xref: /freebsd/contrib/libarchive/libarchive/archive_write_set_format_ustar.c (revision b4af4f93c682e445bf159f0d1ec90b636296c946)
1 /*-
2  * Copyright (c) 2003-2007 Tim Kientzle
3  * Copyright (c) 2011-2012 Michihiro NAKAJIMA
4  * All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  *    notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  *    notice, this list of conditions and the following disclaimer in the
13  *    documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18  * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
19  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25  */
26 
27 #include "archive_platform.h"
28 __FBSDID("$FreeBSD$");
29 
30 
31 #ifdef HAVE_ERRNO_H
32 #include <errno.h>
33 #endif
34 #include <stdio.h>
35 #ifdef HAVE_STDLIB_H
36 #include <stdlib.h>
37 #endif
38 #ifdef HAVE_STRING_H
39 #include <string.h>
40 #endif
41 
42 #include "archive.h"
43 #include "archive_entry.h"
44 #include "archive_entry_locale.h"
45 #include "archive_private.h"
46 #include "archive_write_private.h"
47 #include "archive_write_set_format_private.h"
48 
49 struct ustar {
50 	uint64_t	entry_bytes_remaining;
51 	uint64_t	entry_padding;
52 
53 	struct archive_string_conv *opt_sconv;
54 	struct archive_string_conv *sconv_default;
55 	int	init_default_conversion;
56 };
57 
58 /*
59  * Define structure of POSIX 'ustar' tar header.
60  */
61 #define	USTAR_name_offset 0
62 #define	USTAR_name_size 100
63 #define	USTAR_mode_offset 100
64 #define	USTAR_mode_size 6
65 #define	USTAR_mode_max_size 8
66 #define	USTAR_uid_offset 108
67 #define	USTAR_uid_size 6
68 #define	USTAR_uid_max_size 8
69 #define	USTAR_gid_offset 116
70 #define	USTAR_gid_size 6
71 #define	USTAR_gid_max_size 8
72 #define	USTAR_size_offset 124
73 #define	USTAR_size_size 11
74 #define	USTAR_size_max_size 12
75 #define	USTAR_mtime_offset 136
76 #define	USTAR_mtime_size 11
77 #define	USTAR_mtime_max_size 11
78 #define	USTAR_checksum_offset 148
79 #define	USTAR_checksum_size 8
80 #define	USTAR_typeflag_offset 156
81 #define	USTAR_typeflag_size 1
82 #define	USTAR_linkname_offset 157
83 #define	USTAR_linkname_size 100
84 #define	USTAR_magic_offset 257
85 #define	USTAR_magic_size 6
86 #define	USTAR_version_offset 263
87 #define	USTAR_version_size 2
88 #define	USTAR_uname_offset 265
89 #define	USTAR_uname_size 32
90 #define	USTAR_gname_offset 297
91 #define	USTAR_gname_size 32
92 #define	USTAR_rdevmajor_offset 329
93 #define	USTAR_rdevmajor_size 6
94 #define	USTAR_rdevmajor_max_size 8
95 #define	USTAR_rdevminor_offset 337
96 #define	USTAR_rdevminor_size 6
97 #define	USTAR_rdevminor_max_size 8
98 #define	USTAR_prefix_offset 345
99 #define	USTAR_prefix_size 155
100 #define	USTAR_padding_offset 500
101 #define	USTAR_padding_size 12
102 
103 /*
104  * A filled-in copy of the header for initialization.
105  */
106 static const char template_header[] = {
107 	/* name: 100 bytes */
108 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
109 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
110 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
111 	0,0,0,0,
112 	/* Mode, space-null termination: 8 bytes */
113 	'0','0','0','0','0','0', ' ','\0',
114 	/* uid, space-null termination: 8 bytes */
115 	'0','0','0','0','0','0', ' ','\0',
116 	/* gid, space-null termination: 8 bytes */
117 	'0','0','0','0','0','0', ' ','\0',
118 	/* size, space termination: 12 bytes */
119 	'0','0','0','0','0','0','0','0','0','0','0', ' ',
120 	/* mtime, space termination: 12 bytes */
121 	'0','0','0','0','0','0','0','0','0','0','0', ' ',
122 	/* Initial checksum value: 8 spaces */
123 	' ',' ',' ',' ',' ',' ',' ',' ',
124 	/* Typeflag: 1 byte */
125 	'0',			/* '0' = regular file */
126 	/* Linkname: 100 bytes */
127 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
128 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
129 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
130 	0,0,0,0,
131 	/* Magic: 6 bytes, Version: 2 bytes */
132 	'u','s','t','a','r','\0', '0','0',
133 	/* Uname: 32 bytes */
134 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
135 	/* Gname: 32 bytes */
136 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
137 	/* rdevmajor + space/null padding: 8 bytes */
138 	'0','0','0','0','0','0', ' ','\0',
139 	/* rdevminor + space/null padding: 8 bytes */
140 	'0','0','0','0','0','0', ' ','\0',
141 	/* Prefix: 155 bytes */
142 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
143 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
144 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
145 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0,
146 	0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,0,0,0,0,0, 0,0,0,
147 	/* Padding: 12 bytes */
148 	0,0,0,0,0,0,0,0, 0,0,0,0
149 };
150 
151 static ssize_t	archive_write_ustar_data(struct archive_write *a, const void *buff,
152 		    size_t s);
153 static int	archive_write_ustar_free(struct archive_write *);
154 static int	archive_write_ustar_close(struct archive_write *);
155 static int	archive_write_ustar_finish_entry(struct archive_write *);
156 static int	archive_write_ustar_header(struct archive_write *,
157 		    struct archive_entry *entry);
158 static int	archive_write_ustar_options(struct archive_write *,
159 		    const char *, const char *);
160 static int	format_256(int64_t, char *, int);
161 static int	format_number(int64_t, char *, int size, int max, int strict);
162 static int	format_octal(int64_t, char *, int);
163 
164 /*
165  * Set output format to 'ustar' format.
166  */
167 int
168 archive_write_set_format_ustar(struct archive *_a)
169 {
170 	struct archive_write *a = (struct archive_write *)_a;
171 	struct ustar *ustar;
172 
173 	archive_check_magic(_a, ARCHIVE_WRITE_MAGIC,
174 	    ARCHIVE_STATE_NEW, "archive_write_set_format_ustar");
175 
176 	/* If someone else was already registered, unregister them. */
177 	if (a->format_free != NULL)
178 		(a->format_free)(a);
179 
180 	/* Basic internal sanity test. */
181 	if (sizeof(template_header) != 512) {
182 		archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
183 		    "Internal: template_header wrong size: %zu should be 512",
184 		    sizeof(template_header));
185 		return (ARCHIVE_FATAL);
186 	}
187 
188 	ustar = (struct ustar *)calloc(1, sizeof(*ustar));
189 	if (ustar == NULL) {
190 		archive_set_error(&a->archive, ENOMEM,
191 		    "Can't allocate ustar data");
192 		return (ARCHIVE_FATAL);
193 	}
194 	a->format_data = ustar;
195 	a->format_name = "ustar";
196 	a->format_options = archive_write_ustar_options;
197 	a->format_write_header = archive_write_ustar_header;
198 	a->format_write_data = archive_write_ustar_data;
199 	a->format_close = archive_write_ustar_close;
200 	a->format_free = archive_write_ustar_free;
201 	a->format_finish_entry = archive_write_ustar_finish_entry;
202 	a->archive.archive_format = ARCHIVE_FORMAT_TAR_USTAR;
203 	a->archive.archive_format_name = "POSIX ustar";
204 	return (ARCHIVE_OK);
205 }
206 
207 static int
208 archive_write_ustar_options(struct archive_write *a, const char *key,
209     const char *val)
210 {
211 	struct ustar *ustar = (struct ustar *)a->format_data;
212 	int ret = ARCHIVE_FAILED;
213 
214 	if (strcmp(key, "hdrcharset")  == 0) {
215 		if (val == NULL || val[0] == 0)
216 			archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
217 			    "%s: hdrcharset option needs a character-set name",
218 			    a->format_name);
219 		else {
220 			ustar->opt_sconv = archive_string_conversion_to_charset(
221 			    &a->archive, val, 0);
222 			if (ustar->opt_sconv != NULL)
223 				ret = ARCHIVE_OK;
224 			else
225 				ret = ARCHIVE_FATAL;
226 		}
227 		return (ret);
228 	}
229 
230 	/* Note: The "warn" return is just to inform the options
231 	 * supervisor that we didn't handle it.  It will generate
232 	 * a suitable error if no one used this option. */
233 	return (ARCHIVE_WARN);
234 }
235 
236 static int
237 archive_write_ustar_header(struct archive_write *a, struct archive_entry *entry)
238 {
239 	char buff[512];
240 	int ret, ret2;
241 	struct ustar *ustar;
242 	struct archive_entry *entry_main;
243 	struct archive_string_conv *sconv;
244 
245 	ustar = (struct ustar *)a->format_data;
246 
247 	/* Setup default string conversion. */
248 	if (ustar->opt_sconv == NULL) {
249 		if (!ustar->init_default_conversion) {
250 			ustar->sconv_default =
251 			    archive_string_default_conversion_for_write(&(a->archive));
252 			ustar->init_default_conversion = 1;
253 		}
254 		sconv = ustar->sconv_default;
255 	} else
256 		sconv = ustar->opt_sconv;
257 
258 	/* Sanity check. */
259 	if (archive_entry_pathname(entry) == NULL) {
260 		archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
261 		    "Can't record entry in tar file without pathname");
262 		return (ARCHIVE_FAILED);
263 	}
264 
265 	/* Only regular files (not hardlinks) have data. */
266 	if (archive_entry_hardlink(entry) != NULL ||
267 	    archive_entry_symlink(entry) != NULL ||
268 	    !(archive_entry_filetype(entry) == AE_IFREG))
269 		archive_entry_set_size(entry, 0);
270 
271 	if (AE_IFDIR == archive_entry_filetype(entry)) {
272 		const char *p;
273 		size_t path_length;
274 		/*
275 		 * Ensure a trailing '/'.  Modify the entry so
276 		 * the client sees the change.
277 		 */
278 #if defined(_WIN32) && !defined(__CYGWIN__)
279 		const wchar_t *wp;
280 
281 		wp = archive_entry_pathname_w(entry);
282 		if (wp != NULL && wp[wcslen(wp) -1] != L'/') {
283 			struct archive_wstring ws;
284 
285 			archive_string_init(&ws);
286 			path_length = wcslen(wp);
287 			if (archive_wstring_ensure(&ws,
288 			    path_length + 2) == NULL) {
289 				archive_set_error(&a->archive, ENOMEM,
290 				    "Can't allocate ustar data");
291 				archive_wstring_free(&ws);
292 				return(ARCHIVE_FATAL);
293 			}
294 			/* Should we keep '\' ? */
295 			if (wp[path_length -1] == L'\\')
296 				path_length--;
297 			archive_wstrncpy(&ws, wp, path_length);
298 			archive_wstrappend_wchar(&ws, L'/');
299 			archive_entry_copy_pathname_w(entry, ws.s);
300 			archive_wstring_free(&ws);
301 			p = NULL;
302 		} else
303 #endif
304 			p = archive_entry_pathname(entry);
305 		/*
306 		 * On Windows, this is a backup operation just in
307 		 * case getting WCS failed. On POSIX, this is a
308 		 * normal operation.
309 		 */
310 		if (p != NULL && p[0] != '\0' && p[strlen(p) - 1] != '/') {
311 			struct archive_string as;
312 
313 			archive_string_init(&as);
314 			path_length = strlen(p);
315 			if (archive_string_ensure(&as,
316 			    path_length + 2) == NULL) {
317 				archive_set_error(&a->archive, ENOMEM,
318 				    "Can't allocate ustar data");
319 				archive_string_free(&as);
320 				return(ARCHIVE_FATAL);
321 			}
322 #if defined(_WIN32) && !defined(__CYGWIN__)
323 			/* NOTE: This might break the pathname
324 			 * if the current code page is CP932 and
325 			 * the pathname includes a character '\'
326 			 * as a part of its multibyte pathname. */
327 			if (p[strlen(p) -1] == '\\')
328 				path_length--;
329 			else
330 #endif
331 			archive_strncpy(&as, p, path_length);
332 			archive_strappend_char(&as, '/');
333 			archive_entry_copy_pathname(entry, as.s);
334 			archive_string_free(&as);
335 		}
336 	}
337 
338 #if defined(_WIN32) && !defined(__CYGWIN__)
339 	/* Make sure the path separators in pathname, hardlink and symlink
340 	 * are all slash '/', not the Windows path separator '\'. */
341 	entry_main = __la_win_entry_in_posix_pathseparator(entry);
342 	if (entry_main == NULL) {
343 		archive_set_error(&a->archive, ENOMEM,
344 		    "Can't allocate ustar data");
345 		return(ARCHIVE_FATAL);
346 	}
347 	if (entry != entry_main)
348 		entry = entry_main;
349 	else
350 		entry_main = NULL;
351 #else
352 	entry_main = NULL;
353 #endif
354 	ret = __archive_write_format_header_ustar(a, buff, entry, -1, 1, sconv);
355 	if (ret < ARCHIVE_WARN) {
356 		archive_entry_free(entry_main);
357 		return (ret);
358 	}
359 	ret2 = __archive_write_output(a, buff, 512);
360 	if (ret2 < ARCHIVE_WARN) {
361 		archive_entry_free(entry_main);
362 		return (ret2);
363 	}
364 	if (ret2 < ret)
365 		ret = ret2;
366 
367 	ustar->entry_bytes_remaining = archive_entry_size(entry);
368 	ustar->entry_padding = 0x1ff & (-(int64_t)ustar->entry_bytes_remaining);
369 	archive_entry_free(entry_main);
370 	return (ret);
371 }
372 
373 /*
374  * Format a basic 512-byte "ustar" header.
375  *
376  * Returns -1 if format failed (due to field overflow).
377  * Note that this always formats as much of the header as possible.
378  * If "strict" is set to zero, it will extend numeric fields as
379  * necessary (overwriting terminators or using base-256 extensions).
380  *
381  * This is exported so that other 'tar' formats can use it.
382  */
383 int
384 __archive_write_format_header_ustar(struct archive_write *a, char h[512],
385     struct archive_entry *entry, int tartype, int strict,
386     struct archive_string_conv *sconv)
387 {
388 	unsigned int checksum;
389 	int i, r, ret;
390 	size_t copy_length;
391 	const char *p, *pp;
392 	int mytartype;
393 
394 	ret = 0;
395 	mytartype = -1;
396 	/*
397 	 * The "template header" already includes the "ustar"
398 	 * signature, various end-of-field markers and other required
399 	 * elements.
400 	 */
401 	memcpy(h, &template_header, 512);
402 
403 	/*
404 	 * Because the block is already null-filled, and strings
405 	 * are allowed to exactly fill their destination (without null),
406 	 * I use memcpy(dest, src, strlen()) here a lot to copy strings.
407 	 */
408 	r = archive_entry_pathname_l(entry, &pp, &copy_length, sconv);
409 	if (r != 0) {
410 		if (errno == ENOMEM) {
411 			archive_set_error(&a->archive, ENOMEM,
412 			    "Can't allocate memory for Pathname");
413 			return (ARCHIVE_FATAL);
414 		}
415 		archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
416 		    "Can't translate pathname '%s' to %s",
417 		    pp, archive_string_conversion_charset_name(sconv));
418 		ret = ARCHIVE_WARN;
419 	}
420 	if (copy_length <= USTAR_name_size)
421 		memcpy(h + USTAR_name_offset, pp, copy_length);
422 	else {
423 		/* Store in two pieces, splitting at a '/'. */
424 		p = strchr(pp + copy_length - USTAR_name_size - 1, '/');
425 		/*
426 		 * Look for the next '/' if we chose the first character
427 		 * as the separator.  (ustar format doesn't permit
428 		 * an empty prefix.)
429 		 */
430 		if (p == pp)
431 			p = strchr(p + 1, '/');
432 		/* Fail if the name won't fit. */
433 		if (!p) {
434 			/* No separator. */
435 			archive_set_error(&a->archive, ENAMETOOLONG,
436 			    "Pathname too long");
437 			ret = ARCHIVE_FAILED;
438 		} else if (p[1] == '\0') {
439 			/*
440 			 * The only feasible separator is a final '/';
441 			 * this would result in a non-empty prefix and
442 			 * an empty name, which POSIX doesn't
443 			 * explicitly forbid, but it just feels wrong.
444 			 */
445 			archive_set_error(&a->archive, ENAMETOOLONG,
446 			    "Pathname too long");
447 			ret = ARCHIVE_FAILED;
448 		} else if (p  > pp + USTAR_prefix_size) {
449 			/* Prefix is too long. */
450 			archive_set_error(&a->archive, ENAMETOOLONG,
451 			    "Pathname too long");
452 			ret = ARCHIVE_FAILED;
453 		} else {
454 			/* Copy prefix and remainder to appropriate places */
455 			memcpy(h + USTAR_prefix_offset, pp, p - pp);
456 			memcpy(h + USTAR_name_offset, p + 1,
457 			    pp + copy_length - p - 1);
458 		}
459 	}
460 
461 	r = archive_entry_hardlink_l(entry, &p, &copy_length, sconv);
462 	if (r != 0) {
463 		if (errno == ENOMEM) {
464 			archive_set_error(&a->archive, ENOMEM,
465 			    "Can't allocate memory for Linkname");
466 			return (ARCHIVE_FATAL);
467 		}
468 		archive_set_error(&a->archive,
469 		    ARCHIVE_ERRNO_FILE_FORMAT,
470 		    "Can't translate linkname '%s' to %s",
471 		    p, archive_string_conversion_charset_name(sconv));
472 		ret = ARCHIVE_WARN;
473 	}
474 	if (copy_length > 0)
475 		mytartype = '1';
476 	else {
477 		r = archive_entry_symlink_l(entry, &p, &copy_length, sconv);
478 		if (r != 0) {
479 			if (errno == ENOMEM) {
480 				archive_set_error(&a->archive, ENOMEM,
481 				    "Can't allocate memory for Linkname");
482 				return (ARCHIVE_FATAL);
483 			}
484 			archive_set_error(&a->archive,
485 			    ARCHIVE_ERRNO_FILE_FORMAT,
486 			    "Can't translate linkname '%s' to %s",
487 			    p, archive_string_conversion_charset_name(sconv));
488 			ret = ARCHIVE_WARN;
489 		}
490 	}
491 	if (copy_length > 0) {
492 		if (copy_length > USTAR_linkname_size) {
493 			archive_set_error(&a->archive, ENAMETOOLONG,
494 			    "Link contents too long");
495 			ret = ARCHIVE_FAILED;
496 			copy_length = USTAR_linkname_size;
497 		}
498 		memcpy(h + USTAR_linkname_offset, p, copy_length);
499 	}
500 
501 	r = archive_entry_uname_l(entry, &p, &copy_length, sconv);
502 	if (r != 0) {
503 		if (errno == ENOMEM) {
504 			archive_set_error(&a->archive, ENOMEM,
505 			    "Can't allocate memory for Uname");
506 			return (ARCHIVE_FATAL);
507 		}
508 		archive_set_error(&a->archive,
509 		    ARCHIVE_ERRNO_FILE_FORMAT,
510 		    "Can't translate uname '%s' to %s",
511 		    p, archive_string_conversion_charset_name(sconv));
512 		ret = ARCHIVE_WARN;
513 	}
514 	if (copy_length > 0) {
515 		if (copy_length > USTAR_uname_size) {
516 			if (tartype != 'x') {
517 				archive_set_error(&a->archive,
518 				    ARCHIVE_ERRNO_MISC, "Username too long");
519 				ret = ARCHIVE_FAILED;
520 			}
521 			copy_length = USTAR_uname_size;
522 		}
523 		memcpy(h + USTAR_uname_offset, p, copy_length);
524 	}
525 
526 	r = archive_entry_gname_l(entry, &p, &copy_length, sconv);
527 	if (r != 0) {
528 		if (errno == ENOMEM) {
529 			archive_set_error(&a->archive, ENOMEM,
530 			    "Can't allocate memory for Gname");
531 			return (ARCHIVE_FATAL);
532 		}
533 		archive_set_error(&a->archive,
534 		    ARCHIVE_ERRNO_FILE_FORMAT,
535 		    "Can't translate gname '%s' to %s",
536 		    p, archive_string_conversion_charset_name(sconv));
537 		ret = ARCHIVE_WARN;
538 	}
539 	if (copy_length > 0) {
540 		if (strlen(p) > USTAR_gname_size) {
541 			if (tartype != 'x') {
542 				archive_set_error(&a->archive,
543 				    ARCHIVE_ERRNO_MISC, "Group name too long");
544 				ret = ARCHIVE_FAILED;
545 			}
546 			copy_length = USTAR_gname_size;
547 		}
548 		memcpy(h + USTAR_gname_offset, p, copy_length);
549 	}
550 
551 	if (format_number(archive_entry_mode(entry) & 07777,
552 	    h + USTAR_mode_offset, USTAR_mode_size, USTAR_mode_max_size, strict)) {
553 		archive_set_error(&a->archive, ERANGE,
554 		    "Numeric mode too large");
555 		ret = ARCHIVE_FAILED;
556 	}
557 
558 	if (format_number(archive_entry_uid(entry),
559 	    h + USTAR_uid_offset, USTAR_uid_size, USTAR_uid_max_size, strict)) {
560 		archive_set_error(&a->archive, ERANGE,
561 		    "Numeric user ID too large");
562 		ret = ARCHIVE_FAILED;
563 	}
564 
565 	if (format_number(archive_entry_gid(entry),
566 	    h + USTAR_gid_offset, USTAR_gid_size, USTAR_gid_max_size, strict)) {
567 		archive_set_error(&a->archive, ERANGE,
568 		    "Numeric group ID too large");
569 		ret = ARCHIVE_FAILED;
570 	}
571 
572 	if (format_number(archive_entry_size(entry),
573 	    h + USTAR_size_offset, USTAR_size_size, USTAR_size_max_size, strict)) {
574 		archive_set_error(&a->archive, ERANGE,
575 		    "File size out of range");
576 		ret = ARCHIVE_FAILED;
577 	}
578 
579 	if (format_number(archive_entry_mtime(entry),
580 	    h + USTAR_mtime_offset, USTAR_mtime_size, USTAR_mtime_max_size, strict)) {
581 		archive_set_error(&a->archive, ERANGE,
582 		    "File modification time too large");
583 		ret = ARCHIVE_FAILED;
584 	}
585 
586 	if (archive_entry_filetype(entry) == AE_IFBLK
587 	    || archive_entry_filetype(entry) == AE_IFCHR) {
588 		if (format_number(archive_entry_rdevmajor(entry),
589 		    h + USTAR_rdevmajor_offset, USTAR_rdevmajor_size,
590 		    USTAR_rdevmajor_max_size, strict)) {
591 			archive_set_error(&a->archive, ERANGE,
592 			    "Major device number too large");
593 			ret = ARCHIVE_FAILED;
594 		}
595 
596 		if (format_number(archive_entry_rdevminor(entry),
597 		    h + USTAR_rdevminor_offset, USTAR_rdevminor_size,
598 		    USTAR_rdevminor_max_size, strict)) {
599 			archive_set_error(&a->archive, ERANGE,
600 			    "Minor device number too large");
601 			ret = ARCHIVE_FAILED;
602 		}
603 	}
604 
605 	if (tartype >= 0) {
606 		h[USTAR_typeflag_offset] = tartype;
607 	} else if (mytartype >= 0) {
608 		h[USTAR_typeflag_offset] = mytartype;
609 	} else {
610 		switch (archive_entry_filetype(entry)) {
611 		case AE_IFREG: h[USTAR_typeflag_offset] = '0' ; break;
612 		case AE_IFLNK: h[USTAR_typeflag_offset] = '2' ; break;
613 		case AE_IFCHR: h[USTAR_typeflag_offset] = '3' ; break;
614 		case AE_IFBLK: h[USTAR_typeflag_offset] = '4' ; break;
615 		case AE_IFDIR: h[USTAR_typeflag_offset] = '5' ; break;
616 		case AE_IFIFO: h[USTAR_typeflag_offset] = '6' ; break;
617 		default: /* AE_IFSOCK and unknown */
618 			__archive_write_entry_filetype_unsupported(
619 			    &a->archive, entry, "ustar");
620 			ret = ARCHIVE_FAILED;
621 		}
622 	}
623 
624 	checksum = 0;
625 	for (i = 0; i < 512; i++)
626 		checksum += 255 & (unsigned int)h[i];
627 	h[USTAR_checksum_offset + 6] = '\0'; /* Can't be pre-set in the template. */
628 	/* h[USTAR_checksum_offset + 7] = ' '; */ /* This is pre-set in the template. */
629 	format_octal(checksum, h + USTAR_checksum_offset, 6);
630 	return (ret);
631 }
632 
633 /*
634  * Format a number into a field, with some intelligence.
635  */
636 static int
637 format_number(int64_t v, char *p, int s, int maxsize, int strict)
638 {
639 	int64_t limit;
640 
641 	limit = ((int64_t)1 << (s*3));
642 
643 	/* "Strict" only permits octal values with proper termination. */
644 	if (strict)
645 		return (format_octal(v, p, s));
646 
647 	/*
648 	 * In non-strict mode, we allow the number to overwrite one or
649 	 * more bytes of the field termination.  Even old tar
650 	 * implementations should be able to handle this with no
651 	 * problem.
652 	 */
653 	if (v >= 0) {
654 		while (s <= maxsize) {
655 			if (v < limit)
656 				return (format_octal(v, p, s));
657 			s++;
658 			limit <<= 3;
659 		}
660 	}
661 
662 	/* Base-256 can handle any number, positive or negative. */
663 	return (format_256(v, p, maxsize));
664 }
665 
666 /*
667  * Format a number into the specified field using base-256.
668  */
669 static int
670 format_256(int64_t v, char *p, int s)
671 {
672 	p += s;
673 	while (s-- > 0) {
674 		*--p = (char)(v & 0xff);
675 		v >>= 8;
676 	}
677 	*p |= 0x80; /* Set the base-256 marker bit. */
678 	return (0);
679 }
680 
681 /*
682  * Format a number into the specified field.
683  */
684 static int
685 format_octal(int64_t v, char *p, int s)
686 {
687 	int len;
688 
689 	len = s;
690 
691 	/* Octal values can't be negative, so use 0. */
692 	if (v < 0) {
693 		while (len-- > 0)
694 			*p++ = '0';
695 		return (-1);
696 	}
697 
698 	p += s;		/* Start at the end and work backwards. */
699 	while (s-- > 0) {
700 		*--p = (char)('0' + (v & 7));
701 		v >>= 3;
702 	}
703 
704 	if (v == 0)
705 		return (0);
706 
707 	/* If it overflowed, fill field with max value. */
708 	while (len-- > 0)
709 		*p++ = '7';
710 
711 	return (-1);
712 }
713 
714 static int
715 archive_write_ustar_close(struct archive_write *a)
716 {
717 	return (__archive_write_nulls(a, 512*2));
718 }
719 
720 static int
721 archive_write_ustar_free(struct archive_write *a)
722 {
723 	struct ustar *ustar;
724 
725 	ustar = (struct ustar *)a->format_data;
726 	free(ustar);
727 	a->format_data = NULL;
728 	return (ARCHIVE_OK);
729 }
730 
731 static int
732 archive_write_ustar_finish_entry(struct archive_write *a)
733 {
734 	struct ustar *ustar;
735 	int ret;
736 
737 	ustar = (struct ustar *)a->format_data;
738 	ret = __archive_write_nulls(a,
739 	    (size_t)(ustar->entry_bytes_remaining + ustar->entry_padding));
740 	ustar->entry_bytes_remaining = ustar->entry_padding = 0;
741 	return (ret);
742 }
743 
744 static ssize_t
745 archive_write_ustar_data(struct archive_write *a, const void *buff, size_t s)
746 {
747 	struct ustar *ustar;
748 	int ret;
749 
750 	ustar = (struct ustar *)a->format_data;
751 	if (s > ustar->entry_bytes_remaining)
752 		s = (size_t)ustar->entry_bytes_remaining;
753 	ret = __archive_write_output(a, buff, s);
754 	ustar->entry_bytes_remaining -= s;
755 	if (ret != ARCHIVE_OK)
756 		return (ret);
757 	return (s);
758 }
759