[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-tar] [PATCH 0/2] tar: checksum collision
From: |
Alexander Kolesen |
Subject: |
[Bug-tar] [PATCH 0/2] tar: checksum collision |
Date: |
Thu, 2 Jan 2014 00:13:20 +0300 |
Hello,
I've bumped into strange tar behavior - it's unable to decompress a previously
compressed archive:
% file test.tar.gz
test.tar.gz: gzip compressed data, from Unix, last modified: Fri Dec 21
13:00:50 2012
% tar -xf test.tar.gz -C out && echo "Success"
tar: This does not look like a tar archive
tar: Exiting with failure status due to previous errors
% tar -xf test.tar.gz && echo "Success"
Success
Here's the content of the file. In contains nothing but an empty directory:
% cat test.tar.gz | base64
H4sIAFIz1FAAA+3PMQqDQBCF4TnK3sAZddzjiAERCaywccn1NUUghWgjqf6vecW84s2cl/Re8nPM
/WsdpjlNldxNdzH6Jy26/uaXWK2da2Nem6i1rXUS/PYlB8r+dg5ByqOktZz0Lu4AAAAAAAAAAAAA
AAAAAPzRBndnEVwAKAAA
I've made a quick research and found out that src/list.c:tar_checksum function
wrongly interprets this file as a plain tar archive instead of gzipped tar due
checksum collision (signed_sum == recorded_sum == 0):
(gdb) run -xvf ../iw.tgz.bak
Starting program: /home/m0use/work/tar-bug/tar/src/tar -xvf ../iw.tgz.bak
warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
Breakpoint 1, tar_checksum (header=<optimized out>, address@hidden) at
list.c:350
350 if (unsigned_sum != recorded_sum && signed_sum != recorded_sum)
(gdb) p signed_sum
$1 = 0
(gdb) p recorded_sum
$2 = 0
So, tar_checksum function returns HEADER_SUCCESS in case of gzipped tar file,
what's wrong.
Here's a couple of patches which fixes the case from my perspective.
Please, review when you have a chance.
Thanks!
Alexander Kolesen (2):
check_compressed_archive: check for compressed signatures first prior
to checking tar checksum
init_buffer: zero-fill allocated memory to prevent examing a junk
src/buffer.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
--
1.8.5.2
- [Bug-tar] [PATCH 0/2] tar: checksum collision,
Alexander Kolesen <=