pkg/archive/diff.go - third_party/github.com/moby/moby - Git at Google

 package archive

 import (
 	"archive/tar"
 	"fmt"
 	"io"
 	"io/ioutil"
 	"os"
 	"path/filepath"
 	"runtime"
 	"strings"

 	"github.com/Sirupsen/logrus"
 	"github.com/docker/docker/pkg/idtools"
 	"github.com/docker/docker/pkg/pools"
 	"github.com/docker/docker/pkg/system"
 )

 // UnpackLayer unpack `layer` to a `dest`. The stream `layer` can be
 // compressed or uncompressed.
 // Returns the size in bytes of the contents of the layer.
 func UnpackLayer(dest string, layer Reader, options *TarOptions) (size int64, err error) {
 	tr := tar.NewReader(layer)
 	trBuf := pools.BufioReader32KPool.Get(tr)
 	defer pools.BufioReader32KPool.Put(trBuf)

 	var dirs []*tar.Header
 	unpackedPaths := make(map[string]struct{})

 	if options == nil {
 		options = &TarOptions{}
 	}
 	if options.ExcludePatterns == nil {
 		options.ExcludePatterns = []string{}
 	}
 	remappedRootUID, remappedRootGID, err := idtools.GetRootUIDGID(options.UIDMaps, options.GIDMaps)
 	if err != nil {
 		return 0, err
 	}

 	aufsTempdir := ""
 	aufsHardlinks := make(map[string]*tar.Header)

 	if options == nil {
 		options = &TarOptions{}
 	}
 	// Iterate through the files in the archive.
 	for {
 		hdr, err := tr.Next()
 		if err == io.EOF {
 			// end of tar archive
 			break
 		}
 		if err != nil {
 			return 0, err
 		}

 		size += hdr.Size

 		// Normalize name, for safety and for a simple is-root check
 		hdr.Name = filepath.Clean(hdr.Name)

 		// Windows does not support filenames with colons in them. Ignore
 		// these files. This is not a problem though (although it might
 		// appear that it is). Let's suppose a client is running docker pull.
 		// The daemon it points to is Windows. Would it make sense for the
 		// client to be doing a docker pull Ubuntu for example (which has files
 		// with colons in the name under /usr/share/man/man3)? No, absolutely
 		// not as it would really only make sense that they were pulling a
 		// Windows image. However, for development, it is necessary to be able
 		// to pull Linux images which are in the repository.
 		//
 		// TODO Windows. Once the registry is aware of what images are Windows-
 		// specific or Linux-specific, this warning should be changed to an error
 		// to cater for the situation where someone does manage to upload a Linux
 		// image but have it tagged as Windows inadvertently.
 		if runtime.GOOS == "windows" {
 			if strings.Contains(hdr.Name, ":") {
 				logrus.Warnf("Windows: Ignoring %s (is this a Linux image?)", hdr.Name)
 				continue
 			}
 		}

 		// Note as these operations are platform specific, so must the slash be.
 		if !strings.HasSuffix(hdr.Name, string(os.PathSeparator)) {
 			// Not the root directory, ensure that the parent directory exists.
 			// This happened in some tests where an image had a tarfile without any
 			// parent directories.
 			parent := filepath.Dir(hdr.Name)
 			parentPath := filepath.Join(dest, parent)

 			if _, err := os.Lstat(parentPath); err != nil && os.IsNotExist(err) {
 				err = system.MkdirAll(parentPath, 0600)
 				if err != nil {
 					return 0, err
 				}
 			}
 		}

 		// Skip AUFS metadata dirs
 		if strings.HasPrefix(hdr.Name, WhiteoutMetaPrefix) {
 			// Regular files inside /.wh..wh.plnk can be used as hardlink targets
 			// We don't want this directory, but we need the files in them so that
 			// such hardlinks can be resolved.
 			if strings.HasPrefix(hdr.Name, WhiteoutLinkDir) && hdr.Typeflag == tar.TypeReg {
 				basename := filepath.Base(hdr.Name)
 				aufsHardlinks[basename] = hdr
 				if aufsTempdir == "" {
 					if aufsTempdir, err = ioutil.TempDir("", "dockerplnk"); err != nil {
 						return 0, err
 					}
 					defer os.RemoveAll(aufsTempdir)
 				}
 				if err := createTarFile(filepath.Join(aufsTempdir, basename), dest, hdr, tr, true, nil); err != nil {
 					return 0, err
 				}
 			}

 			if hdr.Name != WhiteoutOpaqueDir {
 				continue
 			}
 		}
 		path := filepath.Join(dest, hdr.Name)
 		rel, err := filepath.Rel(dest, path)
 		if err != nil {
 			return 0, err
 		}

 		// Note as these operations are platform specific, so must the slash be.
 		if strings.HasPrefix(rel, ".."+string(os.PathSeparator)) {
 			return 0, breakoutError(fmt.Errorf("%q is outside of %q", hdr.Name, dest))
 		}
 		base := filepath.Base(path)

 		if strings.HasPrefix(base, WhiteoutPrefix) {
 			dir := filepath.Dir(path)
 			if base == WhiteoutOpaqueDir {
 				_, err := os.Lstat(dir)
 				if err != nil {
 					return 0, err
 				}
 				err = filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
 					if err != nil {
 						if os.IsNotExist(err) {
 							err = nil // parent was deleted
 						}
 						return err
 					}
 					if path == dir {
 						return nil
 					}
 					if _, exists := unpackedPaths[path]; !exists {
 						err := os.RemoveAll(path)
 						return err
 					}
 					return nil
 				})
 				if err != nil {
 					return 0, err
 				}
 			} else {
 				originalBase := base[len(WhiteoutPrefix):]
 				originalPath := filepath.Join(dir, originalBase)
 				if err := os.RemoveAll(originalPath); err != nil {
 					return 0, err
 				}
 			}
 		} else {
 			// If path exits we almost always just want to remove and replace it.
 			// The only exception is when it is a directory *and* the file from
 			// the layer is also a directory. Then we want to merge them (i.e.
 			// just apply the metadata from the layer).
 			if fi, err := os.Lstat(path); err == nil {
 				if !(fi.IsDir() && hdr.Typeflag == tar.TypeDir) {
 					if err := os.RemoveAll(path); err != nil {
 						return 0, err
 					}
 				}
 			}

 			trBuf.Reset(tr)
 			srcData := io.Reader(trBuf)
 			srcHdr := hdr

 			// Hard links into /.wh..wh.plnk don't work, as we don't extract that directory, so
 			// we manually retarget these into the temporary files we extracted them into
 			if hdr.Typeflag == tar.TypeLink && strings.HasPrefix(filepath.Clean(hdr.Linkname), WhiteoutLinkDir) {
 				linkBasename := filepath.Base(hdr.Linkname)
 				srcHdr = aufsHardlinks[linkBasename]
 				if srcHdr == nil {
 					return 0, fmt.Errorf("Invalid aufs hardlink")
 				}
 				tmpFile, err := os.Open(filepath.Join(aufsTempdir, linkBasename))
 				if err != nil {
 					return 0, err
 				}
 				defer tmpFile.Close()
 				srcData = tmpFile
 			}

 			// if the options contain a uid & gid maps, convert header uid/gid
 			// entries using the maps such that lchown sets the proper mapped
 			// uid/gid after writing the file. We only perform this mapping if
 			// the file isn't already owned by the remapped root UID or GID, as
 			// that specific uid/gid has no mapping from container -> host, and
 			// those files already have the proper ownership for inside the
 			// container.
 			if srcHdr.Uid != remappedRootUID {
 				xUID, err := idtools.ToHost(srcHdr.Uid, options.UIDMaps)
 				if err != nil {
 					return 0, err
 				}
 				srcHdr.Uid = xUID
 			}
 			if srcHdr.Gid != remappedRootGID {
 				xGID, err := idtools.ToHost(srcHdr.Gid, options.GIDMaps)
 				if err != nil {
 					return 0, err
 				}
 				srcHdr.Gid = xGID
 			}
 			if err := createTarFile(path, dest, srcHdr, srcData, true, nil); err != nil {
 				return 0, err
 			}

 			// Directory mtimes must be handled at the end to avoid further
 			// file creation in them to modify the directory mtime
 			if hdr.Typeflag == tar.TypeDir {
 				dirs = append(dirs, hdr)
 			}
 			unpackedPaths[path] = struct{}{}
 		}
 	}

 	for _, hdr := range dirs {
 		path := filepath.Join(dest, hdr.Name)
 		if err := system.Chtimes(path, hdr.AccessTime, hdr.ModTime); err != nil {
 			return 0, err
 		}
 	}

 	return size, nil
 }

 // ApplyLayer parses a diff in the standard layer format from `layer`,
 // and applies it to the directory `dest`. The stream `layer` can be
 // compressed or uncompressed.
 // Returns the size in bytes of the contents of the layer.
 func ApplyLayer(dest string, layer Reader) (int64, error) {
 	return applyLayerHandler(dest, layer, &TarOptions{}, true)
 }

 // ApplyUncompressedLayer parses a diff in the standard layer format from
 // `layer`, and applies it to the directory `dest`. The stream `layer`
 // can only be uncompressed.
 // Returns the size in bytes of the contents of the layer.
 func ApplyUncompressedLayer(dest string, layer Reader, options *TarOptions) (int64, error) {
 	return applyLayerHandler(dest, layer, options, false)
 }

 // do the bulk load of ApplyLayer, but allow for not calling DecompressStream
 func applyLayerHandler(dest string, layer Reader, options *TarOptions, decompress bool) (int64, error) {
 	dest = filepath.Clean(dest)

 	// We need to be able to set any perms
 	oldmask, err := system.Umask(0)
 	if err != nil {
 		return 0, err
 	}
 	defer system.Umask(oldmask) // ignore err, ErrNotSupportedPlatform

 	if decompress {
 		layer, err = DecompressStream(layer)
 		if err != nil {
 			return 0, err
 		}
 	}
 	return UnpackLayer(dest, layer, options)
 }
	package archive

	import (
	"archive/tar"
	"fmt"
	"io"
	"io/ioutil"
	"os"
	"path/filepath"
	"runtime"
	"strings"

	"github.com/Sirupsen/logrus"
	"github.com/docker/docker/pkg/idtools"
	"github.com/docker/docker/pkg/pools"
	"github.com/docker/docker/pkg/system"
	)

	// UnpackLayer unpack `layer` to a `dest`. The stream `layer` can be
	// compressed or uncompressed.
	// Returns the size in bytes of the contents of the layer.
	func UnpackLayer(dest string, layer Reader, options *TarOptions) (size int64, err error) {
	tr := tar.NewReader(layer)
	trBuf := pools.BufioReader32KPool.Get(tr)
	defer pools.BufioReader32KPool.Put(trBuf)

	var dirs []*tar.Header
	unpackedPaths := make(map[string]struct{})

	if options == nil {
	options = &TarOptions{}
	}
	if options.ExcludePatterns == nil {
	options.ExcludePatterns = []string{}
	}
	remappedRootUID, remappedRootGID, err := idtools.GetRootUIDGID(options.UIDMaps, options.GIDMaps)
	if err != nil {
	return 0, err
	}

	aufsTempdir := ""
	aufsHardlinks := make(map[string]*tar.Header)

	if options == nil {
	options = &TarOptions{}
	}
	// Iterate through the files in the archive.
	for {
	hdr, err := tr.Next()
	if err == io.EOF {
	// end of tar archive
	break
	}
	if err != nil {
	return 0, err
	}

	size += hdr.Size

	// Normalize name, for safety and for a simple is-root check
	hdr.Name = filepath.Clean(hdr.Name)

	// Windows does not support filenames with colons in them. Ignore
	// these files. This is not a problem though (although it might
	// appear that it is). Let's suppose a client is running docker pull.
	// The daemon it points to is Windows. Would it make sense for the
	// client to be doing a docker pull Ubuntu for example (which has files
	// with colons in the name under /usr/share/man/man3)? No, absolutely
	// not as it would really only make sense that they were pulling a
	// Windows image. However, for development, it is necessary to be able
	// to pull Linux images which are in the repository.
	//
	// TODO Windows. Once the registry is aware of what images are Windows-
	// specific or Linux-specific, this warning should be changed to an error
	// to cater for the situation where someone does manage to upload a Linux
	// image but have it tagged as Windows inadvertently.
	if runtime.GOOS == "windows" {
	if strings.Contains(hdr.Name, ":") {
	logrus.Warnf("Windows: Ignoring %s (is this a Linux image?)", hdr.Name)
	continue
	}
	}

	// Note as these operations are platform specific, so must the slash be.
	if !strings.HasSuffix(hdr.Name, string(os.PathSeparator)) {
	// Not the root directory, ensure that the parent directory exists.
	// This happened in some tests where an image had a tarfile without any
	// parent directories.
	parent := filepath.Dir(hdr.Name)
	parentPath := filepath.Join(dest, parent)

	if _, err := os.Lstat(parentPath); err != nil && os.IsNotExist(err) {
	err = system.MkdirAll(parentPath, 0600)
	if err != nil {
	return 0, err
	}
	}
	}

	// Skip AUFS metadata dirs
	if strings.HasPrefix(hdr.Name, WhiteoutMetaPrefix) {
	// Regular files inside /.wh..wh.plnk can be used as hardlink targets
	// We don't want this directory, but we need the files in them so that
	// such hardlinks can be resolved.
	if strings.HasPrefix(hdr.Name, WhiteoutLinkDir) && hdr.Typeflag == tar.TypeReg {
	basename := filepath.Base(hdr.Name)
	aufsHardlinks[basename] = hdr
	if aufsTempdir == "" {
	if aufsTempdir, err = ioutil.TempDir("", "dockerplnk"); err != nil {
	return 0, err
	}
	defer os.RemoveAll(aufsTempdir)
	}
	if err := createTarFile(filepath.Join(aufsTempdir, basename), dest, hdr, tr, true, nil); err != nil {
	return 0, err
	}
	}

	if hdr.Name != WhiteoutOpaqueDir {
	continue
	}
	}
	path := filepath.Join(dest, hdr.Name)
	rel, err := filepath.Rel(dest, path)
	if err != nil {
	return 0, err
	}

	// Note as these operations are platform specific, so must the slash be.
	if strings.HasPrefix(rel, ".."+string(os.PathSeparator)) {
	return 0, breakoutError(fmt.Errorf("%q is outside of %q", hdr.Name, dest))
	}
	base := filepath.Base(path)

	if strings.HasPrefix(base, WhiteoutPrefix) {
	dir := filepath.Dir(path)
	if base == WhiteoutOpaqueDir {
	_, err := os.Lstat(dir)
	if err != nil {
	return 0, err
	}
	err = filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
	if err != nil {
	if os.IsNotExist(err) {
	err = nil // parent was deleted
	}
	return err
	}
	if path == dir {
	return nil
	}
	if _, exists := unpackedPaths[path]; !exists {
	err := os.RemoveAll(path)
	return err
	}
	return nil
	})
	if err != nil {
	return 0, err
	}
	} else {
	originalBase := base[len(WhiteoutPrefix):]
	originalPath := filepath.Join(dir, originalBase)
	if err := os.RemoveAll(originalPath); err != nil {
	return 0, err
	}
	}
	} else {
	// If path exits we almost always just want to remove and replace it.
	// The only exception is when it is a directory and the file from
	// the layer is also a directory. Then we want to merge them (i.e.
	// just apply the metadata from the layer).
	if fi, err := os.Lstat(path); err == nil {
	if !(fi.IsDir() && hdr.Typeflag == tar.TypeDir) {
	if err := os.RemoveAll(path); err != nil {
	return 0, err
	}
	}
	}

	trBuf.Reset(tr)
	srcData := io.Reader(trBuf)
	srcHdr := hdr

	// Hard links into /.wh..wh.plnk don't work, as we don't extract that directory, so
	// we manually retarget these into the temporary files we extracted them into
	if hdr.Typeflag == tar.TypeLink && strings.HasPrefix(filepath.Clean(hdr.Linkname), WhiteoutLinkDir) {
	linkBasename := filepath.Base(hdr.Linkname)
	srcHdr = aufsHardlinks[linkBasename]
	if srcHdr == nil {
	return 0, fmt.Errorf("Invalid aufs hardlink")
	}
	tmpFile, err := os.Open(filepath.Join(aufsTempdir, linkBasename))
	if err != nil {
	return 0, err
	}
	defer tmpFile.Close()
	srcData = tmpFile
	}

	// if the options contain a uid & gid maps, convert header uid/gid
	// entries using the maps such that lchown sets the proper mapped
	// uid/gid after writing the file. We only perform this mapping if
	// the file isn't already owned by the remapped root UID or GID, as
	// that specific uid/gid has no mapping from container -> host, and
	// those files already have the proper ownership for inside the
	// container.
	if srcHdr.Uid != remappedRootUID {
	xUID, err := idtools.ToHost(srcHdr.Uid, options.UIDMaps)
	if err != nil {
	return 0, err
	}
	srcHdr.Uid = xUID
	}
	if srcHdr.Gid != remappedRootGID {
	xGID, err := idtools.ToHost(srcHdr.Gid, options.GIDMaps)
	if err != nil {
	return 0, err
	}
	srcHdr.Gid = xGID
	}
	if err := createTarFile(path, dest, srcHdr, srcData, true, nil); err != nil {
	return 0, err
	}

	// Directory mtimes must be handled at the end to avoid further
	// file creation in them to modify the directory mtime
	if hdr.Typeflag == tar.TypeDir {
	dirs = append(dirs, hdr)
	}
	unpackedPaths[path] = struct{}{}
	}
	}

	for _, hdr := range dirs {
	path := filepath.Join(dest, hdr.Name)
	if err := system.Chtimes(path, hdr.AccessTime, hdr.ModTime); err != nil {
	return 0, err
	}
	}

	return size, nil
	}

	// ApplyLayer parses a diff in the standard layer format from `layer`,
	// and applies it to the directory `dest`. The stream `layer` can be
	// compressed or uncompressed.
	// Returns the size in bytes of the contents of the layer.
	func ApplyLayer(dest string, layer Reader) (int64, error) {
	return applyLayerHandler(dest, layer, &TarOptions{}, true)
	}

	// ApplyUncompressedLayer parses a diff in the standard layer format from
	// `layer`, and applies it to the directory `dest`. The stream `layer`
	// can only be uncompressed.
	// Returns the size in bytes of the contents of the layer.
	func ApplyUncompressedLayer(dest string, layer Reader, options *TarOptions) (int64, error) {
	return applyLayerHandler(dest, layer, options, false)
	}

	// do the bulk load of ApplyLayer, but allow for not calling DecompressStream
	func applyLayerHandler(dest string, layer Reader, options *TarOptions, decompress bool) (int64, error) {
	dest = filepath.Clean(dest)

	// We need to be able to set any perms
	oldmask, err := system.Umask(0)
	if err != nil {
	return 0, err
	}
	defer system.Umask(oldmask) // ignore err, ErrNotSupportedPlatform

	if decompress {
	layer, err = DecompressStream(layer)
	if err != nil {
	return 0, err
	}
	}
	return UnpackLayer(dest, layer, options)
	}