From e23d123b9326881803da64b1eb1e35fc0362e993 Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Tue, 26 Oct 2010 17:57:44 -0700 Subject: [PATCH] tar: fix -x --overwrite bug (no --dereference, ! O_NOFOLLOW) This bug was discovered on Solaris 8. On older hosts lacking O_NOFOLLOW, tar -x --overwrite (without --dereference) follows symbolic links, causing the "extract over symlinks" test to fail. * src/extract.c (open_output_file): If O_NOFOLLOW is needed but does not work, check for a symlink separately. --- src/extract.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/extract.c b/src/extract.c index 98236ac..44233b9 100644 --- a/src/extract.c +++ b/src/extract.c @@ -864,6 +864,20 @@ open_output_file (char const *file_name, int typeflag, mode_t mode, } } + /* If O_NOFOLLOW is needed but does not work, check for a symlink + separately. There's a race condition, but that cannot be avoided + on hosts lacking O_NOFOLLOW. */ + if (! O_NOFOLLOW && overwriting_old_files && ! dereference_option) + { + struct stat st; + if (fstatat (chdir_fd, file_name, &st, AT_SYMLINK_NOFOLLOW) == 0 + && S_ISLNK (st.st_mode)) + { + errno = ELOOP; + return -1; + } + } + fd = openat (chdir_fd, file_name, openflag, mode); if (0 <= fd) { -- 2.44.0