untar: optional checking euid

Signed-off-by: yuchen.cc <[email protected]>

Author: yuchen0cc

src/overlaybd/tar/header.cpp

@@ -139,7 +139,6 @@ size_t TarCore::get_size() {
     }
 }
 
-#define BIT_ISSET(bitmask, bit) ((bitmask) & (bit))
 static const char ZERO_BLOCK[T_BLOCKSIZE] = {0};
 
 int TarCore::read_header_internal(photon::fs::IFile *dump) {

src/overlaybd/tar/libtar.cpp

@@ -43,7 +43,7 @@ int UnTar::set_file_perms(const char *filename) {
     tv[0].tv_usec = tv[1].tv_usec = 0;
 
     /* change owner/group */
-    if (geteuid() == 0) {
+    if (!BIT_ISSET(options, TAR_CHECK_EUID) || geteuid() == 0) {
         if (fs->lchown(filename, uid, gid) == -1) {
             LOG_ERRNO_RETURN(0, -1, "lchown failed, filename `, uid `, gid `", filename, uid, gid);
         }
@@ -174,7 +174,7 @@ int UnTar::extract_file() {
     // check file exist
     struct stat s;
     if (fs->lstat(npath.c_str(), &s) == 0 || errno != ENOENT) {
-        if (options & TAR_NOOVERWRITE) {
+        if (BIT_ISSET(options, TAR_NOOVERWRITE)) {
             errno = EEXIST;
             return -1;
         } else {
@@ -202,7 +202,7 @@ int UnTar::extract_file() {
     else if (TH_ISSYM(header))
         i = extract_symlink(filename);
     else if (TH_ISCHR(header) || TH_ISBLK(header)) {
-        if (geteuid() == 0) {
+        if (!BIT_ISSET(options, TAR_CHECK_EUID) || geteuid() == 0) {
             i = extract_block_char_fifo(filename);
         } else {
             LOG_WARN("file ` ignored: skip for user namespace", filename);
@@ -332,7 +332,7 @@ int UnTar::extract_symlink(const char *filename) {
 int UnTar::extract_dir(const char *filename) {
     mode_t mode = header.get_mode();
 
-    LOG_DEBUG("  ==> extracting: ` (mode `, directory)", filename, mode);
+    LOG_DEBUG("  ==> extracting: ` (mode `, directory)", filename, OCT(mode));
     if (fs->mkdir(filename, mode) < 0) {
         if (errno == EEXIST) {
             return 1;

src/overlaybd/tar/libtar.h

@@ -233,6 +233,9 @@ class UnTar : public TarCore {
 #define TAR_CHECK_MAGIC   16  /* check magic in file header */
 #define TAR_CHECK_VERSION 32  /* check version in file header */
 #define TAR_IGNORE_CRC    64  /* ignore CRC in file header */
+#define TAR_CHECK_EUID   128  /* check effective uid of calling process */
+
+#define BIT_ISSET(bitmask, bit) ((bitmask) & (bit))
 
 /* this is obsolete - it's here for backwards-compatibility only */
 #define TAR_IGNORE_MAGIC   0

src/overlaybd/tar/tar_file.cpp

@@ -199,15 +199,15 @@ class TarFile : public ForwardFile_Ownership {
         th_buf = (TarHeader *)(buf + 2 * T_BLOCKSIZE);
         th_buf->typeflag = REGTYPE;                                     // type
         struct passwd *pw;
-        pw = getpwuid(s.st_uid);
+        pw = getpwuid(0);
         if (pw != NULL)
             strlcpy(th_buf->uname, pw->pw_name, sizeof(th_buf->uname)); // uname
-        int_to_oct(s.st_uid, th_buf->uid, 8);                           // uid
+        int_to_oct(0, th_buf->uid, 8);                                  // uid
         struct group *gr;
-        gr = getgrgid(s.st_gid);
+        gr = getgrgid(0);
         if (gr != NULL)
             strlcpy(th_buf->gname, gr->gr_name, sizeof(th_buf->gname)); // gname
-        int_to_oct(s.st_gid, th_buf->gid, 8);                           // gid
+        int_to_oct(0, th_buf->gid, 8);                                  // gid
         int_to_oct(s.st_mode, th_buf->mode, 8);                         // mode
 #ifndef NO_TIMESTAMP
         int_to_oct_nonull(s.st_mtime, th_buf->mtime, 12);               // mtime

src/overlaybd/tar/test/test.cpp

@@ -169,7 +169,7 @@ TEST_F(TarTest, untar) {
     auto target = photon::fs::new_subfs(fs, "rootfs", false);
     ASSERT_NE(nullptr, target);
     DEFER(delete target);
-    auto tar = new UnTar(tarf, target, 0);
+    auto tar = new UnTar(tarf, target, TAR_CHECK_EUID);
     auto ret = tar->extract_all();
     EXPECT_EQ(0, ret);
     delete tar;