poky/meta/recipes-devtools/python/python3/0001-gh-107811-tarfile-treat-overflow-in-UID-GID-as-failu.patch

From 6e3868c8c330f997bc242a8d51d742baac449ecc Mon Sep 17 00:00:00 2001
From: Petr Viktorin <encukou@gmail.com>
Date: Wed, 23 Aug 2023 20:00:07 +0200
Subject: [PATCH] gh-107811: tarfile: treat overflow in UID/GID as failure to
 set it (#108369)

Upstream-Status: Backport [https://github.com/python/cpython/pull/108369]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 Lib/tarfile.py                                                 | 3 ++-
 .../Library/2023-08-23-17-34-39.gh-issue-107811.3Fng72.rst     | 3 +++
 2 files changed, 5 insertions(+), 1 deletion(-)
 create mode 100644 Misc/NEWS.d/next/Library/2023-08-23-17-34-39.gh-issue-107811.3Fng72.rst

diff --git a/Lib/tarfile.py b/Lib/tarfile.py
index 0a0f31e..4dfb67d 100755
--- a/Lib/tarfile.py
+++ b/Lib/tarfile.py
@@ -2688,7 +2688,8 @@ class TarFile(object):
                     os.lchown(targetpath, u, g)
                 else:
                     os.chown(targetpath, u, g)
-            except OSError as e:
+            except (OSError, OverflowError) as e:
+                # OverflowError can be raised if an ID doesn't fit in `id_t`
                 raise ExtractError("could not change owner") from e
 
     def chmod(self, tarinfo, targetpath):
diff --git a/Misc/NEWS.d/next/Library/2023-08-23-17-34-39.gh-issue-107811.3Fng72.rst b/Misc/NEWS.d/next/Library/2023-08-23-17-34-39.gh-issue-107811.3Fng72.rst
new file mode 100644
index 0000000..ffca413
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2023-08-23-17-34-39.gh-issue-107811.3Fng72.rst
@@ -0,0 +1,3 @@
+:mod:`tarfile`: extraction of members with overly large UID or GID (e.g. on
+an OS with 32-bit :c:type:`!id_t`) now fails in the same way as failing to
+set the ID.