[PATCH v2 0/2] erofs-utils: lib/tar: fix PAX header parsing issues
Utkal Singh
singhutkal015 at gmail.com
Mon Mar 16 18:48:06 AEDT 2026
Hi Gao,
Thanks for the review.
I have prepared minimal reproducible tar test cases for both
issues. I will include them in the commit messages in
compressed base64 format and send v3 shortly.
Thanks,
Utkal
On Mon, 16 Mar 2026 at 13:05, Gao Xiang <hsiangkao at linux.alibaba.com> wrote:
>
>
> On 2026/3/16 14:51, Utkal Singh wrote:
> > These two patches fix input validation bugs in the PAX extended
> > header parser in lib/tar.c that can trigger crashes on malformed
> > or crafted tar archives.
> >
> > Patch 1 skips PAX entries with empty path= value to avoid
> > out-of-bounds access on zero-length strings.
> >
> > Patch 2 rejects negative size= values to prevent heap corruption
> > from incorrect allocation sizes in subsequent operations.
>
> Do you have any testcases or reproduciable tar? You can list them
> in the compressed-base64 format in the commit message.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/linux-erofs/attachments/20260316/efada3dc/attachment.htm>
More information about the Linux-erofs
mailing list