Allow tar header fields without null terminator

The "archive_read_format_tar_bid" and related "validate_number_field"
were revisited to allow one more non-standard way of coding UID/GID
and similar number fields in the tar header.
Modified "test_compat_gtar" to verify reading of such value.

diff --git a/libarchive/archive_read_support_format_tar.c b/libarchive/archive_read_support_format_tar.c
index 11ff03101b9a97635c89d939c41bde810aaaa58a..0ee511ea1ae8d1d42fd3e564382b761c2ccf9c1e 100644 (file)
--- a/libarchive/archive_read_support_format_tar.c
+++ b/libarchive/archive_read_support_format_tar.c
@@ -300,19 +300,29 @@ validate_number_field(const char* p_field, size_t i_size)
        unsigned char marker = (unsigned char)p_field[0];
        /* octal? */
        if ((marker >= '0' && marker <= '7') || marker == ' ') {
-               /* must be terminated by null or space */
-               if (p_field[i_size - 1] != '\0' && p_field[i_size - 1] != ' ') {
-                       return 0;
-               }
-               /* rest must be octal digits */
                size_t i = 0;
-               for (i = 1; i < i_size - 1; ++i) {
-                       char c = p_field[i];
-                       if ((c < '0' || c > '7') && c != ' ') {
-                               return 0;
+               int octal_found = 0;
+               for (i = 0; i < i_size; ++i) {
+                       switch (p_field[i])
+                       {
+                       case ' ': /* skip any leading spaces and trailing space*/
+                               if (octal_found == 0 || i == i_size - 1) {
+                                       continue;
+                               }
+                               break;
+                       case '\0': /* null is allowed only at the end */
+                               if (i != i_size - 1) {
+                                       return 0;
+                               }
+                               break;
+                       /* rest must be octal digits */
+                       case '0': case '1': case '2': case '3':
+                       case '4': case '5': case '6': case '7':
+                               ++octal_found;
+                               break;
                        }
                }
-               return 1;
+               return octal_found > 0;
        }
        /* base 256 (i.e. binary number) */
        else if (marker == 128 || marker == 255 || marker == 0) {
@@ -376,31 +386,22 @@ archive_read_format_tar_bid(struct archive_read *a, int best_bid)
                return (0);
        bid += 2;  /* 6 bits of variation in an 8-bit field leaves 2 bits. */
 
-       /* Sanity check: Look at first byte of mode field. */
-       switch (255 & (unsigned)header->mode[0]) {
-       case 0: case 255:
-               /* Base-256 value: No further verification possible! */
-               break;
-       case ' ': /* Not recommended, but not illegal, either. */
-               break;
-       case '0': case '1': case '2': case '3':
-       case '4': case '5': case '6': case '7':
-               /* Octal Value. */
-               /* TODO: Check format of remainder of this field. */
-               break;
-       default:
-               /* Not a valid mode; bail out here. */
-               return (0);
-       }
-
-       /* Sanity test uid/gid/mtime/size/rdevmajor/rdevminor fields. */
-       if (validate_number_field(header->uid, sizeof(header->uid)) == 0 ||
-               validate_number_field(header->gid, sizeof(header->gid)) == 0 ||
-               validate_number_field(header->mtime, sizeof(header->mtime)) == 0 ||
-               validate_number_field(header->size, sizeof(header->size)) == 0 ||
-               validate_number_field(header->rdevmajor, sizeof(header->rdevmajor)) == 0 ||
-               validate_number_field(header->rdevminor, sizeof(header->rdevminor)) == 0) {
-               return 0;
+       /*
+        * Check format of mode/uid/gid/mtime/size/rdevmajor/rdevminor fields.
+        * These are usually octal numbers but GNU tar encodes "big" values as
+        * base256 and leading zeroes are sometimes replaced by spaces.
+        * Even the null terminator is sometimes omitted. Anyway, must be checked
+        * to avoid false positives.
+        */
+       if (bid > 0 &&
+               (validate_number_field(header->mode, sizeof(header->mode)) == 0 ||
+                validate_number_field(header->uid, sizeof(header->uid)) == 0 ||
+                validate_number_field(header->gid, sizeof(header->gid)) == 0 ||
+                validate_number_field(header->mtime, sizeof(header->mtime)) == 0 ||
+                validate_number_field(header->size, sizeof(header->size)) == 0 ||
+                validate_number_field(header->rdevmajor, sizeof(header->rdevmajor)) == 0 ||
+                validate_number_field(header->rdevminor, sizeof(header->rdevminor)) == 0)) {
+                       bid = 0;
        }
 
        return (bid);

diff --git a/libarchive/test/test_compat_gtar.c b/libarchive/test/test_compat_gtar.c
index e31e267714d45d265432c6ef9273cda6c00b2154..def24aae52200ca20a0a41db52bab716993b34ce 100644 (file)
--- a/libarchive/test/test_compat_gtar.c
+++ b/libarchive/test/test_compat_gtar.c
@@ -107,7 +107,8 @@ test_compat_gtar_1(void)
 }
 
 /*
- * test_compat_gtar_2.tar exercises reading of UID > 2097151.
+ * test_compat_gtar_2.tar exercises reading of UID = 2097152 as base256
+ * and GID = 2097152 as octal without null terminator.
  */
 static void
 test_compat_gtar_2(void)
@@ -132,7 +133,7 @@ test_compat_gtar_2(void)
 
        /* Check UID and GID */
        assertEqualInt(2097152, archive_entry_uid(ae));
-       assertEqualInt(1000, archive_entry_gid(ae));
+       assertEqualInt(2097152, archive_entry_gid(ae));
 
        /* Verify the end-of-archive. */
        assertEqualIntA(a, ARCHIVE_EOF, archive_read_next_header(a, &ae));

diff --git a/libarchive/test/test_compat_gtar_2.tar.uu b/libarchive/test/test_compat_gtar_2.tar.uu
index ed2fa5edf47d86c7644044c842ec1283cc4469cf..7843a2cbaeb6852a27cfd713e7856e1d1a9bf30a 100644 (file)
--- a/libarchive/test/test_compat_gtar_2.tar.uu
+++ b/libarchive/test/test_compat_gtar_2.tar.uu
@@ -1,231 +1,49 @@
-begin 660 test_compat_gtar_2.tar.uu\r
-M9FEL95]W:71H7V)I9U]U:60`````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M`````````````#`P,#`V-C``@``````@```P,#`Q-S4P`#`P,#`P,#`P,38W\r
-M`#$S,#$T-C<R,38W`#`Q,C8T,0`@,```````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M``````````````````````````````````````````!U<W1A<B`@`'1E<W0`\r
-M````````````````````````````````````:F%N;P``````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M``````````````````````!4:&ES(&9I;&4@:&%S($=)1#TR,#DW,34R('=H\r
-M:6-H(&ES(&]N92!O=F5R('1H92!L:6UI="!O9B!T87(@=BXW(&%N9"!'3E4@\r
-M=&%R('-T;W)E<R!I="!A<R!B87-E(#(U-B!N=6UB97(@*&YO="!O8W1A;"DN\r
-M"@``````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-M````````````````````````````````````````````````````````````\r
-9````````````````````````````````````\r
-`\r
-end\r
+begin 660 test_compat_gtar_2.tar.uu
+M9FEL95]W:71H7V)I9U]U:61?9VED````````````````````````````````
+M````````````````````````````````````````````````````````````
+M`````````````#`P,#`V-C8`@``````@```Q,#`P,#`P,#`P,#`P,#`P,38W
+M`#$S,#$T-C<R,38W`#`Q,S,U,``@,```````````````````````````````
+M````````````````````````````````````````````````````````````
+M``````````````````````````````````````````!U<W1A<B`@`'1E<W0`
+M````````````````````````````````````8FEG````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M``````````````````````!4:&ES(&9I;&4@:&%S($=)1#TR,#DW,34R('=H
+M:6-H(&ES(&]N92!O=F5R('1H92!L:6UI="!O9B!T87(@=BXW(&%N9"!'3E4@
+M=&%R('-T;W)E<R!I="!A<R!B87-E(#(U-B!N=6UB97(@*&YO="!O8W1A;"DN
+M"@``````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+M````````````````````````````````````````````````````````````
+7````````````````````````````````
+`
+end