mirrors/tar
1
0
Fork 0
mirror of https://git.savannah.gnu.org/git/tar.git synced 2026-04-25 19:10:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

tar: --one-top-level=DIR must be relative

Browse Source 
* src/tar.c (decode_options): Require --one-top-level operand
to be relative.
This commit is contained in:
Paul Eggert
2026-01-30 12:48:48 -08:00
parent 8fca6143ea
commit 678dbc679a
3 changed files with 19 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
NEWS
View File

@@ -1,4 +1,4 @@
GNU tar NEWS - User visible changes. 2025-11-26
GNU tar NEWS - User visible changes. 2026-01-30
Please send GNU tar bug reports to <bug-tar@gnu.org>
version 1.35.90 (git)
@@ -24,7 +24,9 @@ as argument to --mtime option (see GNU tar manual, chapter 4
Defines output format for the COMMAND set by the above option. If
used, command output will be parsed using strptime(3).
* Skip file or archive member if transformed name is empty
* Changes to behavior
** Skip file or archive member if transformed name is empty
If applying file name transformations (--transform and
--strip-component options) to a file or member name results in an
@@ -33,6 +35,9 @@ empty string that file or member is skipped and a warning is printed.
The warning can be suppressed using the --warning=empty-transform
option.
** --one-top-level=DIR now requires DIR to be relative.
Previously this restriction was alluded to in the manual but not enforced.
* Bug fixes
** When extracting, tar no longer follows symbolic links to targets

12
doc/tar.texi
View File

@@ -3274,10 +3274,14 @@ directory.
@opsummary{one-top-level}
@item --one-top-level[=@var{dir}]
Tells @command{tar} to create a new directory beneath the extraction directory
(or the one passed to @option{-C}) and use it to guard against
tarbombs. In the absence of @var{dir} argument, the name of the new directory
will be equal to the base name of the archive (file name minus the
archive suffix, if recognized). Any member names that do not begin
(or the one passed to @option{-C}) and use it to prevent @command{tar}
from modifying files outside that directory.
If @var{dir} is present, it must be a relative file name.
If it is absent, the name of the new directory
is the base name of the archive minus any recognized archive suffix.
If multiple @option{-C} options are present,
each has its own subdirectory with the same name.
Any member names that do not begin
with that directory name (after
transformations from @option{--transform} and
@option{--strip-components}) will be prefixed with it. Recognized

5
src/tar.c
View File

@@ -2675,7 +2675,7 @@ decode_options (int argc, char **argv)
one_top_level_option = false;
}
if (one_top_level_option && !one_top_level_dir)
if (!one_top_level_dir && one_top_level_option)
{
/* If the user wants to guarantee that everything is under one
directory, determine its name now and let it be created later. */
@@ -2687,6 +2687,9 @@ decode_options (int argc, char **argv)
paxusage (_("Cannot deduce top-level directory name; "
"please set it explicitly with --one-top-level=DIR"));
}
if (one_top_level_dir && !IS_RELATIVE_FILE_NAME (one_top_level_dir))
paxusage(_("--one-top-level=DIR must use a relative file name"));
}
/* If ready to unlink hierarchies, so we are for simpler files. */