From 7a7f5f66c24d205910ef9599286771e94eca5879 Mon Sep 17 00:00:00 2001 From: Brice Figureau Date: Fri, 27 Jul 2018 12:42:41 +0200 Subject: [PATCH] Fix #3091 enforce all outgoing tar files to use PAX While processing the content of a tar image, linuxkit's moby tool is blindly reusing the original tar format. Moreover it locates the files under a new prefix, so if the original file was stored as USTAR in the original archive, the filename length and new prefix could be greater than the USTAR name limit leading to a fatal error. The fix is to always enforce PAX format on all copied files from the original image archive. Signed-off-by: Brice Figureau --- src/cmd/linuxkit/moby/image.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/cmd/linuxkit/moby/image.go b/src/cmd/linuxkit/moby/image.go index fb881100b..93420cfd5 100644 --- a/src/cmd/linuxkit/moby/image.go +++ b/src/cmd/linuxkit/moby/image.go @@ -140,6 +140,9 @@ func ImageTar(ref *reference.Spec, prefix string, tw tarWriter, trust bool, pull if err != nil { return err } + // force PAX format, since it allows for unlimited Name/Linkname + // and we move all files below prefix. + hdr.Format = tar.FormatPAX if exclude[hdr.Name] { log.Debugf("image tar: %s %s exclude %s", ref, prefix, hdr.Name) _, err = io.Copy(ioutil.Discard, tr)