Bug#774445: bsdtar: can't add files with //multiple/leading/slashes
* Jakub Wilk, 2015-01-02, 22:07: I wanted to create a tar archive with a path that had multiple leading slashes[0]. But this doesn't seem to be possible with bsdtar: $ bsdtar -Pcf test.tar //bin/true && tar -Ptf test.tar /bin/true I no longer use bsdtar, so feel free to close this bug. -- Jakub Wilk
Bug#774445: bsdtar: can't add files with //multiple/leading/slashes
Hi Peter! Thanks for forwarding the bug. * Peter Pentchev, 2016-07-09, 02:29: in the worst case we may decide to carry this as a Debian-specific patch for the benefit of compatibility with GNU tar, but, to be honest, I see a couple of potential drawbacks with this approach, too; some might even mumble something about "gratuitous differences in behavior" Yeah, let's not go this way. -- Jakub Wilk
Bug#774445: bsdtar: can't add files with //multiple/leading/slashes
control: tag -1 + confirmed upstream control: forward -1 https://github.com/libarchive/libarchive/issues/740 Hi, Thanks for taking a look at libarchive and bsdtar for your tests! Well, I do understand your case, and I forwarded it to the upstream GitHub issue tracker. However, the fact remains that this behavior: - has been with libarchive since pretty much the very beginning, or at least the moment when it was broken out of FreeBSD as a standalone project, and - there are arguments in favor of the current behavior: in the common case multiple slashes are, at best, useless, and, at worst, harmful on, say, Windows with its //hostname/path network share syntax So let's see what the upstream authors say; in the worst case we may decide to carry this as a Debian-specific patch for the benefit of compatibility with GNU tar, but, to be honest, I see a couple of potential drawbacks with this approach, too; some might even mumble something about "gratuitous differences in behavior" and "POLA violations" when writing portable scripts using bsdtar :) Still, thanks for reporting this and for doing the path traversal tests at all! G'luck, Peter -- Peter Pentchev r...@ringlet.net r...@freebsd.org p...@storpool.com PGP key:http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 signature.asc Description: PGP signature
Bug#774445: bsdtar: can't add files with //multiple/leading/slashes
Package: bsdtar Version: 3.1.2-10 Severity: minor I wanted to create a tar archive with a path that had multiple leading slashes[0]. But this doesn't seem to be possible with bsdtar: $ bsdtar -Pcf test.tar //bin/true tar -Ptf test.tar /bin/true For comparison, GNU tar is happy to create such an archive: $ tar -Pcf test.tar //bin/true tar -Ptf test.tar //bin/true [0] In case you wonder why would anyone want to do that: I'm trying to craft archives for testing various archive extraction software against directory traversal: https://bitbucket.org/jwilk/path-traversal-samples -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (990, 'unstable'), (500, 'experimental') Architecture: i386 (x86_64) Foreign Architectures: amd64 Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages bsdtar depends on: ii libacl1 2.2.52-2 ii libarchive13 3.1.2-10 ii libattr1 1:2.4.47-2 ii libbz2-1.01.0.6-7+b2 ii libc6 2.19-13 ii liblzma5 5.1.1alpha+20120614-2+b3 ii liblzo2-2 2.08-1.2 ii libnettle42.7.1-4 ii libxml2 2.9.2+dfsg1-1+b1 ii zlib1g1:1.2.8.dfsg-2+b1 -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org