commit bca3fcca91cfb6ee64434776aa20209547816c17
parent d335c366f7a2ef74ab8da19b721707110ec821c8
Author: Elie Le Vaillant <eolien55@disroot.org>
Date: Sun, 11 Feb 2024 09:26:14 +0100
tar: sanitize, chktar: leading spaces should be skipped over
Some tar archives (eg. ftp://ftp.gnu.org/gnu/shtool/shtool-2.0.8.tar.gz)
use leading spaces instead of leading zeroes for numeric fields.
Although it is not allowed by the ustar specification, most tar
implementations recognize it as correct. But since 3ef6d4e4, we
replace all spaces by NULs here, not just trailing ones, which leads to
recognizing such archives as malformed. This fixes it: we now skip
over leading spaces, allowing strtol(3) to read those numeric fields.
Diffstat:
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/tar.c b/tar.c
@@ -399,10 +399,12 @@ sanitize(struct header *h)
/* Numeric fields can be terminated with spaces instead of
* NULs as per the ustar specification. Patch all of them to
* use NULs so we can perform string operations on them. */
- for (i = 0; i < LEN(fields); i++)
- for (j = 0; j < fields[i].l; j++)
+ for (i = 0; i < LEN(fields); i++){
+ for (j = 0; j < fields[i].l && fields[i].f[j] == ' '; j++);
+ for (; j < fields[i].l; j++)
if (fields[i].f[j] == ' ')
fields[i].f[j] = '\0';
+ }
}
static void
@@ -421,7 +423,8 @@ chktar(struct header *h)
goto bad;
}
memcpy(tmp, h->chksum, sizeof(tmp));
- for (i = 0; i < sizeof(tmp); i++)
+ for (i = 0; i < sizeof(tmp), tmp[i] == ' '; i++);
+ for (; i < sizeof(tmp); i++)
if (tmp[i] == ' ')
tmp[i] = '\0';
s1 = strtol(tmp, &err, 8);
