Disallow negative tar offsets (#18428)

sethmlarson · miketheman · web-flow · commit 954b6b350aee · 2025-07-28T15:14:27.000-04:00
Co-authored-by: Mike Fiedler &lt;miketheman@gmail.com&gt;
diff --git a/warehouse/forklift/legacy.py b/warehouse/forklift/legacy.py
@@ -4,6 +4,7 @@
 import hmac
 import os.path
 import re
+import sys
 import tarfile
 import tempfile
 import zipfile
@@ -175,6 +176,19 @@
 _manylinux_arches = _jointlinux_arches | {"ppc64"}
 _musllinux_arches = _jointlinux_arches
 
+# Remove this patch once 3.13.6 is available.
+if sys.version_info >= (3, 13, 6):  # pragma: no cover
+    raise RuntimeError("Patched _block() not needed in Python 3.13.6+")
+
+
+def _block_patched(self, count, _orig_block=tarfile.TarInfo._block):
+    if count < 0:  # pragma: no cover
+        raise tarfile.InvalidHeaderError("invalid offset")
+    return _orig_block(self, count)
+
+
+tarfile.TarInfo._block = _block_patched  # type: ignore[attr-defined]
+
 
 # Actual checking code;
 def _valid_platform_tag(platform_tag):
