This repository has been archived by the owner on Mar 27, 2024. It is now read-only.
/
tar_utils.go
194 lines (175 loc) · 5.61 KB
/
tar_utils.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
/*
Copyright 2018 Google, Inc. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package util
import (
"archive/tar"
"fmt"
"io"
"os"
"path/filepath"
"strings"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
// Map of target:linkname
var hardlinks = make(map[string]string)
type OriginalPerm struct {
path string
perm os.FileMode
}
func unpackTar(tr *tar.Reader, path string, whitelist []string) error {
originalPerms := make([]OriginalPerm, 0)
for {
header, err := tr.Next()
if err == io.EOF {
// end of tar archive
break
}
if err != nil {
return errors.Wrap(err, "Error getting next tar header")
}
target := filepath.Clean(filepath.Join(path, header.Name))
// Make sure the target isn't part of the whitelist
if checkWhitelist(target, whitelist) {
continue
}
mode := header.FileInfo().Mode()
switch header.Typeflag {
// if its a dir and it doesn't exist create it
case tar.TypeDir:
if _, err := os.Stat(target); os.IsNotExist(err) {
if mode.Perm()&(1<<(uint(7))) == 0 {
logrus.Debugf("Write permission bit not set on %s by default; setting manually", target)
originalMode := mode
mode = mode | (1 << uint(7))
// keep track of original file permission to reset later
originalPerms = append(originalPerms, OriginalPerm{
path: target,
perm: originalMode,
})
}
logrus.Debugf("Creating directory %s with permissions %v", target, mode)
if err := os.MkdirAll(target, mode); err != nil {
return err
}
// In some cases, MkdirAll doesn't change the permissions, so run Chmod
if err := os.Chmod(target, mode); err != nil {
return err
}
}
// if it's a file create it
case tar.TypeReg:
// It's possible for a file to be included before the directory it's in is created.
baseDir := filepath.Dir(target)
if _, err := os.Stat(baseDir); os.IsNotExist(err) {
logrus.Debugf("baseDir %s for file %s does not exist. Creating", baseDir, target)
if err := os.MkdirAll(baseDir, 0755); err != nil {
return err
}
}
// It's possible we end up creating files that can't be overwritten based on their permissions.
// Explicitly delete an existing file before continuing.
if _, err := os.Stat(target); !os.IsNotExist(err) {
logrus.Debugf("Removing %s for overwrite", target)
if err := os.Remove(target); err != nil {
logrus.Errorf("error removing file %s", target)
return err
}
}
logrus.Debugf("Creating file %s with permissions %v", target, mode)
currFile, err := os.Create(target)
if err != nil {
logrus.Errorf("Error creating file %s %s", target, err)
return err
}
// manually set permissions on file, since the default umask (022) will interfere
if err = os.Chmod(target, mode); err != nil {
logrus.Errorf("Error updating file permissions on %s", target)
return err
}
_, err = io.Copy(currFile, tr)
if err != nil {
return err
}
currFile.Close()
case tar.TypeSymlink:
// It's possible we end up creating files that can't be overwritten based on their permissions.
// Explicitly delete an existing file before continuing.
if _, err := os.Stat(target); !os.IsNotExist(err) {
logrus.Debugf("Removing %s to create symlink", target)
if err := os.RemoveAll(target); err != nil {
logrus.Debugf("Unable to remove %s: %s", target, err)
}
}
if err = os.Symlink(header.Linkname, target); err != nil {
logrus.Errorf("Failed to create symlink between %s and %s: %s", header.Linkname, target, err)
}
case tar.TypeLink:
linkname := filepath.Clean(filepath.Join(path, header.Linkname))
// Check if the linkname already exists
if _, err := os.Stat(linkname); !os.IsNotExist(err) {
// If it exists, create the hard link
resolveHardlink(linkname, target)
} else {
hardlinks[target] = linkname
}
}
}
for target, linkname := range hardlinks {
logrus.Info("Resolving hard links")
if _, err := os.Stat(linkname); !os.IsNotExist(err) {
// If it exists, create the hard link
if err := resolveHardlink(linkname, target); err != nil {
return errors.Wrap(err, fmt.Sprintf("Unable to create hard link from %s to %s", linkname, target))
}
}
}
// reset all original file
for _, perm := range originalPerms {
if err := os.Chmod(perm.path, perm.perm); err != nil {
return err
}
}
return nil
}
func resolveHardlink(linkname, target string) error {
if err := os.Link(linkname, target); err != nil {
return err
}
logrus.Debugf("Created hard link from %s to %s", linkname, target)
return nil
}
func checkWhitelist(target string, whitelist []string) bool {
for _, w := range whitelist {
if HasFilepathPrefix(target, w) {
logrus.Debugf("Not extracting %s, as it has prefix %s which is whitelisted", target, w)
return true
}
}
return false
}
func IsTar(path string) bool {
return filepath.Ext(path) == ".tar" ||
filepath.Ext(path) == ".tar.gz" ||
filepath.Ext(path) == ".tgz"
}
func CheckTar(image string) bool {
if strings.TrimSuffix(image, ".tar") == image {
return false
}
if _, err := os.Stat(image); err != nil {
logrus.Errorf("%s does not exist", image)
return false
}
return true
}