From 2e5698249c892bebc0326a4307410b205783ad22 Mon Sep 17 00:00:00 2001
From: Michael Gehring <mg@ebfe.org>
Date: Sat, 13 Jun 2015 10:53:06 +0200
Subject: [PATCH] archive/tar: add missing error checks

Check for errors when reading the headers following the pax headers.

Fixes #11169.

Change-Id: Ifec4a949ec8df8b49fa7cb7a67eb826fe2282ad8
Reviewed-on: https://go-review.googlesource.com/11031
Reviewed-by: Russ Cox <rsc@golang.org>

Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
---
 archive/tar/reader.go               |   6 ++++++
 archive/tar/reader_test.go          |  15 +++++++++++++++
 archive/tar/testdata/issue11169.tar | Bin 0 -> 602 bytes
 3 files changed, 21 insertions(+)
 create mode 100644 archive/tar/testdata/issue11169.tar

diff --git a/archive/tar/reader.go b/archive/tar/reader.go
index 6f219da..4168ea2 100644
--- a/archive/tar/reader.go
+++ b/archive/tar/reader.go
@@ -138,7 +138,13 @@ func (tr *Reader) Next() (*Header, error) {
 		// We actually read the whole file,
 		// but this skips alignment padding
 		tr.skipUnread()
+		if tr.err != nil {
+			return nil, tr.err
+		}
 		hdr = tr.readHeader()
+		if hdr == nil {
+			return nil, tr.err
+		}
 		mergePAX(hdr, headers)
 
 		// Check for a PAX format sparse file
diff --git a/archive/tar/reader_test.go b/archive/tar/reader_test.go
index 311db77..da01f26 100644
--- a/archive/tar/reader_test.go
+++ b/archive/tar/reader_test.go
@@ -781,3 +781,18 @@ func TestIssue10968(t *testing.T) {
 		t.Fatalf("expected %q, got %q", io.ErrUnexpectedEOF, err)
 	}
 }
+
+// Do not panic if there are errors in header blocks after the pax header.
+// Issue 11169
+func TestIssue11169(t *testing.T) {
+	f, err := os.Open("testdata/issue11169.tar")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer f.Close()
+	r := NewReader(f)
+	_, err = r.Next()
+	if err == nil {
+		t.Fatal("Unexpected success")
+	}
+}
diff --git a/archive/tar/testdata/issue11169.tar b/archive/tar/testdata/issue11169.tar
new file mode 100644
index 0000000000000000000000000000000000000000..4d71fa15260609ecee0c8c751cfebf49be8763ac
GIT binary patch
literal 602
zcmdPX4@j)=NKH&hEh^SCG%+zV)=x}KWS}ZA00J`;69y0s1n9JZp|KHzp^>Svp`nSX
svAH3G0gzz?R8~P%SKu(Lw74X(2<Rjn(!*WY*gydsDYjq|ouEV(0JjPxNdN!<

literal 0
HcmV?d00001