TarHeader (Gem::Package) doesn't parse size correctly for +8GB entries
|ruby -v:||ruby 1.9.3p448 (2013-06-27 revision 41675) [x86_64-darwin13.0.0]||Backport:||1.9.3: UNKNOWN, 2.0.0: UNKNOWN, 2.1: UNKNOWN|
- The current TAR header parsing code assumes the size is represented as an octal string
- Because this is a 12-byte, null-terminated field, effectively this can represent up to 8GB (811).
- For bigger files the standard allows to define the field as a 12-byte INTEGER instead.
- When using this form, the first bit of the field should be turned on to signal that it is used.
Currently, TAR files containing files larger then 8GB in this format would fail parsing because size would be computed as 0.
(Wiki with some description of the logic, couldn't find a more "formal" document: http://en.wikipedia.org/wiki/Tar_(computing)#File_header)
The problem is with this code:
The line that assigns the value to size should be conditioned on the value of the first bit, and should treat the two cases differently