[Toybox] [PATCH 2/2] tar: fix bugs with adding hardlinks to archive

[William Djupström]

On 09/06 09:39, Rob Landley wrote:
> 
> 
> On 6/9/20 8:56 AM, William Djupström via Toybox wrote:
> > ---
> >  toys/posix/tar.c | 5 +++--
> >  1 file changed, 3 insertions(+), 2 deletions(-)
> > 
> > diff --git a/toys/posix/tar.c b/toys/posix/tar.c
> > index 8706ac30..d752acfe 100644
> > --- a/toys/posix/tar.c
> > +++ b/toys/posix/tar.c
> > @@ -246,7 +246,8 @@ static int add_to_tar(struct dirtree *node)
> >        i = 1;
> >      } else {
> >        // first time we've seen it. Store as normal file, but remember it.
> > -      if (!(TT.hlc&255)) TT.hlx = xrealloc(TT.hlx, TT.hlc+256);
> > +      if (!(TT.hlc&255))
> > +        TT.hlx = xrealloc(TT.hlx, sizeof(*TT.hlx)*(TT.hlc+256));
> >        TT.hlx[TT.hlc].arg = xstrdup(hname);
> >        TT.hlx[TT.hlc].ino = st->st_ino;
> >        TT.hlx[TT.hlc].dev = st->st_dev;
> > @@ -270,7 +271,7 @@ static int add_to_tar(struct dirtree *node)
> >      }
> >      if (strlen(lnk) > sizeof(hdr.link)) write_longname(lnk, 'K');
> >      strncpy(hdr.link, lnk, sizeof(hdr.link));
> > -    if (i) free(lnk);
> > +    if (i==2) free(lnk);
> >    } else if (S_ISREG(st->st_mode)) {
> >      hdr.type = '0';
> >      ITOO(hdr.size, st->st_size);
> > 
> 
> Test case please?
For the free()
  $ mkdir -p links
  $ touch links/orig
  $ ln links/{orig,link1}
  $ ln links/{orig,link2}
  $ ./toybox tar -cf test.tar links
  free(): double free detected in tcache 2
  Aborted (core dumped)

For the xrealloc()
  $ mkdir links
  $ for i in {0..12}; do
  >   touch links/orig$i
  >   ln links/{orig,link}$i
  > done
  $ ./toybox tar -cf test.tar links
  Segmentation fault (core dumped)
> 
> Rob
> 

//William