TarHeader (Gem::Package) doesn't parse size correctly for +8GB entries
- The current TAR header parsing code assumes the size is represented as an octal string
- Because this is a 12-byte, null-terminated field, effectively this can represent up to 8GB (811).
- For bigger files the standard allows to define the field as a 12-byte INTEGER instead.
- When using this form, the first bit of the field should be turned on to signal that it is used.
Currently, TAR files containing files larger then 8GB in this format would fail parsing because size would be computed as 0.
(Wiki with some description of the logic, couldn't find a more "formal" document: http://en.wikipedia.org/wiki/Tar_(computing)#File_header)
The problem is with this code:
The line that assigns the value to size should be conditioned on the value of the first bit, and should treat the two cases differently
Updated by hsbt (Hiroshi SHIBATA) 5 months ago
- Backport deleted (
1.9.3: UNKNOWN, 2.0.0: UNKNOWN, 2.1: UNKNOWN)
- Assignee changed from drbrain (Eric Hodel) to hsbt (Hiroshi SHIBATA)
- Status changed from Assigned to Third Party's Issue
I'm not sure what usecase of this issue.
Can you file the details into the upstream repository? https://github.com/rubygems/rubygems