[PATCH erofs-utils 0/2] tar: fix parsing issues for pax and GNU extensions
Zhan Xusheng
zhanxusheng1024 at gmail.com
Wed Apr 15 00:13:11 AEST 2026
This series fixes two issues in tar parsing:
- An out-of-bounds access when trimming PAX path entries
- Missing NULL pointer checks when handling GNU long name/link records
These issues can be triggered by malformed tar archives and may lead
to crashes. The fixes improve robustness when processing untrusted
inputs.
Zhan Xusheng (2):
erofs-utils: tar: fix out-of-bounds access when trimming pax path
erofs-utils: tar: add missing NULL checks for GNU long name/link
lib/tar.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
--
2.43.0
More information about the Linux-erofs
mailing list