Skip to content

Reject negative PAX size values when reading TAR headers#128368

Open
iremyux wants to merge 2 commits into
dotnet:mainfrom
iremyux:tar-header-size-check
Open

Reject negative PAX size values when reading TAR headers#128368
iremyux wants to merge 2 commits into
dotnet:mainfrom
iremyux:tar-header-size-check

Conversation

@iremyux
Copy link
Copy Markdown
Contributor

@iremyux iremyux commented May 19, 2026

This change adds a validation check while applying extended attributes in TarHeader.Read.cs so that a negative size value from PAX metadata now throws InvalidDataException instead of being accepted.

@iremyux iremyux requested a review from a team May 19, 2026 13:24
@iremyux iremyux self-assigned this May 19, 2026
Copilot AI review requested due to automatic review settings May 19, 2026 13:24
@dotnet-policy-service
Copy link
Copy Markdown
Contributor

dotnet-policy-service Bot commented May 19, 2026

Tagging subscribers to this area: @dotnet/area-system-formats-tar
See info in area-owners.md if you want to be subscribed.

Copilot AI reviewed May 19, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR tightens tar archive parsing by rejecting negative PAX extended-attribute size values when applying extended attributes during header read, preventing invalid archives from being accepted with a negative entry length.

Changes:

  • Add validation that the PAX "size" extended attribute, when present, must be non-negative (otherwise throw InvalidDataException).
  • Aligns PAX size handling with existing negative-size checks already present for other size fields (e.g., header size, GNU sparse realsize).

Comment thread src/libraries/System.Formats.Tar/src/System/Formats/Tar/TarHeader.Read.cs
Comment thread src/libraries/System.Formats.Tar/src/System/Formats/Tar/TarHeader.Read.cs
@iremyux iremyux enabled auto-merge (squash) May 19, 2026 13:31
MihaZupan
MihaZupan reviewed May 19, 2026
View reviewed changes
Comment thread src/libraries/System.Formats.Tar/src/System/Formats/Tar/TarHeader.Read.cs
@@ -151,6 +151,11 @@ internal void ReplaceNormalAttributesWithExtended(IEnumerable<KeyValuePair<strin
// The 'size' header field only fits 12 bytes, so the data section length that surpases that limit needs to be retrieved
if (TarHelpers.TryGetStringAsBaseTenLong(ExtendedAttributes, PaxEaSize, out long size))
{
if (size < 0)
Copy link
Copy Markdown
Member

@MihaZupan MihaZupan May 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this something worth having a test for?

This was referenced May 19, 2026
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MihaZupan MihaZupan MihaZupan left review comments

Copilot code review Copilot Copilot left review comments

@alinpahontu2912 alinpahontu2912 alinpahontu2912 approved these changes

Assignees

@iremyux iremyux

Labels

area-System.Formats.Tar

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@iremyux @MihaZupan @alinpahontu2912