-
Notifications
You must be signed in to change notification settings - Fork 299
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[merged] Rework libarchive import support #275
Conversation
path_relative (const char *src) | ||
{ | ||
if (src[0] == '.' && src[1] == '/') | ||
src += 2; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Doesn't this also need to be a loop so we canonicalize paths like ././foo
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point.
⬆️ Fixup added! |
Only took a quick scan, but the high level looks really good. Will look more next week. |
src += 2; | ||
else if (src[0] == '.' && src[1] == '\0') | ||
src++; | ||
while (src[0] == '/') | ||
src++; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This still won't handle /./foo
right? I think the code needs to be more like:
while (TRUE)
{
if (src[0] == '.' && src[1] == '/')
{
src += 2;
continue;
}
if (src[0] == '/')
{
src++;
continue
}
break;
}
Or something? There's got to be some LGPL-or-below code we can look at as a reference...okay, some quick git grep relative
in libarchive led me to strip_absolute_path which is rather terrifying...we could likely drop the Windows code at least.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ahhh OK, I will tweak this so we at least handle the non-expensive cases.
Added fixups! ⬆️ |
} | ||
} | ||
lines = g_strsplit (contents, "\n", -1); | ||
for (char **iter = lines; iter && *iter; iter++) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd be a bit more comfortable if we had braces {
for nested loops/conditionals...otherwise it's too easy down the line to add an additional statement and have it go in the wrong section.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(Although https://gnu.wildebeest.org/blog/mjw/2016/01/09/looking-forward-to-gcc6-nice-new-warnings/ will help with that)
☔ The latest upstream changes (presumably 7021c4f) made this pull request unmergeable. Please resolve the merge conflicts. |
- Make hardlink handling more generic. The previous strategy worked for tar archives, but not for cpio. It now works for both. - Add support for SEL labeling (through the OstreeRepoCommitModifier) - Add support for xattr_callback (through the OstreeRepoCommitModifier) - Add support for filter (through the OstreeRepoCommitModifier) - Add a use_ostree_convention option
This was already supported by the commit modifier API, just needed to expose it. This will also be used to test the libarchive API in a future test.
- Test both tar and cpio archives - Test more hardlink corner cases - Test symlinks more rigorously - Test stat override - Test skip list
- Do a bit of refactoring - Add test for use_ostree_convention - Add test for xattr_callback - Add test for SELinux labeling
74213a0
to
0f23fe5
Compare
I rebased and added fixups to address the last comments. I squashed all the previous fixups and only kept the new ones. Since for now we're punting on the name:id issues some clients will face, I went a different way than we had originally talked about re. passing hashtables through the For the name:id issues, we do not impose any restrictions in the ImportArchive API. Instead, client apps like |
* archive. For us however, this will be important. So we do our best to deal | ||
* with non-conventional paths (but note that we don't try to be sophisticated | ||
* enough to handle e.g. ../ & ./ in the middle of normal dir comps, which | ||
* would probably require a stack). Also important, we relativize the path. */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note ot_util_path_split_validate()
does intentionally explicitly error out if we find ..
as a path component. See also ot_util_filename_validate()
.
I think with the current logic it'd be possible to have foo/../../../../bar
...and we wouldn't trip any assertions =/
We really need unit tests for this function.
I submitted #283
⬆️ Added a fixup to validate all paths using |
@@ -81,13 +82,23 @@ path_relative (const char *src) | |||
if (src[0] == '.' && src[1] == '\0') | |||
src += 1; | |||
|
|||
/* make sure that the final path is valid (no . or ..) */ | |||
if (!ot_util_path_split_validate (src, NULL, error)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A bit expensive to do it this way, we end up mallocing all the path components just to throw them away. But eh...we can revisit this later.
This was already supported by the commit modifier API, just needed to expose it. This will also be used to test the libarchive API in a future test. Closes: #275 Approved by: cgwalters
- Test both tar and cpio archives - Test more hardlink corner cases - Test symlinks more rigorously - Test stat override - Test skip list Closes: #275 Approved by: cgwalters
- Do a bit of refactoring - Add test for use_ostree_convention - Add test for xattr_callback - Add test for SELinux labeling Closes: #275 Approved by: cgwalters
☀️ Test successful - status-atomicjenkins |
From the first commit message:
The remaining commits add tests for the new features.
The main motivation for this work is coreos/rpm-ostree#107. With these patches,
rpm-ostree
will be able to much more easily import RPMs into repos, with full support for filecaps and SELinux labeling.