archive: Fix another PAX header desync (GHSA-3cv2-h65g-fgmm)

cgwalters · cgwalters · commit bab14dd84b41 · 2026-05-18T14:05:03.000-04:00
Per POSIX pax, a PAX `x` header applies to the next *file* entry, not any intermediary extension headers (GNU LongName `L`, etc.). Violating this lets an attacker craft a tar that extracts differently under tar-rs than under other parsers — a file smuggling vector. Mirrors astral-tokio-tar commit 36e734d (GHSA-3cv2-h65g-fgmm). Assisted-by: OpenCode (claude-sonnet-4-6@default) Signed-off-by: Colin Walters <walters@verbum.org>
diff --git a/Cargo.toml b/Cargo.toml
@@ -23,7 +23,7 @@ contents are never required to be entirely resident in memory all at once.
 filetime = "0.2.8"
 
 [dev-dependencies]
-astral-tokio-tar = "0.6"
+astral-tokio-tar = "0.6.2"
 rand = { version = "0.8", features = ["small_rng"] }
 tempfile = "3"
 tokio = { version = "1", features = ["macros", "rt"] }
diff --git a/src/archive.rs b/src/archive.rs
@@ -334,8 +334,16 @@ impl<'a> EntriesFields<'a> {
             return Err(other("archive header checksum mismatch"));
         }
 
+        // PAX extensions describe the *next file entry*, not intermediary
+        // extension headers (GNU LongName `L`, GNU LongLink `K`, PAX `x`/`g`).
+        let entry_type = header.entry_type();
+        let is_extension_header = entry_type.is_gnu_longname()
+            || entry_type.is_gnu_longlink()
+            || entry_type.is_pax_local_extensions()
+            || entry_type.is_pax_global_extensions();
+
         let mut pax_size: Option<u64> = None;
-        if let Some(pax_extensions_ref) = &pax_extensions {
+        if let Some(pax_extensions_ref) = pax_extensions.filter(|_| !is_extension_header) {
             pax_size = pax_extensions_value(pax_extensions_ref, PAX_SIZE);
 
             if let Some(pax_uid) = pax_extensions_value(pax_extensions_ref, PAX_UID) {
diff --git a/tests/all.rs b/tests/all.rs
@@ -2100,3 +2100,71 @@ async fn pax_size_smuggle_matches_astral_tokio_tar() {
          got: {async_entries:?}"
     );
 }
+
+#[test]
+fn pax_size_does_not_apply_to_extension_headers() {
+    // This archive is ordered as `x (PAX, size=2048) → L (GNU longname) → file_a → file_b`.
+    // If the PAX `size=` is wrongly applied to the intermediary `L` header, the
+    // parser advances the cursor by 2048 bytes after `L` instead of by `L`'s true
+    // payload size, landing in the middle of `file_a`'s body and causing a
+    // checksum error that hides both `file_a` and `file_b`. This is Scenario A of
+    // GHSA-3cv2-h65g-fgmm. Correct parsing applies PAX only to the next *file*
+    // entry, so the L longname renames `file_a` to `longname.txt` and the stream
+    // yields ["longname.txt", "file_b"]. Mirrors astral-tokio-tar commit 36e734d.
+    let bytes = tar!("pax-overrides-extension-header.tar");
+    let mut ar = Archive::new(Cursor::new(bytes));
+    let entries: Vec<String> = ar
+        .entries()
+        .unwrap()
+        .map(|e| {
+            let e = e.unwrap();
+            e.path().unwrap().to_str().unwrap().to_owned()
+        })
+        .collect();
+    assert_eq!(entries, vec!["longname.txt", "file_b"]);
+}
+
+/// Cross-validate that `tar` and `astral-tokio-tar` (>= 0.6.2) parse the
+/// GHSA-3cv2-h65g-fgmm test archive identically, guarding against any future
+/// re-introduction of a parsing differential between the two crates.
+#[tokio::test]
+async fn pax_extension_header_matches_astral_tokio_tar() {
+    use tokio_stream::StreamExt;
+
+    let bytes = tar!("pax-overrides-extension-header.tar");
+
+    // Parse with sync tar-rs.
+    let sync_entries: Vec<String> = {
+        let mut ar = Archive::new(Cursor::new(bytes));
+        ar.entries()
+            .unwrap()
+            .map(|e| {
+                let e = e.unwrap();
+                e.path().unwrap().to_str().unwrap().to_owned()
+            })
+            .collect()
+    };
+
+    // Parse with async astral-tokio-tar (>= 0.6.2, which carries the fix).
+    let async_entries: Vec<String> = {
+        let mut ar = tokio_tar::Archive::new(bytes);
+        let mut entries = ar.entries().unwrap();
+        let mut result = Vec::new();
+        while let Some(e) = entries.next().await {
+            let e = e.unwrap();
+            result.push(e.path().unwrap().to_str().unwrap().to_owned());
+        }
+        result
+    };
+
+    let expected = vec!["longname.txt".to_owned(), "file_b".to_owned()];
+
+    assert_eq!(
+        sync_entries, expected,
+        "tar-rs produced unexpected entries\ngot: {sync_entries:?}"
+    );
+    assert_eq!(
+        async_entries, expected,
+        "astral-tokio-tar produced unexpected entries\ngot: {async_entries:?}"
+    );
+}
diff --git a/tests/archives/pax-overrides-extension-header.tar b/tests/archives/pax-overrides-extension-header.tar
