Skip to content

Commit b41daec

Browse files
committed
Do not follow symlinks when processing the fixup list
Use lchmod() instead of chmod() and tell the remaining functions that the real file to be modified is a symbolic link. Fixes libarchive#1566
1 parent e2ad1a2 commit b41daec

4 files changed

Lines changed: 102 additions & 1 deletion

File tree

Makefile.am

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -560,6 +560,7 @@ libarchive_test_SOURCES= \
560560
libarchive/test/test_write_disk.c \
561561
libarchive/test/test_write_disk_appledouble.c \
562562
libarchive/test/test_write_disk_failures.c \
563+
libarchive/test/test_write_disk_fixup.c \
563564
libarchive/test/test_write_disk_hardlink.c \
564565
libarchive/test/test_write_disk_hfs_compression.c \
565566
libarchive/test/test_write_disk_lookup.c \

libarchive/archive_write_disk_posix.c

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2461,6 +2461,7 @@ _archive_write_disk_close(struct archive *_a)
24612461
{
24622462
struct archive_write_disk *a = (struct archive_write_disk *)_a;
24632463
struct fixup_entry *next, *p;
2464+
struct stat st;
24642465
int fd, ret;
24652466

24662467
archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
@@ -2478,6 +2479,20 @@ _archive_write_disk_close(struct archive *_a)
24782479
(TODO_TIMES | TODO_MODE_BASE | TODO_ACLS | TODO_FFLAGS)) {
24792480
fd = open(p->name,
24802481
O_WRONLY | O_BINARY | O_NOFOLLOW | O_CLOEXEC);
2482+
if (fd == -1) {
2483+
/* If we cannot lstat, skip entry */
2484+
if (lstat(p->name, &st) != 0)
2485+
goto skip_fixup_entry;
2486+
/*
2487+
* If we deal with a symbolic link, mark
2488+
* it in the fixup mode to ensure no
2489+
* modifications are made to its target.
2490+
*/
2491+
if (S_ISLNK(st.st_mode)) {
2492+
p->mode &= ~S_IFMT;
2493+
p->mode |= S_IFLNK;
2494+
}
2495+
}
24812496
}
24822497
if (p->fixup & TODO_TIMES) {
24832498
set_times(a, fd, p->mode, p->name,
@@ -2492,7 +2507,12 @@ _archive_write_disk_close(struct archive *_a)
24922507
fchmod(fd, p->mode);
24932508
else
24942509
#endif
2495-
chmod(p->name, p->mode);
2510+
#ifdef HAVE_LCHMOD
2511+
lchmod(p->name, p->mode);
2512+
#else
2513+
if (!S_ISLNK(p->mode))
2514+
chmod(p->name, p->mode);
2515+
#endif
24962516
}
24972517
if (p->fixup & TODO_ACLS)
24982518
archive_write_disk_set_acls(&a->archive, fd,
@@ -2503,6 +2523,7 @@ _archive_write_disk_close(struct archive *_a)
25032523
if (p->fixup & TODO_MAC_METADATA)
25042524
set_mac_metadata(a, p->name, p->mac_metadata,
25052525
p->mac_metadata_size);
2526+
skip_fixup_entry:
25062527
next = p->next;
25072528
archive_acl_clear(&p->acl);
25082529
free(p->mac_metadata);
@@ -2643,6 +2664,7 @@ new_fixup(struct archive_write_disk *a, const char *pathname)
26432664
fe->next = a->fixup_list;
26442665
a->fixup_list = fe;
26452666
fe->fixup = 0;
2667+
fe->mode = 0;
26462668
fe->name = strdup(pathname);
26472669
return (fe);
26482670
}

libarchive/test/CMakeLists.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -209,6 +209,7 @@ IF(ENABLE_TEST)
209209
test_write_disk.c
210210
test_write_disk_appledouble.c
211211
test_write_disk_failures.c
212+
test_write_disk_fixup.c
212213
test_write_disk_hardlink.c
213214
test_write_disk_hfs_compression.c
214215
test_write_disk_lookup.c
Lines changed: 77 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,77 @@
1+
/*-
2+
* Copyright (c) 2021 Martin Matuska
3+
* All rights reserved.
4+
*
5+
* Redistribution and use in source and binary forms, with or without
6+
* modification, are permitted provided that the following conditions
7+
* are met:
8+
* 1. Redistributions of source code must retain the above copyright
9+
* notice, this list of conditions and the following disclaimer.
10+
* 2. Redistributions in binary form must reproduce the above copyright
11+
* notice, this list of conditions and the following disclaimer in the
12+
* documentation and/or other materials provided with the distribution.
13+
*
14+
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
15+
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16+
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17+
* IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
18+
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19+
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20+
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21+
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22+
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23+
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24+
*/
25+
#include "test.h"
26+
27+
/*
28+
* Test fixup entries don't follow symlinks
29+
*/
30+
DEFINE_TEST(test_write_disk_fixup)
31+
{
32+
struct archive *ad;
33+
struct archive_entry *ae;
34+
int r;
35+
36+
if (!canSymlink()) {
37+
skipping("Symlinks not supported");
38+
return;
39+
}
40+
41+
/* Write entries to disk. */
42+
assert((ad = archive_write_disk_new()) != NULL);
43+
44+
/*
45+
* Create a file
46+
*/
47+
assertMakeFile("victim", 0600, "a");
48+
49+
/*
50+
* Create a directory and a symlink with the same name
51+
*/
52+
53+
/* Directory: dir */
54+
assert((ae = archive_entry_new()) != NULL);
55+
archive_entry_copy_pathname(ae, "dir");
56+
archive_entry_set_mode(ae, AE_IFDIR | 0606);
57+
assertEqualIntA(ad, 0, archive_write_header(ad, ae));
58+
assertEqualIntA(ad, 0, archive_write_finish_entry(ad));
59+
archive_entry_free(ae);
60+
61+
/* Symbolic Link: dir -> foo */
62+
assert((ae = archive_entry_new()) != NULL);
63+
archive_entry_copy_pathname(ae, "dir");
64+
archive_entry_set_mode(ae, AE_IFLNK | 0777);
65+
archive_entry_set_size(ae, 0);
66+
archive_entry_copy_symlink(ae, "victim");
67+
assertEqualIntA(ad, 0, r = archive_write_header(ad, ae));
68+
if (r >= ARCHIVE_WARN)
69+
assertEqualIntA(ad, 0, archive_write_finish_entry(ad));
70+
archive_entry_free(ae);
71+
72+
assertEqualInt(ARCHIVE_OK, archive_write_free(ad));
73+
74+
/* Test the entries on disk. */
75+
assertIsSymlink("dir", "victim", 0);
76+
assertFileMode("victim", 0600);
77+
}

0 commit comments

Comments
 (0)