tar: Disallow empty filenames

euanh · euanh · commit 21cb2ca6c607 · 2025-02-27T17:13:04.000Z
diff --git a/Sources/Tar/tar.swift b/Sources/Tar/tar.swift
@@ -22,6 +22,10 @@ import struct Foundation.Data
 // relatively straightforward;  reading an arbitrary tar file is more
 // complicated because the reader must be prepared to handle all variants.
 
+enum TarError: Error {
+    case invalidName(String)
+}
+
 enum Termination {
     case null
     case nullAndSpace
@@ -156,14 +160,21 @@ let XGLTYPE = "g"  // Global extended header
 ///   - filesize: The size of the file
 ///   - filename: The file's name in the archive
 /// - Returns: A tar header representing the file
-public func tarHeader(filesize: Int, filename: String = "app") -> [UInt8] {
+/// - Throws: If the filename is invalid
+public func tarHeader(filesize: Int, filename: String = "app") throws -> [UInt8] {
     // A file entry consists of a file header followed by the
     // contents of the file. The header includes information such as
     // the file name, size and permissions.   Different versions of
     // tar added extra header fields.
     //
     // The file data is padded with nulls to a multiple of 512 bytes.
 
+    // Archive member name cannot be empty because a Unix filename cannot be the empty string
+    // https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_170
+    guard filename.count > 0 else {
+        throw TarError.invalidName(filename)
+    }
+
     var hdr = [UInt8](repeating: 0, count: 512)
 
     // Construct a POSIX ustar header for the file
@@ -195,8 +206,9 @@ public func tarHeader(filesize: Int, filename: String = "app") -> [UInt8] {
 ///   - bytes: The file's body data
 ///   - filename: The file's name in the archive
 /// - Returns: A tar archive containing the file
-public func tar(_ bytes: [UInt8], filename: String = "app") -> [UInt8] {
-    var hdr = tarHeader(filesize: bytes.count, filename: filename)
+/// - Throws: If the filename is invalid
+public func tar(_ bytes: [UInt8], filename: String = "app") throws -> [UInt8] {
+    var hdr = try tarHeader(filesize: bytes.count, filename: filename)
 
     // Append the file data to the header
     hdr.append(contentsOf: bytes)
@@ -216,4 +228,7 @@ public func tar(_ bytes: [UInt8], filename: String = "app") -> [UInt8] {
 ///   - data: The file's body data
 ///   - filename: The file's name in the archive
 /// - Returns: A tar archive containing the file
-public func tar(_ data: Data, filename: String) -> [UInt8] { tar([UInt8](data), filename: filename) }
+/// - Throws: If the filename is invalid
+public func tar(_ data: Data, filename: String) throws -> [UInt8] { 
+    try tar([UInt8](data), filename: filename) 
+}
diff --git a/Sources/containertool/containertool.swift b/Sources/containertool/containertool.swift
@@ -149,7 +149,7 @@ enum AllowHTTP: String, ExpressibleByArgument, CaseIterable { case source, desti
         // MARK: Build the application layer
 
         let payload_name = executableURL.lastPathComponent
-        let tardiff = tar(payload, filename: payload_name)
+        let tardiff = try tar(payload, filename: payload_name)
         log("Built application layer")
 
         // MARK: Upload the application layer
diff --git a/Tests/TarTests/TarUnitTests.swift b/Tests/TarTests/TarUnitTests.swift
@@ -74,4 +74,54 @@ let trailerLen = 2 * blocksize
             hdr == [97, 98, 99, 100, 101, 102, 0, 103, 104, 105, 32, 106, 107, 108, 0, 32, 109, 110, 111, 32, 0]
         )
     }
+
+    @Test func testSingleEmptyFile() async throws {
+        let hdr = try tarHeader(filesize: 0, filename: "filename")
+        #expect(hdr.count == 512)
+        #expect(
+            hdr == [
+                102, 105, 108, 101, 110, 97, 109, 101, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                48, 48, 48, 53, 53, 53, 32, 0, 48, 48, 48, 48, 48, 48, 32, 0, 48, 48, 48, 48, 48, 48, 32, 0, 48, 48, 48,
+                48, 48, 48, 48, 48, 48, 48, 48, 32, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 32, 48, 49, 48, 54, 53,
+                55, 0, 32, 48, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                117, 115, 116, 97, 114, 0, 48, 48, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 48, 48, 48, 48, 48, 48, 32, 0, 48, 48, 48, 48, 48, 48, 32, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+            ]
+        )
+    }
+
+    @Test func testSingle1kBFile() async throws {
+        let hdr = try tarHeader(filesize: 1024, filename: "filename")
+        #expect(hdr.count == 512)
+        #expect(
+            hdr == [
+                102, 105, 108, 101, 110, 97, 109, 101, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                48, 48, 48, 53, 53, 53, 32, 0, 48, 48, 48, 48, 48, 48, 32, 0, 48, 48, 48, 48, 48, 48, 32, 0, 48, 48, 48,
+                48, 48, 48, 48, 50, 48, 48, 48, 32, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 48, 32, 48, 49, 48, 54, 54,
+                49, 0, 32, 48, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                117, 115, 116, 97, 114, 0, 48, 48, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 48, 48, 48, 48, 48, 48, 32, 0, 48, 48, 48, 48, 48, 48, 32, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+                0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+            ]
+        )
+    }
 }
