[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: Re: [PATCH v2] tar: regression with hardlinked symlinks
From: Denys Vlasenko <vda.linux () googlemail ! com>
Date: 2018-05-22 15:36:17
Message-ID: CAK1hOcM5mJn+XF377iw5UL3bFKCN46LHhdoRiKwgmjJyJqQ7NQ () mail ! gmail ! com
[Download RAW message or body]
Applied, thanks!
Sorry for the delay :/
On Tue, May 1, 2018 at 7:30 AM, Harald van Dijk <harald@gigawatt.nl> wrote:
> ping^2
>
> On 4/15/18 8:25 PM, Harald van Dijk wrote:
>>
>> ping
>>
>> FWIW, this problem actually came up with an archive containing a fsroot
>> including a busybox installation again, but this time, the archive was
>> created after a deduplication step had hardlinked identical files and
>> symlinks.
>>
>> On 4/1/18 1:37 PM, Harald van Dijk wrote:
>>>
>>> When the creation of symlinks got delayed until after all other files had
>>> been extracted, that didn't take into account that the archive may contain
>>> hardlinks to those symlinks. The extraction of those hardlinks did not get
>>> delayed so would fail.
>>>
>>> This patch generalises the symlink_placeholders approach to a
>>> link_placeholders which allows delaying the extraction of hardlinks too. It
>>> changes the order in which delayed links are added to ensure that a hardlink
>>> to an earlier symlink will create the symlink first.
>>>
>>> It delays all hardlinks without regards to the target. It may be
>>> desirable to instead tweak it to determine whether the link target is a
>>> delayed symlink, but that is a cost/benefits tradeoff. As hardlinks are
>>> relatively rare, I guess the benefit of such an optimisation would be small,
>>> but I am not really qualified to make that determination.
>>>
>>> Test case:
>>>
>>> mkdir dir
>>> >dir/a
>>> ln -s ../dir/a dir/b
>>> ln dir/b dir/c
>>> mkdir new
>>> tar cf - dir/* | tar -C new -xf -
>>>
>>> busybox ad4e9613:
>>>
>>> tar: can't create hardlink 'dir/c' to 'dir/b': No such file or directory
>>>
>>> busybox ad4e9613 + patch:
>>>
>>> No error output. The archive is successfully extracted.
>>>
>>> The security hole that the delayed extraction of symlinks was meant to
>>> prevent should not be re-introduced by the delayed creation of hardlinks:
>>> the parent components of archive entries still get created first, so if an
>>> archive contains a file "exploit", a symlink "parent -> ..", and a hardlink
>>> "parent/exploit -> exploit", the presence of that hardlink causes "parent"
>>> to be immediately created as a regular directory. The symlink creation
>>> "parent -> .." will therefore fail. This could use careful review though.
>>>
>>> Cheers,
>>> Harald van Dijk
>
> _______________________________________________
> busybox mailing list
> busybox@busybox.net
> http://lists.busybox.net/mailman/listinfo/busybox
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic