselves. */ 3321 if (myfd < 0) { 3322 myfd = open(name, O_RDONLY | O_NONBLOCK | O_BINARY | O_CLOEXEC); 3323 __archive_ensure_cloexec_flag(myfd); 3324 } 3325 if (myfd < 0) 3326 return (ARCHIVE_OK); 3327 3328 /* 3329 * Linux has no define for the flags that are only settable by 3330 * the root user. This code may seem a little complex, but 3331 * there seem to be some Linux systems that lack these 3332 * defines. (?) The code below degrades reasonably gracefully 3333 * if sf_mask is incomplete. 3334 */ 3335#ifdef EXT2_IMMUTABLE_FL 3336 sf_mask |= EXT2_IMMUTABLE_FL; 3337#endif 3338#ifdef EXT2_APPEND_FL 3339 sf_mask |= EXT2_APPEND_FL; 3340#endif 3341 /* 3342 * XXX As above, this would be way simpler if we didn't have 3343 * to read the current flags from disk. XXX 3344 */ 3345 ret = ARCHIVE_OK; 3346 3347 /* Read the current file flags. */ 3348 if (ioctl(myfd, EXT2_IOC_GETFLAGS, &oldflags) < 0) 3349 goto fail; 3350 3351 /* Try setting the flags as given. */ 3352 newflags = (oldflags & ~clear) | set; 3353 if (ioctl(myfd, EXT2_IOC_SETFLAGS, &newflags) >= 0) 3354 goto cleanup; 3355 if (errno != EPERM) 3356 goto fail; 3357 3358 /* If we couldn't set all the flags, try again with a subset. */ 3359 newflags &= ~sf_mask; 3360 oldflags &= sf_mask; 3361 newflags |= oldflags; 3362 if (ioctl(myfd, EXT2_IOC_SETFLAGS, &newflags) >= 0) 3363 goto cleanup; 3364 3365 /* We couldn't set the flags, so report the failure. */ 3366fail: 3367 archive_set_error(&a->archive, errno, 3368 "Failed to set file flags"); 3369 ret = ARCHIVE_WARN; 3370cleanup: 3371 if (fd < 0) 3372 close(myfd); 3373 return (ret); 3374} 3375 3376#else 3377 3378/* 3379 * Of course, some systems have neither BSD chflags() nor Linux' flags 3380 * support through ioctl(). 3381 */ 3382static int 3383set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3384 mode_t mode, unsigned long set, unsigned long clear) 3385{ 3386 (void)a; /* UNUSED */ 3387 (void)fd; /* UNUSED */ 3388 (void)name; /* UNUSED */ 3389 (void)mode; /* UNUSED */ 3390 (void)set; /* UNUSED */ 3391 (void)clear; /* UNUSED */ 3392 return (ARCHIVE_OK); 3393} 3394 3395#endif /* __linux */ 3396 3397#ifndef HAVE_COPYFILE_H 3398/* Default is to simply drop Mac extended metadata. */ 3399static int 3400set_mac_metadata(struct archive_write_disk *a, const char *pathname, 3401 const void *metadata, size_t metadata_size) 3402{ 3403 (void)a; /* UNUSED */ 3404 (void)pathname; /* UNUSED */ 3405 (void)metadata; /* UNUSED */ 3406 (void)metadata_size; /* UNUSED */ 3407 return (ARCHIVE_OK); 3408} 3409 3410static int 3411fixup_appledouble(struct archive_write_disk *a, const char *pathname) 3412{ 3413 (void)a; /* UNUSED */ 3414 (void)pathname; /* UNUSED */ 3415 return (ARCHIVE_OK); 3416} 3417#else 3418 3419/* 3420 * On Mac OS, we use copyfile() to unpack the metadata and 3421 * apply it to the target file. 3422 */ 3423 3424#if defined(HAVE_SYS_XATTR_H) 3425static int 3426copy_xattrs(struct archive_write_disk *a, int tmpfd, int dffd) 3427{ 3428 ssize_t xattr_size; 3429 char *xattr_names = NULL, *xattr_val = NULL; 3430 int ret = ARCHIVE_OK, xattr_i; 3431 3432 xattr_size = flistxattr(tmpfd, NULL, 0, 0); 3433 if (xattr_size == -1) { 3434 archive_set_error(&a->archive, errno, 3435 "Failed to read metadata(xattr)"); 3436 ret = ARCHIVE_WARN; 3437 goto exit_xattr; 3438 } 3439 xattr_names = malloc(xattr_size); 3440 if (xattr_names == NULL) { 3441 archive_set_error(&a->archive, ENOMEM, 3442 "Can't allocate memory for metadata(xattr)"); 3443 ret = ARCHIVE_FATAL; 3444 goto exit_xattr; 3445 } 3446 xattr_size = flistxattr(tmpfd, xattr_names, xattr_size, 0); 3447 if (xattr_size == -1) { 3448 archive_set_error(&a->archive, errno, 3449 "Failed to read metadata(xattr)"); 3450 ret = ARCHIVE_WARN; 3451 goto exit_xattr; 3452 } 3453 for (xattr_i = 0; xattr_i < xattr_size; 3454 xattr_i += strlen(xattr_names + xattr_i) + 1) { 3455 char *xattr_val_saved; 3456 ssize_t s; 3457 int f; 3458 3459 s = fgetxattr(tmpfd, xattr_names + xattr_i, NULL, 0, 0, 0); 3460 if (s == -1) { 3461 archive_set_error(&a->archive, errno, 3462 "Failed to get metadata(xattr)"); 3463 ret = ARCHIVE_WARN; 3464 goto exit_xattr; 3465 } 3466 xattr_val_saved = xattr_val; 3467 xattr_val = realloc(xattr_val, s); 3468 if (xattr_val == NULL) { 3469 archive_set_error(&a->archive, ENOMEM, 3470 "Failed to get metadata(xattr)"); 3471 ret = ARCHIVE_WARN; 3472 free(xattr_val_saved); 3473 goto exit_xattr; 3474 } 3475 s = fgetxattr(tmpfd, xattr_names + xattr_i, xattr_val, s, 0, 0); 3476 if (s == -1) { 3477 archive_set_error(&a->archive, errno, 3478 "Failed to get metadata(xattr)"); 3479 ret = ARCHIVE_WARN; 3480 goto exit_xattr; 3481 } 3482 f = fsetxattr(dffd, xattr_names + xattr_i, xattr_val, s, 0, 0); 3483 if (f == -1) { 3484 archive_set_error(&a->archive, errno, 3485 "Failed to get metadata(xattr)"); 3486 ret = ARCHIVE_WARN; 3487 goto exit_xattr; 3488 } 3489 } 3490exit_xattr: 3491 free(xattr_names); 3492 free(xattr_val); 3493 return (ret); 3494} 3495#endif 3496 3497static int 3498copy_acls(struct archive_write_disk *a, int tmpfd, int dffd) 3499{ 3500#ifndef HAVE_SYS_ACL_H 3501 return 0; 3502#else 3503 acl_t acl, dfacl = NULL; 3504 int acl_r, ret = ARCHIVE_OK; 3505 3506 acl = acl_get_fd(tmpfd); 3507 if (acl == NULL) { 3508 if (errno == ENOENT) 3509 /* There are not any ACLs. */ 3510 return (ret); 3511 archive_set_error(&a->archive, errno, 3512 "Failed to get metadata(acl)"); 3513 ret = ARCHIVE_WARN; 3514 goto exit_acl; 3515 } 3516 dfacl = acl_dup(acl); 3517 acl_r = acl_set_fd(dffd, dfacl); 3518 if (acl_r == -1) { 3519 archive_set_error(&a->archive, errno, 3520 "Failed to get metadata(acl)"); 3521 ret = ARCHIVE_WARN; 3522 goto exit_acl; 3523 } 3524exit_acl: 3525 if (acl) 3526 acl_free(acl); 3527 if (dfacl) 3528 acl_free(dfacl); 3529 return (ret); 3530#endif 3531} 3532 3533static int 3534create_tempdatafork(struct archive_write_disk *a, const char *pathname) 3535{ 3536 struct archive_string tmpdatafork; 3537 int tmpfd; 3538 3539 archive_string_init(&tmpdatafork); 3540 archive_strcpy(&tmpdatafork, "tar.md.XXXXXX"); 3541 tmpfd = mkstemp(tmpdatafork.s); 3542 if (tmpfd < 0) { 3543 archive_set_error(&a->archive, errno, 3544 "Failed to mkstemp"); 3545 archive_string_free(&tmpdatafork); 3546 return (-1); 3547 } 3548 if (copyfile(pathname, tmpdatafork.s, 0, 3549 COPYFILE_UNPACK | COPYFILE_NOFOLLOW 3550 | COPYFILE_ACL | COPYFILE_XATTR) < 0) { 3551 archive_set_error(&a->archive, errno, 3552 "Failed to restore metadata"); 3553 close(tmpfd); 3554 tmpfd = -1; 3555 } 3556 unlink(tmpdatafork.s); 3557 archive_string_free(&tmpdatafork); 3558 return (tmpfd); 3559} 3560 3561static int 3562copy_metadata(struct archive_write_disk *a, const char *metadata, 3563 const char *datafork, int datafork_compressed) 3564{ 3565 int ret = ARCHIVE_OK; 3566 3567 if (datafork_compressed) { 3568 int dffd, tmpfd; 3569 3570 tmpfd = create_tempdatafork(a, metadata); 3571 if (tmpfd == -1) 3572 return (ARCHIVE_WARN); 3573 3574 /* 3575 * Do not open the data fork compressed by HFS+ compression 3576 * with at least a writing mode(O_RDWR or O_WRONLY). it 3577 * makes the data fork uncompressed. 3578 */ 3579 dffd = open(datafork, 0); 3580 if (dffd == -1) { 3581 archive_set_error(&a->archive, errno, 3582 "Failed to open the data fork for metadata"); 3583 close(tmpfd); 3584 return (ARCHIVE_WARN); 3585 } 3586 3587#if defined(HAVE_SYS_XATTR_H) 3588 ret = copy_xattrs(a, tmpfd, dffd); 3589 if (ret == ARCHIVE_OK) 3590#endif 3591 ret = copy_acls(a, tmpfd, dffd); 3592 close(tmpfd); 3593 close(dffd); 3594 } else { 3595 if (copyfile(metadata, datafork, 0, 3596 COPYFILE_UNPACK | COPYFILE_NOFOLLOW 3597 | COPYFILE_ACL | COPYFILE_XATTR) < 0) { 3598 archive_set_error(&a->archive, errno, 3599 "Failed to restore metadata"); 3600 ret = ARCHIVE_WARN; 3601 } 3602 } 3603 return (ret); 3604} 3605 3606static int 3607set_mac_metadata(struct archive_write_disk *a, const char *pathname, 3608 const void *metadata, size_t metadata_size) 3609{ 3610 struct archive_string tmp; 3611 ssize_t written; 3612 int fd; 3613 int ret = ARCHIVE_OK; 3614 3615 /* This would be simpler if copyfile() could just accept the 3616 * metadata as a block of memory; then we could sidestep this 3617 * silly dance of writing the data to disk just so that 3618 * copyfile() can read it back in again. */ 3619 archive_string_init(&tmp); 3620 archive_strcpy(&tmp, pathname); 3621 archive_strcat(&tmp, ".XXXXXX"); 3622 fd = mkstemp(tmp.s); 3623 3624 if (fd < 0) { 3625 archive_set_error(&a->archive, errno, 3626 "Failed to restore metadata"); 3627 archive_string_free(&tmp); 3628 return (ARCHIVE_WARN); 3629 } 3630 written = write(fd, metadata, metadata_size); 3631 close(fd); 3632 if ((size_t)written != metadata_size) { 3633 archive_set_error(&a->archive, errno, 3634 "Failed to restore metadata"); 3635 ret = ARCHIVE_WARN; 3636 } else { 3637 int compressed; 3638 3639#if defined(UF_COMPRESSED) 3640 if ((a->todo & TODO_HFS_COMPRESSION) != 0 && 3641 (ret = lazy_stat(a)) == ARCHIVE_OK) 3642 compressed = a->st.st_flags & UF_COMPRESSED; 3643 else 3644#endif 3645 compressed = 0; 3646 ret = copy_metadata(a, tmp.s, pathname, compressed); 3647 } 3648 unlink(tmp.s); 3649 archive_string_free(&tmp); 3650 return (ret); 3651} 3652 3653static int 3654fixup_appledouble(struct archive_write_disk *a, const char *pathname) 3655{ 3656 char buff[8]; 3657 struct stat st; 3658 const char *p; 3659 struct archive_string datafork; 3660 int fd = -1, ret = ARCHIVE_OK; 3661 3662 archive_string_init(&datafork); 3663 /* Check if the current file name is a type of the resource 3664 * fork file. */ 3665 p = strrchr(pathname, '/'); 3666 if (p == NULL) 3667 p = pathname; 3668 else 3669 p++; 3670 if (p[0] != '.' || p[1] != '_') 3671 goto skip_appledouble; 3672 3673 /* 3674 * Check if the data fork file exists. 3675 * 3676 * TODO: Check if this write disk object has handled it. 3677 */ 3678 archive_strncpy(&datafork, pathname, p - pathname); 3679 archive_strcat(&datafork, p + 2); 3680 if (lstat(datafork.s, &st) == -1 || 3681 (st.st_mode & AE_IFMT) != AE_IFREG) 3682 goto skip_appledouble; 3683 3684 /* 3685 * Check if the file is in the AppleDouble form. 3686 */ 3687 fd = open(pathname, O_RDONLY | O_BINARY | O_CLOEXEC); 3688 __archive_ensure_cloexec_flag(fd); 3689 if (fd == -1) { 3690 archive_set_error(&a->archive, errno, 3691 "Failed to open a restoring file"); 3692 ret = ARCHIVE_WARN; 3693 goto skip_appledouble; 3694 } 3695 if (read(fd, buff, 8) == -1) { 3696 archive_set_error(&a->archive, errno, 3697 "Failed to read a restoring file"); 3698 close(fd); 3699 ret = ARCHIVE_WARN; 3700 goto skip_appledouble; 3701 } 3702 close(fd); 3703 /* Check AppleDouble Magic Code. */ 3704 if (archive_be32dec(buff) != 0x00051607) 3705 goto skip_appledouble; 3706 /* Check AppleDouble Version. */ 3707 if (archive_be32dec(buff+4) != 0x00020000) 3708 goto skip_appledouble; 3709 3710 ret = copy_metadata(a, pathname, datafork.s, 3711#if defined(UF_COMPRESSED) 3712 st.st_flags & UF_COMPRESSED); 3713#else 3714 0); 3715#endif 3716 if (ret == ARCHIVE_OK) { 3717 unlink(pathname); 3718 ret = ARCHIVE_EOF; 3719 } 3720skip_appledouble: 3721 archive_string_free(&datafork); 3722 return (ret); 3723} 3724#endif 3725 3726#if HAVE_LSETXATTR || HAVE_LSETEA 3727/* 3728 * Restore extended attributes - Linux and AIX implementations: 3729 * AIX' ea interface is syntaxwise identical to the Linux xattr interface. 3730 */ 3731static int 3732set_xattrs(struct archive_write_disk *a) 3733{ 3734 struct archive_entry *entry = a->entry; 3735 static int warning_done = 0; 3736 int ret = ARCHIVE_OK; 3737 int i = archive_entry_xattr_reset(entry); 3738 3739 while (i--) { 3740 const char *name; 3741 const void *value; 3742 size_t size; 3743 archive_entry_xattr_next(entry, &name, &value, &size); 3744 if (name != NULL && 3745 strncmp(name, "xfsroot.", 8) != 0 && 3746 strncmp(name, "system.", 7) != 0) { 3747 int e; 3748#if HAVE_FSETXATTR 3749 if (a->fd >= 0) 3750 e = fsetxattr(a->fd, name, value, size, 0); 3751 else 3752#elif HAVE_FSETEA 3753 if (a->fd >= 0) 3754 e = fsetea(a->fd, name, value, size, 0); 3755 else 3756#endif 3757 { 3758#if HAVE_LSETXATTR 3759 e = lsetxattr(archive_entry_pathname(entry), 3760 name, value, size, 0); 3761#elif HAVE_LSETEA 3762 e = lsetea(archive_entry_pathname(entry), 3763 name, value, size, 0); 3764#endif 3765 } 3766 if (e == -1) { 3767 if (errno == ENOTSUP || errno == ENOSYS) { 3768 if (!warning_done) { 3769 warning_done = 1; 3770 archive_set_error(&a->archive, errno, 3771 "Cannot restore extended " 3772 "attributes on this file " 3773 "system"); 3774 } 3775 } else 3776 archive_set_error(&a->archive, errno, 3777 "Failed to set extended attribute"); 3778 ret = ARCHIVE_WARN; 3779 } 3780 } else { 3781 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 3782 "Invalid extended attribute encountered"); 3783 ret = ARCHIVE_WARN; 3784 } 3785 } 3786 return (ret); 3787} 3788#elif HAVE_EXTATTR_SET_FILE && HAVE_DECL_EXTATTR_NAMESPACE_USER 3789/* 3790 * Restore extended attributes - FreeBSD implementation 3791 */ 3792static int 3793set_xattrs(struct archive_write_disk *a) 3794{ 3795 struct archive_entry *entry = a->entry; 3796 static int warning_done = 0; 3797 int ret = ARCHIVE_OK; 3798 int i = archive_entry_xattr_reset(entry); 3799 3800 while (i--) { 3801 const char *name; 3802 const void *value; 3803 size_t size; 3804 archive_entry_xattr_next(entry, &name, &value, &size); 3805 if (name != NULL) { 3806 ssize_t e; 3807 int namespace; 3808 3809 if (strncmp(name, "user.", 5) == 0) { 3810 /* "user." attributes go to user namespace */ 3811 name += 5; 3812 namespace = EXTATTR_NAMESPACE_USER; 3813 } else { 3814 /* Warn about other extended attributes. */ 3815 archive_set_error(&a->archive, 3816 ARCHIVE_ERRNO_FILE_FORMAT, 3817 "Can't restore extended attribute ``%s''", 3818 name); 3819 ret = ARCHIVE_WARN; 3820 continue; 3821 } 3822 errno = 0; 3823#if HAVE_EXTATTR_SET_FD 3824 if (a->fd >= 0) 3825 e = extattr_set_fd(a->fd, namespace, name, value, size); 3826 else 3827#endif 3828 /* TODO: should we use extattr_set_link() instead? */ 3829 { 3830 e = extattr_set_file(archive_entry_pathname(entry), 3831 namespace, name, value, size); 3832 } 3833 if (e != (ssize_t)size) { 3834 if (errno == ENOTSUP || errno == ENOSYS) { 3835 if (!warning_done) { 3836 warning_done = 1; 3837 archive_set_error(&a->archive, errno, 3838 "Cannot restore extended " 3839 "attributes on this file " 3840 "system"); 3841 } 3842 } else { 3843 archive_set_error(&a->archive, errno, 3844 "Failed to set extended attribute"); 3845 } 3846 3847 ret = ARCHIVE_WARN; 3848 } 3849 } 3850 } 3851 return (ret); 3852} 3853#else 3854/* 3855 * Restore extended attributes - stub implementation for unsupported systems 3856 */ 3857static int 3858set_xattrs(struct archive_write_disk *a) 3859{ 3860 static int warning_done = 0; 3861 3862 /* If there aren't any extended attributes, then it's okay not 3863 * to extract them, otherwise, issue a single warning. */ 3864 if (archive_entry_xattr_count(a->entry) != 0 && !warning_done) { 3865 warning_done = 1; 3866 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 3867 "Cannot restore extended attributes on this system"); 3868 return (ARCHIVE_WARN); 3869 } 3870 /* Warning was already emitted; suppress further warnings. */ 3871 return (ARCHIVE_OK); 3872} 3873#endif 3874 3875/* 3876 * Test if file on disk is older than entry. 3877 */ 3878static int 3879older(struct stat *st, struct archive_entry *entry) 3880{ 3881 /* First, test the seconds and return if we have a definite answer. */ 3882 /* Definitely older. */ 3883 if (st->st_mtime < archive_entry_mtime(entry)) 3884 return (1); 3885 /* Definitely younger. */ 3886 if (st->st_mtime > archive_entry_mtime(entry)) 3887 return (0); 3888 /* If this platform supports fractional seconds, try those. */ 3889#if HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC 3890 /* Definitely older. */ 3891 if (st->st_mtimespec.tv_nsec < archive_entry_mtime_nsec(entry)) 3892 return (1); 3893#elif HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC 3894 /* Definitely older. */ 3895 if (st->st_mtim.tv_nsec < archive_entry_mtime_nsec(entry)) 3896 return (1); 3897#elif HAVE_STRUCT_STAT_ST_MTIME_N 3898 /* older. */ 3899 if (st->st_mtime_n < archive_entry_mtime_nsec(entry)) 3900 return (1); 3901#elif HAVE_STRUCT_STAT_ST_UMTIME 3902 /* older. */ 3903 if (st->st_umtime * 1000 < archive_entry_mtime_nsec(entry)) 3904 return (1); 3905#elif HAVE_STRUCT_STAT_ST_MTIME_USEC 3906 /* older. */ 3907 if (st->st_mtime_usec * 1000 < archive_entry_mtime_nsec(entry)) 3908 return (1); 3909#else 3910 /* This system doesn't have high-res timestamps. */ 3911#endif 3912 /* Same age or newer, so not older. */ 3913 return (0); 3914} 3915 3916#endif /* !_WIN32 || __CYGWIN__ */ 3917 3918