[PATCH v3 0/2] erofs-utils: lib/tar: fix PAX header parsing issues
Utkal Singh
singhutkal015 at gmail.com
Mon Mar 16 18:58:29 AEDT 2026
These two patches fix input validation bugs in the PAX extended
header parser in lib/tar.c that can trigger crashes on malformed
or crafted tar archives.
Changes in v3:
- Add base64-encoded reproducers to both commit messages
Changes in v2:
- Fix mixed indentation in patch 2/2 (use tabs, not spaces)
Utkal Singh (2):
erofs-utils: lib/tar: skip PAX entries with empty path
erofs-utils: lib/tar: reject negative size= value in PAX header
lib/tar.c | 7 +++++++
1 file changed, 7 insertions(+)
--
2.43.0
More information about the Linux-erofs
mailing list