[Toybox] Navigating googlesource?
Rob Landley
rob at landley.net
Wed Apr 26 01:19:19 PDT 2023
On 4/25/23 17:02, Yifan Hong wrote:
> Thank you for your detailed explanation! I've learned a lot, and it makes sense
> to me. I'll also treat this as an intentional behavior and properly prepare the
> directory before archiving stuff (-P doesn't seem to apply in my specific case).
I looked into making -P skip this, but it turns out -P is creation-side only and
is ignored on extract. (You say -C / if you want absolute path support.) So it
wouldn't be adding more unsafe to an existing unsafe option, like I thought.
The patch to make -P disable the symlink check is reasonably straightforward (if
I'm ok with -P disabling --restrict), it's just something like:
--- a/toys/posix/tar.c
+++ b/toys/posix/tar.c
@@ -529,7 +529,7 @@ static int dirflush(char *name, int isdir)
char *s = 0, *ss;
// Barf if name not in TT.cwd
- if (name) {
+ if (name && !FLAG(P)) {
if (!(ss = s = xabspath(name, isdir ? ABS_LAST : 0))) {
error_msg("'%s' bad symlink", name);
@@ -557,7 +557,7 @@ static int dirflush(char *name, int isdir)
while (TT.dirs) {
// If next file is under (or equal to) this dir, keep waiting
- if (name && strstart(&ss, ss = s) && (!*ss || *ss=='/')) break;
+ if (name && strstart(&ss, ss = s ? : name) && (!*ss || *ss=='/')) break;
wsettime(TT.dirs->str+sizeof(long long), *(long long *)TT.dirs->str);
free(llist_pop(&TT.dirs));
But I'm not convinced it's a good idea.
Rob
More information about the Toybox
mailing list