tar,unzip: postpone creation of symlinks with "suspicious" targets

This mostly reverts commit bc9bbeb2b8 "libarchive: do not extract unsafe symlinks unless $EXTRACT_UNSAFE_SYMLINKS=1" Users report that it is somewhat too restrictive. See https://bugs.busybox.net/show_bug.cgi?id=8411 In particular, this interferes with unpacking of busybox-based filesystems with links like "sbin/applet" -> "../bin/busybox". The change is made smaller by deleting ARCHIVE_EXTRACT_QUIET flag - it is unused since 2010, and removing conditionals on it allows commonalizing some error message codes. function old new delta create_or_remember_symlink - 94 +94 create_symlinks_from_list - 64 +64 tar_main 1002 1006 +4 unzip_main 2732 2724 -8 data_extract_all 984 891 -93 unsafe_symlink_target 147 - -147 ------------------------------------------------------------------------------ (add/remove: 2/1 grow/shrink: 1/2 up/down: 162/-248) Total: -86 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2018-02-20 15:57:45 +01:00
parent 95121d98e6
commit a84db18fc7
6 changed files with 71 additions and 82 deletions
--- a/archival/libarchive/data_extract_all.c
+++ b/archival/libarchive/data_extract_all.c
@ -107,9 +107,7 @@ void FAST_FUNC data_extract_all(archive_handle_t *archive_handle)
 			}
 		}
 		else if (existing_sb.st_mtime >= file_header->mtime) {
-			if (!(archive_handle->ah_flags & ARCHIVE_EXTRACT_QUIET)
-			 && !S_ISDIR(file_header->mode)
-			) {
+			if (!S_ISDIR(file_header->mode)) {
 				bb_error_msg("%s not created: newer or "
 					"same age file exists", dst_name);
 			}
@ -125,7 +123,7 @@ void FAST_FUNC data_extract_all(archive_handle_t *archive_handle)
 	/* Handle hard links separately */
 	if (hard_link) {
 		res = link(hard_link, dst_name);
-		if (res != 0 && !(archive_handle->ah_flags & ARCHIVE_EXTRACT_QUIET)) {
+		if (res != 0) {
 			/* shared message */
 			bb_perror_msg("can't create %slink '%s' to '%s'",
 				"hard",	dst_name, hard_link
@ -165,10 +163,9 @@ void FAST_FUNC data_extract_all(archive_handle_t *archive_handle)
 	}
 	case S_IFDIR:
 		res = mkdir(dst_name, file_header->mode);
-		if ((res == -1)
+		if ((res != 0)
 		 && (errno != EISDIR) /* btw, Linux doesn't return this */
 		 && (errno != EEXIST)
-		 && !(archive_handle->ah_flags & ARCHIVE_EXTRACT_QUIET)
 		) {
 			bb_perror_msg("can't make dir %s", dst_name);
 		}
@ -198,27 +195,16 @@ void FAST_FUNC data_extract_all(archive_handle_t *archive_handle)
 		 *
 		 * Untarring bug.tar would otherwise place evil.py in '/tmp'.
 		 */
-		if (!unsafe_symlink_target(file_header->link_target)) {
-			res = symlink(file_header->link_target, dst_name);
-			if (res != 0
-			 && !(archive_handle->ah_flags & ARCHIVE_EXTRACT_QUIET)
-			) {
-				/* shared message */
-				bb_perror_msg("can't create %slink '%s' to '%s'",
-					"sym",
-					dst_name, file_header->link_target
-				);
-			}
-		}
+		create_or_remember_symlink(&archive_handle->symlink_placeholders,
+				file_header->link_target,
+				dst_name);
 		break;
 	case S_IFSOCK:
 	case S_IFBLK:
 	case S_IFCHR:
 	case S_IFIFO:
 		res = mknod(dst_name, file_header->mode, file_header->device);
-		if ((res == -1)
-		 && !(archive_handle->ah_flags & ARCHIVE_EXTRACT_QUIET)
-		) {
+		if (res != 0) {
 			bb_perror_msg("can't create node %s", dst_name);
 		}
 		break;