minitar 0.5.4 → 0.6

data/lib/archive/tar/minitar/input.rb

@@ -0,0 +1,212 @@
+# coding: utf-8
+
+require 'archive/tar/minitar/reader'
+
+module Archive::Tar::Minitar
+  # Wraps a Archive::Tar::Minitar::Reader with convenience methods and wrapped
+  # stream management; Input only works with data streams that can be rewound.
+  class Input
+    include Enumerable
+
+    # With no associated block, +Input.open+ is a synonym for +Input.new+. If
+    # the optional code block is given, it will be given the new Input as an
+    # argument and the Input object will automatically be closed when the block
+    # terminates (this also closes the wrapped stream object). In this
+    # instance, +Input.open+ returns the value of the block.
+    #
+    # call-seq:
+    #    Archive::Tar::Minitar::Input.open(io) -> input
+    #    Archive::Tar::Minitar::Input.open(io) { |input| block } -> obj
+    def self.open(input)
+      stream = new(input)
+      return stream unless block_given?
+      yield stream
+    ensure
+      stream.close
+    end
+
+    # Iterates over each entry in the provided input. This wraps the common
+    # pattern of:
+    #
+    #     Archive::Tar::Minitar::Input.open(io) do |i|
+    #       inp.each do |entry|
+    #         # ...
+    #       end
+    #     end
+    #
+    # If a block is not provided, an enumerator will be created with the same
+    # behaviour.
+    #
+    # call-seq:
+    #    Archive::Tar::Minitar::Input.each_entry(io) -> enumerator
+    #    Archive::Tar::Minitar::Input.each_entry(io) { |entry| block } -> obj
+    def self.each_entry(input)
+      return to_enum(__method__, input) unless block_given?
+
+      open(input) do |stream|
+        stream.each do |entry|
+          yield entry
+        end
+      end
+    end
+
+    # Creates a new Input object. If +input+ is a stream object that responds
+    # to #read, then it will simply be wrapped. Otherwise, one will be created
+    # and opened using Kernel#open. When Input#close is called, the stream
+    # object wrapped will be closed.
+    #
+    # An exception will be raised if the stream that is wrapped does not
+    # support rewinding.
+    #
+    # call-seq:
+    #    Archive::Tar::Minitar::Input.new(io) -> input
+    #    Archive::Tar::Minitar::Input.new(path) -> input
+    def initialize(input)
+      @io = if input.respond_to?(:read)
+              input
+            else
+              ::Kernel.open(input, 'rb')
+            end
+
+      unless Archive::Tar::Minitar.seekable?(@io, :rewind)
+        raise Archive::Tar::Minitar::NonSeekableStream
+      end
+
+      @tar = Reader.new(@io)
+    end
+
+    # When provided a block, iterates through each entry in the archive. When
+    # finished, rewinds to the beginning of the stream.
+    #
+    # If not provided a block, creates an enumerator with the same semantics.
+    def each_entry
+      return to_enum unless block_given?
+
+      @tar.each do |entry|
+        yield entry
+      end
+    ensure
+      @tar.rewind
+    end
+    alias each each_entry
+
+    # Extracts the current +entry+ to +destdir+. If a block is provided, it
+    # yields an +action+ Symbol, the full name of the file being extracted
+    # (+name+), and a Hash of statistical information (+stats+).
+    #
+    # The +action+ will be one of:
+    # <tt>:dir</tt>::           The +entry+ is a directory.
+    # <tt>:file_start</tt>::    The +entry+ is a file; the extract of the
+    #                           file is just beginning.
+    # <tt>:file_progress</tt>:: Yielded every 4096 bytes during the extract
+    #                           of the +entry+.
+    # <tt>:file_done</tt>::     Yielded when the +entry+ is completed.
+    #
+    # The +stats+ hash contains the following keys:
+    # <tt>:current</tt>:: The current total number of bytes read in the
+    #                     +entry+.
+    # <tt>:currinc</tt>:: The current number of bytes read in this read
+    #                     cycle.
+    # <tt>:entry</tt>::   The entry being extracted; this is a
+    #                     Reader::EntryStream, with all methods thereof.
+    def extract_entry(destdir, entry) # :yields action, name, stats:
+      stats = {
+        :current  => 0,
+        :currinc  => 0,
+        :entry    => entry
+      }
+
+      # extract_entry is not vulnerable to prefix '/' vulnerabilities, but it
+      # is vulnerable to relative path directories. This code will break this
+      # vulnerability. For this version, we are breaking relative paths HARD by
+      # throwing an exception.
+      #
+      # Future versions may permit relative paths as long as the file does not
+      # leave +destdir+.
+      #
+      # However, squeeze consecutive '/' characters together.
+      full_name = entry.full_name.squeeze('/')
+
+      if full_name =~ /\.{2}(?:\/|\z)/
+        raise SecureRelativePathError, %q(Path contains '..')
+      end
+
+      if entry.directory?
+        dest = File.join(destdir, full_name)
+
+        yield :dir, full_name, stats if block_given?
+
+        if Archive::Tar::Minitar.dir?(dest)
+          begin
+            FileUtils.chmod(entry.mode, dest)
+          rescue
+            nil
+          end
+        else
+          File.unlink(dest.chomp('/')) if File.symlink?(dest.chomp('/'))
+
+          FileUtils.mkdir_p(dest, :mode => entry.mode)
+          FileUtils.chmod(entry.mode, dest)
+        end
+
+        fsync_dir(dest)
+        fsync_dir(File.join(dest, '..'))
+        return
+      else # it's a file
+        destdir = File.join(destdir, File.dirname(full_name))
+        FileUtils.mkdir_p(destdir, :mode => 0o755)
+
+        destfile = File.join(destdir, File.basename(full_name))
+
+        File.unlink(destfile) if File.symlink?(destfile)
+
+        # Errno::ENOENT
+        # rubocop:disable Style/RescueModifier
+        FileUtils.chmod(0o600, destfile) rescue nil
+        # rubocop:enable Style/RescueModifier
+
+        yield :file_start, full_name, stats if block_given?
+
+        File.open(destfile, 'wb', entry.mode) do |os|
+          loop do
+            data = entry.read(4096)
+            break unless data
+
+            stats[:currinc] = os.write(data)
+            stats[:current] += stats[:currinc]
+
+            yield :file_progress, full_name, stats if block_given?
+          end
+          os.fsync
+        end
+
+        FileUtils.chmod(entry.mode, destfile)
+        fsync_dir(File.dirname(destfile))
+        fsync_dir(File.join(File.dirname(destfile), '..'))
+
+        yield :file_done, full_name, stats if block_given?
+      end
+    end
+
+    # Returns the Reader object for direct access.
+    attr_reader :tar
+
+    # Closes both the Reader object and the wrapped data stream.
+    def close
+      @io.close
+      @tar.close
+    end
+
+    private
+
+    def fsync_dir(dirname)
+      # make sure this hits the disc
+      dir = open(dirname, 'rb')
+      dir.fsync
+    rescue # ignore IOError if it's an unpatched (old) Ruby
+      nil
+    ensure
+      dir.close if dir rescue nil # rubocop:disable Style/RescueModifier
+    end
+  end
+end

data/lib/archive/tar/minitar/output.rb

@@ -0,0 +1,69 @@
+# coding: utf-8
+
+require 'archive/tar/minitar/writer'
+
+module Archive::Tar::Minitar
+  # Wraps a Archive::Tar::Minitar::Writer with convenience methods and wrapped
+  # stream management. If the stream provided to Output does not support random
+  # access, only Writer#add_file_simple and Writer#mkdir are guaranteed to
+  # work.
+  class Output
+    # With no associated block, +Output.open+ is a synonym for +Output.new+. If
+    # the optional code block is given, it will be given the new Output as an
+    # argument and the Output object will automatically be closed when the
+    # block terminates (this also closes the wrapped stream object). In this
+    # instance, +Output.open+ returns the value of the block.
+    #
+    # call-seq:
+    #    Archive::Tar::Minitar::Output.open(io) -> output
+    #    Archive::Tar::Minitar::Output.open(io) { |output| block } -> obj
+    def self.open(output)
+      stream = new(output)
+      return stream unless block_given?
+      yield stream
+    ensure
+      stream.close
+    end
+
+    # Output.tar is a wrapper for Output.open that yields the owned tar object
+    # instead of the Output object. If a block is not provided, an enumerator
+    # will be created with the same behaviour.
+    #
+    # call-seq:
+    #    Archive::Tar::Minitar::Output.tar(io) -> enumerator
+    #    Archive::Tar::Minitar::Output.tar(io) { |tar| block } -> obj
+    def self.tar(output)
+      return to_enum(__method__, output) unless block_given?
+
+      open(output) do |stream|
+        yield stream.tar
+      end
+    end
+
+    # Creates a new Output object. If +output+ is a stream object that responds
+    # to #write, then it will simply be wrapped. Otherwise, one will be created
+    # and opened using Kernel#open. When Output#close is called, the stream
+    # object wrapped will be closed.
+    #
+    # call-seq:
+    #    Archive::Tar::Minitar::Output.new(io) -> output
+    #    Archive::Tar::Minitar::Output.new(path) -> output
+    def initialize(output)
+      @io = if output.respond_to?(:write)
+              output
+            else
+              ::Kernel.open(output, 'wb')
+            end
+      @tar = Archive::Tar::Minitar::Writer.new(@io)
+    end
+
+    # Returns the Writer object for direct access.
+    attr_reader :tar
+
+    # Closes the Writer object and the wrapped data stream.
+    def close
+      @tar.close
+      @io.close
+    end
+  end
+end

data/lib/archive/tar/minitar/posix_header.rb

@@ -0,0 +1,259 @@
+# coding: utf-8
+
+##
+module Archive; end
+##
+module Archive::Tar; end
+##
+module Archive::Tar::Minitar; end
+
+# Implements the POSIX tar header as a Ruby class. The structure of
+# the POSIX tar header is:
+#
+#   struct tarfile_entry_posix
+#   {                      //                               pack/unpack
+#      char name[100];     // ASCII (+ Z unless filled)     a100/Z100
+#      char mode[8];       // 0 padded, octal, null         a8  /A8
+#      char uid[8];        // 0 padded, octal, null         a8  /A8
+#      char gid[8];        // 0 padded, octal, null         a8  /A8
+#      char size[12];      // 0 padded, octal, null         a12 /A12
+#      char mtime[12];     // 0 padded, octal, null         a12 /A12
+#      char checksum[8];   // 0 padded, octal, null, space  a8  /A8
+#      char typeflag[1];   // see below                     a   /a
+#      char linkname[100]; // ASCII + (Z unless filled)     a100/Z100
+#      char magic[6];      // "ustar\0"                     a6  /A6
+#      char version[2];    // "00"                          a2  /A2
+#      char uname[32];     // ASCIIZ                        a32 /Z32
+#      char gname[32];     // ASCIIZ                        a32 /Z32
+#      char devmajor[8];   // 0 padded, octal, null         a8  /A8
+#      char devminor[8];   // 0 padded, octal, null         a8  /A8
+#      char prefix[155];   // ASCII (+ Z unless filled)     a155/Z155
+#   };
+#
+# The #typeflag is one of several known values.
+#
+# POSIX indicates that "A POSIX-compliant implementation must treat any
+# unrecognized typeflag value as a regular file."
+class Archive::Tar::Minitar::PosixHeader
+  BLOCK_SIZE = 512
+
+  # Fields that must be set in a POSIX tar(1) header.
+  REQUIRED_FIELDS = [ :name, :size, :prefix, :mode ].freeze
+  # Fields that may be set in a POSIX tar(1) header.
+  OPTIONAL_FIELDS = [
+    :uid, :gid, :mtime, :checksum, :typeflag, :linkname, :magic, :version,
+    :uname, :gname, :devmajor, :devminor
+  ].freeze
+
+  # All fields available in a POSIX tar(1) header.
+  FIELDS = (REQUIRED_FIELDS + OPTIONAL_FIELDS).freeze
+
+  FIELDS.each do |f|
+    attr_reader f.to_sym unless f.to_sym == :name
+  end
+
+  # The name of the file. By default, limited to 100 bytes. Required. May be
+  # longer (up to BLOCK_SIZE bytes) if using the GNU long name tar extension.
+  attr_accessor :name
+
+  # The pack format passed to Array#pack for encoding a header.
+  HEADER_PACK_FORMAT    = 'a100a8a8a8a12a12a7aaa100a6a2a32a32a8a8a155'.freeze
+  # The unpack format passed to String#unpack for decoding a header.
+  HEADER_UNPACK_FORMAT  = 'Z100A8A8A8A12A12A8aZ100A6A2Z32Z32A8A8Z155'.freeze
+
+  class << self
+    # Creates a new PosixHeader from a data stream.
+    def from_stream(stream)
+      from_data(stream.read(BLOCK_SIZE))
+    end
+
+    # Creates a new PosixHeader from a data stream. Deprecated; use
+    # PosixHeader.from_stream instead.
+    def new_from_stream(stream)
+      warn "#{__method__} has been deprecated; use from_stream instead."
+      from_stream(stream)
+    end
+
+    # Creates a new PosixHeader from a BLOCK_SIZE-byte data buffer.
+    def from_data(data)
+      fields    = data.unpack(HEADER_UNPACK_FORMAT)
+      name      = fields.shift
+      mode      = fields.shift.oct
+      uid       = fields.shift.oct
+      gid       = fields.shift.oct
+      size      = fields.shift.oct
+      mtime     = fields.shift.oct
+      checksum  = fields.shift.oct
+      typeflag  = fields.shift
+      linkname  = fields.shift
+      magic     = fields.shift
+      version   = fields.shift.oct
+      uname     = fields.shift
+      gname     = fields.shift
+      devmajor  = fields.shift.oct
+      devminor  = fields.shift.oct
+      prefix    = fields.shift
+
+      empty = !data.each_byte.any?(&:nonzero?)
+
+      new(
+        :name => name,
+        :mode => mode,
+        :uid => uid,
+        :gid => gid,
+        :size => size,
+        :mtime => mtime,
+        :checksum => checksum,
+        :typeflag => typeflag,
+        :magic => magic,
+        :version => version,
+        :uname => uname,
+        :gname => gname,
+        :devmajor => devmajor,
+        :devminor => devminor,
+        :prefix => prefix,
+        :empty => empty,
+        :linkname => linkname
+      )
+    end
+  end
+
+  # Creates a new PosixHeader. A PosixHeader cannot be created unless
+  # +name+, +size+, +prefix+, and +mode+ are provided.
+  def initialize(v)
+    REQUIRED_FIELDS.each do |f|
+      raise ArgumentError, "Field #{f} is required." unless v.key?(f)
+    end
+
+    v[:mtime] = v[:mtime].to_i
+    v[:checksum] ||= ''
+    v[:typeflag] ||= '0'
+    v[:magic]    ||= 'ustar'
+    v[:version]  ||= '00'
+
+    FIELDS.each do |f|
+      instance_variable_set("@#{f}", v[f])
+    end
+
+    @empty = v[:empty]
+  end
+
+  # Indicates if the header was an empty header.
+  def empty?
+    @empty
+  end
+
+  # Returns +true+ if the header is a long name special header which indicates
+  # that the next block of data is the filename.
+  def long_name?
+    typeflag == 'L' && name == '././@LongLink'
+  end
+
+  # A string representation of the header.
+  def to_s
+    update_checksum
+    header(@checksum)
+  end
+  alias to_str to_s
+
+  # Update the checksum field.
+  def update_checksum
+    hh = header(' ' * 8)
+    @checksum = oct(calculate_checksum(hh), 6)
+  end
+
+  private
+
+  def oct(num, len)
+    if num.nil?
+      "\0" * (len + 1)
+    else
+      "%0#{len}o" % num
+    end
+  end
+
+  def calculate_checksum(hdr)
+    hdr.unpack('C*').inject { |a, e| a + e }
+  end
+
+  def header(chksum)
+    arr = [name, oct(mode, 7), oct(uid, 7), oct(gid, 7), oct(size, 11),
+           oct(mtime, 11), chksum, ' ', typeflag, linkname, magic, version,
+           uname, gname, oct(devmajor, 7), oct(devminor, 7), prefix]
+    str = arr.pack(HEADER_PACK_FORMAT)
+    str + "\0" * ((BLOCK_SIZE - str.size) % BLOCK_SIZE)
+  end
+
+  ##
+  # :attr_reader: size
+  # The size of the file. Required.
+
+  ##
+  # :attr_reader: prefix
+  # The prefix of the file; the path before #name. Limited to 155 bytes.
+  # Required.
+
+  ##
+  # :attr_reader: mode
+  # The Unix file mode of the file. Stored as an octal integer. Required.
+
+  ##
+  # :attr_reader: uid
+  # The Unix owner user ID of the file. Stored as an octal integer.
+
+  ##
+  # :attr_reader: uname
+  # The user name of the Unix owner of the file.
+
+  ##
+  # :attr_reader: gid
+  # The Unix owner group ID of the file. Stored as an octal integer.
+
+  ##
+  # :attr_reader: gname
+  # The group name of the Unix owner of the file.
+
+  ##
+  # :attr_reader: mtime
+  # The modification time of the file in epoch seconds. Stored as an
+  # octal integer.
+
+  ##
+  # :attr_reader: checksum
+  # The checksum of the file. Stored as an octal integer. Calculated
+  # before encoding the header as a string.
+
+  ##
+  # :attr_reader: typeflag
+  # The type of record in the file.
+  #
+  # +0+::  Regular file. NULL should be treated as a synonym, for compatibility
+  #        purposes.
+  # +1+::  Hard link.
+  # +2+::  Symbolic link.
+  # +3+::  Character device node.
+  # +4+::  Block device node.
+  # +5+::  Directory.
+  # +6+::  FIFO node.
+  # +7+::  Reserved.
+
+  ##
+  # :attr_reader: linkname
+  # The name of the link stored. Not currently used.
+
+  ##
+  # :attr_reader: magic
+  # Always "ustar\0".
+
+  ##
+  # :attr_reader: version
+  # Always "00"
+
+  ##
+  # :attr_reader: devmajor
+  # The major device ID. Not currently used.
+
+  ##
+  # :attr_reader: devminor
+  # The minor device ID. Not currently used.
+end