-
Notifications
You must be signed in to change notification settings - Fork 529
/
Tar.pm
2437 lines (1825 loc) · 75.3 KB
/
Tar.pm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
### the gnu tar specification:
### http://www.gnu.org/software/tar/manual/tar.html
###
### and the pax format spec, which tar derives from:
### http://www.opengroup.org/onlinepubs/007904975/utilities/pax.html
package Archive::Tar;
require 5.005_03;
use Cwd;
use IO::Zlib;
use IO::File;
use Carp qw(carp croak);
use File::Spec ();
use File::Spec::Unix ();
use File::Path ();
use Archive::Tar::File;
use Archive::Tar::Constant;
require Exporter;
use strict;
use vars qw[$DEBUG $error $VERSION $WARN $FOLLOW_SYMLINK $CHOWN $CHMOD
$DO_NOT_USE_PREFIX $HAS_PERLIO $HAS_IO_STRING $SAME_PERMISSIONS
$INSECURE_EXTRACT_MODE $ZERO_PAD_NUMBERS @ISA @EXPORT $RESOLVE_SYMLINK
];
@ISA = qw[Exporter];
@EXPORT = qw[ COMPRESS_GZIP COMPRESS_BZIP COMPRESS_XZ ];
$DEBUG = 0;
$WARN = 1;
$FOLLOW_SYMLINK = 0;
$VERSION = "2.40";
$CHOWN = 1;
$CHMOD = 1;
$SAME_PERMISSIONS = $> == 0 ? 1 : 0;
$DO_NOT_USE_PREFIX = 0;
$INSECURE_EXTRACT_MODE = 0;
$ZERO_PAD_NUMBERS = 0;
$RESOLVE_SYMLINK = $ENV{'PERL5_AT_RESOLVE_SYMLINK'} || 'speed';
BEGIN {
use Config;
$HAS_PERLIO = $Config::Config{useperlio};
### try and load IO::String anyway, so you can dynamically
### switch between perlio and IO::String
$HAS_IO_STRING = eval {
require IO::String;
IO::String->import;
1;
} || 0;
}
=head1 NAME
Archive::Tar - module for manipulations of tar archives
=head1 SYNOPSIS
use Archive::Tar;
my $tar = Archive::Tar->new;
$tar->read('origin.tgz');
$tar->extract();
$tar->add_files('file/foo.pl', 'docs/README');
$tar->add_data('file/baz.txt', 'This is the contents now');
$tar->rename('oldname', 'new/file/name');
$tar->chown('/', 'root');
$tar->chown('/', 'root:root');
$tar->chmod('/tmp', '1777');
$tar->write('files.tar'); # plain tar
$tar->write('files.tgz', COMPRESS_GZIP); # gzip compressed
$tar->write('files.tbz', COMPRESS_BZIP); # bzip2 compressed
$tar->write('files.txz', COMPRESS_XZ); # xz compressed
=head1 DESCRIPTION
Archive::Tar provides an object oriented mechanism for handling tar
files. It provides class methods for quick and easy files handling
while also allowing for the creation of tar file objects for custom
manipulation. If you have the IO::Zlib module installed,
Archive::Tar will also support compressed or gzipped tar files.
An object of class Archive::Tar represents a .tar(.gz) archive full
of files and things.
=head1 Object Methods
=head2 Archive::Tar->new( [$file, $compressed] )
Returns a new Tar object. If given any arguments, C<new()> calls the
C<read()> method automatically, passing on the arguments provided to
the C<read()> method.
If C<new()> is invoked with arguments and the C<read()> method fails
for any reason, C<new()> returns undef.
=cut
my $tmpl = {
_data => [ ],
_file => 'Unknown',
};
### install get/set accessors for this object.
for my $key ( keys %$tmpl ) {
no strict 'refs';
*{__PACKAGE__."::$key"} = sub {
my $self = shift;
$self->{$key} = $_[0] if @_;
return $self->{$key};
}
}
sub new {
my $class = shift;
$class = ref $class if ref $class;
### copying $tmpl here since a shallow copy makes it use the
### same aref, causing for files to remain in memory always.
my $obj = bless { _data => [ ], _file => 'Unknown', _error => '' }, $class;
if (@_) {
unless ( $obj->read( @_ ) ) {
$obj->_error(qq[No data could be read from file]);
return;
}
}
return $obj;
}
=head2 $tar->read ( $filename|$handle, [$compressed, {opt => 'val'}] )
Read the given tar file into memory.
The first argument can either be the name of a file or a reference to
an already open filehandle (or an IO::Zlib object if it's compressed)
The C<read> will I<replace> any previous content in C<$tar>!
The second argument may be considered optional, but remains for
backwards compatibility. Archive::Tar now looks at the file
magic to determine what class should be used to open the file
and will transparently Do The Right Thing.
Archive::Tar will warn if you try to pass a bzip2 / xz compressed file and the
IO::Uncompress::Bunzip2 / IO::Uncompress::UnXz are not available and simply return.
Note that you can currently B<not> pass a C<gzip> compressed
filehandle, which is not opened with C<IO::Zlib>, a C<bzip2> compressed
filehandle, which is not opened with C<IO::Uncompress::Bunzip2>, a C<xz> compressed
filehandle, which is not opened with C<IO::Uncompress::UnXz>, nor a string
containing the full archive information (either compressed or
uncompressed). These are worth while features, but not currently
implemented. See the C<TODO> section.
The third argument can be a hash reference with options. Note that
all options are case-sensitive.
=over 4
=item limit
Do not read more than C<limit> files. This is useful if you have
very big archives, and are only interested in the first few files.
=item filter
Can be set to a regular expression. Only files with names that match
the expression will be read.
=item md5
Set to 1 and the md5sum of files will be returned (instead of file data)
my $iter = Archive::Tar->iter( $file, 1, {md5 => 1} );
while( my $f = $iter->() ) {
print $f->data . "\t" . $f->full_path . $/;
}
=item extract
If set to true, immediately extract entries when reading them. This
gives you the same memory break as the C<extract_archive> function.
Note however that entries will not be read into memory, but written
straight to disk. This means no C<Archive::Tar::File> objects are
created for you to inspect.
=back
All files are stored internally as C<Archive::Tar::File> objects.
Please consult the L<Archive::Tar::File> documentation for details.
Returns the number of files read in scalar context, and a list of
C<Archive::Tar::File> objects in list context.
=cut
sub read {
my $self = shift;
my $file = shift;
my $gzip = shift || 0;
my $opts = shift || {};
unless( defined $file ) {
$self->_error( qq[No file to read from!] );
return;
} else {
$self->_file( $file );
}
my $handle = $self->_get_handle($file, $gzip, READ_ONLY->( ZLIB ) )
or return;
my $data = $self->_read_tar( $handle, $opts ) or return;
$self->_data( $data );
return wantarray ? @$data : scalar @$data;
}
sub _get_handle {
my $self = shift;
my $file = shift; return unless defined $file;
my $compress = shift || 0;
my $mode = shift || READ_ONLY->( ZLIB ); # default to read only
### Check if file is a file handle or IO glob
if ( ref $file ) {
return $file if eval{ *$file{IO} };
return $file if eval{ $file->isa(q{IO::Handle}) };
$file = q{}.$file;
}
### get a FH opened to the right class, so we can use it transparently
### throughout the program
my $fh;
{ ### reading magic only makes sense if we're opening a file for
### reading. otherwise, just use what the user requested.
my $magic = '';
if( MODE_READ->($mode) ) {
open my $tmp, $file or do {
$self->_error( qq[Could not open '$file' for reading: $!] );
return;
};
### read the first 6 bytes of the file to figure out which class to
### use to open the file.
sysread( $tmp, $magic, 6 );
close $tmp;
}
### is it xz?
### if you asked specifically for xz compression, or if we're in
### read mode and the magic numbers add up, use xz
if( XZ and (
($compress eq COMPRESS_XZ) or
( MODE_READ->($mode) and $magic =~ XZ_MAGIC_NUM )
)
) {
if( MODE_READ->($mode) ) {
$fh = IO::Uncompress::UnXz->new( $file ) or do {
$self->_error( qq[Could not read '$file': ] .
$IO::Uncompress::UnXz::UnXzError
);
return;
};
} else {
$fh = IO::Compress::Xz->new( $file ) or do {
$self->_error( qq[Could not write to '$file': ] .
$IO::Compress::Xz::XzError
);
return;
};
}
### is it bzip?
### if you asked specifically for bzip compression, or if we're in
### read mode and the magic numbers add up, use bzip
} elsif( BZIP and (
($compress eq COMPRESS_BZIP) or
( MODE_READ->($mode) and $magic =~ BZIP_MAGIC_NUM )
)
) {
### different reader/writer modules, different error vars... sigh
if( MODE_READ->($mode) ) {
$fh = IO::Uncompress::Bunzip2->new( $file, MultiStream => 1 ) or do {
$self->_error( qq[Could not read '$file': ] .
$IO::Uncompress::Bunzip2::Bunzip2Error
);
return;
};
} else {
$fh = IO::Compress::Bzip2->new( $file ) or do {
$self->_error( qq[Could not write to '$file': ] .
$IO::Compress::Bzip2::Bzip2Error
);
return;
};
}
### is it gzip?
### if you asked for compression, if you wanted to read or the gzip
### magic number is present (redundant with read)
} elsif( ZLIB and (
$compress or MODE_READ->($mode) or $magic =~ GZIP_MAGIC_NUM
)
) {
$fh = IO::Zlib->new;
unless( $fh->open( $file, $mode ) ) {
$self->_error(qq[Could not create filehandle for '$file': $!]);
return;
}
### is it plain tar?
} else {
$fh = IO::File->new;
unless( $fh->open( $file, $mode ) ) {
$self->_error(qq[Could not create filehandle for '$file': $!]);
return;
}
### enable bin mode on tar archives
binmode $fh;
}
}
return $fh;
}
sub _read_tar {
my $self = shift;
my $handle = shift or return;
my $opts = shift || {};
my $count = $opts->{limit} || 0;
my $filter = $opts->{filter};
my $md5 = $opts->{md5} || 0; # cdrake
my $filter_cb = $opts->{filter_cb};
my $extract = $opts->{extract} || 0;
### set a cap on the amount of files to extract ###
my $limit = 0;
$limit = 1 if $count > 0;
my $tarfile = [ ];
my $chunk;
my $read = 0;
my $real_name; # to set the name of a file when
# we're encountering @longlink
my $data;
LOOP:
while( $handle->read( $chunk, HEAD ) ) {
### IO::Zlib doesn't support this yet
my $offset;
if ( ref($handle) ne 'IO::Zlib' ) {
local $@;
$offset = eval { tell $handle } || 'unknown';
$@ = '';
}
else {
$offset = 'unknown';
}
unless( $read++ ) {
my $gzip = GZIP_MAGIC_NUM;
if( $chunk =~ /$gzip/ ) {
$self->_error( qq[Cannot read compressed format in tar-mode] );
return;
}
### size is < HEAD, which means a corrupted file, as the minimum
### length is _at least_ HEAD
if (length $chunk != HEAD) {
$self->_error( qq[Cannot read enough bytes from the tarfile] );
return;
}
}
### if we can't read in all bytes... ###
last if length $chunk != HEAD;
### Apparently this should really be two blocks of 512 zeroes,
### but GNU tar sometimes gets it wrong. See comment in the
### source code (tar.c) to GNU cpio.
next if $chunk eq TAR_END;
### according to the posix spec, the last 12 bytes of the header are
### null bytes, to pad it to a 512 byte block. That means if these
### bytes are NOT null bytes, it's a corrupt header. See:
### www.koders.com/c/fidCE473AD3D9F835D690259D60AD5654591D91D5BA.aspx
### line 111
{ my $nulls = join '', "\0" x 12;
unless( $nulls eq substr( $chunk, 500, 12 ) ) {
$self->_error( qq[Invalid header block at offset $offset] );
next LOOP;
}
}
### pass the realname, so we can set it 'proper' right away
### some of the heuristics are done on the name, so important
### to set it ASAP
my $entry;
{ my %extra_args = ();
$extra_args{'name'} = $$real_name if defined $real_name;
unless( $entry = Archive::Tar::File->new( chunk => $chunk,
%extra_args )
) {
$self->_error( qq[Couldn't read chunk at offset $offset] );
next LOOP;
}
}
### ignore labels:
### http://www.gnu.org/software/tar/manual/html_chapter/Media.html#SEC159
next if $entry->is_label;
if( length $entry->type and ($entry->is_file || $entry->is_longlink) ) {
if ( $entry->is_file && !$entry->validate ) {
### sometimes the chunk is rather fux0r3d and a whole 512
### bytes ends up in the ->name area.
### clean it up, if need be
my $name = $entry->name;
$name = substr($name, 0, 100) if length $name > 100;
$name =~ s/\n/ /g;
$self->_error( $name . qq[: checksum error] );
next LOOP;
}
my $block = BLOCK_SIZE->( $entry->size );
$data = $entry->get_content_by_ref;
my $skip = 0;
my $ctx; # cdrake
### skip this entry if we're filtering
if($md5) { # cdrake
$ctx = Digest::MD5->new; # cdrake
$skip=5; # cdrake
} elsif ($filter && $entry->name !~ $filter) {
$skip = 1;
} elsif ($filter_cb && ! $filter_cb->($entry)) {
$skip = 2;
### skip this entry if it's a pax header. This is a special file added
### by, among others, git-generated tarballs. It holds comments and is
### not meant for extracting. See #38932: pax_global_header extracted
} elsif ( $entry->name eq PAX_HEADER or $entry->type =~ /^(x|g)$/ ) {
$skip = 3;
}
if ($skip) {
#
# Since we're skipping, do not allocate memory for the
# whole file. Read it 64 BLOCKS at a time. Do not
# complete the skip yet because maybe what we read is a
# longlink and it won't get skipped after all
#
my $amt = $block;
my $fsz=$entry->size; # cdrake
while ($amt > 0) {
$$data = '';
my $this = 64 * BLOCK;
$this = $amt if $this > $amt;
if( $handle->read( $$data, $this ) < $this ) {
$self->_error( qq[Read error on tarfile (missing data) '].
$entry->full_path ."' at offset $offset" );
next LOOP;
}
$amt -= $this;
$fsz -= $this; # cdrake
substr ($$data, $fsz) = "" if ($fsz<0); # remove external junk prior to md5 # cdrake
$ctx->add($$data) if($skip==5); # cdrake
}
$$data = $ctx->hexdigest if($skip==5 && !$entry->is_longlink && !$entry->is_unknown && !$entry->is_label ) ; # cdrake
} else {
### just read everything into memory
### can't do lazy loading since IO::Zlib doesn't support 'seek'
### this is because Compress::Zlib doesn't support it =/
### this reads in the whole data in one read() call.
if ( $handle->read( $$data, $block ) < $block ) {
$self->_error( qq[Read error on tarfile (missing data) '].
$entry->full_path ."' at offset $offset" );
next LOOP;
}
### throw away trailing garbage ###
substr ($$data, $entry->size) = "" if defined $$data;
}
### part II of the @LongLink munging -- need to do /after/
### the checksum check.
if( $entry->is_longlink ) {
### weird thing in tarfiles -- if the file is actually a
### @LongLink, the data part seems to have a trailing ^@
### (unprintable) char. to display, pipe output through less.
### but that doesn't *always* happen.. so check if the last
### character is a control character, and if so remove it
### at any rate, we better remove that character here, or tests
### like 'eq' and hash lookups based on names will SO not work
### remove it by calculating the proper size, and then
### tossing out everything that's longer than that size.
### count number of nulls
my $nulls = $$data =~ tr/\0/\0/;
### cut data + size by that many bytes
$entry->size( $entry->size - $nulls );
substr ($$data, $entry->size) = "";
}
}
### clean up of the entries.. posix tar /apparently/ has some
### weird 'feature' that allows for filenames > 255 characters
### they'll put a header in with as name '././@LongLink' and the
### contents will be the name of the /next/ file in the archive
### pretty crappy and kludgy if you ask me
### set the name for the next entry if this is a @LongLink;
### this is one ugly hack =/ but needed for direct extraction
if( $entry->is_longlink ) {
$real_name = $data;
next LOOP;
} elsif ( defined $real_name ) {
$entry->name( $$real_name );
$entry->prefix('');
undef $real_name;
}
if ($filter && $entry->name !~ $filter) {
next LOOP;
} elsif ($filter_cb && ! $filter_cb->($entry)) {
next LOOP;
### skip this entry if it's a pax header. This is a special file added
### by, among others, git-generated tarballs. It holds comments and is
### not meant for extracting. See #38932: pax_global_header extracted
} elsif ( $entry->name eq PAX_HEADER or $entry->type =~ /^(x|g)$/ ) {
next LOOP;
}
if ( $extract && !$entry->is_longlink
&& !$entry->is_unknown
&& !$entry->is_label ) {
$self->_extract_file( $entry ) or return;
}
### Guard against tarfiles with garbage at the end
last LOOP if $entry->name eq '';
### push only the name on the rv if we're extracting
### -- for extract_archive
push @$tarfile, ($extract ? $entry->name : $entry);
if( $limit ) {
$count-- unless $entry->is_longlink || $entry->is_dir;
last LOOP unless $count;
}
} continue {
undef $data;
}
return $tarfile;
}
=head2 $tar->contains_file( $filename )
Check if the archive contains a certain file.
It will return true if the file is in the archive, false otherwise.
Note however, that this function does an exact match using C<eq>
on the full path. So it cannot compensate for case-insensitive file-
systems or compare 2 paths to see if they would point to the same
underlying file.
=cut
sub contains_file {
my $self = shift;
my $full = shift;
return unless defined $full;
### don't warn if the entry isn't there.. that's what this function
### is for after all.
local $WARN = 0;
return 1 if $self->_find_entry($full);
return;
}
=head2 $tar->extract( [@filenames] )
Write files whose names are equivalent to any of the names in
C<@filenames> to disk, creating subdirectories as necessary. This
might not work too well under VMS.
Under MacPerl, the file's modification time will be converted to the
MacOS zero of time, and appropriate conversions will be done to the
path. However, the length of each element of the path is not
inspected to see whether it's longer than MacOS currently allows (32
characters).
If C<extract> is called without a list of file names, the entire
contents of the archive are extracted.
Returns a list of filenames extracted.
=cut
sub extract {
my $self = shift;
my @args = @_;
my @files;
my $hashmap;
# use the speed optimization for all extracted files
local($self->{cwd}) = cwd() unless $self->{cwd};
### you requested the extraction of only certain files
if( @args ) {
for my $file ( @args ) {
### it's already an object?
if( UNIVERSAL::isa( $file, 'Archive::Tar::File' ) ) {
push @files, $file;
next;
### go find it then
} else {
# create hash-map once to speed up lookup
$hashmap = $hashmap || {
map { $_->full_path, $_ } @{$self->_data}
};
if (exists $hashmap->{$file}) {
### we found the file you're looking for
push @files, $hashmap->{$file};
} else {
return $self->_error(
qq[Could not find '$file' in archive] );
}
}
}
### just grab all the file items
} else {
@files = $self->get_files;
}
### nothing found? that's an error
unless( scalar @files ) {
$self->_error( qq[No files found for ] . $self->_file );
return;
}
### now extract them
for my $entry ( @files ) {
unless( $self->_extract_file( $entry ) ) {
$self->_error(q[Could not extract ']. $entry->full_path .q['] );
return;
}
}
return @files;
}
=head2 $tar->extract_file( $file, [$extract_path] )
Write an entry, whose name is equivalent to the file name provided to
disk. Optionally takes a second parameter, which is the full native
path (including filename) the entry will be written to.
For example:
$tar->extract_file( 'name/in/archive', 'name/i/want/to/give/it' );
$tar->extract_file( $at_file_object, 'name/i/want/to/give/it' );
Returns true on success, false on failure.
=cut
sub extract_file {
my $self = shift;
my $file = shift; return unless defined $file;
my $alt = shift;
my $entry = $self->_find_entry( $file )
or $self->_error( qq[Could not find an entry for '$file'] ), return;
return $self->_extract_file( $entry, $alt );
}
sub _extract_file {
my $self = shift;
my $entry = shift or return;
my $alt = shift;
### you wanted an alternate extraction location ###
my $name = defined $alt ? $alt : $entry->full_path;
### splitpath takes a bool at the end to indicate
### that it's splitting a dir
my ($vol,$dirs,$file);
if ( defined $alt ) { # It's a local-OS path
($vol,$dirs,$file) = File::Spec->splitpath( $alt,
$entry->is_dir );
} else {
($vol,$dirs,$file) = File::Spec::Unix->splitpath( $name,
$entry->is_dir );
}
my $dir;
### is $name an absolute path? ###
if( $vol || File::Spec->file_name_is_absolute( $dirs ) ) {
### absolute names are not allowed to be in tarballs under
### strict mode, so only allow it if a user tells us to do it
if( not defined $alt and not $INSECURE_EXTRACT_MODE ) {
$self->_error(
q[Entry ']. $entry->full_path .q[' is an absolute path. ].
q[Not extracting absolute paths under SECURE EXTRACT MODE]
);
return;
}
### user asked us to, it's fine.
$dir = File::Spec->catpath( $vol, $dirs, "" );
### it's a relative path ###
} else {
my $cwd = (ref $self and defined $self->{cwd})
? $self->{cwd}
: cwd();
my @dirs = defined $alt
? File::Spec->splitdir( $dirs ) # It's a local-OS path
: File::Spec::Unix->splitdir( $dirs ); # it's UNIX-style, likely
# straight from the tarball
if( not defined $alt and
not $INSECURE_EXTRACT_MODE
) {
### paths that leave the current directory are not allowed under
### strict mode, so only allow it if a user tells us to do this.
if( grep { $_ eq '..' } @dirs ) {
$self->_error(
q[Entry ']. $entry->full_path .q[' is attempting to leave ].
q[the current working directory. Not extracting under ].
q[SECURE EXTRACT MODE]
);
return;
}
### the archive may be asking us to extract into a symlink. This
### is not sane and a possible security issue, as outlined here:
### https://rt.cpan.org/Ticket/Display.html?id=30380
### https://bugzilla.redhat.com/show_bug.cgi?id=295021
### https://issues.rpath.com/browse/RPL-1716
my $full_path = $cwd;
for my $d ( @dirs ) {
$full_path = File::Spec->catdir( $full_path, $d );
### we've already checked this one, and it's safe. Move on.
next if ref $self and $self->{_link_cache}->{$full_path};
if( -l $full_path ) {
my $to = readlink $full_path;
my $diag = "symlinked directory ($full_path => $to)";
$self->_error(
q[Entry ']. $entry->full_path .q[' is attempting to ].
qq[extract to a $diag. This is considered a security ].
q[vulnerability and not allowed under SECURE EXTRACT ].
q[MODE]
);
return;
}
### XXX keep a cache if possible, so the stats become cheaper:
$self->{_link_cache}->{$full_path} = 1 if ref $self;
}
}
### '.' is the directory delimiter on VMS, which has to be escaped
### or changed to '_' on vms. vmsify is used, because older versions
### of vmspath do not handle this properly.
### Must not add a '/' to an empty directory though.
map { length() ? VMS::Filespec::vmsify($_.'/') : $_ } @dirs if ON_VMS;
my ($cwd_vol,$cwd_dir,$cwd_file)
= File::Spec->splitpath( $cwd );
my @cwd = File::Spec->splitdir( $cwd_dir );
push @cwd, $cwd_file if length $cwd_file;
### We need to pass '' as the last element to catpath. Craig Berry
### explains why (msgid <p0624083dc311ae541393@[172.16.52.1]>):
### The root problem is that splitpath on UNIX always returns the
### final path element as a file even if it is a directory, and of
### course there is no way it can know the difference without checking
### against the filesystem, which it is documented as not doing. When
### you turn around and call catpath, on VMS you have to know which bits
### are directory bits and which bits are file bits. In this case we
### know the result should be a directory. I had thought you could omit
### the file argument to catpath in such a case, but apparently on UNIX
### you can't.
$dir = File::Spec->catpath(
$cwd_vol, File::Spec->catdir( @cwd, @dirs ), ''
);
### catdir() returns undef if the path is longer than 255 chars on
### older VMS systems.
unless ( defined $dir ) {
$^W && $self->_error( qq[Could not compose a path for '$dirs'\n] );
return;
}
}
if( -e $dir && !-d _ ) {
$^W && $self->_error( qq['$dir' exists, but it's not a directory!\n] );
return;
}
unless ( -d _ ) {
eval { File::Path::mkpath( $dir, 0, 0777 ) };
if( $@ ) {
my $fp = $entry->full_path;
$self->_error(qq[Could not create directory '$dir' for '$fp': $@]);
return;
}
### XXX chown here? that might not be the same as in the archive
### as we're only chown'ing to the owner of the file we're extracting
### not to the owner of the directory itself, which may or may not
### be another entry in the archive
### Answer: no, gnu tar doesn't do it either, it'd be the wrong
### way to go.
#if( $CHOWN && CAN_CHOWN ) {
# chown $entry->uid, $entry->gid, $dir or
# $self->_error( qq[Could not set uid/gid on '$dir'] );
#}
}
### we're done if we just needed to create a dir ###
return 1 if $entry->is_dir;
my $full = File::Spec->catfile( $dir, $file );
if( $entry->is_unknown ) {
$self->_error( qq[Unknown file type for file '$full'] );
return;
}
### If a file system already contains a block device with the same name as
### the being extracted regular file, we would write the file's content
### to the block device. So remove the existing file (block device) now.
### If an archive contains multiple same-named entries, the last one
### should replace the previous ones. So remove the old file now.
### If the old entry is a symlink to a file outside of the CWD, the new
### entry would create a file there. This is CVE-2018-12015
### <https://rt.cpan.org/Ticket/Display.html?id=125523>.
if (-l $full || -e _) {
if (!unlink $full) {
$self->_error( qq[Could not remove old file '$full': $!] );
return;
}
}
if( length $entry->type && $entry->is_file ) {
my $fh = IO::File->new;
$fh->open( $full, '>' ) or (
$self->_error( qq[Could not open file '$full': $!] ),
return
);
if( $entry->size ) {
binmode $fh;
syswrite $fh, $entry->data or (
$self->_error( qq[Could not write data to '$full'] ),
return
);
}
close $fh or (
$self->_error( qq[Could not close file '$full'] ),
return
);
} else {
$self->_make_special_file( $entry, $full ) or return;
}
### only update the timestamp if it's not a symlink; that will change the
### timestamp of the original. This addresses bug #33669: Could not update
### timestamp warning on symlinks
if( not -l $full ) {
utime time, $entry->mtime - TIME_OFFSET, $full or
$self->_error( qq[Could not update timestamp] );
}
if( $CHOWN && CAN_CHOWN->() and not -l $full ) {
CORE::chown( $entry->uid, $entry->gid, $full ) or
$self->_error( qq[Could not set uid/gid on '$full'] );
}
### only chmod if we're allowed to, but never chmod symlinks, since they'll
### change the perms on the file they're linking too...
if( $CHMOD and not -l $full ) {
my $mode = $entry->mode;
unless ($SAME_PERMISSIONS) {
$mode &= ~(oct(7000) | umask);
}
CORE::chmod( $mode, $full ) or
$self->_error( qq[Could not chown '$full' to ] . $entry->mode );
}
return 1;
}
sub _make_special_file {
my $self = shift;
my $entry = shift or return;
my $file = shift; return unless defined $file;
my $err;
if( $entry->is_symlink ) {
my $fail;
if( ON_UNIX ) {
symlink( $entry->linkname, $file ) or $fail++;
} else {
$self->_extract_special_file_as_plain_file( $entry, $file )
or $fail++;
}
$err = qq[Making symbolic link '$file' to '] .
$entry->linkname .q[' failed] if $fail;
} elsif ( $entry->is_hardlink ) {
my $fail;
if( ON_UNIX ) {
link( $entry->linkname, $file ) or $fail++;
} else {
$self->_extract_special_file_as_plain_file( $entry, $file )
or $fail++;
}
$err = qq[Making hard link from '] . $entry->linkname .
qq[' to '$file' failed] if $fail;
} elsif ( $entry->is_fifo ) {
ON_UNIX && !system('mknod', $file, 'p') or
$err = qq[Making fifo ']. $entry->name .qq[' failed];
} elsif ( $entry->is_blockdev or $entry->is_chardev ) {
my $mode = $entry->is_blockdev ? 'b' : 'c';
ON_UNIX && !system('mknod', $file, $mode,
$entry->devmajor, $entry->devminor) or
$err = qq[Making block device ']. $entry->name .qq[' (maj=] .
$entry->devmajor . qq[ min=] . $entry->devminor .
qq[) failed.];
} elsif ( $entry->is_socket ) {
### the original doesn't do anything special for sockets.... ###
1;
}
return $err ? $self->_error( $err ) : 1;
}
### don't know how to make symlinks, let's just extract the file as
### a plain file
sub _extract_special_file_as_plain_file {
my $self = shift;
my $entry = shift or return;
my $file = shift; return unless defined $file;
my $err;