[PATCH v2 0/2] erofs-utils: lib/tar: fix PAX header parsing issues
Gao Xiang
hsiangkao at linux.alibaba.com
Mon Mar 16 18:35:07 AEDT 2026
On 2026/3/16 14:51, Utkal Singh wrote:
> These two patches fix input validation bugs in the PAX extended
> header parser in lib/tar.c that can trigger crashes on malformed
> or crafted tar archives.
>
> Patch 1 skips PAX entries with empty path= value to avoid
> out-of-bounds access on zero-length strings.
>
> Patch 2 rejects negative size= values to prevent heap corruption
> from incorrect allocation sizes in subsequent operations.
Do you have any testcases or reproduciable tar? You can list them
in the compressed-base64 format in the commit message.
More information about the Linux-erofs
mailing list