_header_length_prefix_re = re.compile(br"([0-9]{1,20}) ")

# the newline.

encoding = None

raw_headers = []

while len(buf) > pos and buf[pos] != 0x00:

if not (match := _header_length_prefix_re.match(buf, pos)):

raise InvalidHeaderError("invalid header")

try:

length = int(match.group(1))

except ValueError:

raise InvalidHeaderError("invalid header")

# Headers must be at least 5 bytes, shortest being '5 x=\n'.

# Value is allowed to be empty.

if length < 5:

raise InvalidHeaderError("invalid header")

if pos + length > len(buf):

raise InvalidHeaderError("invalid header")

header_value_end_offset = match.start(1) + length - 1 # Last byte of the header

keyword_and_value = buf[match.end(1) + 1:header_value_end_offset]

raw_keyword, equals, raw_value = keyword_and_value.partition(b"=")

# Check the framing of the header. The last character must be '\n' (0x0A)

if not raw_keyword or equals != b"=" or buf[header_value_end_offset] != 0x0A:

raw_headers.append((length, raw_keyword, raw_value))

# Check if the pax header contains a hdrcharset field. This tells us

# the encoding of the path, linkpath, uname and gname fields. Normally,

# these fields are UTF-8 encoded but since POSIX.1-2008 tar

# implementations are allowed to store them as raw binary strings if

# the translation to UTF-8 fails. For the time being, we don't care about

# anything other than "BINARY". The only other value that is currently

# allowed by the standard is "ISO-IR 10646 2000 UTF-8" in other words UTF-8.

# Note that we only follow the initial 'hdrcharset' setting to preserve

# the initial behavior of the 'tarfile' module.

if raw_keyword == b"hdrcharset" and encoding is None:

if raw_value == b"BINARY":

encoding = tarfile.encoding

else: # This branch ensures only the first 'hdrcharset' header is used.

encoding = "utf-8"

pos += length

# If no explicit hdrcharset is set, we use UTF-8 as a default.

if encoding is None:

encoding = "utf-8"

# After parsing the raw headers we can decode them to text.

for length, raw_keyword, raw_value in raw_headers:

keyword = self._decode_pax_field(raw_keyword, "utf-8", "utf-8",

value = self._decode_pax_field(raw_value, encoding, tarfile.encoding,

value = self._decode_pax_field(raw_value, "utf-8", "utf-8",

self._proc_gnusparse_00(next, raw_headers)

def _proc_gnusparse_00(self, next, raw_headers):

for _, keyword, value in raw_headers:

if keyword == b"GNU.sparse.offset":

try:

offsets.append(int(value.decode()))

except ValueError:

raise InvalidHeaderError("invalid header")

elif keyword == b"GNU.sparse.numbytes":

try:

numbytes.append(int(value.decode()))

except ValueError:

raise InvalidHeaderError("invalid header")

def test_pax_header_bad_formats(self):

# The fields from the pax header have priority over the

# TarInfo.

pax_header_replacements = (

b" foo=bar\n",

b"0 \n",

b"1 \n",

b"2 \n",

b"3 =\n",

b"4 =a\n",

b"1000000 foo=bar\n",

b"0 foo=bar\n",

b"-12 foo=bar\n",

b"000000000000000000000000036 foo=bar\n",

)

pax_headers = {"foo": "bar"}

for replacement in pax_header_replacements:

with self.subTest(header=replacement):

tar = tarfile.open(tmpname, "w", format=tarfile.PAX_FORMAT,

encoding="iso8859-1")

try:

t = tarfile.TarInfo()

t.name = "pax" # non-ASCII

t.uid = 1

t.pax_headers = pax_headers

tar.addfile(t)

finally:

tar.close()

with open(tmpname, "rb") as f:

data = f.read()

self.assertIn(b"11 foo=bar\n", data)

data = data.replace(b"11 foo=bar\n", replacement)

with open(tmpname, "wb") as f:

f.truncate()

f.write(data)

with self.assertRaisesRegex(tarfile.ReadError, r"file could not be opened successfully"):

tarfile.open(tmpname, encoding="iso8859-1")

Remove backtracking from tarfile header parsing for ``hdrcharset``, PAX, and

GNU sparse headers.