1/*- 2 * Copyright (c) 2003-2010 Tim Kientzle 3 * Copyright (c) 2012 Michihiro NAKAJIMA 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer 11 * in this position and unchanged. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28#include "archive_platform.h" 29__FBSDID("$FreeBSD$"); 30 31#if !defined(_WIN32) || defined(__CYGWIN__) 32 33#ifdef HAVE_SYS_TYPES_H 34#include <sys/types.h> 35#endif 36#ifdef HAVE_SYS_ACL_H 37#include <sys/acl.h> 38#endif 39#ifdef HAVE_SYS_EXTATTR_H 40#include <sys/extattr.h> 41#endif 42#if HAVE_SYS_XATTR_H 43#include <sys/xattr.h> 44#elif HAVE_ATTR_XATTR_H 45#include <attr/xattr.h> 46#endif 47#ifdef HAVE_SYS_EA_H 48#include <sys/ea.h> 49#endif 50#ifdef HAVE_SYS_IOCTL_H 51#include <sys/ioctl.h> 52#endif 53#ifdef HAVE_SYS_STAT_H 54#include <sys/stat.h> 55#endif 56#ifdef HAVE_SYS_TIME_H 57#include <sys/time.h> 58#endif 59#ifdef HAVE_SYS_UTIME_H 60#include <sys/utime.h> 61#endif 62#ifdef HAVE_COPYFILE_H 63#include <copyfile.h> 64#endif 65#ifdef HAVE_ERRNO_H 66#include <errno.h> 67#endif 68#ifdef HAVE_FCNTL_H 69#include <fcntl.h> 70#endif 71#ifdef HAVE_GRP_H 72#include <grp.h> 73#endif 74#ifdef HAVE_LANGINFO_H 75#include <langinfo.h> 76#endif 77#ifdef HAVE_LINUX_FS_H 78#include <linux/fs.h> /* for Linux file flags */ 79#endif 80/* 81 * Some Linux distributions have both linux/ext2_fs.h and ext2fs/ext2_fs.h. 82 * As the include guards don't agree, the order of include is important. 83 */ 84#ifdef HAVE_LINUX_EXT2_FS_H 85#include <linux/ext2_fs.h> /* for Linux file flags */ 86#endif 87#if defined(HAVE_EXT2FS_EXT2_FS_H) && !defined(__CYGWIN__) 88#include <ext2fs/ext2_fs.h> /* Linux file flags, broken on Cygwin */ 89#endif 90#ifdef HAVE_LIMITS_H 91#include <limits.h> 92#endif 93#ifdef HAVE_PWD_H 94#include <pwd.h> 95#endif 96#include <stdio.h> 97#ifdef HAVE_STDLIB_H 98#include <stdlib.h> 99#endif 100#ifdef HAVE_STRING_H 101#include <string.h> 102#endif 103#ifdef HAVE_UNISTD_H 104#include <unistd.h> 105#endif 106#ifdef HAVE_UTIME_H 107#include <utime.h> 108#endif 109#ifdef F_GETTIMES /* Tru64 specific */ 110#include <sys/fcntl1.h> 111#endif 112 113/* 114 * Macro to cast st_mtime and time_t to an int64 so that 2 numbers can reliably be compared. 115 * 116 * It assumes that the input is an integer type of no more than 64 bits. 117 * If the number is less than zero, t must be a signed type, so it fits in 118 * int64_t. Otherwise, it's a nonnegative value so we can cast it to uint64_t 119 * without loss. But it could be a large unsigned value, so we have to clip it 120 * to INT64_MAX.* 121 */ 122#define to_int64_time(t) \ 123 ((t) < 0 ? (int64_t)(t) : (uint64_t)(t) > (uint64_t)INT64_MAX ? INT64_MAX : (int64_t)(t)) 124 125#if __APPLE__ 126#include <TargetConditionals.h> 127#if TARGET_OS_MAC && !TARGET_OS_EMBEDDED && HAVE_QUARANTINE_H 128#include <quarantine.h> 129#define HAVE_QUARANTINE 1 130#endif 131#endif 132 133#ifdef HAVE_ZLIB_H 134#include <zlib.h> 135#endif 136 137/* TODO: Support Mac OS 'quarantine' feature. This is really just a 138 * standard tag to mark files that have been downloaded as "tainted". 139 * On Mac OS, we should mark the extracted files as tainted if the 140 * archive being read was tainted. Windows has a similar feature; we 141 * should investigate ways to support this generically. */ 142 143#include "archive.h" 144#include "archive_acl_private.h" 145#include "archive_string.h" 146#include "archive_endian.h" 147#include "archive_entry.h" 148#include "archive_private.h" 149#include "archive_write_disk_private.h" 150 151#ifndef O_BINARY 152#define O_BINARY 0 153#endif 154#ifndef O_CLOEXEC 155#define O_CLOEXEC 0 156#endif 157 158/* Ignore non-int O_NOFOLLOW constant. */ 159/* gnulib's fcntl.h does this on AIX, but it seems practical everywhere */ 160#if defined O_NOFOLLOW && !(INT_MIN <= O_NOFOLLOW && O_NOFOLLOW <= INT_MAX) 161#undef O_NOFOLLOW 162#endif 163 164#ifndef O_NOFOLLOW 165#define O_NOFOLLOW 0 166#endif 167 168#ifndef AT_FDCWD 169#define AT_FDCWD -100 170#endif 171 172struct fixup_entry { 173 struct fixup_entry *next; 174 struct archive_acl acl; 175 mode_t mode; 176 int64_t atime; 177 int64_t birthtime; 178 int64_t mtime; 179 int64_t ctime; 180 unsigned long atime_nanos; 181 unsigned long birthtime_nanos; 182 unsigned long mtime_nanos; 183 unsigned long ctime_nanos; 184 unsigned long fflags_set; 185 size_t mac_metadata_size; 186 void *mac_metadata; 187 int fixup; /* bitmask of what needs fixing */ 188 char *name; 189}; 190 191/* 192 * We use a bitmask to track which operations remain to be done for 193 * this file. In particular, this helps us avoid unnecessary 194 * operations when it's possible to take care of one step as a 195 * side-effect of another. For example, mkdir() can specify the mode 196 * for the newly-created object but symlink() cannot. This means we 197 * can skip chmod() if mkdir() succeeded, but we must explicitly 198 * chmod() if we're trying to create a directory that already exists 199 * (mkdir() failed) or if we're restoring a symlink. Similarly, we 200 * need to verify UID/GID before trying to restore SUID/SGID bits; 201 * that verification can occur explicitly through a stat() call or 202 * implicitly because of a successful chown() call. 203 */ 204#define TODO_MODE_FORCE 0x40000000 205#define TODO_MODE_BASE 0x20000000 206#define TODO_SUID 0x10000000 207#define TODO_SUID_CHECK 0x08000000 208#define TODO_SGID 0x04000000 209#define TODO_SGID_CHECK 0x02000000 210#define TODO_APPLEDOUBLE 0x01000000 211#define TODO_MODE (TODO_MODE_BASE|TODO_SUID|TODO_SGID) 212#define TODO_TIMES ARCHIVE_EXTRACT_TIME 213#define TODO_OWNER ARCHIVE_EXTRACT_OWNER 214#define TODO_FFLAGS ARCHIVE_EXTRACT_FFLAGS 215#define TODO_ACLS ARCHIVE_EXTRACT_ACL 216#define TODO_XATTR ARCHIVE_EXTRACT_XATTR 217#define TODO_MAC_METADATA ARCHIVE_EXTRACT_MAC_METADATA 218#define TODO_HFS_COMPRESSION ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED 219 220struct archive_write_disk { 221 struct archive archive; 222 223 mode_t user_umask; 224 struct fixup_entry *fixup_list; 225 struct fixup_entry *current_fixup; 226 int64_t user_uid; 227 int skip_file_set; 228 int64_t skip_file_dev; 229 int64_t skip_file_ino; 230 time_t start_time; 231 232 int64_t (*lookup_gid)(void *private, const char *gname, int64_t gid); 233 void (*cleanup_gid)(void *private); 234 void *lookup_gid_data; 235 int64_t (*lookup_uid)(void *private, const char *uname, int64_t uid); 236 void (*cleanup_uid)(void *private); 237 void *lookup_uid_data; 238 239 /* 240 * Full path of last file to satisfy symlink checks. 241 */ 242 struct archive_string path_safe; 243 244 /* 245 * Cached stat data from disk for the current entry. 246 * If this is valid, pst points to st. Otherwise, 247 * pst is null. 248 */ 249 struct stat st; 250 struct stat *pst; 251 252 /* Information about the object being restored right now. */ 253 struct archive_entry *entry; /* Entry being extracted. */ 254 char *name; /* Name of entry, possibly edited. */ 255 struct archive_string _name_data; /* backing store for 'name' */ 256 char *tmpname; /* Temporary name * */ 257 struct archive_string _tmpname_data; /* backing store for 'tmpname' */ 258 /* Tasks remaining for this object. */ 259 int todo; 260 /* Tasks deferred until end-of-archive. */ 261 int deferred; 262 /* Options requested by the client. */ 263 int flags; 264 /* Handle for the file we're restoring. */ 265 int fd; 266 /* Current offset for writing data to the file. */ 267 int64_t offset; 268 /* Last offset actually written to disk. */ 269 int64_t fd_offset; 270 /* Total bytes actually written to files. */ 271 int64_t total_bytes_written; 272 /* Maximum size of file, -1 if unknown. */ 273 int64_t filesize; 274 /* Dir we were in before this restore; only for deep paths. */ 275 int restore_pwd; 276 /* Mode we should use for this entry; affected by _PERM and umask. */ 277 mode_t mode; 278 /* UID/GID to use in restoring this entry. */ 279 int64_t uid; 280 int64_t gid; 281 /* 282 * HFS+ Compression. 283 */ 284 /* Xattr "com.apple.decmpfs". */ 285 uint32_t decmpfs_attr_size; 286 unsigned char *decmpfs_header_p; 287 /* ResourceFork set options used for fsetxattr. */ 288 int rsrc_xattr_options; 289 /* Xattr "com.apple.ResourceFork". */ 290 unsigned char *resource_fork; 291 size_t resource_fork_allocated_size; 292 unsigned int decmpfs_block_count; 293 uint32_t *decmpfs_block_info; 294 /* Buffer for compressed data. */ 295 unsigned char *compressed_buffer; 296 size_t compressed_buffer_size; 297 size_t compressed_buffer_remaining; 298 /* The offset of the ResourceFork where compressed data will 299 * be placed. */ 300 uint32_t compressed_rsrc_position; 301 uint32_t compressed_rsrc_position_v; 302 /* Buffer for uncompressed data. */ 303 char *uncompressed_buffer; 304 size_t block_remaining_bytes; 305 size_t file_remaining_bytes; 306#ifdef HAVE_ZLIB_H 307 z_stream stream; 308 int stream_valid; 309 int decmpfs_compression_level; 310#endif 311}; 312 313/* 314 * Default mode for dirs created automatically (will be modified by umask). 315 * Note that POSIX specifies 0777 for implicitly-created dirs, "modified 316 * by the process' file creation mask." 317 */ 318#define DEFAULT_DIR_MODE 0777 319/* 320 * Dir modes are restored in two steps: During the extraction, the permissions 321 * in the archive are modified to match the following limits. During 322 * the post-extract fixup pass, the permissions from the archive are 323 * applied. 324 */ 325#define MINIMUM_DIR_MODE 0700 326#define MAXIMUM_DIR_MODE 0775 327 328/* 329 * Maximum uncompressed size of a decmpfs block. 330 */ 331#define MAX_DECMPFS_BLOCK_SIZE (64 * 1024) 332/* 333 * HFS+ compression type. 334 */ 335#define CMP_XATTR 3/* Compressed data in xattr. */ 336#define CMP_RESOURCE_FORK 4/* Compressed data in resource fork. */ 337/* 338 * HFS+ compression resource fork. 339 */ 340#define RSRC_H_SIZE 260 /* Base size of Resource fork header. */ 341#define RSRC_F_SIZE 50 /* Size of Resource fork footer. */ 342/* Size to write compressed data to resource fork. */ 343#define COMPRESSED_W_SIZE (64 * 1024) 344/* decmpfs definitions. */ 345#define MAX_DECMPFS_XATTR_SIZE 3802 346#ifndef DECMPFS_XATTR_NAME 347#define DECMPFS_XATTR_NAME "com.apple.decmpfs" 348#endif 349#define DECMPFS_MAGIC 0x636d7066 350#define DECMPFS_COMPRESSION_MAGIC 0 351#define DECMPFS_COMPRESSION_TYPE 4 352#define DECMPFS_UNCOMPRESSED_SIZE 8 353#define DECMPFS_HEADER_SIZE 16 354 355#define HFS_BLOCKS(s) ((s) >> 12) 356 357 358static int la_opendirat(int, const char *); 359static int la_mktemp(struct archive_write_disk *); 360static void fsobj_error(int *, struct archive_string *, int, const char *, 361 const char *); 362static int check_symlinks_fsobj(char *, int *, struct archive_string *, 363 int); 364static int check_symlinks(struct archive_write_disk *); 365static int create_filesystem_object(struct archive_write_disk *); 366static struct fixup_entry *current_fixup(struct archive_write_disk *, 367 const char *pathname); 368#if defined(HAVE_FCHDIR) && defined(PATH_MAX) 369static void edit_deep_directories(struct archive_write_disk *ad); 370#endif 371static int cleanup_pathname_fsobj(char *, int *, struct archive_string *, 372 int); 373static int cleanup_pathname(struct archive_write_disk *); 374static int create_dir(struct archive_write_disk *, char *); 375static int create_parent_dir(struct archive_write_disk *, char *); 376static ssize_t hfs_write_data_block(struct archive_write_disk *, 377 const char *, size_t); 378static int fixup_appledouble(struct archive_write_disk *, const char *); 379static int older(struct stat *, struct archive_entry *); 380static int restore_entry(struct archive_write_disk *); 381static int set_mac_metadata(struct archive_write_disk *, const char *, 382 const void *, size_t); 383static int set_xattrs(struct archive_write_disk *); 384static int clear_nochange_fflags(struct archive_write_disk *); 385static int set_fflags(struct archive_write_disk *); 386static int set_fflags_platform(struct archive_write_disk *, int fd, 387 const char *name, mode_t mode, 388 unsigned long fflags_set, unsigned long fflags_clear); 389static int set_ownership(struct archive_write_disk *); 390static int set_mode(struct archive_write_disk *, int mode); 391static int set_time(int, int, const char *, time_t, long, time_t, long); 392static int set_times(struct archive_write_disk *, int, int, const char *, 393 time_t, long, time_t, long, time_t, long, time_t, long); 394static int set_times_from_entry(struct archive_write_disk *); 395static struct fixup_entry *sort_dir_list(struct fixup_entry *p); 396static ssize_t write_data_block(struct archive_write_disk *, 397 const char *, size_t); 398 399static struct archive_vtable *archive_write_disk_vtable(void); 400 401static int _archive_write_disk_close(struct archive *); 402static int _archive_write_disk_free(struct archive *); 403static int _archive_write_disk_header(struct archive *, 404 struct archive_entry *); 405static int64_t _archive_write_disk_filter_bytes(struct archive *, int); 406static int _archive_write_disk_finish_entry(struct archive *); 407static ssize_t _archive_write_disk_data(struct archive *, const void *, 408 size_t); 409static ssize_t _archive_write_disk_data_block(struct archive *, const void *, 410 size_t, int64_t); 411 412static int 413la_mktemp(struct archive_write_disk *a) 414{ 415 int oerrno, fd; 416 mode_t mode; 417 418 archive_string_empty(&a->_tmpname_data); 419 archive_string_sprintf(&a->_tmpname_data, "%s.XXXXXX", a->name); 420 a->tmpname = a->_tmpname_data.s; 421 422 fd = __archive_mkstemp(a->tmpname); 423 if (fd == -1) 424 return -1; 425 426 mode = a->mode & 0777 & ~a->user_umask; 427 if (fchmod(fd, mode) == -1) { 428 oerrno = errno; 429 close(fd); 430 errno = oerrno; 431 return -1; 432 } 433 return fd; 434} 435 436static int 437la_opendirat(int fd, const char *path) { 438 const int flags = O_CLOEXEC 439#if defined(O_BINARY) 440 | O_BINARY 441#endif 442#if defined(O_DIRECTORY) 443 | O_DIRECTORY 444#endif 445#if defined(O_PATH) 446 | O_PATH 447#elif defined(O_SEARCH) 448 | O_SEARCH 449#elif defined(__FreeBSD__) && defined(O_EXEC) 450 | O_EXEC 451#else 452 | O_RDONLY 453#endif 454 ; 455 456#if !defined(HAVE_OPENAT) 457 if (fd != AT_FDCWD) { 458 errno = ENOTSUP; 459 return (-1); 460 } else 461 return (open(path, flags)); 462#else 463 return (openat(fd, path, flags)); 464#endif 465} 466 467static int 468lazy_stat(struct archive_write_disk *a) 469{ 470 if (a->pst != NULL) { 471 /* Already have stat() data available. */ 472 return (ARCHIVE_OK); 473 } 474#ifdef HAVE_FSTAT 475 if (a->fd >= 0 && fstat(a->fd, &a->st) == 0) { 476 a->pst = &a->st; 477 return (ARCHIVE_OK); 478 } 479#endif 480 /* 481 * XXX At this point, symlinks should not be hit, otherwise 482 * XXX a race occurred. Do we want to check explicitly for that? 483 */ 484 if (lstat(a->name, &a->st) == 0) { 485 a->pst = &a->st; 486 return (ARCHIVE_OK); 487 } 488 archive_set_error(&a->archive, errno, "Couldn't stat file"); 489 return (ARCHIVE_WARN); 490} 491 492static struct archive_vtable * 493archive_write_disk_vtable(void) 494{ 495 static struct archive_vtable av; 496 static int inited = 0; 497 498 if (!inited) { 499 av.archive_close = _archive_write_disk_close; 500 av.archive_filter_bytes = _archive_write_disk_filter_bytes; 501 av.archive_free = _archive_write_disk_free; 502 av.archive_write_header = _archive_write_disk_header; 503 av.archive_write_finish_entry 504 = _archive_write_disk_finish_entry; 505 av.archive_write_data = _archive_write_disk_data; 506 av.archive_write_data_block = _archive_write_disk_data_block; 507 inited = 1; 508 } 509 return (&av); 510} 511 512static int64_t 513_archive_write_disk_filter_bytes(struct archive *_a, int n) 514{ 515 struct archive_write_disk *a = (struct archive_write_disk *)_a; 516 (void)n; /* UNUSED */ 517 if (n == -1 || n == 0) 518 return (a->total_bytes_written); 519 return (-1); 520} 521 522 523int 524archive_write_disk_set_options(struct archive *_a, int flags) 525{ 526 struct archive_write_disk *a = (struct archive_write_disk *)_a; 527 528 a->flags = flags; 529 return (ARCHIVE_OK); 530} 531 532 533/* 534 * Extract this entry to disk. 535 * 536 * TODO: Validate hardlinks. According to the standards, we're 537 * supposed to check each extracted hardlink and squawk if it refers 538 * to a file that we didn't restore. I'm not entirely convinced this 539 * is a good idea, but more importantly: Is there any way to validate 540 * hardlinks without keeping a complete list of filenames from the 541 * entire archive?? Ugh. 542 * 543 */ 544static int 545_archive_write_disk_header(struct archive *_a, struct archive_entry *entry) 546{ 547 struct archive_write_disk *a = (struct archive_write_disk *)_a; 548 struct fixup_entry *fe; 549 const char *linkname; 550 int ret, r; 551 552 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 553 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 554 "archive_write_disk_header"); 555 archive_clear_error(&a->archive); 556 if (a->archive.state & ARCHIVE_STATE_DATA) { 557 r = _archive_write_disk_finish_entry(&a->archive); 558 if (r == ARCHIVE_FATAL) 559 return (r); 560 } 561 562 /* Set up for this particular entry. */ 563 a->pst = NULL; 564 a->current_fixup = NULL; 565 a->deferred = 0; 566 if (a->entry) { 567 archive_entry_free(a->entry); 568 a->entry = NULL; 569 } 570 a->entry = archive_entry_clone(entry); 571 a->fd = -1; 572 a->fd_offset = 0; 573 a->offset = 0; 574 a->restore_pwd = -1; 575 a->uid = a->user_uid; 576 a->mode = archive_entry_mode(a->entry); 577 if (archive_entry_size_is_set(a->entry)) 578 a->filesize = archive_entry_size(a->entry); 579 else 580 a->filesize = -1; 581 archive_strcpy(&(a->_name_data), archive_entry_pathname(a->entry)); 582 a->name = a->_name_data.s; 583 archive_clear_error(&a->archive); 584 585 /* 586 * Clean up the requested path. This is necessary for correct 587 * dir restores; the dir restore logic otherwise gets messed 588 * up by nonsense like "dir/.". 589 */ 590 ret = cleanup_pathname(a); 591 if (ret != ARCHIVE_OK) 592 return (ret); 593 594 /* 595 * Check if we have a hardlink that points to itself. 596 */ 597 linkname = archive_entry_hardlink(a->entry); 598 if (linkname != NULL && strcmp(a->name, linkname) == 0) { 599 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 600 "Skipping hardlink pointing to itself: %s", 601 a->name); 602 return (ARCHIVE_WARN); 603 } 604 605 /* 606 * Query the umask so we get predictable mode settings. 607 * This gets done on every call to _write_header in case the 608 * user edits their umask during the extraction for some 609 * reason. 610 */ 611 umask(a->user_umask = umask(0)); 612 613 /* Figure out what we need to do for this entry. */ 614 a->todo = TODO_MODE_BASE; 615 if (a->flags & ARCHIVE_EXTRACT_PERM) { 616 a->todo |= TODO_MODE_FORCE; /* Be pushy about permissions. */ 617 /* 618 * SGID requires an extra "check" step because we 619 * cannot easily predict the GID that the system will 620 * assign. (Different systems assign GIDs to files 621 * based on a variety of criteria, including process 622 * credentials and the gid of the enclosing 623 * directory.) We can only restore the SGID bit if 624 * the file has the right GID, and we only know the 625 * GID if we either set it (see set_ownership) or if 626 * we've actually called stat() on the file after it 627 * was restored. Since there are several places at 628 * which we might verify the GID, we need a TODO bit 629 * to keep track. 630 */ 631 if (a->mode & S_ISGID) 632 a->todo |= TODO_SGID | TODO_SGID_CHECK; 633 /* 634 * Verifying the SUID is simpler, but can still be 635 * done in multiple ways, hence the separate "check" bit. 636 */ 637 if (a->mode & S_ISUID) 638 a->todo |= TODO_SUID | TODO_SUID_CHECK; 639 } else { 640 /* 641 * User didn't request full permissions, so don't 642 * restore SUID, SGID bits and obey umask. 643 */ 644 a->mode &= ~S_ISUID; 645 a->mode &= ~S_ISGID; 646 a->mode &= ~S_ISVTX; 647 a->mode &= ~a->user_umask; 648 } 649 if (a->flags & ARCHIVE_EXTRACT_OWNER) 650 a->todo |= TODO_OWNER; 651 if (a->flags & ARCHIVE_EXTRACT_TIME) 652 a->todo |= TODO_TIMES; 653 if (a->flags & ARCHIVE_EXTRACT_ACL) { 654#if ARCHIVE_ACL_DARWIN 655 /* 656 * On MacOS, platform ACLs get stored in mac_metadata, too. 657 * If we intend to extract mac_metadata and it is present 658 * we skip extracting libarchive NFSv4 ACLs. 659 */ 660 size_t metadata_size; 661 662 if ((a->flags & ARCHIVE_EXTRACT_MAC_METADATA) == 0 || 663 archive_entry_mac_metadata(a->entry, 664 &metadata_size) == NULL || metadata_size == 0) 665#endif 666#if ARCHIVE_ACL_LIBRICHACL 667 /* 668 * RichACLs are stored in an extended attribute. 669 * If we intend to extract extended attributes and have this 670 * attribute we skip extracting libarchive NFSv4 ACLs. 671 */ 672 short extract_acls = 1; 673 if (a->flags & ARCHIVE_EXTRACT_XATTR && ( 674 archive_entry_acl_types(a->entry) & 675 ARCHIVE_ENTRY_ACL_TYPE_NFS4)) { 676 const char *attr_name; 677 const void *attr_value; 678 size_t attr_size; 679 int i = archive_entry_xattr_reset(a->entry); 680 while (i--) { 681 archive_entry_xattr_next(a->entry, &attr_name, 682 &attr_value, &attr_size); 683 if (attr_name != NULL && attr_value != NULL && 684 attr_size > 0 && strcmp(attr_name, 685 "trusted.richacl") == 0) { 686 extract_acls = 0; 687 break; 688 } 689 } 690 } 691 if (extract_acls) 692#endif 693#if ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_LIBRICHACL 694 { 695#endif 696 if (archive_entry_filetype(a->entry) == AE_IFDIR) 697 a->deferred |= TODO_ACLS; 698 else 699 a->todo |= TODO_ACLS; 700#if ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_LIBRICHACL 701 } 702#endif 703 } 704 if (a->flags & ARCHIVE_EXTRACT_MAC_METADATA) { 705 if (archive_entry_filetype(a->entry) == AE_IFDIR) 706 a->deferred |= TODO_MAC_METADATA; 707 else 708 a->todo |= TODO_MAC_METADATA; 709 } 710#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 711 if ((a->flags & ARCHIVE_EXTRACT_NO_HFS_COMPRESSION) == 0) { 712 unsigned long set, clear; 713 archive_entry_fflags(a->entry, &set, &clear); 714 if ((set & ~clear) & UF_COMPRESSED) { 715 a->todo |= TODO_HFS_COMPRESSION; 716 a->decmpfs_block_count = (unsigned)-1; 717 } 718 } 719 if ((a->flags & ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED) != 0 && 720 (a->mode & AE_IFMT) == AE_IFREG && a->filesize > 0) { 721 a->todo |= TODO_HFS_COMPRESSION; 722 a->decmpfs_block_count = (unsigned)-1; 723 } 724 { 725 const char *p; 726 727 /* Check if the current file name is a type of the 728 * resource fork file. */ 729 p = strrchr(a->name, '/'); 730 if (p == NULL) 731 p = a->name; 732 else 733 p++; 734 if (p[0] == '.' && p[1] == '_') { 735 /* Do not compress "._XXX" files. */ 736 a->todo &= ~TODO_HFS_COMPRESSION; 737 if (a->filesize > 0) 738 a->todo |= TODO_APPLEDOUBLE; 739 } 740 } 741#endif 742 743 if (a->flags & ARCHIVE_EXTRACT_XATTR) { 744#if ARCHIVE_XATTR_DARWIN 745 /* 746 * On MacOS, extended attributes get stored in mac_metadata, 747 * too. If we intend to extract mac_metadata and it is present 748 * we skip extracting extended attributes. 749 */ 750 size_t metadata_size; 751 752 if ((a->flags & ARCHIVE_EXTRACT_MAC_METADATA) == 0 || 753 archive_entry_mac_metadata(a->entry, 754 &metadata_size) == NULL || metadata_size == 0) 755#endif 756 a->todo |= TODO_XATTR; 757 } 758 if (a->flags & ARCHIVE_EXTRACT_FFLAGS) 759 a->todo |= TODO_FFLAGS; 760 if (a->flags & ARCHIVE_EXTRACT_SECURE_SYMLINKS) { 761 ret = check_symlinks(a); 762 if (ret != ARCHIVE_OK) 763 return (ret); 764 } 765#if defined(HAVE_FCHDIR) && defined(PATH_MAX) 766 /* If path exceeds PATH_MAX, shorten the path. */ 767 edit_deep_directories(a); 768#endif 769 770 ret = restore_entry(a); 771 772#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 773 /* 774 * Check if the filesystem the file is restoring on supports 775 * HFS+ Compression. If not, cancel HFS+ Compression. 776 */ 777 if (a->todo | TODO_HFS_COMPRESSION) { 778 /* 779 * NOTE: UF_COMPRESSED is ignored even if the filesystem 780 * supports HFS+ Compression because the file should 781 * have at least an extended attribute "com.apple.decmpfs" 782 * before the flag is set to indicate that the file have 783 * been compressed. If the filesystem does not support 784 * HFS+ Compression the system call will fail. 785 */ 786 if (a->fd < 0 || fchflags(a->fd, UF_COMPRESSED) != 0) 787 a->todo &= ~TODO_HFS_COMPRESSION; 788 } 789#endif 790 791 /* 792 * TODO: There are rumours that some extended attributes must 793 * be restored before file data is written. If this is true, 794 * then we either need to write all extended attributes both 795 * before and after restoring the data, or find some rule for 796 * determining which must go first and which last. Due to the 797 * many ways people are using xattrs, this may prove to be an 798 * intractable problem. 799 */ 800 801#ifdef HAVE_FCHDIR 802 /* If we changed directory above, restore it here. */ 803 if (a->restore_pwd >= 0) { 804 r = fchdir(a->restore_pwd); 805 if (r != 0) { 806 archive_set_error(&a->archive, errno, 807 "chdir() failure"); 808 ret = ARCHIVE_FATAL; 809 } 810 close(a->restore_pwd); 811 a->restore_pwd = -1; 812 } 813#endif 814 815 /* 816 * Fixup uses the unedited pathname from archive_entry_pathname(), 817 * because it is relative to the base dir and the edited path 818 * might be relative to some intermediate dir as a result of the 819 * deep restore logic. 820 */ 821 if (a->deferred & TODO_MODE) { 822 fe = current_fixup(a, archive_entry_pathname(entry)); 823 if (fe == NULL) 824 return (ARCHIVE_FATAL); 825 fe->fixup |= TODO_MODE_BASE; 826 fe->mode = a->mode; 827 } 828 829 if ((a->deferred & TODO_TIMES) 830 && (archive_entry_mtime_is_set(entry) 831 || archive_entry_atime_is_set(entry))) { 832 fe = current_fixup(a, archive_entry_pathname(entry)); 833 if (fe == NULL) 834 return (ARCHIVE_FATAL); 835 fe->mode = a->mode; 836 fe->fixup |= TODO_TIMES; 837 if (archive_entry_atime_is_set(entry)) { 838 fe->atime = archive_entry_atime(entry); 839 fe->atime_nanos = archive_entry_atime_nsec(entry); 840 } else { 841 /* If atime is unset, use start time. */ 842 fe->atime = a->start_time; 843 fe->atime_nanos = 0; 844 } 845 if (archive_entry_mtime_is_set(entry)) { 846 fe->mtime = archive_entry_mtime(entry); 847 fe->mtime_nanos = archive_entry_mtime_nsec(entry); 848 } else { 849 /* If mtime is unset, use start time. */ 850 fe->mtime = a->start_time; 851 fe->mtime_nanos = 0; 852 } 853 if (archive_entry_birthtime_is_set(entry)) { 854 fe->birthtime = archive_entry_birthtime(entry); 855 fe->birthtime_nanos = archive_entry_birthtime_nsec( 856 entry); 857 } else { 858 /* If birthtime is unset, use mtime. */ 859 fe->birthtime = fe->mtime; 860 fe->birthtime_nanos = fe->mtime_nanos; 861 } 862 } 863 864 if (a->deferred & TODO_ACLS) { 865 fe = current_fixup(a, archive_entry_pathname(entry)); 866 if (fe == NULL) 867 return (ARCHIVE_FATAL); 868 fe->fixup |= TODO_ACLS; 869 archive_acl_copy(&fe->acl, archive_entry_acl(entry)); 870 } 871 872 if (a->deferred & TODO_MAC_METADATA) { 873 const void *metadata; 874 size_t metadata_size; 875 metadata = archive_entry_mac_metadata(a->entry, &metadata_size); 876 if (metadata != NULL && metadata_size > 0) { 877 fe = current_fixup(a, archive_entry_pathname(entry)); 878 if (fe == NULL) 879 return (ARCHIVE_FATAL); 880 fe->mac_metadata = malloc(metadata_size); 881 if (fe->mac_metadata != NULL) { 882 memcpy(fe->mac_metadata, metadata, 883 metadata_size); 884 fe->mac_metadata_size = metadata_size; 885 fe->fixup |= TODO_MAC_METADATA; 886 } 887 } 888 } 889 890 if (a->deferred & TODO_FFLAGS) { 891 fe = current_fixup(a, archive_entry_pathname(entry)); 892 if (fe == NULL) 893 return (ARCHIVE_FATAL); 894 fe->fixup |= TODO_FFLAGS; 895 /* TODO: Complete this.. defer fflags from below. */ 896 } 897 898 /* We've created the object and are ready to pour data into it. */ 899 if (ret >= ARCHIVE_WARN) 900 a->archive.state = ARCHIVE_STATE_DATA; 901 /* 902 * If it's not open, tell our client not to try writing. 903 * In particular, dirs, links, etc, don't get written to. 904 */ 905 if (a->fd < 0) { 906 archive_entry_set_size(entry, 0); 907 a->filesize = 0; 908 } 909 910 return (ret); 911} 912 913int 914archive_write_disk_set_skip_file(struct archive *_a, la_int64_t d, la_int64_t i) 915{ 916 struct archive_write_disk *a = (struct archive_write_disk *)_a; 917 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 918 ARCHIVE_STATE_ANY, "archive_write_disk_set_skip_file"); 919 a->skip_file_set = 1; 920 a->skip_file_dev = d; 921 a->skip_file_ino = i; 922 return (ARCHIVE_OK); 923} 924 925static ssize_t 926write_data_block(struct archive_write_disk *a, const char *buff, size_t size) 927{ 928 uint64_t start_size = size; 929 ssize_t bytes_written = 0; 930 ssize_t block_size = 0, bytes_to_write; 931 932 if (size == 0) 933 return (ARCHIVE_OK); 934 935 if (a->filesize == 0 || a->fd < 0) { 936 archive_set_error(&a->archive, 0, 937 "Attempt to write to an empty file"); 938 return (ARCHIVE_WARN); 939 } 940 941 if (a->flags & ARCHIVE_EXTRACT_SPARSE) { 942#if HAVE_STRUCT_STAT_ST_BLKSIZE 943 int r; 944 if ((r = lazy_stat(a)) != ARCHIVE_OK) 945 return (r); 946 block_size = a->pst->st_blksize; 947#else 948 /* XXX TODO XXX Is there a more appropriate choice here ? */ 949 /* This needn't match the filesystem allocation size. */ 950 block_size = 16*1024; 951#endif 952 } 953 954 /* If this write would run beyond the file size, truncate it. */ 955 if (a->filesize >= 0 && (int64_t)(a->offset + size) > a->filesize) 956 start_size = size = (size_t)(a->filesize - a->offset); 957 958 /* Write the data. */ 959 while (size > 0) { 960 if (block_size == 0) { 961 bytes_to_write = size; 962 } else { 963 /* We're sparsifying the file. */ 964 const char *p, *end; 965 int64_t block_end; 966 967 /* Skip leading zero bytes. */ 968 for (p = buff, end = buff + size; p < end; ++p) { 969 if (*p != '\0') 970 break; 971 } 972 a->offset += p - buff; 973 size -= p - buff; 974 buff = p; 975 if (size == 0) 976 break; 977 978 /* Calculate next block boundary after offset. */ 979 block_end 980 = (a->offset / block_size + 1) * block_size; 981 982 /* If the adjusted write would cross block boundary, 983 * truncate it to the block boundary. */ 984 bytes_to_write = size; 985 if (a->offset + bytes_to_write > block_end) 986 bytes_to_write = block_end - a->offset; 987 } 988 /* Seek if necessary to the specified offset. */ 989 if (a->offset != a->fd_offset) { 990 if (lseek(a->fd, a->offset, SEEK_SET) < 0) { 991 archive_set_error(&a->archive, errno, 992 "Seek failed"); 993 return (ARCHIVE_FATAL); 994 } 995 a->fd_offset = a->offset; 996 } 997 bytes_written = write(a->fd, buff, bytes_to_write); 998 if (bytes_written < 0) { 999 archive_set_error(&a->archive, errno, "Write failed"); 1000 return (ARCHIVE_WARN); 1001 } 1002 buff += bytes_written; 1003 size -= bytes_written; 1004 a->total_bytes_written += bytes_written; 1005 a->offset += bytes_written; 1006 a->fd_offset = a->offset; 1007 } 1008 return (start_size - size); 1009} 1010 1011#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_SYS_XATTR_H)\ 1012 && defined(HAVE_ZLIB_H) 1013 1014/* 1015 * Set UF_COMPRESSED file flag. 1016 * This have to be called after hfs_write_decmpfs() because if the 1017 * file does not have "com.apple.decmpfs" xattr the flag is ignored. 1018 */ 1019static int 1020hfs_set_compressed_fflag(struct archive_write_disk *a) 1021{ 1022 int r; 1023 1024 if ((r = lazy_stat(a)) != ARCHIVE_OK) 1025 return (r); 1026 1027 a->st.st_flags |= UF_COMPRESSED; 1028 if (fchflags(a->fd, a->st.st_flags) != 0) { 1029 archive_set_error(&a->archive, errno, 1030 "Failed to set UF_COMPRESSED file flag"); 1031 return (ARCHIVE_WARN); 1032 } 1033 return (ARCHIVE_OK); 1034} 1035 1036/* 1037 * HFS+ Compression decmpfs 1038 * 1039 * +------------------------------+ +0 1040 * | Magic(LE 4 bytes) | 1041 * +------------------------------+ 1042 * | Type(LE 4 bytes) | 1043 * +------------------------------+ 1044 * | Uncompressed size(LE 8 bytes)| 1045 * +------------------------------+ +16 1046 * | | 1047 * | Compressed data | 1048 * | (Placed only if Type == 3) | 1049 * | | 1050 * +------------------------------+ +3802 = MAX_DECMPFS_XATTR_SIZE 1051 * 1052 * Type is 3: decmpfs has compressed data. 1053 * Type is 4: Resource Fork has compressed data. 1054 */ 1055/* 1056 * Write "com.apple.decmpfs" 1057 */ 1058static int 1059hfs_write_decmpfs(struct archive_write_disk *a) 1060{ 1061 int r; 1062 uint32_t compression_type; 1063 1064 r = fsetxattr(a->fd, DECMPFS_XATTR_NAME, a->decmpfs_header_p, 1065 a->decmpfs_attr_size, 0, 0); 1066 if (r < 0) { 1067 archive_set_error(&a->archive, errno, 1068 "Cannot restore xattr:%s", DECMPFS_XATTR_NAME); 1069 compression_type = archive_le32dec( 1070 &a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE]); 1071 if (compression_type == CMP_RESOURCE_FORK) 1072 fremovexattr(a->fd, XATTR_RESOURCEFORK_NAME, 1073 XATTR_SHOWCOMPRESSION); 1074 return (ARCHIVE_WARN); 1075 } 1076 return (ARCHIVE_OK); 1077} 1078 1079/* 1080 * HFS+ Compression Resource Fork 1081 * 1082 * +-----------------------------+ 1083 * | Header(260 bytes) | 1084 * +-----------------------------+ 1085 * | Block count(LE 4 bytes) | 1086 * +-----------------------------+ --+ 1087 * +-- | Offset (LE 4 bytes) | | 1088 * | | [distance from Block count] | | Block 0 1089 * | +-----------------------------+ | 1090 * | | Compressed size(LE 4 bytes) | | 1091 * | +-----------------------------+ --+ 1092 * | | | 1093 * | | .................. | 1094 * | | | 1095 * | +-----------------------------+ --+ 1096 * | | Offset (LE 4 bytes) | | 1097 * | +-----------------------------+ | Block (Block count -1) 1098 * | | Compressed size(LE 4 bytes) | | 1099 * +-> +-----------------------------+ --+ 1100 * | Compressed data(n bytes) | Block 0 1101 * +-----------------------------+ 1102 * | | 1103 * | .................. | 1104 * | | 1105 * +-----------------------------+ 1106 * | Compressed data(n bytes) | Block (Block count -1) 1107 * +-----------------------------+ 1108 * | Footer(50 bytes) | 1109 * +-----------------------------+ 1110 * 1111 */ 1112/* 1113 * Write the header of "com.apple.ResourceFork" 1114 */ 1115static int 1116hfs_write_resource_fork(struct archive_write_disk *a, unsigned char *buff, 1117 size_t bytes, uint32_t position) 1118{ 1119 int ret; 1120 1121 ret = fsetxattr(a->fd, XATTR_RESOURCEFORK_NAME, buff, bytes, 1122 position, a->rsrc_xattr_options); 1123 if (ret < 0) { 1124 archive_set_error(&a->archive, errno, 1125 "Cannot restore xattr: %s at %u pos %u bytes", 1126 XATTR_RESOURCEFORK_NAME, 1127 (unsigned)position, 1128 (unsigned)bytes); 1129 return (ARCHIVE_WARN); 1130 } 1131 a->rsrc_xattr_options &= ~XATTR_CREATE; 1132 return (ARCHIVE_OK); 1133} 1134 1135static int 1136hfs_write_compressed_data(struct archive_write_disk *a, size_t bytes_compressed) 1137{ 1138 int ret; 1139 1140 ret = hfs_write_resource_fork(a, a->compressed_buffer, 1141 bytes_compressed, a->compressed_rsrc_position); 1142 if (ret == ARCHIVE_OK) 1143 a->compressed_rsrc_position += bytes_compressed; 1144 return (ret); 1145} 1146 1147static int 1148hfs_write_resource_fork_header(struct archive_write_disk *a) 1149{ 1150 unsigned char *buff; 1151 uint32_t rsrc_bytes; 1152 uint32_t rsrc_header_bytes; 1153 1154 /* 1155 * Write resource fork header + block info. 1156 */ 1157 buff = a->resource_fork; 1158 rsrc_bytes = a->compressed_rsrc_position - RSRC_F_SIZE; 1159 rsrc_header_bytes = 1160 RSRC_H_SIZE + /* Header base size. */ 1161 4 + /* Block count. */ 1162 (a->decmpfs_block_count * 8);/* Block info */ 1163 archive_be32enc(buff, 0x100); 1164 archive_be32enc(buff + 4, rsrc_bytes); 1165 archive_be32enc(buff + 8, rsrc_bytes - 256); 1166 archive_be32enc(buff + 12, 0x32); 1167 memset(buff + 16, 0, 240); 1168 archive_be32enc(buff + 256, rsrc_bytes - 260); 1169 return hfs_write_resource_fork(a, buff, rsrc_header_bytes, 0); 1170} 1171 1172static size_t 1173hfs_set_resource_fork_footer(unsigned char *buff, size_t buff_size) 1174{ 1175 static const char rsrc_footer[RSRC_F_SIZE] = { 1176 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1177 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1178 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1179 0x00, 0x1c, 0x00, 0x32, 0x00, 0x00, 'c', 'm', 1180 'p', 'f', 0x00, 0x00, 0x00, 0x0a, 0x00, 0x01, 1181 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1182 0x00, 0x00 1183 }; 1184 if (buff_size < sizeof(rsrc_footer)) 1185 return (0); 1186 memcpy(buff, rsrc_footer, sizeof(rsrc_footer)); 1187 return (sizeof(rsrc_footer)); 1188} 1189 1190static int 1191hfs_reset_compressor(struct archive_write_disk *a) 1192{ 1193 int ret; 1194 1195 if (a->stream_valid) 1196 ret = deflateReset(&a->stream); 1197 else 1198 ret = deflateInit(&a->stream, a->decmpfs_compression_level); 1199 1200 if (ret != Z_OK) { 1201 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1202 "Failed to initialize compressor"); 1203 return (ARCHIVE_FATAL); 1204 } else 1205 a->stream_valid = 1; 1206 1207 return (ARCHIVE_OK); 1208} 1209 1210static int 1211hfs_decompress(struct archive_write_disk *a) 1212{ 1213 uint32_t *block_info; 1214 unsigned int block_count; 1215 uint32_t data_pos, data_size; 1216 ssize_t r; 1217 ssize_t bytes_written, bytes_to_write; 1218 unsigned char *b; 1219 1220 block_info = (uint32_t *)(a->resource_fork + RSRC_H_SIZE); 1221 block_count = archive_le32dec(block_info++); 1222 while (block_count--) { 1223 data_pos = RSRC_H_SIZE + archive_le32dec(block_info++); 1224 data_size = archive_le32dec(block_info++); 1225 r = fgetxattr(a->fd, XATTR_RESOURCEFORK_NAME, 1226 a->compressed_buffer, data_size, data_pos, 0); 1227 if (r != data_size) { 1228 archive_set_error(&a->archive, 1229 (r < 0)?errno:ARCHIVE_ERRNO_MISC, 1230 "Failed to read resource fork"); 1231 return (ARCHIVE_WARN); 1232 } 1233 if (a->compressed_buffer[0] == 0xff) { 1234 bytes_to_write = data_size -1; 1235 b = a->compressed_buffer + 1; 1236 } else { 1237 uLong dest_len = MAX_DECMPFS_BLOCK_SIZE; 1238 int zr; 1239 1240 zr = uncompress((Bytef *)a->uncompressed_buffer, 1241 &dest_len, a->compressed_buffer, data_size); 1242 if (zr != Z_OK) { 1243 archive_set_error(&a->archive, 1244 ARCHIVE_ERRNO_MISC, 1245 "Failed to decompress resource fork"); 1246 return (ARCHIVE_WARN); 1247 } 1248 bytes_to_write = dest_len; 1249 b = (unsigned char *)a->uncompressed_buffer; 1250 } 1251 do { 1252 bytes_written = write(a->fd, b, bytes_to_write); 1253 if (bytes_written < 0) { 1254 archive_set_error(&a->archive, errno, 1255 "Write failed"); 1256 return (ARCHIVE_WARN); 1257 } 1258 bytes_to_write -= bytes_written; 1259 b += bytes_written; 1260 } while (bytes_to_write > 0); 1261 } 1262 r = fremovexattr(a->fd, XATTR_RESOURCEFORK_NAME, 0); 1263 if (r == -1) { 1264 archive_set_error(&a->archive, errno, 1265 "Failed to remove resource fork"); 1266 return (ARCHIVE_WARN); 1267 } 1268 return (ARCHIVE_OK); 1269} 1270 1271static int 1272hfs_drive_compressor(struct archive_write_disk *a, const char *buff, 1273 size_t size) 1274{ 1275 unsigned char *buffer_compressed; 1276 size_t bytes_compressed; 1277 size_t bytes_used; 1278 int ret; 1279 1280 ret = hfs_reset_compressor(a); 1281 if (ret != ARCHIVE_OK) 1282 return (ret); 1283 1284 if (a->compressed_buffer == NULL) { 1285 size_t block_size; 1286 1287 block_size = COMPRESSED_W_SIZE + RSRC_F_SIZE + 1288 + compressBound(MAX_DECMPFS_BLOCK_SIZE); 1289 a->compressed_buffer = malloc(block_size); 1290 if (a->compressed_buffer == NULL) { 1291 archive_set_error(&a->archive, ENOMEM, 1292 "Can't allocate memory for Resource Fork"); 1293 return (ARCHIVE_FATAL); 1294 } 1295 a->compressed_buffer_size = block_size; 1296 a->compressed_buffer_remaining = block_size; 1297 } 1298 1299 buffer_compressed = a->compressed_buffer + 1300 a->compressed_buffer_size - a->compressed_buffer_remaining; 1301 a->stream.next_in = (Bytef *)(uintptr_t)(const void *)buff; 1302 a->stream.avail_in = size; 1303 a->stream.next_out = buffer_compressed; 1304 a->stream.avail_out = a->compressed_buffer_remaining; 1305 do { 1306 ret = deflate(&a->stream, Z_FINISH); 1307 switch (ret) { 1308 case Z_OK: 1309 case Z_STREAM_END: 1310 break; 1311 default: 1312 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1313 "Failed to compress data"); 1314 return (ARCHIVE_FAILED); 1315 } 1316 } while (ret == Z_OK); 1317 bytes_compressed = a->compressed_buffer_remaining - a->stream.avail_out; 1318 1319 /* 1320 * If the compressed size is larger than the original size, 1321 * throw away compressed data, use uncompressed data instead. 1322 */ 1323 if (bytes_compressed > size) { 1324 buffer_compressed[0] = 0xFF;/* uncompressed marker. */ 1325 memcpy(buffer_compressed + 1, buff, size); 1326 bytes_compressed = size + 1; 1327 } 1328 a->compressed_buffer_remaining -= bytes_compressed; 1329 1330 /* 1331 * If the compressed size is smaller than MAX_DECMPFS_XATTR_SIZE 1332 * and the block count in the file is only one, store compressed 1333 * data to decmpfs xattr instead of the resource fork. 1334 */ 1335 if (a->decmpfs_block_count == 1 && 1336 (a->decmpfs_attr_size + bytes_compressed) 1337 <= MAX_DECMPFS_XATTR_SIZE) { 1338 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE], 1339 CMP_XATTR); 1340 memcpy(a->decmpfs_header_p + DECMPFS_HEADER_SIZE, 1341 buffer_compressed, bytes_compressed); 1342 a->decmpfs_attr_size += bytes_compressed; 1343 a->compressed_buffer_remaining = a->compressed_buffer_size; 1344 /* 1345 * Finish HFS+ Compression. 1346 * - Write the decmpfs xattr. 1347 * - Set the UF_COMPRESSED file flag. 1348 */ 1349 ret = hfs_write_decmpfs(a); 1350 if (ret == ARCHIVE_OK) 1351 ret = hfs_set_compressed_fflag(a); 1352 return (ret); 1353 } 1354 1355 /* Update block info. */ 1356 archive_le32enc(a->decmpfs_block_info++, 1357 a->compressed_rsrc_position_v - RSRC_H_SIZE); 1358 archive_le32enc(a->decmpfs_block_info++, bytes_compressed); 1359 a->compressed_rsrc_position_v += bytes_compressed; 1360 1361 /* 1362 * Write the compressed data to the resource fork. 1363 */ 1364 bytes_used = a->compressed_buffer_size - a->compressed_buffer_remaining; 1365 while (bytes_used >= COMPRESSED_W_SIZE) { 1366 ret = hfs_write_compressed_data(a, COMPRESSED_W_SIZE); 1367 if (ret != ARCHIVE_OK) 1368 return (ret); 1369 bytes_used -= COMPRESSED_W_SIZE; 1370 if (bytes_used > COMPRESSED_W_SIZE) 1371 memmove(a->compressed_buffer, 1372 a->compressed_buffer + COMPRESSED_W_SIZE, 1373 bytes_used); 1374 else 1375 memcpy(a->compressed_buffer, 1376 a->compressed_buffer + COMPRESSED_W_SIZE, 1377 bytes_used); 1378 } 1379 a->compressed_buffer_remaining = a->compressed_buffer_size - bytes_used; 1380 1381 /* 1382 * If the current block is the last block, write the remaining 1383 * compressed data and the resource fork footer. 1384 */ 1385 if (a->file_remaining_bytes == 0) { 1386 size_t rsrc_size; 1387 int64_t bk; 1388 1389 /* Append the resource footer. */ 1390 rsrc_size = hfs_set_resource_fork_footer( 1391 a->compressed_buffer + bytes_used, 1392 a->compressed_buffer_remaining); 1393 ret = hfs_write_compressed_data(a, bytes_used + rsrc_size); 1394 a->compressed_buffer_remaining = a->compressed_buffer_size; 1395 1396 /* If the compressed size is not enough smaller than 1397 * the uncompressed size. cancel HFS+ compression. 1398 * TODO: study a behavior of ditto utility and improve 1399 * the condition to fall back into no HFS+ compression. */ 1400 bk = HFS_BLOCKS(a->compressed_rsrc_position); 1401 bk += bk >> 7; 1402 if (bk > HFS_BLOCKS(a->filesize)) 1403 return hfs_decompress(a); 1404 /* 1405 * Write the resourcefork header. 1406 */ 1407 if (ret == ARCHIVE_OK) 1408 ret = hfs_write_resource_fork_header(a); 1409 /* 1410 * Finish HFS+ Compression. 1411 * - Write the decmpfs xattr. 1412 * - Set the UF_COMPRESSED file flag. 1413 */ 1414 if (ret == ARCHIVE_OK) 1415 ret = hfs_write_decmpfs(a); 1416 if (ret == ARCHIVE_OK) 1417 ret = hfs_set_compressed_fflag(a); 1418 } 1419 return (ret); 1420} 1421 1422static ssize_t 1423hfs_write_decmpfs_block(struct archive_write_disk *a, const char *buff, 1424 size_t size) 1425{ 1426 const char *buffer_to_write; 1427 size_t bytes_to_write; 1428 int ret; 1429 1430 if (a->decmpfs_block_count == (unsigned)-1) { 1431 void *new_block; 1432 size_t new_size; 1433 unsigned int block_count; 1434 1435 if (a->decmpfs_header_p == NULL) { 1436 new_block = malloc(MAX_DECMPFS_XATTR_SIZE 1437 + sizeof(uint32_t)); 1438 if (new_block == NULL) { 1439 archive_set_error(&a->archive, ENOMEM, 1440 "Can't allocate memory for decmpfs"); 1441 return (ARCHIVE_FATAL); 1442 } 1443 a->decmpfs_header_p = new_block; 1444 } 1445 a->decmpfs_attr_size = DECMPFS_HEADER_SIZE; 1446 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_MAGIC], 1447 DECMPFS_MAGIC); 1448 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE], 1449 CMP_RESOURCE_FORK); 1450 archive_le64enc(&a->decmpfs_header_p[DECMPFS_UNCOMPRESSED_SIZE], 1451 a->filesize); 1452 1453 /* Calculate a block count of the file. */ 1454 block_count = 1455 (a->filesize + MAX_DECMPFS_BLOCK_SIZE -1) / 1456 MAX_DECMPFS_BLOCK_SIZE; 1457 /* 1458 * Allocate buffer for resource fork. 1459 * Set up related pointers; 1460 */ 1461 new_size = 1462 RSRC_H_SIZE + /* header */ 1463 4 + /* Block count */ 1464 (block_count * sizeof(uint32_t) * 2) + 1465 RSRC_F_SIZE; /* footer */ 1466 if (new_size > a->resource_fork_allocated_size) { 1467 new_block = realloc(a->resource_fork, new_size); 1468 if (new_block == NULL) { 1469 archive_set_error(&a->archive, ENOMEM, 1470 "Can't allocate memory for ResourceFork"); 1471 return (ARCHIVE_FATAL); 1472 } 1473 a->resource_fork_allocated_size = new_size; 1474 a->resource_fork = new_block; 1475 } 1476 1477 /* Allocate uncompressed buffer */ 1478 if (a->uncompressed_buffer == NULL) { 1479 new_block = malloc(MAX_DECMPFS_BLOCK_SIZE); 1480 if (new_block == NULL) { 1481 archive_set_error(&a->archive, ENOMEM, 1482 "Can't allocate memory for decmpfs"); 1483 return (ARCHIVE_FATAL); 1484 } 1485 a->uncompressed_buffer = new_block; 1486 } 1487 a->block_remaining_bytes = MAX_DECMPFS_BLOCK_SIZE; 1488 a->file_remaining_bytes = a->filesize; 1489 a->compressed_buffer_remaining = a->compressed_buffer_size; 1490 1491 /* 1492 * Set up a resource fork. 1493 */ 1494 a->rsrc_xattr_options = XATTR_CREATE; 1495 /* Get the position where we are going to set a bunch 1496 * of block info. */ 1497 a->decmpfs_block_info = 1498 (uint32_t *)(a->resource_fork + RSRC_H_SIZE); 1499 /* Set the block count to the resource fork. */ 1500 archive_le32enc(a->decmpfs_block_info++, block_count); 1501 /* Get the position where we are going to set compressed 1502 * data. */ 1503 a->compressed_rsrc_position = 1504 RSRC_H_SIZE + 4 + (block_count * 8); 1505 a->compressed_rsrc_position_v = a->compressed_rsrc_position; 1506 a->decmpfs_block_count = block_count; 1507 } 1508 1509 /* Ignore redundant bytes. */ 1510 if (a->file_remaining_bytes == 0) 1511 return ((ssize_t)size); 1512 1513 /* Do not overrun a block size. */ 1514 if (size > a->block_remaining_bytes) 1515 bytes_to_write = a->block_remaining_bytes; 1516 else 1517 bytes_to_write = size; 1518 /* Do not overrun the file size. */ 1519 if (bytes_to_write > a->file_remaining_bytes) 1520 bytes_to_write = a->file_remaining_bytes; 1521 1522 /* For efficiency, if a copy length is full of the uncompressed 1523 * buffer size, do not copy writing data to it. */ 1524 if (bytes_to_write == MAX_DECMPFS_BLOCK_SIZE) 1525 buffer_to_write = buff; 1526 else { 1527 memcpy(a->uncompressed_buffer + 1528 MAX_DECMPFS_BLOCK_SIZE - a->block_remaining_bytes, 1529 buff, bytes_to_write); 1530 buffer_to_write = a->uncompressed_buffer; 1531 } 1532 a->block_remaining_bytes -= bytes_to_write; 1533 a->file_remaining_bytes -= bytes_to_write; 1534 1535 if (a->block_remaining_bytes == 0 || a->file_remaining_bytes == 0) { 1536 ret = hfs_drive_compressor(a, buffer_to_write, 1537 MAX_DECMPFS_BLOCK_SIZE - a->block_remaining_bytes); 1538 if (ret < 0) 1539 return (ret); 1540 a->block_remaining_bytes = MAX_DECMPFS_BLOCK_SIZE; 1541 } 1542 /* Ignore redundant bytes. */ 1543 if (a->file_remaining_bytes == 0) 1544 return ((ssize_t)size); 1545 return (bytes_to_write); 1546} 1547 1548static ssize_t 1549hfs_write_data_block(struct archive_write_disk *a, const char *buff, 1550 size_t size) 1551{ 1552 uint64_t start_size = size; 1553 ssize_t bytes_written = 0; 1554 ssize_t bytes_to_write; 1555 1556 if (size == 0) 1557 return (ARCHIVE_OK); 1558 1559 if (a->filesize == 0 || a->fd < 0) { 1560 archive_set_error(&a->archive, 0, 1561 "Attempt to write to an empty file"); 1562 return (ARCHIVE_WARN); 1563 } 1564 1565 /* If this write would run beyond the file size, truncate it. */ 1566 if (a->filesize >= 0 && (int64_t)(a->offset + size) > a->filesize) 1567 start_size = size = (size_t)(a->filesize - a->offset); 1568 1569 /* Write the data. */ 1570 while (size > 0) { 1571 bytes_to_write = size; 1572 /* Seek if necessary to the specified offset. */ 1573 if (a->offset < a->fd_offset) { 1574 /* Can't support backward move. */ 1575 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1576 "Seek failed"); 1577 return (ARCHIVE_FATAL); 1578 } else if (a->offset > a->fd_offset) { 1579 int64_t skip = a->offset - a->fd_offset; 1580 char nullblock[1024]; 1581 1582 memset(nullblock, 0, sizeof(nullblock)); 1583 while (skip > 0) { 1584 if (skip > (int64_t)sizeof(nullblock)) 1585 bytes_written = hfs_write_decmpfs_block( 1586 a, nullblock, sizeof(nullblock)); 1587 else 1588 bytes_written = hfs_write_decmpfs_block( 1589 a, nullblock, skip); 1590 if (bytes_written < 0) { 1591 archive_set_error(&a->archive, errno, 1592 "Write failed"); 1593 return (ARCHIVE_WARN); 1594 } 1595 skip -= bytes_written; 1596 } 1597 1598 a->fd_offset = a->offset; 1599 } 1600 bytes_written = 1601 hfs_write_decmpfs_block(a, buff, bytes_to_write); 1602 if (bytes_written < 0) 1603 return (bytes_written); 1604 buff += bytes_written; 1605 size -= bytes_written; 1606 a->total_bytes_written += bytes_written; 1607 a->offset += bytes_written; 1608 a->fd_offset = a->offset; 1609 } 1610 return (start_size - size); 1611} 1612#else 1613static ssize_t 1614hfs_write_data_block(struct archive_write_disk *a, const char *buff, 1615 size_t size) 1616{ 1617 return (write_data_block(a, buff, size)); 1618} 1619#endif 1620 1621static ssize_t 1622_archive_write_disk_data_block(struct archive *_a, 1623 const void *buff, size_t size, int64_t offset) 1624{ 1625 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1626 ssize_t r; 1627 1628 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1629 ARCHIVE_STATE_DATA, "archive_write_data_block"); 1630 1631 a->offset = offset; 1632 if (a->todo & TODO_HFS_COMPRESSION) 1633 r = hfs_write_data_block(a, buff, size); 1634 else 1635 r = write_data_block(a, buff, size); 1636 if (r < ARCHIVE_OK) 1637 return (r); 1638 if ((size_t)r < size) { 1639 archive_set_error(&a->archive, 0, 1640 "Too much data: Truncating file at %ju bytes", 1641 (uintmax_t)a->filesize); 1642 return (ARCHIVE_WARN); 1643 } 1644#if ARCHIVE_VERSION_NUMBER < 3999000 1645 return (ARCHIVE_OK); 1646#else 1647 return (size); 1648#endif 1649} 1650 1651static ssize_t 1652_archive_write_disk_data(struct archive *_a, const void *buff, size_t size) 1653{ 1654 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1655 1656 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1657 ARCHIVE_STATE_DATA, "archive_write_data"); 1658 1659 if (a->todo & TODO_HFS_COMPRESSION) 1660 return (hfs_write_data_block(a, buff, size)); 1661 return (write_data_block(a, buff, size)); 1662} 1663 1664static int 1665_archive_write_disk_finish_entry(struct archive *_a) 1666{ 1667 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1668 int ret = ARCHIVE_OK; 1669 1670 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1671 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 1672 "archive_write_finish_entry"); 1673 if (a->archive.state & ARCHIVE_STATE_HEADER) 1674 return (ARCHIVE_OK); 1675 archive_clear_error(&a->archive); 1676 1677 /* Pad or truncate file to the right size. */ 1678 if (a->fd < 0) { 1679 /* There's no file. */ 1680 } else if (a->filesize < 0) { 1681 /* File size is unknown, so we can't set the size. */ 1682 } else if (a->fd_offset == a->filesize) { 1683 /* Last write ended at exactly the filesize; we're done. */ 1684 /* Hopefully, this is the common case. */ 1685#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 1686 } else if (a->todo & TODO_HFS_COMPRESSION) { 1687 char null_d[1024]; 1688 ssize_t r; 1689 1690 if (a->file_remaining_bytes) 1691 memset(null_d, 0, sizeof(null_d)); 1692 while (a->file_remaining_bytes) { 1693 if (a->file_remaining_bytes > sizeof(null_d)) 1694 r = hfs_write_data_block( 1695 a, null_d, sizeof(null_d)); 1696 else 1697 r = hfs_write_data_block( 1698 a, null_d, a->file_remaining_bytes); 1699 if (r < 0) 1700 return ((int)r); 1701 } 1702#endif 1703 } else { 1704#if HAVE_FTRUNCATE 1705 if (ftruncate(a->fd, a->filesize) == -1 && 1706 a->filesize == 0) { 1707 archive_set_error(&a->archive, errno, 1708 "File size could not be restored"); 1709 return (ARCHIVE_FAILED); 1710 } 1711#endif 1712 /* 1713 * Not all platforms implement the XSI option to 1714 * extend files via ftruncate. Stat() the file again 1715 * to see what happened. 1716 */ 1717 a->pst = NULL; 1718 if ((ret = lazy_stat(a)) != ARCHIVE_OK) 1719 return (ret); 1720 /* We can use lseek()/write() to extend the file if 1721 * ftruncate didn't work or isn't available. */ 1722 if (a->st.st_size < a->filesize) { 1723 const char nul = '\0'; 1724 if (lseek(a->fd, a->filesize - 1, SEEK_SET) < 0) { 1725 archive_set_error(&a->archive, errno, 1726 "Seek failed"); 1727 return (ARCHIVE_FATAL); 1728 } 1729 if (write(a->fd, &nul, 1) < 0) { 1730 archive_set_error(&a->archive, errno, 1731 "Write to restore size failed"); 1732 return (ARCHIVE_FATAL); 1733 } 1734 a->pst = NULL; 1735 } 1736 } 1737 1738 /* Restore metadata. */ 1739 1740 /* 1741 * This is specific to Mac OS X. 1742 * If the current file is an AppleDouble file, it should be 1743 * linked with the data fork file and remove it. 1744 */ 1745 if (a->todo & TODO_APPLEDOUBLE) { 1746 int r2 = fixup_appledouble(a, a->name); 1747 if (r2 == ARCHIVE_EOF) { 1748 /* The current file has been successfully linked 1749 * with the data fork file and removed. So there 1750 * is nothing to do on the current file. */ 1751 goto finish_metadata; 1752 } 1753 if (r2 < ret) ret = r2; 1754 } 1755 1756 /* 1757 * Look up the "real" UID only if we're going to need it. 1758 * TODO: the TODO_SGID condition can be dropped here, can't it? 1759 */ 1760 if (a->todo & (TODO_OWNER | TODO_SUID | TODO_SGID)) { 1761 a->uid = archive_write_disk_uid(&a->archive, 1762 archive_entry_uname(a->entry), 1763 archive_entry_uid(a->entry)); 1764 } 1765 /* Look up the "real" GID only if we're going to need it. */ 1766 /* TODO: the TODO_SUID condition can be dropped here, can't it? */ 1767 if (a->todo & (TODO_OWNER | TODO_SGID | TODO_SUID)) { 1768 a->gid = archive_write_disk_gid(&a->archive, 1769 archive_entry_gname(a->entry), 1770 archive_entry_gid(a->entry)); 1771 } 1772 1773 /* 1774 * Restore ownership before set_mode tries to restore suid/sgid 1775 * bits. If we set the owner, we know what it is and can skip 1776 * a stat() call to examine the ownership of the file on disk. 1777 */ 1778 if (a->todo & TODO_OWNER) { 1779 int r2 = set_ownership(a); 1780 if (r2 < ret) ret = r2; 1781 } 1782 1783 /* 1784 * HYPOTHESIS: 1785 * If we're not root, we won't be setting any security 1786 * attributes that may be wiped by the set_mode() routine 1787 * below. We also can't set xattr on non-owner-writable files, 1788 * which may be the state after set_mode(). Perform 1789 * set_xattrs() first based on these constraints. 1790 */ 1791 if (a->user_uid != 0 && 1792 (a->todo & TODO_XATTR)) { 1793 int r2 = set_xattrs(a); 1794 if (r2 < ret) ret = r2; 1795 } 1796 1797 /* 1798 * set_mode must precede ACLs on systems such as Solaris and 1799 * FreeBSD where setting the mode implicitly clears extended ACLs 1800 */ 1801 if (a->todo & TODO_MODE) { 1802 int r2 = set_mode(a, a->mode); 1803 if (r2 < ret) ret = r2; 1804 } 1805 1806 /* 1807 * Security-related extended attributes (such as 1808 * security.capability on Linux) have to be restored last, 1809 * since they're implicitly removed by other file changes. 1810 * We do this last only when root. 1811 */ 1812 if (a->user_uid == 0 && 1813 (a->todo & TODO_XATTR)) { 1814 int r2 = set_xattrs(a); 1815 if (r2 < ret) ret = r2; 1816 } 1817 1818 /* 1819 * Some flags prevent file modification; they must be restored after 1820 * file contents are written. 1821 */ 1822 if (a->todo & TODO_FFLAGS) { 1823 int r2 = set_fflags(a); 1824 if (r2 < ret) ret = r2; 1825 } 1826 1827 /* 1828 * Time must follow most other metadata; 1829 * otherwise atime will get changed. 1830 */ 1831 if (a->todo & TODO_TIMES) { 1832 int r2 = set_times_from_entry(a); 1833 if (r2 < ret) ret = r2; 1834 } 1835 1836 /* 1837 * Mac extended metadata includes ACLs. 1838 */ 1839 if (a->todo & TODO_MAC_METADATA) { 1840 const void *metadata; 1841 size_t metadata_size; 1842 metadata = archive_entry_mac_metadata(a->entry, &metadata_size); 1843 if (metadata != NULL && metadata_size > 0) { 1844 int r2 = set_mac_metadata(a, archive_entry_pathname( 1845 a->entry), metadata, metadata_size); 1846 if (r2 < ret) ret = r2; 1847 } 1848 } 1849 1850 /* 1851 * ACLs must be restored after timestamps because there are 1852 * ACLs that prevent attribute changes (including time). 1853 */ 1854 if (a->todo & TODO_ACLS) { 1855 int r2; 1856 r2 = archive_write_disk_set_acls(&a->archive, a->fd, 1857 archive_entry_pathname(a->entry), 1858 archive_entry_acl(a->entry), 1859 archive_entry_mode(a->entry)); 1860 if (r2 < ret) ret = r2; 1861 } 1862 1863finish_metadata: 1864 /* If there's an fd, we can close it now. */ 1865 if (a->fd >= 0) { 1866 close(a->fd); 1867 a->fd = -1; 1868 if (a->tmpname) { 1869 if (rename(a->tmpname, a->name) == -1) { 1870 archive_set_error(&a->archive, errno, 1871 "Failed to rename temporary file"); 1872 ret = ARCHIVE_FAILED; 1873 unlink(a->tmpname); 1874 } 1875 a->tmpname = NULL; 1876 } 1877 } 1878 /* If there's an entry, we can release it now. */ 1879 archive_entry_free(a->entry); 1880 a->entry = NULL; 1881 a->archive.state = ARCHIVE_STATE_HEADER; 1882 return (ret); 1883} 1884 1885int 1886archive_write_disk_set_group_lookup(struct archive *_a, 1887 void *private_data, 1888 la_int64_t (*lookup_gid)(void *private, const char *gname, la_int64_t gid), 1889 void (*cleanup_gid)(void *private)) 1890{ 1891 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1892 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1893 ARCHIVE_STATE_ANY, "archive_write_disk_set_group_lookup"); 1894 1895 if (a->cleanup_gid != NULL && a->lookup_gid_data != NULL) 1896 (a->cleanup_gid)(a->lookup_gid_data); 1897 1898 a->lookup_gid = lookup_gid; 1899 a->cleanup_gid = cleanup_gid; 1900 a->lookup_gid_data = private_data; 1901 return (ARCHIVE_OK); 1902} 1903 1904int 1905archive_write_disk_set_user_lookup(struct archive *_a, 1906 void *private_data, 1907 int64_t (*lookup_uid)(void *private, const char *uname, int64_t uid), 1908 void (*cleanup_uid)(void *private)) 1909{ 1910 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1911 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1912 ARCHIVE_STATE_ANY, "archive_write_disk_set_user_lookup"); 1913 1914 if (a->cleanup_uid != NULL && a->lookup_uid_data != NULL) 1915 (a->cleanup_uid)(a->lookup_uid_data); 1916 1917 a->lookup_uid = lookup_uid; 1918 a->cleanup_uid = cleanup_uid; 1919 a->lookup_uid_data = private_data; 1920 return (ARCHIVE_OK); 1921} 1922 1923int64_t 1924archive_write_disk_gid(struct archive *_a, const char *name, la_int64_t id) 1925{ 1926 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1927 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1928 ARCHIVE_STATE_ANY, "archive_write_disk_gid"); 1929 if (a->lookup_gid) 1930 return (a->lookup_gid)(a->lookup_gid_data, name, id); 1931 return (id); 1932} 1933 1934int64_t 1935archive_write_disk_uid(struct archive *_a, const char *name, la_int64_t id) 1936{ 1937 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1938 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1939 ARCHIVE_STATE_ANY, "archive_write_disk_uid"); 1940 if (a->lookup_uid) 1941 return (a->lookup_uid)(a->lookup_uid_data, name, id); 1942 return (id); 1943} 1944 1945/* 1946 * Create a new archive_write_disk object and initialize it with global state. 1947 */ 1948struct archive * 1949archive_write_disk_new(void) 1950{ 1951 struct archive_write_disk *a; 1952 1953 a = (struct archive_write_disk *)calloc(1, sizeof(*a)); 1954 if (a == NULL) 1955 return (NULL); 1956 a->archive.magic = ARCHIVE_WRITE_DISK_MAGIC; 1957 /* We're ready to write a header immediately. */ 1958 a->archive.state = ARCHIVE_STATE_HEADER; 1959 a->archive.vtable = archive_write_disk_vtable(); 1960 a->start_time = time(NULL); 1961 /* Query and restore the umask. */ 1962 umask(a->user_umask = umask(0)); 1963#ifdef HAVE_GETEUID 1964 a->user_uid = geteuid(); 1965#endif /* HAVE_GETEUID */ 1966 if (archive_string_ensure(&a->path_safe, 512) == NULL) { 1967 free(a); 1968 return (NULL); 1969 } 1970#ifdef HAVE_ZLIB_H 1971 a->decmpfs_compression_level = 5; 1972#endif 1973 return (&a->archive); 1974} 1975 1976 1977/* 1978 * If pathname is longer than PATH_MAX, chdir to a suitable 1979 * intermediate dir and edit the path down to a shorter suffix. Note 1980 * that this routine never returns an error; if the chdir() attempt 1981 * fails for any reason, we just go ahead with the long pathname. The 1982 * object creation is likely to fail, but any error will get handled 1983 * at that time. 1984 */ 1985#if defined(HAVE_FCHDIR) && defined(PATH_MAX) 1986static void 1987edit_deep_directories(struct archive_write_disk *a) 1988{ 1989 int ret; 1990 char *tail = a->name; 1991 1992 /* If path is short, avoid the open() below. */ 1993 if (strlen(tail) < PATH_MAX) 1994 return; 1995 1996 /* Try to record our starting dir. */ 1997 a->restore_pwd = la_opendirat(AT_FDCWD, "."); 1998 __archive_ensure_cloexec_flag(a->restore_pwd); 1999 if (a->restore_pwd < 0) 2000 return; 2001 2002 /* As long as the path is too long... */ 2003 while (strlen(tail) >= PATH_MAX) { 2004 /* Locate a dir prefix shorter than PATH_MAX. */ 2005 tail += PATH_MAX - 8; 2006 while (tail > a->name && *tail != '/') 2007 tail--; 2008 /* Exit if we find a too-long path component. */ 2009 if (tail <= a->name) 2010 return; 2011 /* Create the intermediate dir and chdir to it. */ 2012 *tail = '\0'; /* Terminate dir portion */ 2013 ret = create_dir(a, a->name); 2014 if (ret == ARCHIVE_OK && chdir(a->name) != 0) 2015 ret = ARCHIVE_FAILED; 2016 *tail = '/'; /* Restore the / we removed. */ 2017 if (ret != ARCHIVE_OK) 2018 return; 2019 tail++; 2020 /* The chdir() succeeded; we've now shortened the path. */ 2021 a->name = tail; 2022 } 2023 return; 2024} 2025#endif 2026 2027/* 2028 * The main restore function. 2029 */ 2030static int 2031restore_entry(struct archive_write_disk *a) 2032{ 2033 int ret = ARCHIVE_OK, en; 2034 2035 if (a->flags & ARCHIVE_EXTRACT_UNLINK && !S_ISDIR(a->mode)) { 2036 /* 2037 * TODO: Fix this. Apparently, there are platforms 2038 * that still allow root to hose the entire filesystem 2039 * by unlinking a dir. The S_ISDIR() test above 2040 * prevents us from using unlink() here if the new 2041 * object is a dir, but that doesn't mean the old 2042 * object isn't a dir. 2043 */ 2044 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 2045 (void)clear_nochange_fflags(a); 2046 if (unlink(a->name) == 0) { 2047 /* We removed it, reset cached stat. */ 2048 a->pst = NULL; 2049 } else if (errno == ENOENT) { 2050 /* File didn't exist, that's just as good. */ 2051 } else if (rmdir(a->name) == 0) { 2052 /* It was a dir, but now it's gone. */ 2053 a->pst = NULL; 2054 } else { 2055 /* We tried, but couldn't get rid of it. */ 2056 archive_set_error(&a->archive, errno, 2057 "Could not unlink"); 2058 return(ARCHIVE_FAILED); 2059 } 2060 } 2061 2062 /* Try creating it first; if this fails, we'll try to recover. */ 2063 en = create_filesystem_object(a); 2064 2065 if ((en == ENOTDIR || en == ENOENT) 2066 && !(a->flags & ARCHIVE_EXTRACT_NO_AUTODIR)) { 2067 /* If the parent dir doesn't exist, try creating it. */ 2068 create_parent_dir(a, a->name); 2069 /* Now try to create the object again. */ 2070 en = create_filesystem_object(a); 2071 } 2072 2073 if ((en == ENOENT) && (archive_entry_hardlink(a->entry) != NULL)) { 2074 archive_set_error(&a->archive, en, 2075 "Hard-link target '%s' does not exist.", 2076 archive_entry_hardlink(a->entry)); 2077 return (ARCHIVE_FAILED); 2078 } 2079 2080 if ((en == EISDIR || en == EEXIST) 2081 && (a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE)) { 2082 /* If we're not overwriting, we're done. */ 2083 if (S_ISDIR(a->mode)) { 2084 /* Don't overwrite any settings on existing directories. */ 2085 a->todo = 0; 2086 } 2087 archive_entry_unset_size(a->entry); 2088 return (ARCHIVE_OK); 2089 } 2090 2091 /* 2092 * Some platforms return EISDIR if you call 2093 * open(O_WRONLY | O_EXCL | O_CREAT) on a directory, some 2094 * return EEXIST. POSIX is ambiguous, requiring EISDIR 2095 * for open(O_WRONLY) on a dir and EEXIST for open(O_EXCL | O_CREAT) 2096 * on an existing item. 2097 */ 2098 if (en == EISDIR) { 2099 /* A dir is in the way of a non-dir, rmdir it. */ 2100 if (rmdir(a->name) != 0) { 2101 archive_set_error(&a->archive, errno, 2102 "Can't remove already-existing dir"); 2103 return (ARCHIVE_FAILED); 2104 } 2105 a->pst = NULL; 2106 /* Try again. */ 2107 en = create_filesystem_object(a); 2108 } else if (en == EEXIST) { 2109 /* 2110 * We know something is in the way, but we don't know what; 2111 * we need to find out before we go any further. 2112 */ 2113 int r = 0; 2114 /* 2115 * The SECURE_SYMLINKS logic has already removed a 2116 * symlink to a dir if the client wants that. So 2117 * follow the symlink if we're creating a dir. 2118 */ 2119 if (S_ISDIR(a->mode)) 2120 r = la_stat(a->name, &a->st); 2121 /* 2122 * If it's not a dir (or it's a broken symlink), 2123 * then don't follow it. 2124 */ 2125 if (r != 0 || !S_ISDIR(a->mode)) 2126 r = lstat(a->name, &a->st); 2127 if (r != 0) { 2128 archive_set_error(&a->archive, errno, 2129 "Can't stat existing object"); 2130 return (ARCHIVE_FAILED); 2131 } 2132 2133 /* 2134 * NO_OVERWRITE_NEWER doesn't apply to directories. 2135 */ 2136 if ((a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER) 2137 && !S_ISDIR(a->st.st_mode)) { 2138 if (!older(&(a->st), a->entry)) { 2139 archive_entry_unset_size(a->entry); 2140 return (ARCHIVE_OK); 2141 } 2142 } 2143 2144 /* If it's our archive, we're done. */ 2145 if (a->skip_file_set && 2146 a->st.st_dev == (dev_t)a->skip_file_dev && 2147 a->st.st_ino == (ino_t)a->skip_file_ino) { 2148 archive_set_error(&a->archive, 0, 2149 "Refusing to overwrite archive"); 2150 return (ARCHIVE_FAILED); 2151 } 2152 2153 if (!S_ISDIR(a->st.st_mode)) { 2154 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 2155 (void)clear_nochange_fflags(a); 2156 2157 if ((a->flags & ARCHIVE_EXTRACT_SAFE_WRITES) && 2158 S_ISREG(a->st.st_mode)) { 2159 /* Use a temporary file to extract */ 2160 if ((a->fd = la_mktemp(a)) == -1) { 2161 archive_set_error(&a->archive, errno, 2162 "Can't create temporary file"); 2163 return ARCHIVE_FAILED; 2164 } 2165 a->pst = NULL; 2166 en = 0; 2167 } else { 2168 /* A non-dir is in the way, unlink it. */ 2169 if (unlink(a->name) != 0) { 2170 archive_set_error(&a->archive, errno, 2171 "Can't unlink already-existing " 2172 "object"); 2173 return (ARCHIVE_FAILED); 2174 } 2175 a->pst = NULL; 2176 /* Try again. */ 2177 en = create_filesystem_object(a); 2178 } 2179 } else if (!S_ISDIR(a->mode)) { 2180 /* A dir is in the way of a non-dir, rmdir it. */ 2181 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 2182 (void)clear_nochange_fflags(a); 2183 if (rmdir(a->name) != 0) { 2184 archive_set_error(&a->archive, errno, 2185 "Can't replace existing directory with non-directory"); 2186 return (ARCHIVE_FAILED); 2187 } 2188 /* Try again. */ 2189 en = create_filesystem_object(a); 2190 } else { 2191 /* 2192 * There's a dir in the way of a dir. Don't 2193 * waste time with rmdir()/mkdir(), just fix 2194 * up the permissions on the existing dir. 2195 * Note that we don't change perms on existing 2196 * dirs unless _EXTRACT_PERM is specified. 2197 */ 2198 if ((a->mode != a->st.st_mode) 2199 && (a->todo & TODO_MODE_FORCE)) 2200 a->deferred |= (a->todo & TODO_MODE); 2201 /* Ownership doesn't need deferred fixup. */ 2202 en = 0; /* Forget the EEXIST. */ 2203 } 2204 } 2205 2206 if (en) { 2207 /* Everything failed; give up here. */ 2208 if ((&a->archive)->error == NULL) 2209 archive_set_error(&a->archive, en, "Can't create '%s'", 2210 a->name); 2211 return (ARCHIVE_FAILED); 2212 } 2213 2214 a->pst = NULL; /* Cached stat data no longer valid. */ 2215 return (ret); 2216} 2217 2218/* 2219 * Returns 0 if creation succeeds, or else returns errno value from 2220 * the failed system call. Note: This function should only ever perform 2221 * a single system call. 2222 */ 2223static int 2224create_filesystem_object(struct archive_write_disk *a) 2225{ 2226 /* Create the entry. */ 2227 const char *linkname; 2228 mode_t final_mode, mode; 2229 int r; 2230 /* these for check_symlinks_fsobj */ 2231 char *linkname_copy; /* non-const copy of linkname */ 2232 struct stat st; 2233 struct archive_string error_string; 2234 int error_number; 2235 2236 /* We identify hard/symlinks according to the link names. */ 2237 /* Since link(2) and symlink(2) don't handle modes, we're done here. */ 2238 linkname = archive_entry_hardlink(a->entry); 2239 if (linkname != NULL) { 2240#if !HAVE_LINK 2241 return (EPERM); 2242#else 2243 archive_string_init(&error_string); 2244 linkname_copy = strdup(linkname); 2245 if (linkname_copy == NULL) { 2246 return (EPERM); 2247 } 2248 /* 2249 * TODO: consider using the cleaned-up path as the link 2250 * target? 2251 */ 2252 r = cleanup_pathname_fsobj(linkname_copy, &error_number, 2253 &error_string, a->flags); 2254 if (r != ARCHIVE_OK) { 2255 archive_set_error(&a->archive, error_number, "%s", 2256 error_string.s); 2257 free(linkname_copy); 2258 archive_string_free(&error_string); 2259 /* 2260 * EPERM is more appropriate than error_number for our 2261 * callers 2262 */ 2263 return (EPERM); 2264 } 2265 r = check_symlinks_fsobj(linkname_copy, &error_number, 2266 &error_string, a->flags); 2267 if (r != ARCHIVE_OK) { 2268 archive_set_error(&a->archive, error_number, "%s", 2269 error_string.s); 2270 free(linkname_copy); 2271 archive_string_free(&error_string); 2272 /* 2273 * EPERM is more appropriate than error_number for our 2274 * callers 2275 */ 2276 return (EPERM); 2277 } 2278 free(linkname_copy); 2279 archive_string_free(&error_string); 2280 /* 2281 * Unlinking and linking here is really not atomic, 2282 * but doing it right, would require us to construct 2283 * an mktemplink() function, and then use rename(2). 2284 */ 2285 if (a->flags & ARCHIVE_EXTRACT_SAFE_WRITES) 2286 unlink(a->name); 2287 r = link(linkname, a->name) ? errno : 0; 2288 /* 2289 * New cpio and pax formats allow hardlink entries 2290 * to carry data, so we may have to open the file 2291 * for hardlink entries. 2292 * 2293 * If the hardlink was successfully created and 2294 * the archive doesn't have carry data for it, 2295 * consider it to be non-authoritative for meta data. 2296 * This is consistent with GNU tar and BSD pax. 2297 * If the hardlink does carry data, let the last 2298 * archive entry decide ownership. 2299 */ 2300 if (r == 0 && a->filesize <= 0) { 2301 a->todo = 0; 2302 a->deferred = 0; 2303 } else if (r == 0 && a->filesize > 0) { 2304#ifdef HAVE_LSTAT 2305 r = lstat(a->name, &st); 2306#else 2307 r = la_stat(a->name, &st); 2308#endif 2309 if (r != 0) 2310 r = errno; 2311 else if ((st.st_mode & AE_IFMT) == AE_IFREG) { 2312 a->fd = open(a->name, O_WRONLY | O_TRUNC | 2313 O_BINARY | O_CLOEXEC | O_NOFOLLOW); 2314 __archive_ensure_cloexec_flag(a->fd); 2315 if (a->fd < 0) 2316 r = errno; 2317 } 2318 } 2319 return (r); 2320#endif 2321 } 2322 linkname = archive_entry_symlink(a->entry); 2323 if (linkname != NULL) { 2324#if HAVE_SYMLINK 2325 /* 2326 * Unlinking and linking here is really not atomic, 2327 * but doing it right, would require us to construct 2328 * an mktempsymlink() function, and then use rename(2). 2329 */ 2330 if (a->flags & ARCHIVE_EXTRACT_SAFE_WRITES) 2331 unlink(a->name); 2332 return symlink(linkname, a->name) ? errno : 0; 2333#else 2334 return (EPERM); 2335#endif 2336 } 2337 2338 /* 2339 * The remaining system calls all set permissions, so let's 2340 * try to take advantage of that to avoid an extra chmod() 2341 * call. (Recall that umask is set to zero right now!) 2342 */ 2343 2344 /* Mode we want for the final restored object (w/o file type bits). */ 2345 final_mode = a->mode & 07777; 2346 /* 2347 * The mode that will actually be restored in this step. Note 2348 * that SUID, SGID, etc, require additional work to ensure 2349 * security, so we never restore them at this point. 2350 */ 2351 mode = final_mode & 0777 & ~a->user_umask; 2352 2353 /* 2354 * Always create writable such that [f]setxattr() works if we're not 2355 * root. 2356 */ 2357 if (a->user_uid != 0 && 2358 a->todo & (TODO_HFS_COMPRESSION | TODO_XATTR)) { 2359 mode |= 0200; 2360 } 2361 2362 switch (a->mode & AE_IFMT) { 2363 default: 2364 /* POSIX requires that we fall through here. */ 2365 /* FALLTHROUGH */ 2366 case AE_IFREG: 2367 a->tmpname = NULL; 2368 a->fd = open(a->name, 2369 O_WRONLY | O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC, mode); 2370 __archive_ensure_cloexec_flag(a->fd); 2371 r = (a->fd < 0); 2372 break; 2373 case AE_IFCHR: 2374#ifdef HAVE_MKNOD 2375 /* Note: we use AE_IFCHR for the case label, and 2376 * S_IFCHR for the mknod() call. This is correct. */ 2377 r = mknod(a->name, mode | S_IFCHR, 2378 archive_entry_rdev(a->entry)); 2379 break; 2380#else 2381 /* TODO: Find a better way to warn about our inability 2382 * to restore a char device node. */ 2383 return (EINVAL); 2384#endif /* HAVE_MKNOD */ 2385 case AE_IFBLK: 2386#ifdef HAVE_MKNOD 2387 r = mknod(a->name, mode | S_IFBLK, 2388 archive_entry_rdev(a->entry)); 2389 break; 2390#else 2391 /* TODO: Find a better way to warn about our inability 2392 * to restore a block device node. */ 2393 return (EINVAL); 2394#endif /* HAVE_MKNOD */ 2395 case AE_IFDIR: 2396 mode = (mode | MINIMUM_DIR_MODE) & MAXIMUM_DIR_MODE; 2397 r = mkdir(a->name, mode); 2398 if (r == 0) { 2399 /* Defer setting dir times. */ 2400 a->deferred |= (a->todo & TODO_TIMES); 2401 a->todo &= ~TODO_TIMES; 2402 /* Never use an immediate chmod(). */ 2403 /* We can't avoid the chmod() entirely if EXTRACT_PERM 2404 * because of SysV SGID inheritance. */ 2405 if ((mode != final_mode) 2406 || (a->flags & ARCHIVE_EXTRACT_PERM)) 2407 a->deferred |= (a->todo & TODO_MODE); 2408 a->todo &= ~TODO_MODE; 2409 } 2410 break; 2411 case AE_IFIFO: 2412#ifdef HAVE_MKFIFO 2413 r = mkfifo(a->name, mode); 2414 break; 2415#else 2416 /* TODO: Find a better way to warn about our inability 2417 * to restore a fifo. */ 2418 return (EINVAL); 2419#endif /* HAVE_MKFIFO */ 2420 } 2421 2422 /* All the system calls above set errno on failure. */ 2423 if (r) 2424 return (errno); 2425 2426 /* If we managed to set the final mode, we've avoided a chmod(). */ 2427 if (mode == final_mode) 2428 a->todo &= ~TODO_MODE; 2429 return (0); 2430} 2431 2432/* 2433 * Cleanup function for archive_extract. Mostly, this involves processing 2434 * the fixup list, which is used to address a number of problems: 2435 * * Dir permissions might prevent us from restoring a file in that 2436 * dir, so we restore the dir with minimum 0700 permissions first, 2437 * then correct the mode at the end. 2438 * * Similarly, the act of restoring a file touches the directory 2439 * and changes the timestamp on the dir, so we have to touch-up dir 2440 * timestamps at the end as well. 2441 * * Some file flags can interfere with the restore by, for example, 2442 * preventing the creation of hardlinks to those files. 2443 * * Mac OS extended metadata includes ACLs, so must be deferred on dirs. 2444 * 2445 * Note that tar/cpio do not require that archives be in a particular 2446 * order; there is no way to know when the last file has been restored 2447 * within a directory, so there's no way to optimize the memory usage 2448 * here by fixing up the directory any earlier than the 2449 * end-of-archive. 2450 * 2451 * XXX TODO: Directory ACLs should be restored here, for the same 2452 * reason we set directory perms here. XXX 2453 */ 2454static int 2455_archive_write_disk_close(struct archive *_a) 2456{ 2457 struct archive_write_disk *a = (struct archive_write_disk *)_a; 2458 struct fixup_entry *next, *p; 2459 int fd, ret; 2460 2461 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 2462 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 2463 "archive_write_disk_close"); 2464 ret = _archive_write_disk_finish_entry(&a->archive); 2465 2466 /* Sort dir list so directories are fixed up in depth-first order. */ 2467 p = sort_dir_list(a->fixup_list); 2468 2469 while (p != NULL) { 2470 fd = -1; 2471 a->pst = NULL; /* Mark stat cache as out-of-date. */ 2472 if (p->fixup & 2473 (TODO_TIMES | TODO_MODE_BASE | TODO_ACLS | TODO_FFLAGS)) { 2474 fd = open(p->name, 2475 O_WRONLY | O_BINARY | O_NOFOLLOW | O_CLOEXEC); 2476 } 2477 if (p->fixup & TODO_TIMES) { 2478 set_times(a, fd, p->mode, p->name, 2479 p->atime, p->atime_nanos, 2480 p->birthtime, p->birthtime_nanos, 2481 p->mtime, p->mtime_nanos, 2482 p->ctime, p->ctime_nanos); 2483 } 2484 if (p->fixup & TODO_MODE_BASE) { 2485#ifdef HAVE_FCHMOD 2486 if (fd >= 0) 2487 fchmod(fd, p->mode); 2488 else 2489#endif 2490 chmod(p->name, p->mode); 2491 } 2492 if (p->fixup & TODO_ACLS) 2493 archive_write_disk_set_acls(&a->archive, fd, 2494 p->name, &p->acl, p->mode); 2495 if (p->fixup & TODO_FFLAGS) 2496 set_fflags_platform(a, fd, p->name, 2497 p->mode, p->fflags_set, 0); 2498 if (p->fixup & TODO_MAC_METADATA) 2499 set_mac_metadata(a, p->name, p->mac_metadata, 2500 p->mac_metadata_size); 2501 next = p->next; 2502 archive_acl_clear(&p->acl); 2503 free(p->mac_metadata); 2504 free(p->name); 2505 if (fd >= 0) 2506 close(fd); 2507 free(p); 2508 p = next; 2509 } 2510 a->fixup_list = NULL; 2511 return (ret); 2512} 2513 2514static int 2515_archive_write_disk_free(struct archive *_a) 2516{ 2517 struct archive_write_disk *a; 2518 int ret; 2519 if (_a == NULL) 2520 return (ARCHIVE_OK); 2521 archive_check_magic(_a, ARCHIVE_WRITE_DISK_MAGIC, 2522 ARCHIVE_STATE_ANY | ARCHIVE_STATE_FATAL, "archive_write_disk_free"); 2523 a = (struct archive_write_disk *)_a; 2524 ret = _archive_write_disk_close(&a->archive); 2525 archive_write_disk_set_group_lookup(&a->archive, NULL, NULL, NULL); 2526 archive_write_disk_set_user_lookup(&a->archive, NULL, NULL, NULL); 2527 archive_entry_free(a->entry); 2528 archive_string_free(&a->_name_data); 2529 archive_string_free(&a->_tmpname_data); 2530 archive_string_free(&a->archive.error_string); 2531 archive_string_free(&a->path_safe); 2532 a->archive.magic = 0; 2533 __archive_clean(&a->archive); 2534 free(a->decmpfs_header_p); 2535 free(a->resource_fork); 2536 free(a->compressed_buffer); 2537 free(a->uncompressed_buffer); 2538#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_SYS_XATTR_H)\ 2539 && defined(HAVE_ZLIB_H) 2540 if (a->stream_valid) { 2541 switch (deflateEnd(&a->stream)) { 2542 case Z_OK: 2543 break; 2544 default: 2545 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2546 "Failed to clean up compressor"); 2547 ret = ARCHIVE_FATAL; 2548 break; 2549 } 2550 } 2551#endif 2552 free(a); 2553 return (ret); 2554} 2555 2556/* 2557 * Simple O(n log n) merge sort to order the fixup list. In 2558 * particular, we want to restore dir timestamps depth-first. 2559 */ 2560static struct fixup_entry * 2561sort_dir_list(struct fixup_entry *p) 2562{ 2563 struct fixup_entry *a, *b, *t; 2564 2565 if (p == NULL) 2566 return (NULL); 2567 /* A one-item list is already sorted. */ 2568 if (p->next == NULL) 2569 return (p); 2570 2571 /* Step 1: split the list. */ 2572 t = p; 2573 a = p->next->next; 2574 while (a != NULL) { 2575 /* Step a twice, t once. */ 2576 a = a->next; 2577 if (a != NULL) 2578 a = a->next; 2579 t = t->next; 2580 } 2581 /* Now, t is at the mid-point, so break the list here. */ 2582 b = t->next; 2583 t->next = NULL; 2584 a = p; 2585 2586 /* Step 2: Recursively sort the two sub-lists. */ 2587 a = sort_dir_list(a); 2588 b = sort_dir_list(b); 2589 2590 /* Step 3: Merge the returned lists. */ 2591 /* Pick the first element for the merged list. */ 2592 if (strcmp(a->name, b->name) > 0) { 2593 t = p = a; 2594 a = a->next; 2595 } else { 2596 t = p = b; 2597 b = b->next; 2598 } 2599 2600 /* Always put the later element on the list first. */ 2601 while (a != NULL && b != NULL) { 2602 if (strcmp(a->name, b->name) > 0) { 2603 t->next = a; 2604 a = a->next; 2605 } else { 2606 t->next = b; 2607 b = b->next; 2608 } 2609 t = t->next; 2610 } 2611 2612 /* Only one list is non-empty, so just splice it on. */ 2613 if (a != NULL) 2614 t->next = a; 2615 if (b != NULL) 2616 t->next = b; 2617 2618 return (p); 2619} 2620 2621/* 2622 * Returns a new, initialized fixup entry. 2623 * 2624 * TODO: Reduce the memory requirements for this list by using a tree 2625 * structure rather than a simple list of names. 2626 */ 2627static struct fixup_entry * 2628new_fixup(struct archive_write_disk *a, const char *pathname) 2629{ 2630 struct fixup_entry *fe; 2631 2632 fe = (struct fixup_entry *)calloc(1, sizeof(struct fixup_entry)); 2633 if (fe == NULL) { 2634 archive_set_error(&a->archive, ENOMEM, 2635 "Can't allocate memory for a fixup"); 2636 return (NULL); 2637 } 2638 fe->next = a->fixup_list; 2639 a->fixup_list = fe; 2640 fe->fixup = 0; 2641 fe->name = strdup(pathname); 2642 return (fe); 2643} 2644 2645/* 2646 * Returns a fixup structure for the current entry. 2647 */ 2648static struct fixup_entry * 2649current_fixup(struct archive_write_disk *a, const char *pathname) 2650{ 2651 if (a->current_fixup == NULL) 2652 a->current_fixup = new_fixup(a, pathname); 2653 return (a->current_fixup); 2654} 2655 2656/* Error helper for new *_fsobj functions */ 2657static void 2658fsobj_error(int *a_eno, struct archive_string *a_estr, 2659 int err, const char *errstr, const char *path) 2660{ 2661 if (a_eno) 2662 *a_eno = err; 2663 if (a_estr) 2664 archive_string_sprintf(a_estr, "%s%s", errstr, path); 2665} 2666 2667/* 2668 * TODO: Someday, integrate this with the deep dir support; they both 2669 * scan the path and both can be optimized by comparing against other 2670 * recent paths. 2671 */ 2672/* 2673 * Checks the given path to see if any elements along it are symlinks. Returns 2674 * ARCHIVE_OK if there are none, otherwise puts an error in errmsg. 2675 */ 2676static int 2677check_symlinks_fsobj(char *path, int *a_eno, struct archive_string *a_estr, 2678 int flags) 2679{ 2680#if !defined(HAVE_LSTAT) && \ 2681 !(defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT)) 2682 /* Platform doesn't have lstat, so we can't look for symlinks. */ 2683 (void)path; /* UNUSED */ 2684 (void)error_number; /* UNUSED */ 2685 (void)error_string; /* UNUSED */ 2686 (void)flags; /* UNUSED */ 2687 return (ARCHIVE_OK); 2688#else 2689 int res = ARCHIVE_OK; 2690 char *tail; 2691 char *head; 2692 int last; 2693 char c; 2694 int r; 2695 struct stat st; 2696 int chdir_fd; 2697#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2698 int fd; 2699#endif 2700 2701 /* Nothing to do here if name is empty */ 2702 if(path[0] == '\0') 2703 return (ARCHIVE_OK); 2704 2705 /* 2706 * Guard against symlink tricks. Reject any archive entry whose 2707 * destination would be altered by a symlink. 2708 * 2709 * Walk the filename in chunks separated by '/'. For each segment: 2710 * - if it doesn't exist, continue 2711 * - if it's symlink, abort or remove it 2712 * - if it's a directory and it's not the last chunk, cd into it 2713 * As we go: 2714 * head points to the current (relative) path 2715 * tail points to the temporary \0 terminating the segment we're 2716 * currently examining 2717 * c holds what used to be in *tail 2718 * last is 1 if this is the last tail 2719 */ 2720 chdir_fd = la_opendirat(AT_FDCWD, "."); 2721 __archive_ensure_cloexec_flag(chdir_fd); 2722 if (chdir_fd < 0) { 2723 fsobj_error(a_eno, a_estr, errno, 2724 "Could not open ", path); 2725 return (ARCHIVE_FATAL); 2726 } 2727 head = path; 2728 tail = path; 2729 last = 0; 2730 /* TODO: reintroduce a safe cache here? */ 2731 /* Skip the root directory if the path is absolute. */ 2732 if(tail == path && tail[0] == '/') 2733 ++tail; 2734 /* Keep going until we've checked the entire name. 2735 * head, tail, path all alias the same string, which is 2736 * temporarily zeroed at tail, so be careful restoring the 2737 * stashed (c=tail[0]) for error messages. 2738 * Exiting the loop with break is okay; continue is not. 2739 */ 2740 while (!last) { 2741 /* 2742 * Skip the separator we just consumed, plus any adjacent ones 2743 */ 2744 while (*tail == '/') 2745 ++tail; 2746 /* Skip the next path element. */ 2747 while (*tail != '\0' && *tail != '/') 2748 ++tail; 2749 /* is this the last path component? */ 2750 last = (tail[0] == '\0') || (tail[0] == '/' && tail[1] == '\0'); 2751 /* temporarily truncate the string here */ 2752 c = tail[0]; 2753 tail[0] = '\0'; 2754 /* Check that we haven't hit a symlink. */ 2755#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2756 r = fstatat(chdir_fd, head, &st, AT_SYMLINK_NOFOLLOW); 2757#else 2758 r = lstat(head, &st); 2759#endif 2760 if (r != 0) { 2761 tail[0] = c; 2762 /* We've hit a dir that doesn't exist; stop now. */ 2763 if (errno == ENOENT) { 2764 break; 2765 } else { 2766 /* 2767 * Treat any other error as fatal - best to be 2768 * paranoid here. 2769 * Note: This effectively disables deep 2770 * directory support when security checks are 2771 * enabled. Otherwise, very long pathnames that 2772 * trigger an error here could evade the 2773 * sandbox. 2774 * TODO: We could do better, but it would 2775 * probably require merging the symlink checks 2776 * with the deep-directory editing. 2777 */ 2778 fsobj_error(a_eno, a_estr, errno, 2779 "Could not stat ", path); 2780 res = ARCHIVE_FAILED; 2781 break; 2782 } 2783 } else if (S_ISDIR(st.st_mode)) { 2784 if (!last) { 2785#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2786 fd = la_opendirat(chdir_fd, head); 2787 if (fd < 0) 2788 r = -1; 2789 else { 2790 r = 0; 2791 close(chdir_fd); 2792 chdir_fd = fd; 2793 } 2794#else 2795 r = chdir(head); 2796#endif 2797 if (r != 0) { 2798 tail[0] = c; 2799 fsobj_error(a_eno, a_estr, errno, 2800 "Could not chdir ", path); 2801 res = (ARCHIVE_FATAL); 2802 break; 2803 } 2804 /* Our view is now from inside this dir: */ 2805 head = tail + 1; 2806 } 2807 } else if (S_ISLNK(st.st_mode)) { 2808 if (last) { 2809 /* 2810 * Last element is symlink; remove it 2811 * so we can overwrite it with the 2812 * item being extracted. 2813 */ 2814#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2815 r = unlinkat(chdir_fd, head, 0); 2816#else 2817 r = unlink(head); 2818#endif 2819 if (r != 0) { 2820 tail[0] = c; 2821 fsobj_error(a_eno, a_estr, errno, 2822 "Could not remove symlink ", 2823 path); 2824 res = ARCHIVE_FAILED; 2825 break; 2826 } 2827 /* 2828 * Even if we did remove it, a warning 2829 * is in order. The warning is silly, 2830 * though, if we're just replacing one 2831 * symlink with another symlink. 2832 */ 2833 tail[0] = c; 2834 /* 2835 * FIXME: not sure how important this is to 2836 * restore 2837 */ 2838 /* 2839 if (!S_ISLNK(path)) { 2840 fsobj_error(a_eno, a_estr, 0, 2841 "Removing symlink ", path); 2842 } 2843 */ 2844 /* Symlink gone. No more problem! */ 2845 res = ARCHIVE_OK; 2846 break; 2847 } else if (flags & ARCHIVE_EXTRACT_UNLINK) { 2848 /* User asked us to remove problems. */ 2849#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2850 r = unlinkat(chdir_fd, head, 0); 2851#else 2852 r = unlink(head); 2853#endif 2854 if (r != 0) { 2855 tail[0] = c; 2856 fsobj_error(a_eno, a_estr, 0, 2857 "Cannot remove intervening " 2858 "symlink ", path); 2859 res = ARCHIVE_FAILED; 2860 break; 2861 } 2862 tail[0] = c; 2863 } else if ((flags & 2864 ARCHIVE_EXTRACT_SECURE_SYMLINKS) == 0) { 2865 /* 2866 * We are not the last element and we want to 2867 * follow symlinks if they are a directory. 2868 * 2869 * This is needed to extract hardlinks over 2870 * symlinks. 2871 */ 2872#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2873 r = fstatat(chdir_fd, head, &st, 0); 2874#else 2875 r = la_stat(head, &st); 2876#endif 2877 if (r != 0) { 2878 tail[0] = c; 2879 if (errno == ENOENT) { 2880 break; 2881 } else { 2882 fsobj_error(a_eno, a_estr, 2883 errno, 2884 "Could not stat ", path); 2885 res = (ARCHIVE_FAILED); 2886 break; 2887 } 2888 } else if (S_ISDIR(st.st_mode)) { 2889#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2890 fd = la_opendirat(chdir_fd, head); 2891 if (fd < 0) 2892 r = -1; 2893 else { 2894 r = 0; 2895 close(chdir_fd); 2896 chdir_fd = fd; 2897 } 2898#else 2899 r = chdir(head); 2900#endif 2901 if (r != 0) { 2902 tail[0] = c; 2903 fsobj_error(a_eno, a_estr, 2904 errno, 2905 "Could not chdir ", path); 2906 res = (ARCHIVE_FATAL); 2907 break; 2908 } 2909 /* 2910 * Our view is now from inside 2911 * this dir: 2912 */ 2913 head = tail + 1; 2914 } else { 2915 tail[0] = c; 2916 fsobj_error(a_eno, a_estr, 0, 2917 "Cannot extract through " 2918 "symlink ", path); 2919 res = ARCHIVE_FAILED; 2920 break; 2921 } 2922 } else { 2923 tail[0] = c; 2924 fsobj_error(a_eno, a_estr, 0, 2925 "Cannot extract through symlink ", path); 2926 res = ARCHIVE_FAILED; 2927 break; 2928 } 2929 } 2930 /* be sure to always maintain this */ 2931 tail[0] = c; 2932 if (tail[0] != '\0') 2933 tail++; /* Advance to the next segment. */ 2934 } 2935 /* Catches loop exits via break */ 2936 tail[0] = c; 2937#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2938 /* If we operate with openat(), fstatat() and unlinkat() there was 2939 * no chdir(), so just close the fd */ 2940 if (chdir_fd >= 0) 2941 close(chdir_fd); 2942#elif HAVE_FCHDIR 2943 /* If we changed directory above, restore it here. */ 2944 if (chdir_fd >= 0) { 2945 r = fchdir(chdir_fd); 2946 if (r != 0) { 2947 fsobj_error(a_eno, a_estr, errno, 2948 "chdir() failure", ""); 2949 } 2950 close(chdir_fd); 2951 chdir_fd = -1; 2952 if (r != 0) { 2953 res = (ARCHIVE_FATAL); 2954 } 2955 } 2956#endif 2957 /* TODO: reintroduce a safe cache here? */ 2958 return res; 2959#endif 2960} 2961 2962/* 2963 * Check a->name for symlinks, returning ARCHIVE_OK if its clean, otherwise 2964 * calls archive_set_error and returns ARCHIVE_{FATAL,FAILED} 2965 */ 2966static int 2967check_symlinks(struct archive_write_disk *a) 2968{ 2969 struct archive_string error_string; 2970 int error_number; 2971 int rc; 2972 archive_string_init(&error_string); 2973 rc = check_symlinks_fsobj(a->name, &error_number, &error_string, 2974 a->flags); 2975 if (rc != ARCHIVE_OK) { 2976 archive_set_error(&a->archive, error_number, "%s", 2977 error_string.s); 2978 } 2979 archive_string_free(&error_string); 2980 a->pst = NULL; /* to be safe */ 2981 return rc; 2982} 2983 2984 2985#if defined(__CYGWIN__) 2986/* 2987 * 1. Convert a path separator from '\' to '/' . 2988 * We shouldn't check multibyte character directly because some 2989 * character-set have been using the '\' character for a part of 2990 * its multibyte character code. 2991 * 2. Replace unusable characters in Windows with underscore('_'). 2992 * See also : http://msdn.microsoft.com/en-us/library/aa365247.aspx 2993 */ 2994static void 2995cleanup_pathname_win(char *path) 2996{ 2997 wchar_t wc; 2998 char *p; 2999 size_t alen, l; 3000 int mb, complete, utf8; 3001 3002 alen = 0; 3003 mb = 0; 3004 complete = 1; 3005 utf8 = (strcmp(nl_langinfo(CODESET), "UTF-8") == 0)? 1: 0; 3006 for (p = path; *p != '\0'; p++) { 3007 ++alen; 3008 if (*p == '\\') { 3009 /* If previous byte is smaller than 128, 3010 * this is not second byte of multibyte characters, 3011 * so we can replace '\' with '/'. */ 3012 if (utf8 || !mb) 3013 *p = '/'; 3014 else 3015 complete = 0;/* uncompleted. */ 3016 } else if (*(unsigned char *)p > 127) 3017 mb = 1; 3018 else 3019 mb = 0; 3020 /* Rewrite the path name if its next character is unusable. */ 3021 if (*p == ':' || *p == '*' || *p == '?' || *p == '"' || 3022 *p == '<' || *p == '>' || *p == '|') 3023 *p = '_'; 3024 } 3025 if (complete) 3026 return; 3027 3028 /* 3029 * Convert path separator in wide-character. 3030 */ 3031 p = path; 3032 while (*p != '\0' && alen) { 3033 l = mbtowc(&wc, p, alen); 3034 if (l == (size_t)-1) { 3035 while (*p != '\0') { 3036 if (*p == '\\') 3037 *p = '/'; 3038 ++p; 3039 } 3040 break; 3041 } 3042 if (l == 1 && wc == L'\\') 3043 *p = '/'; 3044 p += l; 3045 alen -= l; 3046 } 3047} 3048#endif 3049 3050/* 3051 * Canonicalize the pathname. In particular, this strips duplicate 3052 * '/' characters, '.' elements, and trailing '/'. It also raises an 3053 * error for an empty path, a trailing '..', (if _SECURE_NODOTDOT is 3054 * set) any '..' in the path or (if ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS 3055 * is set) if the path is absolute. 3056 */ 3057static int 3058cleanup_pathname_fsobj(char *path, int *a_eno, struct archive_string *a_estr, 3059 int flags) 3060{ 3061 char *dest, *src; 3062 char separator = '\0'; 3063 3064 dest = src = path; 3065 if (*src == '\0') { 3066 fsobj_error(a_eno, a_estr, ARCHIVE_ERRNO_MISC, 3067 "Invalid empty ", "pathname"); 3068 return (ARCHIVE_FAILED); 3069 } 3070 3071#if defined(__CYGWIN__) 3072 cleanup_pathname_win(path); 3073#endif 3074 /* Skip leading '/'. */ 3075 if (*src == '/') { 3076 if (flags & ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS) { 3077 fsobj_error(a_eno, a_estr, ARCHIVE_ERRNO_MISC, 3078 "Path is ", "absolute"); 3079 return (ARCHIVE_FAILED); 3080 } 3081 3082 separator = *src++; 3083 } 3084 3085 /* Scan the pathname one element at a time. */ 3086 for (;;) { 3087 /* src points to first char after '/' */ 3088 if (src[0] == '\0') { 3089 break; 3090 } else if (src[0] == '/') { 3091 /* Found '//', ignore second one. */ 3092 src++; 3093 continue; 3094 } else if (src[0] == '.') { 3095 if (src[1] == '\0') { 3096 /* Ignore trailing '.' */ 3097 break; 3098 } else if (src[1] == '/') { 3099 /* Skip './'. */ 3100 src += 2; 3101 continue; 3102 } else if (src[1] == '.') { 3103 if (src[2] == '/' || src[2] == '\0') { 3104 /* Conditionally warn about '..' */ 3105 if (flags 3106 & ARCHIVE_EXTRACT_SECURE_NODOTDOT) { 3107 fsobj_error(a_eno, a_estr, 3108 ARCHIVE_ERRNO_MISC, 3109 "Path contains ", "'..'"); 3110 return (ARCHIVE_FAILED); 3111 } 3112 } 3113 /* 3114 * Note: Under no circumstances do we 3115 * remove '..' elements. In 3116 * particular, restoring 3117 * '/foo/../bar/' should create the 3118 * 'foo' dir as a side-effect. 3119 */ 3120 } 3121 } 3122 3123 /* Copy current element, including leading '/'. */ 3124 if (separator) 3125 *dest++ = '/'; 3126 while (*src != '\0' && *src != '/') { 3127 *dest++ = *src++; 3128 } 3129 3130 if (*src == '\0') 3131 break; 3132 3133 /* Skip '/' separator. */ 3134 separator = *src++; 3135 } 3136 /* 3137 * We've just copied zero or more path elements, not including the 3138 * final '/'. 3139 */ 3140 if (dest == path) { 3141 /* 3142 * Nothing got copied. The path must have been something 3143 * like '.' or '/' or './' or '/././././/./'. 3144 */ 3145 if (separator) 3146 *dest++ = '/'; 3147 else 3148 *dest++ = '.'; 3149 } 3150 /* Terminate the result. */ 3151 *dest = '\0'; 3152 return (ARCHIVE_OK); 3153} 3154 3155static int 3156cleanup_pathname(struct archive_write_disk *a) 3157{ 3158 struct archive_string error_string; 3159 int error_number; 3160 int rc; 3161 archive_string_init(&error_string); 3162 rc = cleanup_pathname_fsobj(a->name, &error_number, &error_string, 3163 a->flags); 3164 if (rc != ARCHIVE_OK) { 3165 archive_set_error(&a->archive, error_number, "%s", 3166 error_string.s); 3167 } 3168 archive_string_free(&error_string); 3169 return rc; 3170} 3171 3172/* 3173 * Create the parent directory of the specified path, assuming path 3174 * is already in mutable storage. 3175 */ 3176static int 3177create_parent_dir(struct archive_write_disk *a, char *path) 3178{ 3179 char *slash; 3180 int r; 3181 3182 /* Remove tail element to obtain parent name. */ 3183 slash = strrchr(path, '/'); 3184 if (slash == NULL) 3185 return (ARCHIVE_OK); 3186 *slash = '\0'; 3187 r = create_dir(a, path); 3188 *slash = '/'; 3189 return (r); 3190} 3191 3192/* 3193 * Create the specified dir, recursing to create parents as necessary. 3194 * 3195 * Returns ARCHIVE_OK if the path exists when we're done here. 3196 * Otherwise, returns ARCHIVE_FAILED. 3197 * Assumes path is in mutable storage; path is unchanged on exit. 3198 */ 3199static int 3200create_dir(struct archive_write_disk *a, char *path) 3201{ 3202 struct stat st; 3203 struct fixup_entry *le; 3204 char *slash, *base; 3205 mode_t mode_final, mode; 3206 int r; 3207 3208 /* Check for special names and just skip them. */ 3209 slash = strrchr(path, '/'); 3210 if (slash == NULL) 3211 base = path; 3212 else 3213 base = slash + 1; 3214 3215 if (base[0] == '\0' || 3216 (base[0] == '.' && base[1] == '\0') || 3217 (base[0] == '.' && base[1] == '.' && base[2] == '\0')) { 3218 /* Don't bother trying to create null path, '.', or '..'. */ 3219 if (slash != NULL) { 3220 *slash = '\0'; 3221 r = create_dir(a, path); 3222 *slash = '/'; 3223 return (r); 3224 } 3225 return (ARCHIVE_OK); 3226 } 3227 3228 /* 3229 * Yes, this should be stat() and not lstat(). Using lstat() 3230 * here loses the ability to extract through symlinks. Also note 3231 * that this should not use the a->st cache. 3232 */ 3233 if (la_stat(path, &st) == 0) { 3234 if (S_ISDIR(st.st_mode)) 3235 return (ARCHIVE_OK); 3236 if ((a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE)) { 3237 archive_set_error(&a->archive, EEXIST, 3238 "Can't create directory '%s'", path); 3239 return (ARCHIVE_FAILED); 3240 } 3241 if (unlink(path) != 0) { 3242 archive_set_error(&a->archive, errno, 3243 "Can't create directory '%s': " 3244 "Conflicting file cannot be removed", 3245 path); 3246 return (ARCHIVE_FAILED); 3247 } 3248 } else if (errno != ENOENT && errno != ENOTDIR) { 3249 /* Stat failed? */ 3250 archive_set_error(&a->archive, errno, 3251 "Can't test directory '%s'", path); 3252 return (ARCHIVE_FAILED); 3253 } else if (slash != NULL) { 3254 *slash = '\0'; 3255 r = create_dir(a, path); 3256 *slash = '/'; 3257 if (r != ARCHIVE_OK) 3258 return (r); 3259 } 3260 3261 /* 3262 * Mode we want for the final restored directory. Per POSIX, 3263 * implicitly-created dirs must be created obeying the umask. 3264 * There's no mention whether this is different for privileged 3265 * restores (which the rest of this code handles by pretending 3266 * umask=0). I've chosen here to always obey the user's umask for 3267 * implicit dirs, even if _EXTRACT_PERM was specified. 3268 */ 3269 mode_final = DEFAULT_DIR_MODE & ~a->user_umask; 3270 /* Mode we want on disk during the restore process. */ 3271 mode = mode_final; 3272 mode |= MINIMUM_DIR_MODE; 3273 mode &= MAXIMUM_DIR_MODE; 3274 if (mkdir(path, mode) == 0) { 3275 if (mode != mode_final) { 3276 le = new_fixup(a, path); 3277 if (le == NULL) 3278 return (ARCHIVE_FATAL); 3279 le->fixup |=TODO_MODE_BASE; 3280 le->mode = mode_final; 3281 } 3282 return (ARCHIVE_OK); 3283 } 3284 3285 /* 3286 * Without the following check, a/b/../b/c/d fails at the 3287 * second visit to 'b', so 'd' can't be created. Note that we 3288 * don't add it to the fixup list here, as it's already been 3289 * added. 3290 */ 3291 if (la_stat(path, &st) == 0 && S_ISDIR(st.st_mode)) 3292 return (ARCHIVE_OK); 3293 3294 archive_set_error(&a->archive, errno, "Failed to create dir '%s'", 3295 path); 3296 return (ARCHIVE_FAILED); 3297} 3298 3299/* 3300 * Note: Although we can skip setting the user id if the desired user 3301 * id matches the current user, we cannot skip setting the group, as 3302 * many systems set the gid based on the containing directory. So 3303 * we have to perform a chown syscall if we want to set the SGID 3304 * bit. (The alternative is to stat() and then possibly chown(); it's 3305 * more efficient to skip the stat() and just always chown().) Note 3306 * that a successful chown() here clears the TODO_SGID_CHECK bit, which 3307 * allows set_mode to skip the stat() check for the GID. 3308 */ 3309static int 3310set_ownership(struct archive_write_disk *a) 3311{ 3312#if !defined(__CYGWIN__) && !defined(__linux__) 3313/* 3314 * On Linux, a process may have the CAP_CHOWN capability. 3315 * On Windows there is no 'root' user with uid 0. 3316 * Elsewhere we can skip calling chown if we are not root and the desired 3317 * user id does not match the current user. 3318 */ 3319 if (a->user_uid != 0 && a->user_uid != a->uid) { 3320 archive_set_error(&a->archive, errno, 3321 "Can't set UID=%jd", (intmax_t)a->uid); 3322 return (ARCHIVE_WARN); 3323 } 3324#endif 3325 3326#ifdef HAVE_FCHOWN 3327 /* If we have an fd, we can avoid a race. */ 3328 if (a->fd >= 0 && fchown(a->fd, a->uid, a->gid) == 0) { 3329 /* We've set owner and know uid/gid are correct. */ 3330 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 3331 return (ARCHIVE_OK); 3332 } 3333#endif 3334 3335 /* We prefer lchown() but will use chown() if that's all we have. */ 3336 /* Of course, if we have neither, this will always fail. */ 3337#ifdef HAVE_LCHOWN 3338 if (lchown(a->name, a->uid, a->gid) == 0) { 3339 /* We've set owner and know uid/gid are correct. */ 3340 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 3341 return (ARCHIVE_OK); 3342 } 3343#elif HAVE_CHOWN 3344 if (!S_ISLNK(a->mode) && chown(a->name, a->uid, a->gid) == 0) { 3345 /* We've set owner and know uid/gid are correct. */ 3346 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 3347 return (ARCHIVE_OK); 3348 } 3349#endif 3350 3351 archive_set_error(&a->archive, errno, 3352 "Can't set user=%jd/group=%jd for %s", 3353 (intmax_t)a->uid, (intmax_t)a->gid, a->name); 3354 return (ARCHIVE_WARN); 3355} 3356 3357/* 3358 * Note: Returns 0 on success, non-zero on failure. 3359 */ 3360static int 3361set_time(int fd, int mode, const char *name, 3362 time_t atime, long atime_nsec, 3363 time_t mtime, long mtime_nsec) 3364{ 3365 /* Select the best implementation for this platform. */ 3366#if defined(HAVE_UTIMENSAT) && defined(HAVE_FUTIMENS) 3367 /* 3368 * utimensat() and futimens() are defined in 3369 * POSIX.1-2008. They support ns resolution and setting times 3370 * on fds and symlinks. 3371 */ 3372 struct timespec ts[2]; 3373 (void)mode; /* UNUSED */ 3374 ts[0].tv_sec = atime; 3375 ts[0].tv_nsec = atime_nsec; 3376 ts[1].tv_sec = mtime; 3377 ts[1].tv_nsec = mtime_nsec; 3378 if (fd >= 0) 3379 return futimens(fd, ts); 3380 return utimensat(AT_FDCWD, name, ts, AT_SYMLINK_NOFOLLOW); 3381 3382#elif HAVE_UTIMES 3383 /* 3384 * The utimes()-family functions support ��s-resolution and 3385 * setting times fds and symlinks. utimes() is documented as 3386 * LEGACY by POSIX, futimes() and lutimes() are not described 3387 * in POSIX. 3388 */ 3389 struct timeval times[2]; 3390 3391 times[0].tv_sec = atime; 3392 times[0].tv_usec = atime_nsec / 1000; 3393 times[1].tv_sec = mtime; 3394 times[1].tv_usec = mtime_nsec / 1000; 3395 3396#ifdef HAVE_FUTIMES 3397 if (fd >= 0) 3398 return (futimes(fd, times)); 3399#else 3400 (void)fd; /* UNUSED */ 3401#endif 3402#ifdef HAVE_LUTIMES 3403 (void)mode; /* UNUSED */ 3404 return (lutimes(name, times)); 3405#else 3406 if (S_ISLNK(mode)) 3407 return (0); 3408 return (utimes(name, times)); 3409#endif 3410 3411#elif defined(HAVE_UTIME) 3412 /* 3413 * utime() is POSIX-standard but only supports 1s resolution and 3414 * does not support fds or symlinks. 3415 */ 3416 struct utimbuf times; 3417 (void)fd; /* UNUSED */ 3418 (void)name; /* UNUSED */ 3419 (void)atime_nsec; /* UNUSED */ 3420 (void)mtime_nsec; /* UNUSED */ 3421 times.actime = atime; 3422 times.modtime = mtime; 3423 if (S_ISLNK(mode)) 3424 return (ARCHIVE_OK); 3425 return (utime(name, ×)); 3426 3427#else 3428 /* 3429 * We don't know how to set the time on this platform. 3430 */ 3431 (void)fd; /* UNUSED */ 3432 (void)mode; /* UNUSED */ 3433 (void)name; /* UNUSED */ 3434 (void)atime_nsec; /* UNUSED */ 3435 (void)mtime_nsec; /* UNUSED */ 3436 return (ARCHIVE_WARN); 3437#endif 3438} 3439 3440#ifdef F_SETTIMES 3441static int 3442set_time_tru64(int fd, int mode, const char *name, 3443 time_t atime, long atime_nsec, 3444 time_t mtime, long mtime_nsec, 3445 time_t ctime, long ctime_nsec) 3446{ 3447 struct attr_timbuf tstamp; 3448 tstamp.atime.tv_sec = atime; 3449 tstamp.mtime.tv_sec = mtime; 3450 tstamp.ctime.tv_sec = ctime; 3451#if defined (__hpux) && defined (__ia64) 3452 tstamp.atime.tv_nsec = atime_nsec; 3453 tstamp.mtime.tv_nsec = mtime_nsec; 3454 tstamp.ctime.tv_nsec = ctime_nsec; 3455#else 3456 tstamp.atime.tv_usec = atime_nsec / 1000; 3457 tstamp.mtime.tv_usec = mtime_nsec / 1000; 3458 tstamp.ctime.tv_usec = ctime_nsec / 1000; 3459#endif 3460 return (fcntl(fd,F_SETTIMES,&tstamp)); 3461} 3462#endif /* F_SETTIMES */ 3463 3464static int 3465set_times(struct archive_write_disk *a, 3466 int fd, int mode, const char *name, 3467 time_t atime, long atime_nanos, 3468 time_t birthtime, long birthtime_nanos, 3469 time_t mtime, long mtime_nanos, 3470 time_t cctime, long ctime_nanos) 3471{ 3472 /* Note: set_time doesn't use libarchive return conventions! 3473 * It uses syscall conventions. So 0 here instead of ARCHIVE_OK. */ 3474 int r1 = 0, r2 = 0; 3475 3476#ifdef F_SETTIMES 3477 /* 3478 * on Tru64 try own fcntl first which can restore even the 3479 * ctime, fall back to default code path below if it fails 3480 * or if we are not running as root 3481 */ 3482 if (a->user_uid == 0 && 3483 set_time_tru64(fd, mode, name, 3484 atime, atime_nanos, mtime, 3485 mtime_nanos, cctime, ctime_nanos) == 0) { 3486 return (ARCHIVE_OK); 3487 } 3488#else /* Tru64 */ 3489 (void)cctime; /* UNUSED */ 3490 (void)ctime_nanos; /* UNUSED */ 3491#endif /* Tru64 */ 3492 3493#ifdef HAVE_STRUCT_STAT_ST_BIRTHTIME 3494 /* 3495 * If you have struct stat.st_birthtime, we assume BSD 3496 * birthtime semantics, in which {f,l,}utimes() updates 3497 * birthtime to earliest mtime. So we set the time twice, 3498 * first using the birthtime, then using the mtime. If 3499 * birthtime == mtime, this isn't necessary, so we skip it. 3500 * If birthtime > mtime, then this won't work, so we skip it. 3501 */ 3502 if (birthtime < mtime 3503 || (birthtime == mtime && birthtime_nanos < mtime_nanos)) 3504 r1 = set_time(fd, mode, name, 3505 atime, atime_nanos, 3506 birthtime, birthtime_nanos); 3507#else 3508 (void)birthtime; /* UNUSED */ 3509 (void)birthtime_nanos; /* UNUSED */ 3510#endif 3511 r2 = set_time(fd, mode, name, 3512 atime, atime_nanos, 3513 mtime, mtime_nanos); 3514 if (r1 != 0 || r2 != 0) { 3515 archive_set_error(&a->archive, errno, 3516 "Can't restore time"); 3517 return (ARCHIVE_WARN); 3518 } 3519 return (ARCHIVE_OK); 3520} 3521 3522static int 3523set_times_from_entry(struct archive_write_disk *a) 3524{ 3525 time_t atime, birthtime, mtime, cctime; 3526 long atime_nsec, birthtime_nsec, mtime_nsec, ctime_nsec; 3527 3528 /* Suitable defaults. */ 3529 atime = birthtime = mtime = cctime = a->start_time; 3530 atime_nsec = birthtime_nsec = mtime_nsec = ctime_nsec = 0; 3531 3532 /* If no time was provided, we're done. */ 3533 if (!archive_entry_atime_is_set(a->entry) 3534#if HAVE_STRUCT_STAT_ST_BIRTHTIME 3535 && !archive_entry_birthtime_is_set(a->entry) 3536#endif 3537 && !archive_entry_mtime_is_set(a->entry)) 3538 return (ARCHIVE_OK); 3539 3540 if (archive_entry_atime_is_set(a->entry)) { 3541 atime = archive_entry_atime(a->entry); 3542 atime_nsec = archive_entry_atime_nsec(a->entry); 3543 } 3544 if (archive_entry_birthtime_is_set(a->entry)) { 3545 birthtime = archive_entry_birthtime(a->entry); 3546 birthtime_nsec = archive_entry_birthtime_nsec(a->entry); 3547 } 3548 if (archive_entry_mtime_is_set(a->entry)) { 3549 mtime = archive_entry_mtime(a->entry); 3550 mtime_nsec = archive_entry_mtime_nsec(a->entry); 3551 } 3552 if (archive_entry_ctime_is_set(a->entry)) { 3553 cctime = archive_entry_ctime(a->entry); 3554 ctime_nsec = archive_entry_ctime_nsec(a->entry); 3555 } 3556 3557 return set_times(a, a->fd, a->mode, a->name, 3558 atime, atime_nsec, 3559 birthtime, birthtime_nsec, 3560 mtime, mtime_nsec, 3561 cctime, ctime_nsec); 3562} 3563 3564static int 3565set_mode(struct archive_write_disk *a, int mode) 3566{ 3567 int r = ARCHIVE_OK; 3568 int r2; 3569 mode &= 07777; /* Strip off file type bits. */ 3570 3571 if (a->todo & TODO_SGID_CHECK) { 3572 /* 3573 * If we don't know the GID is right, we must stat() 3574 * to verify it. We can't just check the GID of this 3575 * process, since systems sometimes set GID from 3576 * the enclosing dir or based on ACLs. 3577 */ 3578 if ((r = lazy_stat(a)) != ARCHIVE_OK) 3579 return (r); 3580 if (a->pst->st_gid != a->gid) { 3581 mode &= ~ S_ISGID; 3582 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3583 /* 3584 * This is only an error if you 3585 * requested owner restore. If you 3586 * didn't, we'll try to restore 3587 * sgid/suid, but won't consider it a 3588 * problem if we can't. 3589 */ 3590 archive_set_error(&a->archive, -1, 3591 "Can't restore SGID bit"); 3592 r = ARCHIVE_WARN; 3593 } 3594 } 3595 /* While we're here, double-check the UID. */ 3596 if (a->pst->st_uid != a->uid 3597 && (a->todo & TODO_SUID)) { 3598 mode &= ~ S_ISUID; 3599 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3600 archive_set_error(&a->archive, -1, 3601 "Can't restore SUID bit"); 3602 r = ARCHIVE_WARN; 3603 } 3604 } 3605 a->todo &= ~TODO_SGID_CHECK; 3606 a->todo &= ~TODO_SUID_CHECK; 3607 } else if (a->todo & TODO_SUID_CHECK) { 3608 /* 3609 * If we don't know the UID is right, we can just check 3610 * the user, since all systems set the file UID from 3611 * the process UID. 3612 */ 3613 if (a->user_uid != a->uid) { 3614 mode &= ~ S_ISUID; 3615 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3616 archive_set_error(&a->archive, -1, 3617 "Can't make file SUID"); 3618 r = ARCHIVE_WARN; 3619 } 3620 } 3621 a->todo &= ~TODO_SUID_CHECK; 3622 } 3623 3624 if (S_ISLNK(a->mode)) { 3625#ifdef HAVE_LCHMOD 3626 /* 3627 * If this is a symlink, use lchmod(). If the 3628 * platform doesn't support lchmod(), just skip it. A 3629 * platform that doesn't provide a way to set 3630 * permissions on symlinks probably ignores 3631 * permissions on symlinks, so a failure here has no 3632 * impact. 3633 */ 3634 if (lchmod(a->name, mode) != 0) { 3635 switch (errno) { 3636 case ENOTSUP: 3637 case ENOSYS: 3638#if ENOTSUP != EOPNOTSUPP 3639 case EOPNOTSUPP: 3640#endif 3641 /* 3642 * if lchmod is defined but the platform 3643 * doesn't support it, silently ignore 3644 * error 3645 */ 3646 break; 3647 default: 3648 archive_set_error(&a->archive, errno, 3649 "Can't set permissions to 0%o", (int)mode); 3650 r = ARCHIVE_WARN; 3651 } 3652 } 3653#endif 3654 } else if (!S_ISDIR(a->mode)) { 3655 /* 3656 * If it's not a symlink and not a dir, then use 3657 * fchmod() or chmod(), depending on whether we have 3658 * an fd. Dirs get their perms set during the 3659 * post-extract fixup, which is handled elsewhere. 3660 */ 3661#ifdef HAVE_FCHMOD 3662 if (a->fd >= 0) 3663 r2 = fchmod(a->fd, mode); 3664 else 3665#endif 3666 /* If this platform lacks fchmod(), then 3667 * we'll just use chmod(). */ 3668 r2 = chmod(a->name, mode); 3669 3670 if (r2 != 0) { 3671 archive_set_error(&a->archive, errno, 3672 "Can't set permissions to 0%o", (int)mode); 3673 r = ARCHIVE_WARN; 3674 } 3675 } 3676 return (r); 3677} 3678 3679static int 3680set_fflags(struct archive_write_disk *a) 3681{ 3682 struct fixup_entry *le; 3683 unsigned long set, clear; 3684 int r; 3685 mode_t mode = archive_entry_mode(a->entry); 3686 /* 3687 * Make 'critical_flags' hold all file flags that can't be 3688 * immediately restored. For example, on BSD systems, 3689 * SF_IMMUTABLE prevents hardlinks from being created, so 3690 * should not be set until after any hardlinks are created. To 3691 * preserve some semblance of portability, this uses #ifdef 3692 * extensively. Ugly, but it works. 3693 * 3694 * Yes, Virginia, this does create a security race. It's mitigated 3695 * somewhat by the practice of creating dirs 0700 until the extract 3696 * is done, but it would be nice if we could do more than that. 3697 * People restoring critical file systems should be wary of 3698 * other programs that might try to muck with files as they're 3699 * being restored. 3700 */ 3701 const int critical_flags = 0 3702#ifdef SF_IMMUTABLE 3703 | SF_IMMUTABLE 3704#endif 3705#ifdef UF_IMMUTABLE 3706 | UF_IMMUTABLE 3707#endif 3708#ifdef SF_APPEND 3709 | SF_APPEND 3710#endif 3711#ifdef UF_APPEND 3712 | UF_APPEND 3713#endif 3714#if defined(FS_APPEND_FL) 3715 | FS_APPEND_FL 3716#elif defined(EXT2_APPEND_FL) 3717 | EXT2_APPEND_FL 3718#endif 3719#if defined(FS_IMMUTABLE_FL) 3720 | FS_IMMUTABLE_FL 3721#elif defined(EXT2_IMMUTABLE_FL) 3722 | EXT2_IMMUTABLE_FL 3723#endif 3724#ifdef FS_JOURNAL_DATA_FL 3725 | FS_JOURNAL_DATA_FL 3726#endif 3727 ; 3728 3729 if (a->todo & TODO_FFLAGS) { 3730 archive_entry_fflags(a->entry, &set, &clear); 3731 3732 /* 3733 * The first test encourages the compiler to eliminate 3734 * all of this if it's not necessary. 3735 */ 3736 if ((critical_flags != 0) && (set & critical_flags)) { 3737 le = current_fixup(a, a->name); 3738 if (le == NULL) 3739 return (ARCHIVE_FATAL); 3740 le->fixup |= TODO_FFLAGS; 3741 le->fflags_set = set; 3742 /* Store the mode if it's not already there. */ 3743 if ((le->fixup & TODO_MODE) == 0) 3744 le->mode = mode; 3745 } else { 3746 r = set_fflags_platform(a, a->fd, 3747 a->name, mode, set, clear); 3748 if (r != ARCHIVE_OK) 3749 return (r); 3750 } 3751 } 3752 return (ARCHIVE_OK); 3753} 3754 3755static int 3756clear_nochange_fflags(struct archive_write_disk *a) 3757{ 3758 mode_t mode = archive_entry_mode(a->entry); 3759 const int nochange_flags = 0 3760#ifdef SF_IMMUTABLE 3761 | SF_IMMUTABLE 3762#endif 3763#ifdef UF_IMMUTABLE 3764 | UF_IMMUTABLE 3765#endif 3766#ifdef SF_APPEND 3767 | SF_APPEND 3768#endif 3769#ifdef UF_APPEND 3770 | UF_APPEND 3771#endif 3772#ifdef EXT2_APPEND_FL 3773 | EXT2_APPEND_FL 3774#endif 3775#ifdef EXT2_IMMUTABLE_FL 3776 | EXT2_IMMUTABLE_FL 3777#endif 3778 ; 3779 3780 return (set_fflags_platform(a, a->fd, a->name, mode, 0, 3781 nochange_flags)); 3782} 3783 3784 3785#if ( defined(HAVE_LCHFLAGS) || defined(HAVE_CHFLAGS) || defined(HAVE_FCHFLAGS) ) && defined(HAVE_STRUCT_STAT_ST_FLAGS) 3786/* 3787 * BSD reads flags using stat() and sets them with one of {f,l,}chflags() 3788 */ 3789static int 3790set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3791 mode_t mode, unsigned long set, unsigned long clear) 3792{ 3793 int r; 3794 const int sf_mask = 0 3795#ifdef SF_APPEND 3796 | SF_APPEND 3797#endif 3798#ifdef SF_ARCHIVED 3799 | SF_ARCHIVED 3800#endif 3801#ifdef SF_IMMUTABLE 3802 | SF_IMMUTABLE 3803#endif 3804#ifdef SF_NOUNLINK 3805 | SF_NOUNLINK 3806#endif 3807 ; 3808 (void)mode; /* UNUSED */ 3809 3810 if (set == 0 && clear == 0) 3811 return (ARCHIVE_OK); 3812 3813 /* 3814 * XXX Is the stat here really necessary? Or can I just use 3815 * the 'set' flags directly? In particular, I'm not sure 3816 * about the correct approach if we're overwriting an existing 3817 * file that already has flags on it. XXX 3818 */ 3819 if ((r = lazy_stat(a)) != ARCHIVE_OK) 3820 return (r); 3821 3822 a->st.st_flags &= ~clear; 3823 a->st.st_flags |= set; 3824 3825 /* Only super-user may change SF_* flags */ 3826 3827 if (a->user_uid != 0) 3828 a->st.st_flags &= ~sf_mask; 3829 3830#ifdef HAVE_FCHFLAGS 3831 /* If platform has fchflags() and we were given an fd, use it. */ 3832 if (fd >= 0 && fchflags(fd, a->st.st_flags) == 0) 3833 return (ARCHIVE_OK); 3834#endif 3835 /* 3836 * If we can't use the fd to set the flags, we'll use the 3837 * pathname to set flags. We prefer lchflags() but will use 3838 * chflags() if we must. 3839 */ 3840#ifdef HAVE_LCHFLAGS 3841 if (lchflags(name, a->st.st_flags) == 0) 3842 return (ARCHIVE_OK); 3843#elif defined(HAVE_CHFLAGS) 3844 if (S_ISLNK(a->st.st_mode)) { 3845 archive_set_error(&a->archive, errno, 3846 "Can't set file flags on symlink."); 3847 return (ARCHIVE_WARN); 3848 } 3849 if (chflags(name, a->st.st_flags) == 0) 3850 return (ARCHIVE_OK); 3851#endif 3852 archive_set_error(&a->archive, errno, 3853 "Failed to set file flags"); 3854 return (ARCHIVE_WARN); 3855} 3856 3857#elif (defined(FS_IOC_GETFLAGS) && defined(FS_IOC_SETFLAGS) && \ 3858 defined(HAVE_WORKING_FS_IOC_GETFLAGS)) || \ 3859 (defined(EXT2_IOC_GETFLAGS) && defined(EXT2_IOC_SETFLAGS) && \ 3860 defined(HAVE_WORKING_EXT2_IOC_GETFLAGS)) 3861/* 3862 * Linux uses ioctl() to read and write file flags. 3863 */ 3864static int 3865set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3866 mode_t mode, unsigned long set, unsigned long clear) 3867{ 3868 int ret; 3869 int myfd = fd; 3870 int newflags, oldflags; 3871 /* 3872 * Linux has no define for the flags that are only settable by 3873 * the root user. This code may seem a little complex, but 3874 * there seem to be some Linux systems that lack these 3875 * defines. (?) The code below degrades reasonably gracefully 3876 * if sf_mask is incomplete. 3877 */ 3878 const int sf_mask = 0 3879#if defined(FS_IMMUTABLE_FL) 3880 | FS_IMMUTABLE_FL 3881#elif defined(EXT2_IMMUTABLE_FL) 3882 | EXT2_IMMUTABLE_FL 3883#endif 3884#if defined(FS_APPEND_FL) 3885 | FS_APPEND_FL 3886#elif defined(EXT2_APPEND_FL) 3887 | EXT2_APPEND_FL 3888#endif 3889#if defined(FS_JOURNAL_DATA_FL) 3890 | FS_JOURNAL_DATA_FL 3891#endif 3892 ; 3893 3894 if (set == 0 && clear == 0) 3895 return (ARCHIVE_OK); 3896 /* Only regular files and dirs can have flags. */ 3897 if (!S_ISREG(mode) && !S_ISDIR(mode)) 3898 return (ARCHIVE_OK); 3899 3900 /* If we weren't given an fd, open it ourselves. */ 3901 if (myfd < 0) { 3902 myfd = open(name, O_RDONLY | O_NONBLOCK | O_BINARY | O_CLOEXEC); 3903 __archive_ensure_cloexec_flag(myfd); 3904 } 3905 if (myfd < 0) 3906 return (ARCHIVE_OK); 3907 3908 /* 3909 * XXX As above, this would be way simpler if we didn't have 3910 * to read the current flags from disk. XXX 3911 */ 3912 ret = ARCHIVE_OK; 3913 3914 /* Read the current file flags. */ 3915 if (ioctl(myfd, 3916#ifdef FS_IOC_GETFLAGS 3917 FS_IOC_GETFLAGS, 3918#else 3919 EXT2_IOC_GETFLAGS, 3920#endif 3921 &oldflags) < 0) 3922 goto fail; 3923 3924 /* Try setting the flags as given. */ 3925 newflags = (oldflags & ~clear) | set; 3926 if (ioctl(myfd, 3927#ifdef FS_IOC_SETFLAGS 3928 FS_IOC_SETFLAGS, 3929#else 3930 EXT2_IOC_SETFLAGS, 3931#endif 3932 &newflags) >= 0) 3933 goto cleanup; 3934 if (errno != EPERM) 3935 goto fail; 3936 3937 /* If we couldn't set all the flags, try again with a subset. */ 3938 newflags &= ~sf_mask; 3939 oldflags &= sf_mask; 3940 newflags |= oldflags; 3941 if (ioctl(myfd, 3942#ifdef FS_IOC_SETFLAGS 3943 FS_IOC_SETFLAGS, 3944#else 3945 EXT2_IOC_SETFLAGS, 3946#endif 3947 &newflags) >= 0) 3948 goto cleanup; 3949 3950 /* We couldn't set the flags, so report the failure. */ 3951fail: 3952 archive_set_error(&a->archive, errno, 3953 "Failed to set file flags"); 3954 ret = ARCHIVE_WARN; 3955cleanup: 3956 if (fd < 0) 3957 close(myfd); 3958 return (ret); 3959} 3960 3961#else 3962 3963/* 3964 * Of course, some systems have neither BSD chflags() nor Linux' flags 3965 * support through ioctl(). 3966 */ 3967static int 3968set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3969 mode_t mode, unsigned long set, unsigned long clear) 3970{ 3971 (void)a; /* UNUSED */ 3972 (void)fd; /* UNUSED */ 3973 (void)name; /* UNUSED */ 3974 (void)mode; /* UNUSED */ 3975 (void)set; /* UNUSED */ 3976 (void)clear; /* UNUSED */ 3977 return (ARCHIVE_OK); 3978} 3979 3980#endif /* __linux */ 3981 3982#ifndef HAVE_COPYFILE_H 3983/* Default is to simply drop Mac extended metadata. */ 3984static int 3985set_mac_metadata(struct archive_write_disk *a, const char *pathname, 3986 const void *metadata, size_t metadata_size) 3987{ 3988 (void)a; /* UNUSED */ 3989 (void)pathname; /* UNUSED */ 3990 (void)metadata; /* UNUSED */ 3991 (void)metadata_size; /* UNUSED */ 3992 return (ARCHIVE_OK); 3993} 3994 3995static int 3996fixup_appledouble(struct archive_write_disk *a, const char *pathname) 3997{ 3998 (void)a; /* UNUSED */ 3999 (void)pathname; /* UNUSED */ 4000 return (ARCHIVE_OK); 4001} 4002#else 4003 4004/* 4005 * On Mac OS, we use copyfile() to unpack the metadata and 4006 * apply it to the target file. 4007 */ 4008 4009#if defined(HAVE_SYS_XATTR_H) 4010static int 4011copy_xattrs(struct archive_write_disk *a, int tmpfd, int dffd) 4012{ 4013 ssize_t xattr_size; 4014 char *xattr_names = NULL, *xattr_val = NULL; 4015 int ret = ARCHIVE_OK, xattr_i; 4016 4017 xattr_size = flistxattr(tmpfd, NULL, 0, 0); 4018 if (xattr_size == -1) { 4019 archive_set_error(&a->archive, errno, 4020 "Failed to read metadata(xattr)"); 4021 ret = ARCHIVE_WARN; 4022 goto exit_xattr; 4023 } 4024 xattr_names = malloc(xattr_size); 4025 if (xattr_names == NULL) { 4026 archive_set_error(&a->archive, ENOMEM, 4027 "Can't allocate memory for metadata(xattr)"); 4028 ret = ARCHIVE_FATAL; 4029 goto exit_xattr; 4030 } 4031 xattr_size = flistxattr(tmpfd, xattr_names, xattr_size, 0); 4032 if (xattr_size == -1) { 4033 archive_set_error(&a->archive, errno, 4034 "Failed to read metadata(xattr)"); 4035 ret = ARCHIVE_WARN; 4036 goto exit_xattr; 4037 } 4038 for (xattr_i = 0; xattr_i < xattr_size; 4039 xattr_i += strlen(xattr_names + xattr_i) + 1) { 4040 char *xattr_val_saved; 4041 ssize_t s; 4042 int f; 4043 4044 s = fgetxattr(tmpfd, xattr_names + xattr_i, NULL, 0, 0, 0); 4045 if (s == -1) { 4046 archive_set_error(&a->archive, errno, 4047 "Failed to get metadata(xattr)"); 4048 ret = ARCHIVE_WARN; 4049 goto exit_xattr; 4050 } 4051 xattr_val_saved = xattr_val; 4052 xattr_val = realloc(xattr_val, s); 4053 if (xattr_val == NULL) { 4054 archive_set_error(&a->archive, ENOMEM, 4055 "Failed to get metadata(xattr)"); 4056 ret = ARCHIVE_WARN; 4057 free(xattr_val_saved); 4058 goto exit_xattr; 4059 } 4060 s = fgetxattr(tmpfd, xattr_names + xattr_i, xattr_val, s, 0, 0); 4061 if (s == -1) { 4062 archive_set_error(&a->archive, errno, 4063 "Failed to get metadata(xattr)"); 4064 ret = ARCHIVE_WARN; 4065 goto exit_xattr; 4066 } 4067 f = fsetxattr(dffd, xattr_names + xattr_i, xattr_val, s, 0, 0); 4068 if (f == -1) { 4069 archive_set_error(&a->archive, errno, 4070 "Failed to get metadata(xattr)"); 4071 ret = ARCHIVE_WARN; 4072 goto exit_xattr; 4073 } 4074 } 4075exit_xattr: 4076 free(xattr_names); 4077 free(xattr_val); 4078 return (ret); 4079} 4080#endif 4081 4082static int 4083copy_acls(struct archive_write_disk *a, int tmpfd, int dffd) 4084{ 4085#ifndef HAVE_SYS_ACL_H 4086 return 0; 4087#else 4088 acl_t acl, dfacl = NULL; 4089 int acl_r, ret = ARCHIVE_OK; 4090 4091 acl = acl_get_fd(tmpfd); 4092 if (acl == NULL) { 4093 if (errno == ENOENT) 4094 /* There are not any ACLs. */ 4095 return (ret); 4096 archive_set_error(&a->archive, errno, 4097 "Failed to get metadata(acl)"); 4098 ret = ARCHIVE_WARN; 4099 goto exit_acl; 4100 } 4101 dfacl = acl_dup(acl); 4102 acl_r = acl_set_fd(dffd, dfacl); 4103 if (acl_r == -1) { 4104 archive_set_error(&a->archive, errno, 4105 "Failed to get metadata(acl)"); 4106 ret = ARCHIVE_WARN; 4107 goto exit_acl; 4108 } 4109exit_acl: 4110 if (acl) 4111 acl_free(acl); 4112 if (dfacl) 4113 acl_free(dfacl); 4114 return (ret); 4115#endif 4116} 4117 4118static int 4119create_tempdatafork(struct archive_write_disk *a, const char *pathname) 4120{ 4121 struct archive_string tmpdatafork; 4122 int tmpfd; 4123 4124 archive_string_init(&tmpdatafork); 4125 archive_strcpy(&tmpdatafork, "tar.md.XXXXXX"); 4126 tmpfd = mkstemp(tmpdatafork.s); 4127 if (tmpfd < 0) { 4128 archive_set_error(&a->archive, errno, 4129 "Failed to mkstemp"); 4130 archive_string_free(&tmpdatafork); 4131 return (-1); 4132 } 4133 if (copyfile(pathname, tmpdatafork.s, 0, 4134 COPYFILE_UNPACK | COPYFILE_NOFOLLOW 4135 | COPYFILE_ACL | COPYFILE_XATTR) < 0) { 4136 archive_set_error(&a->archive, errno, 4137 "Failed to restore metadata"); 4138 close(tmpfd); 4139 tmpfd = -1; 4140 } 4141 unlink(tmpdatafork.s); 4142 archive_string_free(&tmpdatafork); 4143 return (tmpfd); 4144} 4145 4146static int 4147copy_metadata(struct archive_write_disk *a, const char *metadata, 4148 const char *datafork, int datafork_compressed) 4149{ 4150 int ret = ARCHIVE_OK; 4151 4152 if (datafork_compressed) { 4153 int dffd, tmpfd; 4154 4155 tmpfd = create_tempdatafork(a, metadata); 4156 if (tmpfd == -1) 4157 return (ARCHIVE_WARN); 4158 4159 /* 4160 * Do not open the data fork compressed by HFS+ compression 4161 * with at least a writing mode(O_RDWR or O_WRONLY). it 4162 * makes the data fork uncompressed. 4163 */ 4164 dffd = open(datafork, 0); 4165 if (dffd == -1) { 4166 archive_set_error(&a->archive, errno, 4167 "Failed to open the data fork for metadata"); 4168 close(tmpfd); 4169 return (ARCHIVE_WARN); 4170 } 4171 4172#if defined(HAVE_SYS_XATTR_H) 4173 ret = copy_xattrs(a, tmpfd, dffd); 4174 if (ret == ARCHIVE_OK) 4175#endif 4176 ret = copy_acls(a, tmpfd, dffd); 4177 close(tmpfd); 4178 close(dffd); 4179 } else { 4180 if (copyfile(metadata, datafork, 0, 4181 COPYFILE_UNPACK | COPYFILE_NOFOLLOW 4182 | COPYFILE_ACL | COPYFILE_XATTR) < 0) { 4183 archive_set_error(&a->archive, errno, 4184 "Failed to restore metadata"); 4185 ret = ARCHIVE_WARN; 4186 } 4187 } 4188 return (ret); 4189} 4190 4191static int 4192set_mac_metadata(struct archive_write_disk *a, const char *pathname, 4193 const void *metadata, size_t metadata_size) 4194{ 4195 struct archive_string tmp; 4196 ssize_t written; 4197 int fd; 4198 int ret = ARCHIVE_OK; 4199 4200 /* This would be simpler if copyfile() could just accept the 4201 * metadata as a block of memory; then we could sidestep this 4202 * silly dance of writing the data to disk just so that 4203 * copyfile() can read it back in again. */ 4204 archive_string_init(&tmp); 4205 archive_strcpy(&tmp, pathname); 4206 archive_strcat(&tmp, ".XXXXXX"); 4207 fd = mkstemp(tmp.s); 4208 4209 if (fd < 0) { 4210 archive_set_error(&a->archive, errno, 4211 "Failed to restore metadata"); 4212 archive_string_free(&tmp); 4213 return (ARCHIVE_WARN); 4214 } 4215 written = write(fd, metadata, metadata_size); 4216 close(fd); 4217 if ((size_t)written != metadata_size) { 4218 archive_set_error(&a->archive, errno, 4219 "Failed to restore metadata"); 4220 ret = ARCHIVE_WARN; 4221 } else { 4222 int compressed; 4223 4224#if defined(UF_COMPRESSED) 4225 if ((a->todo & TODO_HFS_COMPRESSION) != 0 && 4226 (ret = lazy_stat(a)) == ARCHIVE_OK) 4227 compressed = a->st.st_flags & UF_COMPRESSED; 4228 else 4229#endif 4230 compressed = 0; 4231 ret = copy_metadata(a, tmp.s, pathname, compressed); 4232 } 4233 unlink(tmp.s); 4234 archive_string_free(&tmp); 4235 return (ret); 4236} 4237 4238static int 4239fixup_appledouble(struct archive_write_disk *a, const char *pathname) 4240{ 4241 char buff[8]; 4242 struct stat st; 4243 const char *p; 4244 struct archive_string datafork; 4245 int fd = -1, ret = ARCHIVE_OK; 4246 4247 archive_string_init(&datafork); 4248 /* Check if the current file name is a type of the resource 4249 * fork file. */ 4250 p = strrchr(pathname, '/'); 4251 if (p == NULL) 4252 p = pathname; 4253 else 4254 p++; 4255 if (p[0] != '.' || p[1] != '_') 4256 goto skip_appledouble; 4257 4258 /* 4259 * Check if the data fork file exists. 4260 * 4261 * TODO: Check if this write disk object has handled it. 4262 */ 4263 archive_strncpy(&datafork, pathname, p - pathname); 4264 archive_strcat(&datafork, p + 2); 4265 if (lstat(datafork.s, &st) == -1 || 4266 (st.st_mode & AE_IFMT) != AE_IFREG) 4267 goto skip_appledouble; 4268 4269 /* 4270 * Check if the file is in the AppleDouble form. 4271 */ 4272 fd = open(pathname, O_RDONLY | O_BINARY | O_CLOEXEC); 4273 __archive_ensure_cloexec_flag(fd); 4274 if (fd == -1) { 4275 archive_set_error(&a->archive, errno, 4276 "Failed to open a restoring file"); 4277 ret = ARCHIVE_WARN; 4278 goto skip_appledouble; 4279 } 4280 if (read(fd, buff, 8) == -1) { 4281 archive_set_error(&a->archive, errno, 4282 "Failed to read a restoring file"); 4283 close(fd); 4284 ret = ARCHIVE_WARN; 4285 goto skip_appledouble; 4286 } 4287 close(fd); 4288 /* Check AppleDouble Magic Code. */ 4289 if (archive_be32dec(buff) != 0x00051607) 4290 goto skip_appledouble; 4291 /* Check AppleDouble Version. */ 4292 if (archive_be32dec(buff+4) != 0x00020000) 4293 goto skip_appledouble; 4294 4295 ret = copy_metadata(a, pathname, datafork.s, 4296#if defined(UF_COMPRESSED) 4297 st.st_flags & UF_COMPRESSED); 4298#else 4299 0); 4300#endif 4301 if (ret == ARCHIVE_OK) { 4302 unlink(pathname); 4303 ret = ARCHIVE_EOF; 4304 } 4305skip_appledouble: 4306 archive_string_free(&datafork); 4307 return (ret); 4308} 4309#endif 4310 4311#if ARCHIVE_XATTR_LINUX || ARCHIVE_XATTR_DARWIN || ARCHIVE_XATTR_AIX 4312/* 4313 * Restore extended attributes - Linux, Darwin and AIX implementations: 4314 * AIX' ea interface is syntaxwise identical to the Linux xattr interface. 4315 */ 4316static int 4317set_xattrs(struct archive_write_disk *a) 4318{ 4319 struct archive_entry *entry = a->entry; 4320 struct archive_string errlist; 4321 int ret = ARCHIVE_OK; 4322 int i = archive_entry_xattr_reset(entry); 4323 short fail = 0; 4324 4325 archive_string_init(&errlist); 4326 4327 while (i--) { 4328 const char *name; 4329 const void *value; 4330 size_t size; 4331 int e; 4332 4333 archive_entry_xattr_next(entry, &name, &value, &size); 4334 4335 if (name == NULL) 4336 continue; 4337#if ARCHIVE_XATTR_LINUX 4338 /* Linux: quietly skip POSIX.1e ACL extended attributes */ 4339 if (strncmp(name, "system.", 7) == 0 && 4340 (strcmp(name + 7, "posix_acl_access") == 0 || 4341 strcmp(name + 7, "posix_acl_default") == 0)) 4342 continue; 4343 if (strncmp(name, "trusted.SGI_", 12) == 0 && 4344 (strcmp(name + 12, "ACL_DEFAULT") == 0 || 4345 strcmp(name + 12, "ACL_FILE") == 0)) 4346 continue; 4347 4348 /* Linux: xfsroot namespace is obsolete and unsupported */ 4349 if (strncmp(name, "xfsroot.", 8) == 0) { 4350 fail = 1; 4351 archive_strcat(&errlist, name); 4352 archive_strappend_char(&errlist, ' '); 4353 continue; 4354 } 4355#endif 4356 4357 if (a->fd >= 0) { 4358#if ARCHIVE_XATTR_LINUX 4359 e = fsetxattr(a->fd, name, value, size, 0); 4360#elif ARCHIVE_XATTR_DARWIN 4361 e = fsetxattr(a->fd, name, value, size, 0, 0); 4362#elif ARCHIVE_XATTR_AIX 4363 e = fsetea(a->fd, name, value, size, 0); 4364#endif 4365 } else { 4366#if ARCHIVE_XATTR_LINUX 4367 e = lsetxattr(archive_entry_pathname(entry), 4368 name, value, size, 0); 4369#elif ARCHIVE_XATTR_DARWIN 4370 e = setxattr(archive_entry_pathname(entry), 4371 name, value, size, 0, XATTR_NOFOLLOW); 4372#elif ARCHIVE_XATTR_AIX 4373 e = lsetea(archive_entry_pathname(entry), 4374 name, value, size, 0); 4375#endif 4376 } 4377 if (e == -1) { 4378 ret = ARCHIVE_WARN; 4379 archive_strcat(&errlist, name); 4380 archive_strappend_char(&errlist, ' '); 4381 if (errno != ENOTSUP && errno != ENOSYS) 4382 fail = 1; 4383 } 4384 } 4385 4386 if (ret == ARCHIVE_WARN) { 4387 if (fail && errlist.length > 0) { 4388 errlist.length--; 4389 errlist.s[errlist.length] = '\0'; 4390 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 4391 "Cannot restore extended attributes: %s", 4392 errlist.s); 4393 } else 4394 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 4395 "Cannot restore extended " 4396 "attributes on this file system."); 4397 } 4398 4399 archive_string_free(&errlist); 4400 return (ret); 4401} 4402#elif ARCHIVE_XATTR_FREEBSD 4403/* 4404 * Restore extended attributes - FreeBSD implementation 4405 */ 4406static int 4407set_xattrs(struct archive_write_disk *a) 4408{ 4409 struct archive_entry *entry = a->entry; 4410 struct archive_string errlist; 4411 int ret = ARCHIVE_OK; 4412 int i = archive_entry_xattr_reset(entry); 4413 short fail = 0; 4414 4415 archive_string_init(&errlist); 4416 4417 while (i--) { 4418 const char *name; 4419 const void *value; 4420 size_t size; 4421 archive_entry_xattr_next(entry, &name, &value, &size); 4422 if (name != NULL) { 4423 ssize_t e; 4424 int namespace; 4425 4426 namespace = EXTATTR_NAMESPACE_USER; 4427 4428 if (strncmp(name, "user.", 5) == 0) { 4429 /* "user." attributes go to user namespace */ 4430 name += 5; 4431 namespace = EXTATTR_NAMESPACE_USER; 4432 } else if (strncmp(name, "system.", 7) == 0) { 4433 name += 7; 4434 namespace = EXTATTR_NAMESPACE_SYSTEM; 4435 if (!strcmp(name, "nfs4.acl") || 4436 !strcmp(name, "posix1e.acl_access") || 4437 !strcmp(name, "posix1e.acl_default")) 4438 continue; 4439 } else { 4440 /* Other namespaces are unsupported */ 4441 archive_strcat(&errlist, name); 4442 archive_strappend_char(&errlist, ' '); 4443 fail = 1; 4444 ret = ARCHIVE_WARN; 4445 continue; 4446 } 4447 4448 if (a->fd >= 0) { 4449 /* 4450 * On FreeBSD, extattr_set_fd does not 4451 * return the same as 4452 * extattr_set_file. It returns zero 4453 * on success, non-zero on failure. 4454 * 4455 * We can detect the failure by 4456 * manually setting errno prior to the 4457 * call and checking after. 4458 * 4459 * If errno remains zero, fake the 4460 * return value by setting e to size. 4461 * 4462 * This is a hack for now until I 4463 * (Shawn Webb) get FreeBSD to fix the 4464 * issue, if that's even possible. 4465 */ 4466 errno = 0; 4467 e = extattr_set_fd(a->fd, namespace, name, 4468 value, size); 4469 if (e == 0 && errno == 0) { 4470 e = size; 4471 } 4472 } else { 4473 e = extattr_set_link( 4474 archive_entry_pathname(entry), namespace, 4475 name, value, size); 4476 } 4477 if (e != (ssize_t)size) { 4478 archive_strcat(&errlist, name); 4479 archive_strappend_char(&errlist, ' '); 4480 ret = ARCHIVE_WARN; 4481 if (errno != ENOTSUP && errno != ENOSYS) 4482 fail = 1; 4483 } 4484 } 4485 } 4486 4487 if (ret == ARCHIVE_WARN) { 4488 if (fail && errlist.length > 0) { 4489 errlist.length--; 4490 errlist.s[errlist.length] = '\0'; 4491 4492 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 4493 "Cannot restore extended attributes: %s", 4494 errlist.s); 4495 } else 4496 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 4497 "Cannot restore extended " 4498 "attributes on this file system."); 4499 } 4500 4501 archive_string_free(&errlist); 4502 return (ret); 4503} 4504#else 4505/* 4506 * Restore extended attributes - stub implementation for unsupported systems 4507 */ 4508static int 4509set_xattrs(struct archive_write_disk *a) 4510{ 4511 static int warning_done = 0; 4512 4513 /* If there aren't any extended attributes, then it's okay not 4514 * to extract them, otherwise, issue a single warning. */ 4515 if (archive_entry_xattr_count(a->entry) != 0 && !warning_done) { 4516 warning_done = 1; 4517 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 4518 "Cannot restore extended attributes on this system"); 4519 return (ARCHIVE_WARN); 4520 } 4521 /* Warning was already emitted; suppress further warnings. */ 4522 return (ARCHIVE_OK); 4523} 4524#endif 4525 4526/* 4527 * Test if file on disk is older than entry. 4528 */ 4529static int 4530older(struct stat *st, struct archive_entry *entry) 4531{ 4532 /* First, test the seconds and return if we have a definite answer. */ 4533 /* Definitely older. */ 4534 if (to_int64_time(st->st_mtime) < to_int64_time(archive_entry_mtime(entry))) 4535 return (1); 4536 /* Definitely younger. */ 4537 if (to_int64_time(st->st_mtime) > to_int64_time(archive_entry_mtime(entry))) 4538 return (0); 4539 /* If this platform supports fractional seconds, try those. */ 4540#if HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC 4541 /* Definitely older. */ 4542 if (st->st_mtimespec.tv_nsec < archive_entry_mtime_nsec(entry)) 4543 return (1); 4544#elif HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC 4545 /* Definitely older. */ 4546 if (st->st_mtim.tv_nsec < archive_entry_mtime_nsec(entry)) 4547 return (1); 4548#elif HAVE_STRUCT_STAT_ST_MTIME_N 4549 /* older. */ 4550 if (st->st_mtime_n < archive_entry_mtime_nsec(entry)) 4551 return (1); 4552#elif HAVE_STRUCT_STAT_ST_UMTIME 4553 /* older. */ 4554 if (st->st_umtime * 1000 < archive_entry_mtime_nsec(entry)) 4555 return (1); 4556#elif HAVE_STRUCT_STAT_ST_MTIME_USEC 4557 /* older. */ 4558 if (st->st_mtime_usec * 1000 < archive_entry_mtime_nsec(entry)) 4559 return (1); 4560#else 4561 /* This system doesn't have high-res timestamps. */ 4562#endif 4563 /* Same age or newer, so not older. */ 4564 return (0); 4565} 4566 4567#ifndef ARCHIVE_ACL_SUPPORT 4568int 4569archive_write_disk_set_acls(struct archive *a, int fd, const char *name, 4570 struct archive_acl *abstract_acl, __LA_MODE_T mode) 4571{ 4572 (void)a; /* UNUSED */ 4573 (void)fd; /* UNUSED */ 4574 (void)name; /* UNUSED */ 4575 (void)abstract_acl; /* UNUSED */ 4576 (void)mode; /* UNUSED */ 4577 return (ARCHIVE_OK); 4578} 4579#endif 4580 4581#endif /* !_WIN32 || __CYGWIN__ */ 4582 4583