rpms/tar
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: rpms:c8
Branches Tags
rpms:c8
rpms:c8s
rpms:c10
rpms:c10s
rpms:c9s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:imports/c8/tar-1.30-10.el8_10
rpms:imports/c10/tar-1.35-7.el10
rpms:imports/c10s/tar-1.35-7.el10
rpms:imports/c9/tar-1.34-7.el9
rpms:imports/c10s/tar-1.35-5.el10
rpms:imports/c9-beta/tar-1.34-7.el9
rpms:imports/c9/tar-1.34-6.el9_4.1
rpms:imports/c10s/tar-1.35-4.el10
rpms:imports/c8/tar-1.30-9.el8
rpms:imports/c9-beta/tar-1.34-6.el9_1
rpms:imports/c8-beta/tar-1.30-9.el8
rpms:imports/c9/tar-1.34-6.el9_1
rpms:imports/c8/tar-1.30-6.el8_7.1
rpms:imports/c8s/tar-1.30-9.el8
rpms:imports/c8s/tar-1.30-8.el8
rpms:imports/c9/tar-1.34-5.el9
rpms:imports/c8/tar-1.30-6.el8
rpms:imports/c9-beta/tar-1.34-5.el9
rpms:imports/c8-beta/tar-1.30-6.el8
rpms:imports/c8s/tar-1.30-6.el8
rpms:imports/c9/tar-1.34-3.el9
rpms:imports/c9-beta/tar-1.34-3.el9
rpms:imports/c8-beta/tar-1.30-5.el8
rpms:imports/c8-beta/tar-1.30-4.el8
rpms:imports/c8s/tar-1.30-5.el8
rpms:imports/c8/tar-1.30-5.el8
rpms:imports/c8/tar-1.30-4.el8
...
compare: rpms:imports/c8-beta/tar-1.30-4.el8
Branches Tags
rpms:c8s
rpms:c8
rpms:c10
rpms:c10s
rpms:c9s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:imports/c8/tar-1.30-10.el8_10
rpms:imports/c10/tar-1.35-7.el10
rpms:imports/c10s/tar-1.35-7.el10
rpms:imports/c9/tar-1.34-7.el9
rpms:imports/c10s/tar-1.35-5.el10
rpms:imports/c9-beta/tar-1.34-7.el9
rpms:imports/c9/tar-1.34-6.el9_4.1
rpms:imports/c10s/tar-1.35-4.el10
rpms:imports/c8/tar-1.30-9.el8
rpms:imports/c9-beta/tar-1.34-6.el9_1
rpms:imports/c8-beta/tar-1.30-9.el8
rpms:imports/c9/tar-1.34-6.el9_1
rpms:imports/c8/tar-1.30-6.el8_7.1
rpms:imports/c8s/tar-1.30-9.el8
rpms:imports/c8s/tar-1.30-8.el8
rpms:imports/c9/tar-1.34-5.el9
rpms:imports/c8/tar-1.30-6.el8
rpms:imports/c9-beta/tar-1.34-5.el9
rpms:imports/c8-beta/tar-1.30-6.el8
rpms:imports/c8s/tar-1.30-6.el8
rpms:imports/c9/tar-1.34-3.el9
rpms:imports/c9-beta/tar-1.34-3.el9
rpms:imports/c8-beta/tar-1.30-5.el8
rpms:imports/c8-beta/tar-1.30-4.el8
rpms:imports/c8s/tar-1.30-5.el8
rpms:imports/c8/tar-1.30-5.el8
rpms:imports/c8/tar-1.30-4.el8

No commits in common. "c8" and "imports/c8-beta/tar-1.30-4.el8" have entirely different histories.
c8 ... imports/c8

9 changed files with 1 additions and 908 deletions
Show Stats Expand all files Collapse all files

30
SOURCES/tar-1.30-CVE-2022-48303.patch
View File

@ -1,30 +0,0 @@
From 3da78400eafcccb97e2f2fd4b227ea40d794ede8 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 11 Feb 2023 11:57:39 +0200
Subject: [PATCH] Fix boundary checking in base-256 decoder
* src/list.c (from_header): Base-256 encoding is at least 2 bytes
long.
---
src/list.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/list.c b/src/list.c
index 9fafc425..86bcfdd1 100644
--- a/src/list.c
+++ b/src/list.c
@@ -881,8 +881,9 @@ from_header (char const *where0, size_t digs, char const *type,
where++;
}
}
- else if (*where == '\200' /* positive base-256 */
- || *where == '\377' /* negative base-256 */)
+ else if (where <= lim - 2
+ && (*where == '\200' /* positive base-256 */
+ || *where == '\377' /* negative base-256 */))
{
/* Parse base-256 output. A nonnegative number N is
represented as (256**DIGS)/2 + N; a negative number -N is
--
2.38.1

297
SOURCES/tar-1.30-Fix-the-no-overwrite-dir-option
View File

@ -1,297 +0,0 @@
From 14d8fc718f0c872274b90991ee634b0cd8e1a6f0 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 8 Feb 2020 13:01:47 +0200
Subject: [PATCH] Fix the --no-overwrite-dir option
Given this option, tar failed to preserve permissions of empty directories
and to create files under directories owned by the current user that did
not have the S_IWUSR bit set.
* src/extract.c (fd_chmod): Rename to fd_i_chmod.
(fd_chmod): New function.
(safe_dir_mode): New function.
(extract_dir): Special handling for existing directories in
--no-overwrite-dir mode.
* tests/extrac23.at: New file.
* tests/Makefile.am: Add new test case.
* tests/testsuite.at: Likewise.
---
src/extract.c | 128 ++++++++++++++++++++++++++++++---------------
tests/Makefile.am | 1 +
tests/extrac23.at | 58 ++++++++++++++++++++
tests/testsuite.at | 1 +
4 files changed, 146 insertions(+), 42 deletions(-)
create mode 100644 tests/extrac23.at
diff --git a/src/extract.c b/src/extract.c
index a4a35a57..5a38ba70 100644
--- a/src/extract.c
+++ b/src/extract.c
@@ -194,7 +194,7 @@ extr_init (void)
/* Use fchmod if possible, fchmodat otherwise. */
static int
-fd_chmod (int fd, char const *file, mode_t mode, int atflag)
+fd_i_chmod (int fd, char const *file, mode_t mode, int atflag)
{
if (0 <= fd)
{
@@ -205,6 +205,42 @@ fd_chmod (int fd, char const *file, mode_t mode, int atflag)
return fchmodat (chdir_fd, file, mode, atflag);
}
+/* A version of fd_i_chmod which gracefully handles several common error
+ conditions. Additional argument TYPEFLAG is the type of file in tar
+ notation.
+ */
+static int
+fd_chmod(int fd, char const *file_name, int mode, int atflag, int typeflag)
+{
+ int chmod_errno = fd_i_chmod (fd, file_name, mode, atflag) == 0 ? 0 : errno;
+
+ /* On Solaris, chmod may fail if we don't have PRIV_ALL, because
+ setuid-root files would otherwise be a backdoor. See
+ http://opensolaris.org/jive/thread.jspa?threadID=95826
+ (2009-09-03). */
+ if (chmod_errno == EPERM && (mode & S_ISUID)
+ && priv_set_restore_linkdir () == 0)
+ {
+ chmod_errno = fd_i_chmod (fd, file_name, mode, atflag) == 0 ? 0 : errno;
+ priv_set_remove_linkdir ();
+ }
+
+ /* Linux fchmodat does not support AT_SYMLINK_NOFOLLOW, and
+ returns ENOTSUP even when operating on non-symlinks, try
+ again with the flag disabled if it does not appear to be
+ supported and if the file is not a symlink. This
+ introduces a race, alas. */
+ if (atflag && typeflag != SYMTYPE && ! implemented (chmod_errno))
+ chmod_errno = fd_i_chmod (fd, file_name, mode, 0) == 0 ? 0 : errno;
+
+ if (chmod_errno && (typeflag != SYMTYPE || implemented (chmod_errno)))
+ {
+ errno = chmod_errno;
+ return -1;
+ }
+ return 0;
+}
+
/* Use fchown if possible, fchownat otherwise. */
static int
fd_chown (int fd, char const *file, uid_t uid, gid_t gid, int atflag)
@@ -259,35 +295,8 @@ set_mode (char const *file_name,
if (current_mode != mode)
{
- int chmod_errno =
- fd_chmod (fd, file_name, mode, atflag) == 0 ? 0 : errno;
-
- /* On Solaris, chmod may fail if we don't have PRIV_ALL, because
- setuid-root files would otherwise be a backdoor. See
- http://opensolaris.org/jive/thread.jspa?threadID=95826
- (2009-09-03). */
- if (chmod_errno == EPERM && (mode & S_ISUID)
- && priv_set_restore_linkdir () == 0)
- {
- chmod_errno =
- fd_chmod (fd, file_name, mode, atflag) == 0 ? 0 : errno;
- priv_set_remove_linkdir ();
- }
-
- /* Linux fchmodat does not support AT_SYMLINK_NOFOLLOW, and
- returns ENOTSUP even when operating on non-symlinks, try
- again with the flag disabled if it does not appear to be
- supported and if the file is not a symlink. This
- introduces a race, alas. */
- if (atflag && typeflag != SYMTYPE && ! implemented (chmod_errno))
- chmod_errno = fd_chmod (fd, file_name, mode, 0) == 0 ? 0 : errno;
-
- if (chmod_errno
- && (typeflag != SYMTYPE || implemented (chmod_errno)))
- {
- errno = chmod_errno;
- chmod_error_details (file_name, mode);
- }
+ if (fd_chmod (fd, file_name, mode, atflag, typeflag))
+ chmod_error_details (file_name, mode);
}
}
}
@@ -975,6 +984,26 @@ is_directory_link (const char *file_name)
return res;
}
+/* Given struct stat of a directory (or directory member) whose ownership
+ or permissions of will be restored later, return the temporary permissions
+ for that directory, sufficiently restrictive so that in the meantime
+ processes owned by other users do not inadvertently create files under this
+ directory that inherit the wrong owner, group, or permissions from the
+ directory.
+
+ If not root, though, make the directory writeable and searchable at first,
+ so that files can be created under it.
+*/
+static inline int
+safe_dir_mode (struct stat const *st)
+{
+ return ((st->st_mode
+ & (0 < same_owner_option || 0 < same_permissions_option
+ ? S_IRWXU
+ : MODE_RWX))
+ | (we_are_root ? 0 : MODE_WXUSR));
+}
+
/* Extractor functions for various member types */
static int
@@ -1004,18 +1033,7 @@ extract_dir (char *file_name, int typeflag)
else if (typeflag == GNUTYPE_DUMPDIR)
skip_member ();
- /* If ownership or permissions will be restored later, create the
- directory with restrictive permissions at first, so that in the
- meantime processes owned by other users do not inadvertently
- create files under this directory that inherit the wrong owner,
- group, or permissions from the directory. If not root, though,
- make the directory writeable and searchable at first, so that
- files can be created under it. */
- mode = ((current_stat_info.stat.st_mode
- & (0 < same_owner_option || 0 < same_permissions_option
- ? S_IRWXU
- : MODE_RWX))
- | (we_are_root ? 0 : MODE_WXUSR));
+ mode = safe_dir_mode (&current_stat_info.stat);
for (;;)
{
@@ -1031,6 +1049,7 @@ extract_dir (char *file_name, int typeflag)
if (errno == EEXIST
&& (interdir_made
|| keep_directory_symlink_option
+ || old_files_option == NO_OVERWRITE_DIR_OLD_FILES
|| old_files_option == DEFAULT_OLD_FILES
|| old_files_option == OVERWRITE_OLD_FILES))
{
@@ -1051,6 +1070,31 @@ extract_dir (char *file_name, int typeflag)
repair_delayed_set_stat (file_name, &st);
return 0;
}
+ else if (old_files_option == NO_OVERWRITE_DIR_OLD_FILES)
+ {
+ /* Temporarily change the directory mode to a safe
+ value, to be able to create files in it, should
+ the need be.
+ */
+ mode = safe_dir_mode (&st);
+ status = fd_chmod(-1, file_name, mode,
+ AT_SYMLINK_NOFOLLOW, DIRTYPE);
+ if (status == 0)
+ {
+ /* Store the actual directory mode, to be restored
+ later.
+ */
+ current_stat_info.stat = st;
+ current_mode = mode & ~ current_umask;
+ current_mode_mask = MODE_RWX;
+ atflag = AT_SYMLINK_NOFOLLOW;
+ break;
+ }
+ else
+ {
+ chmod_error_details (file_name, mode);
+ }
+ }
break;
}
}
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 0369a950..31ae3460 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -121,6 +121,7 @@ TESTSUITE_AT = \
extrac19.at\
extrac20.at\
extrac21.at\
+ extrac23.at\
filerem01.at\
filerem02.at\
dirrem01.at\
diff --git a/tests/extrac23.at b/tests/extrac23.at
new file mode 100644
index 00000000..669d18b6
--- /dev/null
+++ b/tests/extrac23.at
@@ -0,0 +1,58 @@
+# Test suite for GNU tar. -*- Autotest -*-
+# Copyright 2020 Free Software Foundation, Inc.
+#
+# This file is part of GNU tar.
+#
+# GNU tar is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# GNU tar is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+AT_SETUP([--no-overwrite-dir])
+AT_KEYWORDS([extract extrac23 no-overwrite-dir])
+
+# Description: Implementation of the --no-overwrite-dir option was flawed in
+# tar versions up to 1.32.90. This option is intended to preserve metadata
+# of existing directories. In fact it worked only for non-empty directories.
+# Moreover, if the actual directory was owned by the user tar runs as and the
+# S_IWUSR bit was not set in its actual permissions, tar failed to create files
+# in it.
+#
+# Reported by: Michael Kaufmann <mail@michael-kaufmann.ch>
+# References: <20200207112934.Horde.anXzYhAj2CHiwUrw5CuT0G-@webmail.michael-kaufmann.ch>,
+# https://lists.gnu.org/archive/html/bug-tar/2020-02/msg00003.html
+
+AT_TAR_CHECK([
+# Test if the directory permissions are restored properly.
+mkdir dir
+chmod 755 dir
+tar cf a.tar dir
+chmod 777 dir
+tar -xf a.tar --no-overwrite-dir
+genfile --stat=mode.777 dir
+
+# Test if temprorary permissions are set correctly to allow the owner
+# to write to the directory.
+genfile --file dir/file
+tar cf a.tar dir
+rm dir/file
+chmod 400 dir
+tar -xf a.tar --no-overwrite-dir
+genfile --stat=mode.777 dir
+chmod 700 dir
+find dir
+],
+[0],
+[777
+400
+dir
+dir/file
+])
+AT_CLEANUP
diff --git a/tests/testsuite.at b/tests/testsuite.at
index 2cc43a19..0620a3c7 100644
--- a/tests/testsuite.at
+++ b/tests/testsuite.at
@@ -343,6 +343,7 @@ m4_include([extrac19.at])
m4_include([extrac19.at])
m4_include([extrac20.at])
m4_include([extrac21.at])
+m4_include([extrac23.at])
m4_include([backup01.at])
--
2.37.3

53
SOURCES/tar-1.30-disk-read-error.patch
View File

@ -1,53 +0,0 @@
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Tue, 13 Apr 2021 11:47:32 +0200
Subject: [PATCH] do not report read disk error as file shrank
diff --git a/src/create.c b/src/create.c
index 181f7d9..7be10a9 100644
--- a/src/create.c
+++ b/src/create.c
@@ -1097,7 +1097,7 @@ dump_regular_file (int fd, struct tar_stat_info *st)
size_left -= count;
set_next_block_after (blk + (bufsize - 1) / BLOCKSIZE);
- if (count != bufsize)
+ if (count == 0)
{
char buf[UINTMAX_STRSIZE_BOUND];
memset (blk->buffer + count, 0, bufsize - count);
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 2d7939d..89fbf9a 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -230,7 +230,6 @@ TESTSUITE_AT = \
spmvp10.at\
time01.at\
time02.at\
- truncate.at\
update.at\
update01.at\
update02.at\
diff --git a/tests/Makefile.in b/tests/Makefile.in
index db14044..238b210 100644
--- a/tests/Makefile.in
+++ b/tests/Makefile.in
@@ -1457,7 +1457,6 @@ TESTSUITE_AT = \
spmvp10.at\
time01.at\
time02.at\
- truncate.at\
update.at\
update01.at\
update02.at\
diff --git a/tests/testsuite.at b/tests/testsuite.at
index 2a83757..52f73a6 100644
--- a/tests/testsuite.at
+++ b/tests/testsuite.at
@@ -424,7 +424,6 @@ m4_include([comprec.at])
m4_include([shortfile.at])
m4_include([shortupd.at])
-m4_include([truncate.at])
m4_include([grow.at])
m4_include([sigpipe.at])
m4_include([comperr.at])

15
SOURCES/tar-1.30-filerem01.at-swap-actions.patch
View File

@ -1,15 +0,0 @@
diff --git a/tests/filerem01.at b/tests/filerem01.at
index bf020538..6a9893a6 100644
--- a/tests/filerem01.at
+++ b/tests/filerem01.at
@@ -43,8 +43,8 @@ genfile --file dir/file1
genfile --file dir/sub/file2
genfile --run --checkpoint=3 --unlink dir/file1 -- \
- tar --blocking-factor=1 --checkpoint=1 --checkpoint-action='sleep=1' \
- --checkpoint-action='echo' -c -f archive.tar \
+ tar --blocking-factor=1 --checkpoint=1 --checkpoint-action='echo' \
+ --checkpoint-action='sleep=1' -c -f archive.tar \
--listed-incremental db -v dir >/dev/null
],
[1],

179
SOURCES/tar-1.30-padding-zeros.patch
View File

@ -1,179 +0,0 @@
From 910d9ff829bbdfaf1455cdb2b1813507bcb855ec Mon Sep 17 00:00:00 2001
From: Ondrej Dubaj <odubaj@redhat.com>
Date: Tue, 13 Apr 2021 11:47:32 +0200
Subject: [PATCH] add padding message, when read error occurs and tar is
padding with zeros
---
lib/paxerror.c | 44 ++++++++++++++++++++++++++++++--------------
lib/paxlib.h | 4 ++--
src/common.h | 2 +-
src/create.c | 2 +-
src/misc.c | 6 +++---
src/sparse.c | 6 +++---
6 files changed, 40 insertions(+), 24 deletions(-)
diff --git a/lib/paxerror.c b/lib/paxerror.c
index 134cef3..929a741 100644
--- a/lib/paxerror.c
+++ b/lib/paxerror.c
@@ -173,29 +173,45 @@ read_error (char const *name)
}
void
-read_error_details (char const *name, off_t offset, size_t size)
+read_error_details (char const *name, off_t offset, size_t size, bool padding)
{
char buf[UINTMAX_STRSIZE_BOUND];
int e = errno;
- ERROR ((0, e,
- ngettext ("%s: Read error at byte %s, while reading %lu byte",
- "%s: Read error at byte %s, while reading %lu bytes",
- size),
- quotearg_colon (name), STRINGIFY_BIGINT (offset, buf),
- (unsigned long) size));
+ if (padding)
+ ERROR ((0, e,
+ ngettext ("%s: Read error at byte %s, while reading %lu byte; padding with zeros",
+ "%s: Read error at byte %s, while reading %lu bytes; padding with zeros",
+ size),
+ quotearg_colon (name), STRINGIFY_BIGINT (offset, buf),
+ (unsigned long) size));
+ else
+ ERROR ((0, e,
+ ngettext ("%s: Read error at byte %s, while reading %lu byte",
+ "%s: Read error at byte %s, while reading %lu bytes",
+ size),
+ quotearg_colon (name), STRINGIFY_BIGINT (offset, buf),
+ (unsigned long) size));
}
void
-read_warn_details (char const *name, off_t offset, size_t size)
+read_warn_details (char const *name, off_t offset, size_t size, bool padding)
{
char buf[UINTMAX_STRSIZE_BOUND];
int e = errno;
- WARN ((0, e,
- ngettext ("%s: Warning: Read error at byte %s, while reading %lu byte",
- "%s: Warning: Read error at byte %s, while reading %lu bytes",
- size),
- quotearg_colon (name), STRINGIFY_BIGINT (offset, buf),
- (unsigned long) size));
+ if (padding)
+ WARN ((0, e,
+ ngettext ("%s: Warning: Read error at byte %s, while reading %lu byte; padding with zeros",
+ "%s: Warning: Read error at byte %s, while reading %lu bytes; padding with zeros",
+ size),
+ quotearg_colon (name), STRINGIFY_BIGINT (offset, buf),
+ (unsigned long) size));
+ else
+ WARN ((0, e,
+ ngettext ("%s: Warning: Read error at byte %s, while reading %lu byte",
+ "%s: Warning: Read error at byte %s, while reading %lu bytes",
+ size),
+ quotearg_colon (name), STRINGIFY_BIGINT (offset, buf),
+ (unsigned long) size));
}
void
diff --git a/lib/paxlib.h b/lib/paxlib.h
index d4251d1..ccf826b 100644
--- a/lib/paxlib.h
+++ b/lib/paxlib.h
@@ -94,10 +94,10 @@ void open_error (char const *);
void open_fatal (char const *) __attribute__ ((noreturn));
void open_warn (char const *);
void read_error (char const *);
-void read_error_details (char const *, off_t, size_t);
+void read_error_details (char const *, off_t, size_t, bool);
void read_fatal (char const *) __attribute__ ((noreturn));
void read_fatal_details (char const *, off_t, size_t) __attribute__ ((noreturn));
-void read_warn_details (char const *, off_t, size_t);
+void read_warn_details (char const *, off_t, size_t, bool);
void readlink_error (char const *);
void readlink_warn (char const *);
void rmdir_error (char const *);
diff --git a/src/common.h b/src/common.h
index bbe167e..34a30ec 100644
--- a/src/common.h
+++ b/src/common.h
@@ -713,7 +713,7 @@ int chdir_count (void);
void close_diag (char const *name);
void open_diag (char const *name);
-void read_diag_details (char const *name, off_t offset, size_t size);
+void read_diag_details (char const *name, off_t offset, size_t size, bool padding);
void readlink_diag (char const *name);
void savedir_diag (char const *name);
void seek_diag_details (char const *name, off_t offset);
diff --git a/src/create.c b/src/create.c
index 712ee18..181f7d9 100644
--- a/src/create.c
+++ b/src/create.c
@@ -1090,7 +1090,7 @@ dump_regular_file (int fd, struct tar_stat_info *st)
if (count == SAFE_READ_ERROR)
{
read_diag_details (st->orig_file_name,
- st->stat.st_size - size_left, bufsize);
+ st->stat.st_size - size_left, bufsize, true);
pad_archive (size_left);
return dump_status_short;
}
diff --git a/src/misc.c b/src/misc.c
index eccf6f9..28c6f44 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -1069,15 +1069,15 @@ open_diag (char const *name)
}
void
-read_diag_details (char const *name, off_t offset, size_t size)
+read_diag_details (char const *name, off_t offset, size_t size, bool padding)
{
if (ignore_failed_read_option)
{
if (WARNING_ENABLED(WARN_FAILED_READ))
- read_warn_details (name, offset, size);
+ read_warn_details (name, offset, size, padding);
}
else
- read_error_details (name, offset, size);
+ read_error_details (name, offset, size, padding);
}
void
diff --git a/src/sparse.c b/src/sparse.c
index 55c874f..1f9f0af 100644
--- a/src/sparse.c
+++ b/src/sparse.c
@@ -425,7 +425,7 @@ sparse_dump_region (struct tar_sparse_file *file, size_t i)
(file->stat_info->sparse_map[i].offset
+ file->stat_info->sparse_map[i].numbytes
- bytes_left),
- bufsize);
+ bufsize, false);
return false;
}
if (bytes_read == 0)
@@ -607,7 +607,7 @@ check_sparse_region (struct tar_sparse_file *file, off_t beg, off_t end)
if (bytes_read == SAFE_READ_ERROR)
{
read_diag_details (file->stat_info->orig_file_name,
- offset, rdsize);
+ offset, rdsize, false);
return false;
}
@@ -657,7 +657,7 @@ check_data_region (struct tar_sparse_file *file, size_t i)
(file->stat_info->sparse_map[i].offset
+ file->stat_info->sparse_map[i].numbytes
- size_left),
- rdsize);
+ rdsize, false);
return false;
}
file->dumped_size += bytes_read;
--
2.30.2

82
SOURCES/tar-1.30-remove-capabs-test.patch
View File

@ -1,82 +0,0 @@
# This test is failing due to BZ#2066320 and BZ#1926332
# So we decided to remove it from testsuite
--- tar-1.30/tests/Makefile.am.old 2022-12-05 10:18:29.093200490 +0000
+++ tar-1.30/tests/Makefile.am 2022-12-05 10:18:47.058200490 +0000
@@ -261,8 +261,7 @@ TESTSUITE_AT = \
acls02.at\
acls03.at\
selnx01.at\
- selacl01.at\
- capabs_raw01.at
+ selacl01.at
distclean-local:
-rm -rf download
--- tar-1.30/tests/testsuite.at.old 2022-12-05 10:19:51.023200490 +0000
+++ tar-1.30/tests/testsuite.at 2022-12-05 10:20:19.418200490 +0000
@@ -469,8 +469,6 @@ m4_include([acls03.at])
m4_include([selnx01.at])
m4_include([selacl01.at])
-m4_include([capabs_raw01.at])
-
AT_BANNER([One top level])
m4_include([onetop01.at])
m4_include([onetop02.at])
--- tar-1.30-test/tests/capabs_raw01.at 2017-01-02 12:43:50.000000000 +0000
+++ tar-1.30/tests/capabs_raw01.at 1970-01-01 00:00:00.000000000 +0000
@@ -1,53 +0,0 @@
-# Process this file with autom4te to create testsuite. -*- Autotest -*-
-#
-# Test suite for GNU tar.
-# Copyright 2012-2014, 2016-2017 Free Software Foundation, Inc.
-
-# This file is part of GNU tar.
-
-# GNU tar is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 3 of the License, or
-# (at your option) any later version.
-
-# GNU tar is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-#
-# Test description: Test if file capabilities are archived/restored correctly
-# using just the default xattr support (capabilities are stored/restored in
-# binary format -> system dependant).
-
-AT_SETUP([capabilities: binary store/restore])
-AT_KEYWORDS([xattrs capabilities capabs_raw01])
-
-AT_TAR_CHECK([
-AT_PRIVILEGED_PREREQ
-AT_XATTRS_PREREQ
-AT_CAPABILITIES_UTILS_PREREQ
-
-mkdir dir
-genfile --file dir/file
-
-setcap "= cap_chown=ei" dir/file
-
-# archive whole directory including binary xattrs
-tar --xattrs -cf archive.tar dir
-
-# clear the directory
-rm -rf dir
-
-# restore _all_ xattrs (not just the user.* domain)
-tar --xattrs --xattrs-include='*' -xf archive.tar
-
-getcap dir/file
-],
-[0],
-[dir/file = cap_chown+ei
-])
-
-AT_CLEANUP

50
SOURCES/tar-1.30-xgetcwd-null-return-check.patch
View File

@ -1,50 +0,0 @@
From 60acf5a7407ef263aaf7d3751da08167b1990eb0 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Wed, 20 May 2020 13:35:28 +0200
Subject: [PATCH] Check return value from xgetcwd
* src/misc.c (chdir_arg,tar_getcdpath): Check for non-NULL
return from xgetcwd. The function returns NULL for any
error originating from getcwd.
---
src/misc.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/misc.c b/src/misc.c
index cd07f53..eccf6f9 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -301,8 +301,6 @@ normalize_filename (int cdidx, const char *name)
size_t copylen;
bool need_separator;
- if (!cdpath)
- call_arg_fatal ("getcwd", ".");
copylen = strlen (cdpath);
need_separator = ! (DOUBLE_SLASH_IS_DISTINCT_ROOT
&& copylen == 2 && ISSLASH (cdpath[1]));
@@ -909,6 +907,8 @@ chdir_arg (char const *dir)
{
wd[wd_count].name = ".";
wd[wd_count].abspath = xgetcwd ();
+ if (!wd[wd_count].abspath)
+ call_arg_fatal ("getcwd", ".");
wd[wd_count].fd = AT_FDCWD;
wd_count++;
}
@@ -1034,7 +1034,11 @@ tar_getcdpath (int idx)
{
static char *cwd;
if (!cwd)
- cwd = xgetcwd ();
+ {
+ cwd = xgetcwd ();
+ if (!cwd)
+ call_arg_fatal ("getcwd", ".");
+ }
return cwd;
}
return wd[idx].abspath;
--
2.24.1

164
SOURCES/tar-1.34-Warn-file-changed-as-we-read-it-less-often.patch
View File

@ -1,164 +0,0 @@
From 7819e9ce26a6331f7a347c59cebfd5c6a8902ea3 Mon Sep 17 00:00:00 2001
From: Lukas Nykryn <lnykryn@redhat.com>
Date: Thu, 15 Aug 2024 14:19:58 +0200
Subject: [PATCH] =?UTF-8?q?Warn=20=E2=80=9Cfile=20changed=20as=20we=20read?=
=?UTF-8?q?=20it=E2=80=9D=20less=20often?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* src/create.c (dump_file0): Remove an fstatat call that is
unnecessary because the file wasnt read so we can treat the first
fstatat as atomic. Warn “file changed” when the files size,
mtime, user ID, group ID, or mode changes, instead of when the
files size or ctime changes. Also, when such a change happens,
do not change exit status if --ignore-failed-read. Finally, dont
attempt to change atime back if it didnt change.
---
doc/tar.texi | 10 ++++++----
src/create.c | 54 ++++++++++++++++++++++++++++++++++++----------------
2 files changed, 44 insertions(+), 20 deletions(-)
diff --git a/doc/tar.texi b/doc/tar.texi
index b66b163..dd5a272 100644
--- a/doc/tar.texi
+++ b/doc/tar.texi
@@ -2854,7 +2854,7 @@ Ignore exit codes of subprocesses. @xref{Writing to an External Program}.
@opsummary{ignore-failed-read}
@item --ignore-failed-read
-Do not exit unsuccessfully merely because an unreadable file was encountered.
+Do not exit unsuccessfully merely because reading failed.
@xref{Ignore Failed Read}.
@opsummary{ignore-zeros}
@@ -4638,7 +4638,8 @@ Disable all warning messages.
@item file-changed
@samp{%s: file changed as we read it}
@item failed-read
-Suppresses warnings about unreadable files or directories. This
+Suppresses warnings about read failures, which can occur if files
+or directories are unreadable, or if they change while being read. This
keyword applies only if used together with the @option{--ignore-failed-read}
option. @xref{Ignore Failed Read}.
@end table
@@ -5761,11 +5762,12 @@ Disable SELinux context support.
@table @option
@item --ignore-failed-read
@opindex ignore-failed-read
-Do not exit with nonzero on unreadable files or directories.
+Do not exit with nonzero if there are mild problems while reading.
@end table
This option has effect only during creation. It instructs tar to
-treat as mild conditions any missing or unreadable files (directories).
+treat as mild conditions any missing or unreadable files (directories),
+or files that change while reading.
Such failures don't affect the program exit code, and the
corresponding diagnostic messages are marked as warnings, not errors.
These warnings can be suppressed using the
diff --git a/src/create.c b/src/create.c
index e2816fc..2b3001d 100644
--- a/src/create.c
+++ b/src/create.c
@@ -1650,8 +1650,6 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p)
{
union block *header;
char type;
- off_t original_size;
- struct timespec original_ctime;
off_t block_ordinal = -1;
int fd = 0;
bool is_dir;
@@ -1694,10 +1692,11 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p)
return;
}
- st->archive_file_size = original_size = st->stat.st_size;
+ struct stat st1 = st->stat;
+ st->archive_file_size = st->stat.st_size;
st->atime = get_stat_atime (&st->stat);
st->mtime = get_stat_mtime (&st->stat);
- st->ctime = original_ctime = get_stat_ctime (&st->stat);
+ st->ctime = get_stat_ctime (&st->stat);
#ifdef S_ISHIDDEN
if (S_ISHIDDEN (st->stat.st_mode))
@@ -1747,7 +1746,7 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p)
if (is_dir || S_ISREG (st->stat.st_mode) || S_ISCTG (st->stat.st_mode))
{
bool ok;
- struct stat final_stat;
+ struct stat st2;
xattrs_acls_get (parentfd, name, st, 0, !is_dir);
xattrs_selinux_get (parentfd, name, st, fd);
@@ -1815,31 +1814,54 @@ dump_file0 (struct tar_stat_info *st, char const *name, char const *p)
errno = - parentfd;
ok = false;
}
- else
- ok = fstatat (parentfd, name, &final_stat, fstatat_flags) == 0;
}
else
- ok = fstat (fd, &final_stat) == 0;
+ ok = fstat (fd, &st2) == 0;
if (! ok)
file_removed_diag (p, top_level, stat_diag);
}
- if (ok)
+ if (ok && fd)
{
- if ((timespec_cmp (get_stat_ctime (&final_stat), original_ctime) != 0
- /* Original ctime will change if the file is a directory and
- --remove-files is given */
- && !(remove_files_option && is_dir))
- || original_size < final_stat.st_size)
+ /* Heuristically check whether the file is the same in all
+ attributes that tar cares about and can easily check.
+ Although the check is not perfect since it does not
+ consult file contents, it is typically good enough.
+ Do not check atime which is saved only to replace it later.
+ Do not check ctime where changes might be benign (e.g.,
+ another process creates a hard link to the file). */
+
+ /* If the file's user ID, group ID or mode changed, tar may
+ have output the wrong info for the file. */
+ ok &= st1.st_uid == st2.st_uid;
+ ok &= st1.st_gid == st2.st_gid;
+ ok &= st1.st_mode == st2.st_mode;
+
+ /* Likewise for the file's mtime, but skip this check if it
+ is a directory possibly updated by --remove-files. */
+ if (! (is_dir && remove_files_option))
+ ok &= ! timespec_cmp (get_stat_mtime (&st1),
+ get_stat_mtime (&st2));
+
+ /* Likewise for the file's size, but skip this check if it
+ is a directory as tar does not output directory sizes.
+ Although dump_regular_file caught regular file shrinkage,
+ it shouldn't hurt to check for shrinkage again now;
+ plus, the file may have grown. */
+ if (!is_dir)
+ ok &= st1.st_size == st2.st_size;
+
+ if (!ok)
{
WARNOPT (WARN_FILE_CHANGED,
(0, 0, _("%s: file changed as we read it"),
quotearg_colon (p)));
- set_exit_status (TAREXIT_DIFFERS);
+ if (! ignore_failed_read_option)
+ set_exit_status (TAREXIT_DIFFERS);
}
else if (atime_preserve_option == replace_atime_preserve
- && fd && (is_dir || original_size != 0)
+ && timespec_cmp (st->atime, get_stat_atime (&st2)) != 0
&& set_file_atime (fd, parentfd, name, st->atime) != 0
&& errno != EROFS )
utime_error (p);
--
2.45.2

39
SPECS/tar.spec
View File

@ -6,7 +6,7 @@ Summary: A GNU file archiving program
Name: tar Name: tar
Epoch: 2 Epoch: 2
Version: 1.30 Version: 1.30
Release: 10%{?dist} Release: 4%{?dist}
License: GPLv3+ License: GPLv3+
Group: Applications/Archiving Group: Applications/Archiving
URL: http://www.gnu.org/software/tar/ URL: http://www.gnu.org/software/tar/
@ -23,21 +23,6 @@ Patch9: tar-1.28-document-exclude-mistakes.patch
Patch11: tar-1.28-sparse-inf-loops.patch Patch11: tar-1.28-sparse-inf-loops.patch
Patch12: tar-1.30-tests-difflink.patch Patch12: tar-1.30-tests-difflink.patch
Patch13: tar-1.30-tests-dirrem.patch Patch13: tar-1.30-tests-dirrem.patch
Patch14: tar-1.30-xgetcwd-null-return-check.patch
Patch15: tar-1.30-padding-zeros.patch
Patch16: tar-1.30-disk-read-error.patch
# Source: https://git.savannah.gnu.org/cgit/tar.git/commit/?id=14d8fc718f0c872274b90991ee634b0cd8e1a6f0
Patch17: tar-1.30-Fix-the-no-overwrite-dir-option
# Remove the capabilities test, due to fails (BZ#2066320 and BZ#1926332)
Patch18: tar-1.30-remove-capabs-test.patch
Patch19: tar-1.30-CVE-2022-48303.patch
Patch20: tar-1.34-Warn-file-changed-as-we-read-it-less-often.patch
# inspired by upstream commit 64b43fdf70d82c39eb2ca900cd4f8e49b86c2020
# "tests: fix race in dirrem01 and dirrem02"
# Patch20 for some reason exposes a race in the filerem01 test,
# use this to enforce the order where genfile wins the race
# and removes the test file before tar archives it.
Patch21: tar-1.30-filerem01.at-swap-actions.patch
# run "make check" by default # run "make check" by default
%bcond_without check %bcond_without check
@ -103,7 +88,6 @@ ln -s tar.1.gz $RPM_BUILD_ROOT%{_mandir}/man1/gtar.1
rm -f $RPM_BUILD_ROOT%{_sysconfdir}/rmt rm -f $RPM_BUILD_ROOT%{_sysconfdir}/rmt
rm -f $RPM_BUILD_ROOT%{_mandir}/man8/rmt.8* rm -f $RPM_BUILD_ROOT%{_mandir}/man8/rmt.8*
%find_lang %name %find_lang %name
%check %check
@ -144,27 +128,6 @@ fi
%{_infodir}/tar.info* %{_infodir}/tar.info*
%changelog %changelog
* Tue Jun 3 2025 Pavel Cahyna <pcahyna@redhat.com> - 2:1.30-10
- Warn “file changed as we read it” less often
- Add downstream patch to fix related failure in filerem01 test
* Thu Feb 09 2023 Matej Mužila <mmuzila@redhat.com> - 1.30-9
- Fix CVE-2022-48303
- Resolves: CVE-2022-48303
* Mon Dec 05 2022 Lukas Javorsky <ljavorsk@redhat.com> - 1.30-8
- Remove the capabs_raw01 test from testsuite (#2066320)
* Fri Nov 25 2022 Lukas Javorsky <ljavorsk@redhat.com> - 1.30-7
- Fix the --no-overwrite-dir option
* Wed May 12 2021 Ondrej Dubaj <odubaj@redhat.com> - 1.30-6
- added "padding with zeros" info message (#1913566)
- do not report disk error as file shrank (#1913569)
* Wed May 20 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.30-5
- fixed NULL return value from xgetcwd (#1837871)
* Wed May 23 2018 Pavel Raiskup <praiskup@redhat.com> - 1.30-4 * Wed May 23 2018 Pavel Raiskup <praiskup@redhat.com> - 1.30-4
- drop BuildRequires: rsh, we anyways use ./configure RSH=%%_bindir/ssh - drop BuildRequires: rsh, we anyways use ./configure RSH=%%_bindir/ssh