fix tar issue

JOSHUAJEBARAJ · Nov 12, 2021 · 67a3ba2 · 67a3ba2
1 parent 439da69
commit 67a3ba2
Show file tree

Hide file tree

Showing 4 changed files with 157 additions and 28 deletions.
diff --git a/README.md b/README.md
@@ -51,4 +51,5 @@ detect-secrets scan --all-files output
 If you want to make change to the command , You can change it here
 ### TODO
 
-- [] Ability to pull the image if it is not present in the local system
+- [] Ability to pull the image if it is not present in the local system
+- [] Resolve the symlink error while extracting
diff --git a/cmd/scan.go b/cmd/scan.go
@@ -64,28 +64,29 @@ var scanCmd = &cobra.Command{
 		// saving images
 		save_error := client.Save(id)
 		if save_error != nil {
-			fmt.Println(err)
+			fmt.Println(save_error)
 			os.Exit(1)
 		}
 
 		// untaring images
-		output_error := utils.Untar("output.tar", "output")
+		output_error := utils.Unload("output.tar", "output")
 		if output_error != nil {
-			fmt.Println(err)
+			fmt.Println("error in removing the main folder")
+			fmt.Println(output_error)
 			os.Exit(1)
 		}
 		// untaring the subfolder
 		untar_err := utils.Outputar()
 		if untar_err != nil {
-			fmt.Println(err)
+			fmt.Println(untar_err)
 			os.Exit(1)
 		}
 
 		// scanning
 		scan_err := utils.Scan()
 
 		if scan_err != nil {
-			fmt.Println(err)
+			fmt.Println(scan_err)
 			os.Exit(1)
 
 		}

diff --git a/go.mod b/go.mod
@@ -10,6 +10,7 @@ require (
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect
 	github.com/morikuni/aec v1.0.0 // indirect
+	github.com/sirupsen/logrus v1.8.1
 	github.com/spf13/cobra v1.2.1
 	github.com/spf13/viper v1.9.0
 )
diff --git a/pkg/utils/utils.go b/pkg/utils/utils.go
@@ -2,57 +2,182 @@ package utils
 
 import (
 	"archive/tar"
+	"compress/gzip"
 	"fmt"
 	"io"
 	"io/fs"
+	"io/ioutil"
+	"log"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"strings"
+	"time"
+
+	"github.com/sirupsen/logrus"
 )
 
 func fileNameWithoutExtSliceNotation(fileName string) string {
 	return fileName[:len(fileName)-len(filepath.Ext(fileName))]
 }
-func Untar(tarball, target string) error {
+func create_gz(fn string) error {
+	f, err := os.Create(fn + ".gz")
+
+	if err != nil {
+		return err
+	}
+
+	in, err := ioutil.ReadFile(fn)
+
+	if err != nil {
+		return err
+	}
+
+	w := gzip.NewWriter(f)
+
+	w.Write(in)
+
+	w.Close()
+
+	return nil
+}
 
-	reader, err := os.Open(tarball)
+func Unload(src, dest string) error {
+	// creating the .gz file
+	create_err := create_gz(src)
+	if create_err != nil {
+		return create_err
+	}
+	file, err := os.Open(src + ".gz")
 	if err != nil {
 		return err
 	}
-	defer reader.Close()
-	tarReader := tar.NewReader(reader)
+	untar_err := Untar(file, dest)
+	if err != nil {
+		return untar_err
+	}
+	// deleting file after decompression
+	defer delete_gz(src)
+	return nil
+}
+
+func delete_gz(src string) {
+	e := os.Remove(src + ".gz")
+	if e != nil {
+		log.Fatal(e)
+	}
+}
+
+// code taken from https://github.com/k3s-io/k3s/blob/v1.0.1/pkg/untar/untar.go
+func Untar(r io.Reader, dir string) error {
+	return untar(r, dir)
+}
 
+func untar(r io.Reader, dir string) (err error) {
+	t0 := time.Now()
+	nFiles := 0
+	madeDir := map[string]bool{}
+	defer func() {
+		td := time.Since(t0)
+		if err != nil {
+			logrus.Printf("error extracting tarball into %s after %d files, %d dirs, %v: %v", dir, nFiles, len(madeDir), td, err)
+		}
+	}()
+	zr, err := gzip.NewReader(r)
+	if err != nil {
+		return fmt.Errorf("requires gzip-compressed body: %v", err)
+	}
+	tr := tar.NewReader(zr)
+	loggedChtimesError := false
 	for {
-		header, err := tarReader.Next()
+		f, err := tr.Next()
 		if err == io.EOF {
 			break
-		} else if err != nil {
-			return err
 		}
+		if err != nil {
+			logrus.Printf("tar reading error: %v", err)
+			return fmt.Errorf("tar error: %v", err)
+		}
+		if !validRelPath(f.Name) {
+			return fmt.Errorf("tar contained invalid name error %q", f.Name)
+		}
+		rel := filepath.FromSlash(f.Name)
+		abs := filepath.Join(dir, rel)
 
-		path := filepath.Join(target, header.Name)
-		info := header.FileInfo()
-		if info.IsDir() {
-			if err = os.MkdirAll(path, info.Mode()); err != nil {
+		fi := f.FileInfo()
+		mode := fi.Mode()
+		switch {
+		case mode.IsRegular():
+			// Make the directory. This is redundant because it should
+			// already be made by a directory entry in the tar
+			// beforehand. Thus, don't check for errors; the next
+			// write will fail with the same error.
+			dir := filepath.Dir(abs)
+			if !madeDir[dir] {
+				if err := os.MkdirAll(filepath.Dir(abs), 0755); err != nil {
+					return err
+				}
+				madeDir[dir] = true
+			}
+			wf, err := os.OpenFile(abs, os.O_RDWR|os.O_CREATE|os.O_TRUNC, mode.Perm())
+			if err != nil {
 				return err
 			}
-			continue
-		}
+			n, err := io.Copy(wf, tr)
+			if closeErr := wf.Close(); closeErr != nil && err == nil {
+				err = closeErr
+			}
+			if err != nil {
+				return fmt.Errorf("error writing to %s: %v", abs, err)
+			}
+			if n != f.Size {
+				return fmt.Errorf("only wrote %d bytes to %s; expected %d", n, abs, f.Size)
+			}
+			modTime := f.ModTime
+			if modTime.After(t0) {
+				// Clamp modtimes at system time. See
+				// golang.org/issue/19062 when clock on
+				// buildlet was behind the gitmirror server
+				// doing the git-archive.
+				modTime = t0
+			}
+			if !modTime.IsZero() {
+				if err := os.Chtimes(abs, modTime, modTime); err != nil && !loggedChtimesError {
+					// benign error. Gerrit doesn't even set the
+					// modtime in these, and we don't end up relying
+					// on it anywhere (the gomote push command relies
+					// on digests only), so this is a little pointless
+					// for now.
+					logrus.Printf("error changing modtime: %v (further Chtimes errors suppressed)", err)
+					loggedChtimesError = true // once is enough
+				}
+			}
+			nFiles++
+		case mode.IsDir():
+			if err := os.MkdirAll(abs, 0755); err != nil {
+				return err
+			}
+			madeDir[abs] = true
+		case f.Linkname != "":
+			if err := os.Symlink(f.Linkname, abs); err != nil {
 
-		file, err := os.OpenFile(path, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, info.Mode())
-		if err != nil {
-			return err
-		}
-		defer file.Close()
-		_, err = io.Copy(file, tarReader)
-		if err != nil {
-			return err
+				// to do
+				continue
+			}
+		default:
+			return fmt.Errorf("tar file entry %s contained unsupported file type %v", f.Name, mode)
 		}
 	}
 	return nil
 }
 
+func validRelPath(p string) bool {
+	if p == "" || strings.Contains(p, `\`) || strings.HasPrefix(p, "/") || strings.Contains(p, "../") {
+		return false
+	}
+	return true
+}
+
 func walk(s string, d fs.DirEntry, err error) error {
 	if err != nil {
 		return err
@@ -63,8 +188,9 @@ func walk(s string, d fs.DirEntry, err error) error {
 		if fileExtension == ".tar" {
 			layer_file := strings.HasSuffix(s, "layer.tar")
 			if layer_file {
+				fmt.Println(s)
 				path := fileNameWithoutExtSliceNotation(s)
-				err := Untar(s, path)
+				err := Unload(s, path)
 				if err != nil {
 					fmt.Println(err)
 				}