From 71976653bf584e4780b2fffe63450807de318c09 Mon Sep 17 00:00:00 2001 From: Jonathon Reinhart Date: Fri, 5 Aug 2022 22:37:34 -0400 Subject: [PATCH 1/3] staticx: Minor refactor to add target variable in symlink walking --- staticx/api.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/staticx/api.py b/staticx/api.py index 69aef90..f6b8d18 100755 --- a/staticx/api.py +++ b/staticx/api.py @@ -222,11 +222,13 @@ def _handle_lib_symlinks(self, libpath): while islink(libpath): arcname = basename(libpath) libpath = get_symlink_target(libpath) + target = basename(libpath) # Add a symlink. # At this point the target probably doesn't exist, but that doesn't matter yet. - logging.info("Adding Symlink {} => {}".format(arcname, basename(libpath))) - self.sxar.add_symlink(arcname, basename(libpath)) + logging.info("Adding Symlink {} => {}".format(arcname, target)) + self.sxar.add_symlink(arcname, target) + if arcname in self._added_libs: raise InternalError("libname {} absent from _added_libs but" " symlink {} present".format(libname, arcname)) From 98997a18679c785bb87763c24a96630dd57de743 Mon Sep 17 00:00:00 2001 From: Jonathon Reinhart Date: Fri, 5 Aug 2022 23:20:18 -0400 Subject: [PATCH 2/3] staticx: Don't add symlinks with the same name as target Background: The archive contains a flat collection of all dependent libraries. We also add symlinks as necessary for library versions (e.g. libfoo.so.1 -> libfoo.so.1.2 -> libfoo.so.1.2.3). Problem: The code assumed that a library symlink would only ever point to a library (or another symlink) with a different basename. It did not consider the case where a symlink would point to a library with the same name (but in a different directory). If we would add such a symlink in our flat archive directory, it would be self-referential. The actual crash was a check in the staticx python code, which prevented ELOOP (Too many levels of symbolic links) at runtime. Solution: Skip the creation of any symlinks with the same name as their target, as those are pointless in our flat directory. --- staticx/api.py | 6 ++++++ staticx/archive.py | 2 ++ 2 files changed, 8 insertions(+) diff --git a/staticx/api.py b/staticx/api.py index f6b8d18..c246f4f 100755 --- a/staticx/api.py +++ b/staticx/api.py @@ -224,6 +224,12 @@ def _handle_lib_symlinks(self, libpath): libpath = get_symlink_target(libpath) target = basename(libpath) + # Skip symlinks that point to a file with the same name but in a + # different path. We strip path info (and keep just basenames) so + # this would be self-referential. + if arcname == target: + continue + # Add a symlink. # At this point the target probably doesn't exist, but that doesn't matter yet. logging.info("Adding Symlink {} => {}".format(arcname, target)) diff --git a/staticx/archive.py b/staticx/archive.py index c5c14de..50b1d77 100644 --- a/staticx/archive.py +++ b/staticx/archive.py @@ -85,6 +85,8 @@ def close(self): def add_symlink(self, name, target): """Add a symlink to the archive""" + if name == target: + raise ValueError("Refusing to add self-referential symlink") t = tarfile.TarInfo() t.type = tarfile.SYMTYPE t.name = name From 665a9876e3d328cd3e96e90839424eeab1ae32d4 Mon Sep 17 00:00:00 2001 From: Jonathon Reinhart Date: Sat, 6 Aug 2022 01:18:28 -0400 Subject: [PATCH 3/3] Update changelog for #225 --- CHANGELOG.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 473e437..e759bd0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,11 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](https://semver.org/). +## [Unreleased] +### Fixed +- Fixed an issue where library symlinks with the same basename would present + problems ([#225]) + ## [0.13.6] - 2021-12-02 ### Changed - Change `--debug` option to appear in CLI help output @@ -299,3 +304,4 @@ Initial release [#208]: https://github.com/JonathonReinhart/staticx/pull/208 [#210]: https://github.com/JonathonReinhart/staticx/pull/210 [#217]: https://github.com/JonathonReinhart/staticx/pull/217 +[#225]: https://github.com/JonathonReinhart/staticx/pull/225