Hello, the recent openat2 changes broke --one-top-level with an absolute path as an argument (AFAICS, there is no test for that case). To reproduce, just try to extract anyhing with --one-top-level=/tmp/tar-one-top-level-test. strace reveals that the argument to --one-top-level gets prepended to the pathnames being extracted, but after the openat2 changes tar does not like absolute pathnames.
Moreover, even when using --one-top-level with a relative path, the protection introduced by openat2 can be to some extent bypassed. When using for example --one-top-level=subdir, a tar archive containing target/sensitive can overwrite ./sensitive if there is a preexisting symlink subdir/target -> ../target . I.e. the archive extraction can escape subdir. I think this is unexpected, one may be tempted to use --one-top-level=dir as a substitute for "mkdir -p dir; tar -C dir" (which is safe). I tried to fix both problems by making --one-top-level do exactly that: create the directory and chdir into it at the beginning, instead of transforming file names. I stumbled however on the fact that --one-top-level=dir is not exactly a substitute for "mkdir -p dir; tar -C dir": there is some logic that avoids prepending the directory name to archive members whose paths already start with the name. As an example, tar --one-top-level=/tmp/linux-source-6.1 -xf /usr/src/linux-source-6.1.tar.xz creates /tmp/linux-source-6.1/linux-source-6.1 (the last component comes from the archive itself), while cd /tmp; tar --one-top-level=linux-source-6.1 -xf /usr/src/linux-source-6.1.tar.xz creates just /tmp/linux-source-6.1 and files directly inside it. (I made the mistake of looking only into the manual page, this behavior is not documented there, but is documented in the Info page: "Any member names that do not begin with that directory name (after transformations from '--transform' and '--strip-components') will be prefixed with it." ) Any ideas, please? Should I pursue my original idea and add the logic to reproduce the current behavior? Best regards, Pavel
