James Abbatiello [Sat, 11 Jun 2022 01:25:13 +0000 (18:25 -0700)]
tar: fix race condition
Problem reported in:
https://lists.gnu.org/r/bug-tar/2022-03/msg00000.html
* src/extract.c (make_directories): Retry the file creation as
long as the directory exists, regardless of whether tar itself
created the directory.
Copyright-paperwork-exempt: Yes
Paul Eggert [Fri, 10 Jun 2022 05:09:34 +0000 (22:09 -0700)]
tar: fix race condition
Problem reported by James Abbatiello in:
https://lists.gnu.org/r/bug-tar/2022-03/msg00000.html
* src/extract.c (make_directories): Do not assume that when
mkdirat fails with errno == EEXIST that there is an existing file
that can be statted. It could be a dangling symlink. Instead,
wait until the end and stat it.
Paul Eggert [Thu, 9 Jun 2022 22:50:06 +0000 (15:50 -0700)]
Warn “file changed as we read it” less often
* src/create.c (dump_file0): Remove an fstatat call that is
unnecessary because the file wasn’t read so we can treat the first
fstatat as atomic. Warn “file changed” when the file’s size,
mtime, user ID, group ID, or mode changes, instead of when the
file’s size or ctime changes. Also, when such a change happens,
do not change exit status if --ignore-failed-read. Finally, don’t
attempt to change atime back if it didn’t change.
Paul Eggert [Tue, 3 May 2022 22:25:03 +0000 (15:25 -0700)]
doc: fix abrupt sentence in HTML
Typo reported by Jackson Dougherty in:
https://lists.gnu.org/r/bug-tar/2022-05/msg00000.html
* doc/tar.texi: Don’t assume that tex and info are the only two
formats.
Paul Eggert [Wed, 16 Feb 2022 01:40:34 +0000 (17:40 -0800)]
tar: revamp "file is the archive" diagnostic
* src/create.c (dump_file0): For clarity, change diagnostic
wording from "file is the archive; not dumped" to "archive cannot
contain itself; not dumped". All test cases and documentation changed.
Paul Eggert [Sun, 12 Dec 2021 20:40:03 +0000 (12:40 -0800)]
Omit devmajor and devminor for non-special files
* src/create.c (start_header): Leave the devmajor and devminor
fields empty for files that are not character and block special
devices, even when the archive format is pax, ustar or v7.
This avoids generating irrelevant differences which helps with
reproducible builds, and is more compatible with what Solaris 10
tar does.
Paul Eggert [Mon, 20 Sep 2021 20:11:36 +0000 (13:11 -0700)]
build: improve build-from-git for older GCCs
configure.ac: Bump GCC version from 4.6 to 11.2 when deciding whether
to default to enabling GCC warnings when --enable-gcc-warnings is not
specified, as older GCCs can generate too many false alarms. From
a suggestion by Christian Schoenebeck.
Paul Eggert [Fri, 17 Sep 2021 18:41:55 +0000 (11:41 -0700)]
build: update gnulib submodule to latest
* src/common.h (get_directory_entries):
Add _GL_ATTRIBUTE_MALLOC _GL_ATTRIBUTE_DEALLOC_FREE.
Problem found by gcc -Wsuggest-attribute=malloc and
current Gnulib.
Provide functions for manipulating arrays of extended attributes
* src/common.h (xheader_xattr_free,xheader_xattr_copy): Remove protos.
(xattr_map_init,xattr_map_copy)
(xattr_map_add,xattr_map_free): New protos.
* src/tar.h (xattr_map): New struct.
(tar_stat_info): Replace xattr_map_size and xattr_map with one
field: xattr_map.
* src/xattrs.c (XATTRS_PREFIX,XATTRS_PREFIX_LEN): New defines.
(xheader_xattr_init,xattr_map_init)
(xattr_map_free,xattr_map_add)
(xheader_xattr_add,xattr_map_copy): New functions.
All uses changed.
* src/create.c (start_header): Update to use struct xattr_map.
* src/extract.c: Update to use struct xattr_map.
* src/tar.c: Likewise.
* src/xheader.c (xheader_xattr_init,xheader_xattr_free)
(xheader_xattr_add,xheader_xattr_copy): Remove.
(xattr_coder,xattr_decoder): Use xattr_map_ functions.
Samanta Navarro [Fri, 11 Jun 2021 11:52:31 +0000 (11:52 +0000)]
Fix crash on invalid command line argument
The copy_string_unquote function does not handle arguments which only
consist of a single quote. A string is only quoted if two quoting
characters exist.
Fix the use of options with trailing slash in files-from list
* src/names.c (read_name_from_file): Do not remove trailing slash
here, since name_buffer might contain an option (e.g. -C /).
(read_next_name): Remove trailing slash when we're sure we're dealing
with a file name.
See 163e96a0.
Paul Eggert [Mon, 8 Mar 2021 02:29:00 +0000 (18:29 -0800)]
Tune for single-threaded tar
This takes advantage of recent optimizations in Gnulib
for single-threaded programs.
* configure.ac (GNULIB_EXCLUDE_SINGLE_THREAD)
(GNULIB_MBRTOWC_SINGLE_THREAD, GNULIB_REGEX_SINGLE_THREAD)
(GNULIB_WCHAR_SINGLE_LOCALE): Define.
Paul Eggert [Mon, 8 Mar 2021 01:58:58 +0000 (17:58 -0800)]
Port linking to AIX 7.1
* src/Makefile.am (LDADD): Remove, folding into tar_LDADD.
* src/Makefile.am (tar_LDADD), tests/Makefile.am (LDADD):
Add the libraries gnulib-tool currently recommends: LIB_ACL,
LIB_CLOCK_GETTIME, LIB_GETRANDOM, LIB_HARD_LOCALE, LIB_HAS_ACL,
LIB_MBRTOWC, LIB_SETLOCALE_NULL. Otherwise, tar won’t link on AIX
7.1 with xlc because the -lpthread option is missing.
* doc/Makefile.am (GENDOCS): Use the version from the tar repository.
(manual): Set the DISTRIN rendition.
(manual-rebuild): New goal.
* doc/README.manual: New file. Instructions for maintainers on how to
update web documentation.
* doc/gendocs.sh: A version from gnulib fixed as per
https://lists.gnu.org/archive/html/bug-gnulib/2021-03/msg00002.html.
* doc/gendocs_template: Updated version from gnulib.
* doc/intern.texi: Fix the use of UNREVISED.
* doc/tar.texi: Fix the use of GNUTAR.
Paul Eggert [Mon, 1 Mar 2021 07:23:16 +0000 (23:23 -0800)]
Fix unlikely uninitalized var bug with sparse file
* src/sparse.c (sparse_extract_file): Set *SIZE to
stat.st_size so that the caller does not use *SIZE
when uninitalized. Problem found with GCC 10 and
--enable-gcc-warnings CFLAGS='-O2 -flto -fanalyzer'.
Paul Eggert [Mon, 1 Mar 2021 07:21:27 +0000 (23:21 -0800)]
Pacify --enable-gcc-warnings -flto -fanalyzer
With GCC 10.2.1, ‘./configure --enable-gcc-warnings CFLAGS='-O2
-flto -fanalyzer' issued a false alarm about uninitialized
variable use. Pacify GCC by using a variant of the code.
* src/buffer.c (zip_program): Omit last placeholder entry.
(n_zip_programs): New constant.
(find_zip_program): Use it instead of placeholder.
(first_decompress_program): Set *PSTATE to maximum value
if skipping the table. This avoids confusing gcc -flto
into thinking *PSTATE is used uninitialized.
(next_decompress_program): Simplify now that *PSTATE is maximal
when skipping.
Paul Eggert [Sun, 28 Feb 2021 21:34:55 +0000 (13:34 -0800)]
Omit most uses of ‘inline’
With today’s compilers ‘inline’ is typically not needed for
performance (at least the way GNU Tar uses it) and it gets in the
way of portability.
* configure.ac: Omit AC_C_INLINE; no longer needed here.
* lib/attr-xattr.in.h (setxattr, lsetxattr, fsetxattr, getxattr)
(lgetxattr, fgetxattr, listxattr, llistxattr, flistxattr):
* lib/wordsplit.c (skip_delim_internal, skip_delim)
(skip_delim_real, exptab_matches):
* src/delete.c (flush_file):
* src/extract.c (safe_dir_mode):
* src/misc.c (ptr_align):
Now just static, not static inline.
* lib/wordsplit.h (wordsplit_getwords): Remove; no longer used.
* src/common.h (name_more_files): Now COMMON_INLINE, not
extern inline - which is not portable according to C99,
the way we were using it.
Paul Eggert [Sun, 28 Feb 2021 02:42:58 +0000 (18:42 -0800)]
maint: port better to non-GCC compilers
This can be helpful in porting to compilers like Oracle Developer
Studio that support some but not all GCC attributes.
* lib/wordsplit.c (FALLTHROUGH): Remove; now done by attribute.h.
* lib/wordsplit.h (__WORDSPLIT_ATTRIBUTE_FORMAT): Remove;
all uses replaced by ATTRIBUTE_FORMAT.
* lib/wordsplit.h, src/buffer.c, src/common.h, src/compare.c:
* src/sparse.c, src/system.c, src/xheader.c:
Prefer ATTRIBUTE_FORMAT, MAYBE_UNUSED, _Noreturn, etc. to
__attribute__.
Paul Eggert [Sun, 28 Feb 2021 00:41:12 +0000 (16:41 -0800)]
maint: port to Fedora 33
Fedora 33 uses GCC 10.2.1, which is a bit pickier.
* configure.ac: Do not use -Wsystem-headers, as this
runs afoul of netdb.h on Fedora 33.
* gnulib.modules: Add ‘attribute’.
* lib/wordsplit.c (wsnode_new): Return the newly allocated
pointer instead of a boolean, to pacify GCC 10.2.1 which otherwise
complains about use of possibly-null pointers. All uses changed.
* src/buffer.c (try_new_volume): Don’t assume find_next_block succeeds.
(_write_volume_label): Pacify GCC 10.2.1 with an ‘assume’, since
LABEL must be nonnull here.
* src/common.h (FALLTHROUGH): Remove; now in attribute.h.
Include attribute.h, for ATTRIBUTE_NONNULL.
* src/misc.c (assign_string_or_null): New function,
taking over the old role of assign_string.
(assign_string): Assume VALUE is non-null.
(assign_null): New function, taking over the old
role of assign_string when its VALUE was nonnull.
All callers of assign_string changed to use these functions.
(assign_string_n): Clear *STRING if VALUE is null,
to fix a potential double-free.
Gracefully handle duplicate symlinks when extracting
If the archive being extracted contains multiple copies
of the same symlink, extract only the first of them and
skip the rest. The use case is described in
* src/extract.c (prepare_to_extract): When extracting over pipe,
process only regular files.
* tests/extrac24.at: New test case.
* tests/Makefile.am: Add new test case.
* tests/testsuite.at: Likewise.
Bug reported in https://savannah.gnu.org/bugs/?59897
* src/list.c (read_header): Don't return directly from the loop.
Instead set the status and break. Return the status. Free
next_long_name and next_long_link before returning.
Actually prefer /dev/full over /dev/null as a replacement for stdin
* lib/stdopen.c (stdopen): Fix improper condition.
Avoid leaking extra file descriptor.
* src/tar.c (main): Set name of the stdout for diagnostics.
Bail out if stdopen fails.
Accept only position-sensitive (file-selection) options in file list files.
Using such options as -f, -z, etc. is senseless in the file list file
and bypasses the option consistency checks in decode_options. Therefore,
only options related to file selection (a.k.a position-sensitive options)
are allowed in files.
* doc/tar.texi: Document changes.
* src/common.h (tar_args): Move from tar.c
(TAR_ARGS_INITIALIZER): New macro.
* src/names.c: Declare option group identifiers as an enum.
(names_parse_opt): Special handling for ARGP_KEY_ERROR.
(names_argp): Remove static qualifier.
(names_argp_children): Remove.
* src/tar.c: Declare option group identifiers as an enum.
(parse_opt): Special handling for ARGP_KEY_INIT.
(argp_children): New static variable.
(args): Remove static variable.
(more_options): Allow only options from names_argp.
(parse_default_options): Take a pointer to struct tar_args as argument.
Replace the loc member during the call to argp_parse and restore it
afterwards.
(decode_options): Use automatic variable for args.
* src/extract.c (prepare_to_extract): Return true to proceed with
the extraction, and false to skip the current member. If extracting
over a pipe, skip unlinking logic.
(extract_archive): Update accordingly.
Make sure link counting works for file names supplied with -T
* src/common.h (name_count): Remove extern.
(files_count): New enum.
(filename_args): New extern.
* src/names.c (name_count): Remove.
(files_count): New variable.
(name_add_name,name_add_file): Update filename_args.
* src/create.c (create_archive): Set trivial_link_count depending on
the filename_args.
Paul Eggert [Tue, 19 May 2020 18:52:01 +0000 (11:52 -0700)]
tar: avoid read overrun
Problem reported by Timotej Kapus in:
https://lists.gnu.org/r/bug-tar/2020-05/msg00001.html
* src/transform.c (parse_transform_expr):
Diagnose ‘--transform='s'’ instead of continuing past '\0'.
Fix handling of linked rename chains in incremental backups
* src/incremen.c: Change the meaning of the DIRF_RENAMED flag. Now it
marks a directory which is the last one in a chain of renames.
Regular renamed directories are recognized by their orig member being
non-NULL. Directories marked with DIRF_RENAMED start encoding of renames.
(procdir): Clear DIRF_RENAMED flag on directories which are origins for
renames.
(makedumpdir): Use the orig member to check if the directory is a
result of a rename.
(store_rename): Move the check for DIR_IS_RENAMED to the caller. Don't
clear the DIRF_RENAMED, it is not needed any more.
Given this option, tar failed to preserve permissions of empty directories
and to create files under directories owned by the current user that did
not have the S_IWUSR bit set.
* src/extract.c (fd_chmod): Rename to fd_i_chmod.
(fd_chmod): New function.
(safe_dir_mode): New function.
(extract_dir): Special handling for existing directories in
--no-overwrite-dir mode.
* tests/extrac23.at: New file.
* tests/Makefile.am: Add new test case.
* tests/testsuite.at: Likewise.
* tests/sparse06.at: Skip the test if genfile is unable to create
sparse files.
* tests/sptrcreat.at: Likewise.
* tests/sptrdiff00.at: Likewise.
* tests/sptrdiff01.at: Likewise.
Fix extraction of symbolic links hardlinked to another symbolic links
* src/extract.c (create_placeholder_file): Take additional argument:
the delayed_link entry after which to the newly created one.
(extract_link): Create a placeholder file if the target link name
exists in the delayed_link list.
Fix --delay-directory-restore on archives with reversed member ordering.
* src/extract.c (find_direct_ancestor): Remove useless test.
(delay_set_stat): If the file name being added is already in
the list, update stored data instead of creating a new entry.
This works for archives with reversed order of members.
* tests/extrac22.at: New testcase.
* tests/Makefile.am: Add new testcase.
* tests/testsuite.at: Include new testcase.
Zachary Vance [Mon, 11 Mar 2019 02:12:19 +0000 (19:12 -0700)]
POSIX extended format headers do not include PID by default
The intent is to make binary-equivalent PAX archives easy to create. If
POSIXLY_CORRECT is set, the POSIX standard default is used, which embeds
the pid.
* src/common.h (posixly_correct): New global.
* src/tar.c (decode_options): Detect the POSIXLY_CORRECT environment
variable.
* src/buffer.c (add_chunk_header): Change filenames of multipart files to
omit the pid.
* src/xheader.c (HEADER_TEMPLATE): New macro.
(xheader_xhdr_name, xheader_ghdr_name): Use HEADER_TEMPLATE to select
the template for the POSIX extended header name.
* doc/tar.texi: Document the change.
Existing compression tests used tar with compiled-in defaults. However,
some of the defaults are sure to create archives that are not byte-to-byte
reproducible (e.g. DEFAULT_ARCHIVE_FORMAT=POSIX, because the name field
in posix extended headers uses PID of the creating process by default).
Moreover, some compressors (e.g. gzip) store current timestamp in
the file header when compressing from stdin, so that using cmp on the
two created archives as the tests did is error-prone. Another problem
is that the tests implicitly assumed that tar uses archive suffix to
recognize its format when extracting, which isn't the case. Finally,
there's hardly any reason in using sed to create m4 sources, when
everything can be achieved by m4 itself.
* tests/Makefile.am: Remove generation of compress-*.at files.
* tests/compress.at.in: Remove.
* tests/compress.m4: New file.
* tests/testsuite.at: Include compress.m4, use TAR_CHECK_COMPRESS to
check compression options.
Pavel Raiskup [Thu, 2 Jun 2016 05:28:01 +0000 (07:28 +0200)]
tests: fix numeric.at for BSD
While creating file, BSD kernels inherit the group ownership from
parent directory.
http://lists.gnu.org/archive/html/bug-tar/2016-06/msg00000.html
* tests/numeric.at: Attempt to 'chown' the newly created directory
to proper group (at least on affected machines that command is
expected to succeed).
projects / thirdparty / tar.git / log
