From e2f720a97687b7d5d45cb4489c86b0b147ada38c Mon Sep 17 00:00:00 2001
From: shixuantong <1726671442@qq.com>
Date: Wed, 6 Apr 2022 15:22:17 +0800
Subject: [PATCH] Ensure that sz is greater than 0.

---
 libtar.spec                                   |  7 +++-
 ...ler-Ensure-that-sz-is-greater-than-0.patch | 40 +++++++++++++++++++
 2 files changed, 46 insertions(+), 1 deletion(-)
 create mode 100644 openEuler-Ensure-that-sz-is-greater-than-0.patch

diff --git a/libtar.spec b/libtar.spec
index c38bc41..e48bc78 100644
--- a/libtar.spec
+++ b/libtar.spec
@@ -1,6 +1,6 @@
 Name:           libtar
 Version:        1.2.20
-Release:        20
+Release:        21
 Summary:        Library for manipulating tar files from within C programs.
 License:        BSD
 URL:            http://repo.or.cz/libtar.git
@@ -12,6 +12,8 @@ Patch2:         libtar-1.2.20-fix-resource-leaks.patch
 Patch3:         libtar-1.2.11-bz729009.patch
 Patch4:         libtar-1.2.20-no-static-buffer.patch
 Patch5:         CVE-2013-4420.patch
+Patch9000:      openEuler-Ensure-that-sz-is-greater-than-0.patch 
+
 BuildRequires:  libtool 
 
 %description
@@ -69,6 +71,9 @@ rm $RPM_BUILD_ROOT%{_libdir}/*.la
 %{_mandir}/man3/*.3*
 
 %changelog
+* Wed Apr 06 2022 shixuantong <shixuantong@h-partners.com> - 1.2.20-21
+- Ensure that sz is greater than 0.
+
 * Fri Jul 30 2021 chenyanpanHW <chenyanpan@huawei.com> - 1.2.20-20
 - DESC: delete -Sgit from %autosetup, and delete BuildRequires git
 
diff --git a/openEuler-Ensure-that-sz-is-greater-than-0.patch b/openEuler-Ensure-that-sz-is-greater-than-0.patch
new file mode 100644
index 0000000..4042927
--- /dev/null
+++ b/openEuler-Ensure-that-sz-is-greater-than-0.patch
@@ -0,0 +1,40 @@
+From 6bacfdcb84a4b80c7c026e926b7e1f84d6eed26d Mon Sep 17 00:00:00 2001
+From: shixuantong <1726671442@qq.com>
+Date: Wed, 6 Apr 2022 17:40:57 +0800
+Subject: [PATCH] Ensure that sz is greater than 0.
+
+---
+ lib/block.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/lib/block.c b/lib/block.c
+index 092bc28..80b41ac 100644
+--- a/lib/block.c
++++ b/lib/block.c
+@@ -118,6 +118,11 @@ th_read(TAR *t)
+ 	if (TH_ISLONGLINK(t))
+ 	{
+ 		sz = th_get_size(t);
++                if (sz <= 0)
++                {
++                    errno = EINVAL;
++                    return -1;
++                }
+ 		blocks = (sz / T_BLOCKSIZE) + (sz % T_BLOCKSIZE ? 1 : 0);
+ 		if (blocks > ((size_t)-1 / T_BLOCKSIZE))
+ 		{
+@@ -168,6 +173,11 @@ th_read(TAR *t)
+ 	if (TH_ISLONGNAME(t))
+ 	{
+ 		sz = th_get_size(t);
++                if (sz <= 0)
++                {
++                    errno = EINVAL;
++                    return -1;
++                }
+ 		blocks = (sz / T_BLOCKSIZE) + (sz % T_BLOCKSIZE ? 1 : 0);
+ 		if (blocks > ((size_t)-1 / T_BLOCKSIZE))
+ 		{
+-- 
+1.8.3.1
+