The code previously was not very careful about verifying the compression parameters. This led to cases where it failed to reject invalid compressed data at the beginning. The invalid left shift was one symptom of this. The code is now more careful: It verifies that the compression parameter byte exists and verifies that the maximum code size is <= 16 bits. This also includes some new tests to verify that truncated or otherwise invalid compressed data is rejected.
If a valid character set conversion is impossible, the code falls back to a best-effort conversion that preserves ASCII bytes and converts the rest to Unicode Replacement Characters (if the output is UTF8) or '?' (otherwise). This code did not correctly track the remaining bytes in the output buffer; I've replaced this with slower and simpler code that utilizes the safe string append functions.
… overflow when tracking sparse blocks
… in addition to archive_read_next_header2
Hoisted the relevant archive_read variables into the common archive struct.
When you need to write a callback for archive_read_open2, you must provide a function which has the same signature as the typedef. The documentation says that the read callback returns a ssize_t, but on windows there is no such ssize_t. libarchive falls back on another type and use the private macro __LA_SSIZE_T, thus it is not possible to write portable code that use read_open2. This patch replaces that macro with a simple typedef la_ssize_t (and does the same for la_int64_t).