...
Run Format

Source file src/archive/tar/writer.go

     1	// Copyright 2009 The Go Authors. All rights reserved.
     2	// Use of this source code is governed by a BSD-style
     3	// license that can be found in the LICENSE file.
     4	
     5	package tar
     6	
     7	// TODO(dsymonds):
     8	// - catch more errors (no first header, etc.)
     9	
    10	import (
    11		"bytes"
    12		"errors"
    13		"fmt"
    14		"io"
    15		"path"
    16		"sort"
    17		"strconv"
    18		"strings"
    19		"time"
    20	)
    21	
    22	var (
    23		ErrWriteTooLong    = errors.New("archive/tar: write too long")
    24		ErrFieldTooLong    = errors.New("archive/tar: header field too long")
    25		ErrWriteAfterClose = errors.New("archive/tar: write after close")
    26		errInvalidHeader   = errors.New("archive/tar: header field too long or contains invalid values")
    27	)
    28	
    29	// A Writer provides sequential writing of a tar archive in POSIX.1 format.
    30	// A tar archive consists of a sequence of files.
    31	// Call WriteHeader to begin a new file, and then call Write to supply that file's data,
    32	// writing at most hdr.Size bytes in total.
    33	type Writer struct {
    34		w          io.Writer
    35		err        error
    36		nb         int64 // number of unwritten bytes for current file entry
    37		pad        int64 // amount of padding to write after current file entry
    38		closed     bool
    39		usedBinary bool  // whether the binary numeric field extension was used
    40		preferPax  bool  // use PAX header instead of binary numeric header
    41		hdrBuff    block // buffer to use in writeHeader when writing a regular header
    42		paxHdrBuff block // buffer to use in writeHeader when writing a PAX header
    43	}
    44	
    45	// NewWriter creates a new Writer writing to w.
    46	func NewWriter(w io.Writer) *Writer { return &Writer{w: w} }
    47	
    48	// Flush finishes writing the current file (optional).
    49	func (tw *Writer) Flush() error {
    50		if tw.nb > 0 {
    51			tw.err = fmt.Errorf("archive/tar: missed writing %d bytes", tw.nb)
    52			return tw.err
    53		}
    54	
    55		n := tw.nb + tw.pad
    56		for n > 0 && tw.err == nil {
    57			nr := n
    58			if nr > blockSize {
    59				nr = blockSize
    60			}
    61			var nw int
    62			nw, tw.err = tw.w.Write(zeroBlock[0:nr])
    63			n -= int64(nw)
    64		}
    65		tw.nb = 0
    66		tw.pad = 0
    67		return tw.err
    68	}
    69	
    70	var (
    71		minTime = time.Unix(0, 0)
    72		// There is room for 11 octal digits (33 bits) of mtime.
    73		maxTime = minTime.Add((1<<33 - 1) * time.Second)
    74	)
    75	
    76	// WriteHeader writes hdr and prepares to accept the file's contents.
    77	// WriteHeader calls Flush if it is not the first header.
    78	// Calling after a Close will return ErrWriteAfterClose.
    79	func (tw *Writer) WriteHeader(hdr *Header) error {
    80		return tw.writeHeader(hdr, true)
    81	}
    82	
    83	// WriteHeader writes hdr and prepares to accept the file's contents.
    84	// WriteHeader calls Flush if it is not the first header.
    85	// Calling after a Close will return ErrWriteAfterClose.
    86	// As this method is called internally by writePax header to allow it to
    87	// suppress writing the pax header.
    88	func (tw *Writer) writeHeader(hdr *Header, allowPax bool) error {
    89		if tw.closed {
    90			return ErrWriteAfterClose
    91		}
    92		if tw.err == nil {
    93			tw.Flush()
    94		}
    95		if tw.err != nil {
    96			return tw.err
    97		}
    98	
    99		// a map to hold pax header records, if any are needed
   100		paxHeaders := make(map[string]string)
   101	
   102		// TODO(dsnet): we might want to use PAX headers for
   103		// subsecond time resolution, but for now let's just capture
   104		// too long fields or non ascii characters
   105	
   106		// We need to select which scratch buffer to use carefully,
   107		// since this method is called recursively to write PAX headers.
   108		// If allowPax is true, this is the non-recursive call, and we will use hdrBuff.
   109		// If allowPax is false, we are being called by writePAXHeader, and hdrBuff is
   110		// already being used by the non-recursive call, so we must use paxHdrBuff.
   111		header := &tw.hdrBuff
   112		if !allowPax {
   113			header = &tw.paxHdrBuff
   114		}
   115		copy(header[:], zeroBlock[:])
   116	
   117		// Wrappers around formatter that automatically sets paxHeaders if the
   118		// argument extends beyond the capacity of the input byte slice.
   119		var f formatter
   120		var formatString = func(b []byte, s string, paxKeyword string) {
   121			needsPaxHeader := paxKeyword != paxNone && len(s) > len(b) || !isASCII(s)
   122			if needsPaxHeader {
   123				paxHeaders[paxKeyword] = s
   124				return
   125			}
   126			f.formatString(b, s)
   127		}
   128		var formatNumeric = func(b []byte, x int64, paxKeyword string) {
   129			// Try octal first.
   130			s := strconv.FormatInt(x, 8)
   131			if len(s) < len(b) {
   132				f.formatOctal(b, x)
   133				return
   134			}
   135	
   136			// If it is too long for octal, and PAX is preferred, use a PAX header.
   137			if paxKeyword != paxNone && tw.preferPax {
   138				f.formatOctal(b, 0)
   139				s := strconv.FormatInt(x, 10)
   140				paxHeaders[paxKeyword] = s
   141				return
   142			}
   143	
   144			tw.usedBinary = true
   145			f.formatNumeric(b, x)
   146		}
   147	
   148		// Handle out of range ModTime carefully.
   149		var modTime int64
   150		if !hdr.ModTime.Before(minTime) && !hdr.ModTime.After(maxTime) {
   151			modTime = hdr.ModTime.Unix()
   152		}
   153	
   154		v7 := header.V7()
   155		formatString(v7.Name(), hdr.Name, paxPath)
   156		// TODO(dsnet): The GNU format permits the mode field to be encoded in
   157		// base-256 format. Thus, we can use formatNumeric instead of formatOctal.
   158		f.formatOctal(v7.Mode(), hdr.Mode)
   159		formatNumeric(v7.UID(), int64(hdr.Uid), paxUid)
   160		formatNumeric(v7.GID(), int64(hdr.Gid), paxGid)
   161		formatNumeric(v7.Size(), hdr.Size, paxSize)
   162		// TODO(dsnet): Consider using PAX for finer time granularity.
   163		formatNumeric(v7.ModTime(), modTime, paxNone)
   164		v7.TypeFlag()[0] = hdr.Typeflag
   165		formatString(v7.LinkName(), hdr.Linkname, paxLinkpath)
   166	
   167		ustar := header.USTAR()
   168		formatString(ustar.UserName(), hdr.Uname, paxUname)
   169		formatString(ustar.GroupName(), hdr.Gname, paxGname)
   170		formatNumeric(ustar.DevMajor(), hdr.Devmajor, paxNone)
   171		formatNumeric(ustar.DevMinor(), hdr.Devminor, paxNone)
   172	
   173		// TODO(dsnet): The logic surrounding the prefix field is broken when trying
   174		// to encode the header as GNU format. The challenge with the current logic
   175		// is that we are unsure what format we are using at any given moment until
   176		// we have processed *all* of the fields. The problem is that by the time
   177		// all fields have been processed, some work has already been done to handle
   178		// each field under the assumption that it is for one given format or
   179		// another. In some situations, this causes the Writer to be confused and
   180		// encode a prefix field when the format being used is GNU. Thus, producing
   181		// an invalid tar file.
   182		//
   183		// As a short-term fix, we disable the logic to use the prefix field, which
   184		// will force the badly generated GNU files to become encoded as being
   185		// the PAX format.
   186		//
   187		// As an alternative fix, we could hard-code preferPax to be true. However,
   188		// this is problematic for the following reasons:
   189		//	* The preferPax functionality is not tested at all.
   190		//	* This can result in headers that try to use both the GNU and PAX
   191		//	features at the same time, which is also wrong.
   192		//
   193		// The proper fix for this is to use a two-pass method:
   194		//	* The first pass simply determines what set of formats can possibly
   195		//	encode the given header.
   196		//	* The second pass actually encodes the header as that given format
   197		//	without worrying about violating the format.
   198		//
   199		// See the following:
   200		//	https://golang.org/issue/12594
   201		//	https://golang.org/issue/17630
   202		//	https://golang.org/issue/9683
   203		const usePrefix = false
   204	
   205		// try to use a ustar header when only the name is too long
   206		_, paxPathUsed := paxHeaders[paxPath]
   207		if usePrefix && !tw.preferPax && len(paxHeaders) == 1 && paxPathUsed {
   208			prefix, suffix, ok := splitUSTARPath(hdr.Name)
   209			if ok {
   210				// Since we can encode in USTAR format, disable PAX header.
   211				delete(paxHeaders, paxPath)
   212	
   213				// Update the path fields
   214				formatString(v7.Name(), suffix, paxNone)
   215				formatString(ustar.Prefix(), prefix, paxNone)
   216			}
   217		}
   218	
   219		if tw.usedBinary {
   220			header.SetFormat(formatGNU)
   221		} else {
   222			header.SetFormat(formatUSTAR)
   223		}
   224	
   225		// Check if there were any formatting errors.
   226		if f.err != nil {
   227			tw.err = f.err
   228			return tw.err
   229		}
   230	
   231		if allowPax {
   232			for k, v := range hdr.Xattrs {
   233				paxHeaders[paxXattr+k] = v
   234			}
   235		}
   236	
   237		if len(paxHeaders) > 0 {
   238			if !allowPax {
   239				return errInvalidHeader
   240			}
   241			if err := tw.writePAXHeader(hdr, paxHeaders); err != nil {
   242				return err
   243			}
   244		}
   245		tw.nb = hdr.Size
   246		tw.pad = (blockSize - (tw.nb % blockSize)) % blockSize
   247	
   248		_, tw.err = tw.w.Write(header[:])
   249		return tw.err
   250	}
   251	
   252	// splitUSTARPath splits a path according to USTAR prefix and suffix rules.
   253	// If the path is not splittable, then it will return ("", "", false).
   254	func splitUSTARPath(name string) (prefix, suffix string, ok bool) {
   255		length := len(name)
   256		if length <= nameSize || !isASCII(name) {
   257			return "", "", false
   258		} else if length > prefixSize+1 {
   259			length = prefixSize + 1
   260		} else if name[length-1] == '/' {
   261			length--
   262		}
   263	
   264		i := strings.LastIndex(name[:length], "/")
   265		nlen := len(name) - i - 1 // nlen is length of suffix
   266		plen := i                 // plen is length of prefix
   267		if i <= 0 || nlen > nameSize || nlen == 0 || plen > prefixSize {
   268			return "", "", false
   269		}
   270		return name[:i], name[i+1:], true
   271	}
   272	
   273	// writePaxHeader writes an extended pax header to the
   274	// archive.
   275	func (tw *Writer) writePAXHeader(hdr *Header, paxHeaders map[string]string) error {
   276		// Prepare extended header
   277		ext := new(Header)
   278		ext.Typeflag = TypeXHeader
   279		// Setting ModTime is required for reader parsing to
   280		// succeed, and seems harmless enough.
   281		ext.ModTime = hdr.ModTime
   282		// The spec asks that we namespace our pseudo files
   283		// with the current pid. However, this results in differing outputs
   284		// for identical inputs. As such, the constant 0 is now used instead.
   285		// golang.org/issue/12358
   286		dir, file := path.Split(hdr.Name)
   287		fullName := path.Join(dir, "PaxHeaders.0", file)
   288	
   289		ascii := toASCII(fullName)
   290		if len(ascii) > nameSize {
   291			ascii = ascii[:nameSize]
   292		}
   293		ext.Name = ascii
   294		// Construct the body
   295		var buf bytes.Buffer
   296	
   297		// Keys are sorted before writing to body to allow deterministic output.
   298		keys := make([]string, 0, len(paxHeaders))
   299		for k := range paxHeaders {
   300			keys = append(keys, k)
   301		}
   302		sort.Strings(keys)
   303	
   304		for _, k := range keys {
   305			fmt.Fprint(&buf, formatPAXRecord(k, paxHeaders[k]))
   306		}
   307	
   308		ext.Size = int64(len(buf.Bytes()))
   309		if err := tw.writeHeader(ext, false); err != nil {
   310			return err
   311		}
   312		if _, err := tw.Write(buf.Bytes()); err != nil {
   313			return err
   314		}
   315		if err := tw.Flush(); err != nil {
   316			return err
   317		}
   318		return nil
   319	}
   320	
   321	// Write writes to the current entry in the tar archive.
   322	// Write returns the error ErrWriteTooLong if more than
   323	// hdr.Size bytes are written after WriteHeader.
   324	func (tw *Writer) Write(b []byte) (n int, err error) {
   325		if tw.closed {
   326			err = ErrWriteAfterClose
   327			return
   328		}
   329		overwrite := false
   330		if int64(len(b)) > tw.nb {
   331			b = b[0:tw.nb]
   332			overwrite = true
   333		}
   334		n, err = tw.w.Write(b)
   335		tw.nb -= int64(n)
   336		if err == nil && overwrite {
   337			err = ErrWriteTooLong
   338			return
   339		}
   340		tw.err = err
   341		return
   342	}
   343	
   344	// Close closes the tar archive, flushing any unwritten
   345	// data to the underlying writer.
   346	func (tw *Writer) Close() error {
   347		if tw.err != nil || tw.closed {
   348			return tw.err
   349		}
   350		tw.Flush()
   351		tw.closed = true
   352		if tw.err != nil {
   353			return tw.err
   354		}
   355	
   356		// trailer: two zero blocks
   357		for i := 0; i < 2; i++ {
   358			_, tw.err = tw.w.Write(zeroBlock[:])
   359			if tw.err != nil {
   360				break
   361			}
   362		}
   363		return tw.err
   364	}
   365	

View as plain text