@@ -107,6 +107,7 @@ RUN set -x \

 # IMPORTANT: If the version of Go is updated, the Windows to Linux CI machines

 #            will need updating, to avoid errors. Ping #docker-maintainers on IRC

 #            with a heads-up.

+# IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored

 ENV GO_VERSION 1.8.3

 RUN curl -fsSL "https://golang.org/dl/go${GO_VERSION}.linux-amd64.tar.gz" \

 	| tar -xzC /usr/local

@@ -136,3 +136,11 @@ github.com/Nvveen/Gotty a8b993ba6abdb0e0c12b0125c603323a71c7790c https://github.

 github.com/docker/go-metrics d466d4f6fd960e01820085bd7e1a24426ee7ef18

 github.com/opencontainers/selinux v1.0.0-rc1

+

+# archive/tar

+# mkdir -p ./vendor/archive

+# git clone git://github.com/tonistiigi/go-1.git ./go

+# git --git-dir ./go/.git --work-tree ./go checkout revert-prefix-ignore

+# cp -a go/src/archive/tar ./vendor/archive/tar

+# rm -rf ./go

+# vndr

\ No newline at end of file

new file mode 100644

@@ -0,0 +1,286 @@

+// Copyright 2009 The Go Authors. All rights reserved.

+// Use of this source code is governed by a BSD-style

+// license that can be found in the LICENSE file.

+

+// Package tar implements access to tar archives.

+// It aims to cover most of the variations, including those produced

+// by GNU and BSD tars.

+//

+// References:

+//   http://www.freebsd.org/cgi/man.cgi?query=tar&sektion=5

+//   http://www.gnu.org/software/tar/manual/html_node/Standard.html

+//   http://pubs.opengroup.org/onlinepubs/9699919799/utilities/pax.html

+package tar

+

+import (

+	"errors"

+	"fmt"

+	"os"

+	"path"

+	"time"

+)

+

+// BUG: Use of the Uid and Gid fields in Header could overflow on 32-bit

+// architectures. If a large value is encountered when decoding, the result

+// stored in Header will be the truncated version.

+

+// Header type flags.

+const (

+	TypeReg           = '0'    // regular file

+	TypeRegA          = '\x00' // regular file

+	TypeLink          = '1'    // hard link

+	TypeSymlink       = '2'    // symbolic link

+	TypeChar          = '3'    // character device node

+	TypeBlock         = '4'    // block device node

+	TypeDir           = '5'    // directory

+	TypeFifo          = '6'    // fifo node

+	TypeCont          = '7'    // reserved

+	TypeXHeader       = 'x'    // extended header

+	TypeXGlobalHeader = 'g'    // global extended header

+	TypeGNULongName   = 'L'    // Next file has a long name

+	TypeGNULongLink   = 'K'    // Next file symlinks to a file w/ a long name

+	TypeGNUSparse     = 'S'    // sparse file

+)

+

+// A Header represents a single header in a tar archive.

+// Some fields may not be populated.

+type Header struct {

+	Name       string    // name of header file entry

+	Mode       int64     // permission and mode bits

+	Uid        int       // user id of owner

+	Gid        int       // group id of owner

+	Size       int64     // length in bytes

+	ModTime    time.Time // modified time

+	Typeflag   byte      // type of header entry

+	Linkname   string    // target name of link

+	Uname      string    // user name of owner

+	Gname      string    // group name of owner

+	Devmajor   int64     // major number of character or block device

+	Devminor   int64     // minor number of character or block device

+	AccessTime time.Time // access time

+	ChangeTime time.Time // status change time

+	Xattrs     map[string]string

+}

+

+// FileInfo returns an os.FileInfo for the Header.

+func (h *Header) FileInfo() os.FileInfo {

+	return headerFileInfo{h}

+}

+

+// headerFileInfo implements os.FileInfo.

+type headerFileInfo struct {

+	h *Header

+}

+

+func (fi headerFileInfo) Size() int64        { return fi.h.Size }

+func (fi headerFileInfo) IsDir() bool        { return fi.Mode().IsDir() }

+func (fi headerFileInfo) ModTime() time.Time { return fi.h.ModTime }

+func (fi headerFileInfo) Sys() interface{}   { return fi.h }

+

+// Name returns the base name of the file.

+func (fi headerFileInfo) Name() string {

+	if fi.IsDir() {

+		return path.Base(path.Clean(fi.h.Name))

+	}

+	return path.Base(fi.h.Name)

+}

+

+// Mode returns the permission and mode bits for the headerFileInfo.

+func (fi headerFileInfo) Mode() (mode os.FileMode) {

+	// Set file permission bits.

+	mode = os.FileMode(fi.h.Mode).Perm()

+

+	// Set setuid, setgid and sticky bits.

+	if fi.h.Mode&c_ISUID != 0 {

+		// setuid

+		mode |= os.ModeSetuid

+	}

+	if fi.h.Mode&c_ISGID != 0 {

+		// setgid

+		mode |= os.ModeSetgid

+	}

+	if fi.h.Mode&c_ISVTX != 0 {

+		// sticky

+		mode |= os.ModeSticky

+	}

+

+	// Set file mode bits.

+	// clear perm, setuid, setgid and sticky bits.

+	m := os.FileMode(fi.h.Mode) &^ 07777

+	if m == c_ISDIR {

+		// directory

+		mode |= os.ModeDir

+	}

+	if m == c_ISFIFO {

+		// named pipe (FIFO)

+		mode |= os.ModeNamedPipe

+	}

+	if m == c_ISLNK {

+		// symbolic link

+		mode |= os.ModeSymlink

+	}

+	if m == c_ISBLK {

+		// device file

+		mode |= os.ModeDevice

+	}

+	if m == c_ISCHR {

+		// Unix character device

+		mode |= os.ModeDevice

+		mode |= os.ModeCharDevice

+	}

+	if m == c_ISSOCK {

+		// Unix domain socket

+		mode |= os.ModeSocket

+	}

+

+	switch fi.h.Typeflag {

+	case TypeSymlink:

+		// symbolic link

+		mode |= os.ModeSymlink

+	case TypeChar:

+		// character device node

+		mode |= os.ModeDevice

+		mode |= os.ModeCharDevice

+	case TypeBlock:

+		// block device node

+		mode |= os.ModeDevice

+	case TypeDir:

+		// directory

+		mode |= os.ModeDir

+	case TypeFifo:

+		// fifo node

+		mode |= os.ModeNamedPipe

+	}

+

+	return mode

+}

+

+// sysStat, if non-nil, populates h from system-dependent fields of fi.

+var sysStat func(fi os.FileInfo, h *Header) error

+

+// Mode constants from the tar spec.

+const (

+	c_ISUID  = 04000   // Set uid

+	c_ISGID  = 02000   // Set gid

+	c_ISVTX  = 01000   // Save text (sticky bit)

+	c_ISDIR  = 040000  // Directory

+	c_ISFIFO = 010000  // FIFO

+	c_ISREG  = 0100000 // Regular file

+	c_ISLNK  = 0120000 // Symbolic link

+	c_ISBLK  = 060000  // Block special file

+	c_ISCHR  = 020000  // Character special file

+	c_ISSOCK = 0140000 // Socket

+)

+

+// Keywords for the PAX Extended Header

+const (

+	paxAtime    = "atime"

+	paxCharset  = "charset"

+	paxComment  = "comment"

+	paxCtime    = "ctime" // please note that ctime is not a valid pax header.

+	paxGid      = "gid"

+	paxGname    = "gname"

+	paxLinkpath = "linkpath"

+	paxMtime    = "mtime"

+	paxPath     = "path"

+	paxSize     = "size"

+	paxUid      = "uid"

+	paxUname    = "uname"

+	paxXattr    = "SCHILY.xattr."

+	paxNone     = ""

+)

+

+// FileInfoHeader creates a partially-populated Header from fi.

+// If fi describes a symlink, FileInfoHeader records link as the link target.

+// If fi describes a directory, a slash is appended to the name.

+// Because os.FileInfo's Name method returns only the base name of

+// the file it describes, it may be necessary to modify the Name field

+// of the returned header to provide the full path name of the file.

+func FileInfoHeader(fi os.FileInfo, link string) (*Header, error) {

+	if fi == nil {

+		return nil, errors.New("tar: FileInfo is nil")

+	}

+	fm := fi.Mode()

+	h := &Header{

+		Name:    fi.Name(),

+		ModTime: fi.ModTime(),

+		Mode:    int64(fm.Perm()), // or'd with c_IS* constants later

+	}

+	switch {

+	case fm.IsRegular():

+		h.Mode |= c_ISREG

+		h.Typeflag = TypeReg

+		h.Size = fi.Size()

+	case fi.IsDir():

+		h.Typeflag = TypeDir

+		h.Mode |= c_ISDIR

+		h.Name += "/"

+	case fm&os.ModeSymlink != 0:

+		h.Typeflag = TypeSymlink

+		h.Mode |= c_ISLNK

+		h.Linkname = link

+	case fm&os.ModeDevice != 0:

+		if fm&os.ModeCharDevice != 0 {

+			h.Mode |= c_ISCHR

+			h.Typeflag = TypeChar

+		} else {

+			h.Mode |= c_ISBLK

+			h.Typeflag = TypeBlock

+		}

+	case fm&os.ModeNamedPipe != 0:

+		h.Typeflag = TypeFifo

+		h.Mode |= c_ISFIFO

+	case fm&os.ModeSocket != 0:

+		h.Mode |= c_ISSOCK

+	default:

+		return nil, fmt.Errorf("archive/tar: unknown file mode %v", fm)

+	}

+	if fm&os.ModeSetuid != 0 {

+		h.Mode |= c_ISUID

+	}

+	if fm&os.ModeSetgid != 0 {

+		h.Mode |= c_ISGID

+	}

+	if fm&os.ModeSticky != 0 {

+		h.Mode |= c_ISVTX

+	}

+	// If possible, populate additional fields from OS-specific

+	// FileInfo fields.

+	if sys, ok := fi.Sys().(*Header); ok {

+		// This FileInfo came from a Header (not the OS). Use the

+		// original Header to populate all remaining fields.

+		h.Uid = sys.Uid

+		h.Gid = sys.Gid

+		h.Uname = sys.Uname

+		h.Gname = sys.Gname

+		h.AccessTime = sys.AccessTime

+		h.ChangeTime = sys.ChangeTime

+		if sys.Xattrs != nil {

+			h.Xattrs = make(map[string]string)

+			for k, v := range sys.Xattrs {

+				h.Xattrs[k] = v

+			}

+		}

+		if sys.Typeflag == TypeLink {

+			// hard link

+			h.Typeflag = TypeLink

+			h.Size = 0

+			h.Linkname = sys.Linkname

+		}

+	}

+	if sysStat != nil {

+		return h, sysStat(fi, h)

+	}

+	return h, nil

+}

+

+// isHeaderOnlyType checks if the given type flag is of the type that has no

+// data section even if a size is specified.

+func isHeaderOnlyType(flag byte) bool {

+	switch flag {

+	case TypeLink, TypeSymlink, TypeChar, TypeBlock, TypeDir, TypeFifo:

+		return true

+	default:

+		return false

+	}

+}

new file mode 100644

@@ -0,0 +1,197 @@

+// Copyright 2016 The Go Authors. All rights reserved.

+// Use of this source code is governed by a BSD-style

+// license that can be found in the LICENSE file.

+

+package tar

+

+// Constants to identify various tar formats.

+const (

+	// The format is unknown.

+	formatUnknown = (1 << iota) / 2 // Sequence of 0, 1, 2, 4, 8, etc...

+

+	// The format of the original Unix V7 tar tool prior to standardization.

+	formatV7

+

+	// The old and new GNU formats, which are incompatible with USTAR.

+	// This does cover the old GNU sparse extension.

+	// This does not cover the GNU sparse extensions using PAX headers,

+	// versions 0.0, 0.1, and 1.0; these fall under the PAX format.

+	formatGNU

+

+	// Schily's tar format, which is incompatible with USTAR.

+	// This does not cover STAR extensions to the PAX format; these fall under

+	// the PAX format.

+	formatSTAR

+

+	// USTAR is the former standardization of tar defined in POSIX.1-1988.

+	// This is incompatible with the GNU and STAR formats.

+	formatUSTAR

+

+	// PAX is the latest standardization of tar defined in POSIX.1-2001.

+	// This is an extension of USTAR and is "backwards compatible" with it.

+	//

+	// Some newer formats add their own extensions to PAX, such as GNU sparse

+	// files and SCHILY extended attributes. Since they are backwards compatible

+	// with PAX, they will be labelled as "PAX".

+	formatPAX

+)

+

+// Magics used to identify various formats.

+const (

+	magicGNU, versionGNU     = "ustar ", " \x00"

+	magicUSTAR, versionUSTAR = "ustar\x00", "00"

+	trailerSTAR              = "tar\x00"

+)

+

+// Size constants from various tar specifications.

+const (

+	blockSize  = 512 // Size of each block in a tar stream

+	nameSize   = 100 // Max length of the name field in USTAR format

+	prefixSize = 155 // Max length of the prefix field in USTAR format

+)

+

+var zeroBlock block

+

+type block [blockSize]byte

+

+// Convert block to any number of formats.

+func (b *block) V7() *headerV7       { return (*headerV7)(b) }

+func (b *block) GNU() *headerGNU     { return (*headerGNU)(b) }

+func (b *block) STAR() *headerSTAR   { return (*headerSTAR)(b) }

+func (b *block) USTAR() *headerUSTAR { return (*headerUSTAR)(b) }

+func (b *block) Sparse() sparseArray { return (sparseArray)(b[:]) }

+

+// GetFormat checks that the block is a valid tar header based on the checksum.

+// It then attempts to guess the specific format based on magic values.

+// If the checksum fails, then formatUnknown is returned.

+func (b *block) GetFormat() (format int) {

+	// Verify checksum.

+	var p parser

+	value := p.parseOctal(b.V7().Chksum())

+	chksum1, chksum2 := b.ComputeChecksum()

+	if p.err != nil || (value != chksum1 && value != chksum2) {

+		return formatUnknown

+	}

+

+	// Guess the magic values.

+	magic := string(b.USTAR().Magic())

+	version := string(b.USTAR().Version())

+	trailer := string(b.STAR().Trailer())

+	switch {

+	case magic == magicUSTAR && trailer == trailerSTAR:

+		return formatSTAR

+	case magic == magicUSTAR:

+		return formatUSTAR

+	case magic == magicGNU && version == versionGNU:

+		return formatGNU

+	default:

+		return formatV7

+	}

+}

+

+// SetFormat writes the magic values necessary for specified format

+// and then updates the checksum accordingly.

+func (b *block) SetFormat(format int) {

+	// Set the magic values.

+	switch format {

+	case formatV7:

+		// Do nothing.

+	case formatGNU:

+		copy(b.GNU().Magic(), magicGNU)

+		copy(b.GNU().Version(), versionGNU)

+	case formatSTAR:

+		copy(b.STAR().Magic(), magicUSTAR)

+		copy(b.STAR().Version(), versionUSTAR)

+		copy(b.STAR().Trailer(), trailerSTAR)

+	case formatUSTAR, formatPAX:

+		copy(b.USTAR().Magic(), magicUSTAR)

+		copy(b.USTAR().Version(), versionUSTAR)

+	default:

+		panic("invalid format")

+	}

+

+	// Update checksum.

+	// This field is special in that it is terminated by a NULL then space.

+	var f formatter

+	field := b.V7().Chksum()

+	chksum, _ := b.ComputeChecksum() // Possible values are 256..128776

+	f.formatOctal(field[:7], chksum) // Never fails since 128776 < 262143

+	field[7] = ' '

+}

+

+// ComputeChecksum computes the checksum for the header block.

+// POSIX specifies a sum of the unsigned byte values, but the Sun tar used

+// signed byte values.

+// We compute and return both.

+func (b *block) ComputeChecksum() (unsigned, signed int64) {

+	for i, c := range b {

+		if 148 <= i && i < 156 {

+			c = ' ' // Treat the checksum field itself as all spaces.

+		}

+		unsigned += int64(uint8(c))

+		signed += int64(int8(c))

+	}

+	return unsigned, signed

+}

+

+type headerV7 [blockSize]byte

+

+func (h *headerV7) Name() []byte     { return h[000:][:100] }

+func (h *headerV7) Mode() []byte     { return h[100:][:8] }

+func (h *headerV7) UID() []byte      { return h[108:][:8] }

+func (h *headerV7) GID() []byte      { return h[116:][:8] }

+func (h *headerV7) Size() []byte     { return h[124:][:12] }

+func (h *headerV7) ModTime() []byte  { return h[136:][:12] }

+func (h *headerV7) Chksum() []byte   { return h[148:][:8] }

+func (h *headerV7) TypeFlag() []byte { return h[156:][:1] }

+func (h *headerV7) LinkName() []byte { return h[157:][:100] }

+

+type headerGNU [blockSize]byte

+

+func (h *headerGNU) V7() *headerV7       { return (*headerV7)(h) }

+func (h *headerGNU) Magic() []byte       { return h[257:][:6] }

+func (h *headerGNU) Version() []byte     { return h[263:][:2] }

+func (h *headerGNU) UserName() []byte    { return h[265:][:32] }

+func (h *headerGNU) GroupName() []byte   { return h[297:][:32] }

+func (h *headerGNU) DevMajor() []byte    { return h[329:][:8] }

+func (h *headerGNU) DevMinor() []byte    { return h[337:][:8] }

+func (h *headerGNU) AccessTime() []byte  { return h[345:][:12] }

+func (h *headerGNU) ChangeTime() []byte  { return h[357:][:12] }

+func (h *headerGNU) Sparse() sparseArray { return (sparseArray)(h[386:][:24*4+1]) }

+func (h *headerGNU) RealSize() []byte    { return h[483:][:12] }

+

+type headerSTAR [blockSize]byte

+

+func (h *headerSTAR) V7() *headerV7      { return (*headerV7)(h) }

+func (h *headerSTAR) Magic() []byte      { return h[257:][:6] }

+func (h *headerSTAR) Version() []byte    { return h[263:][:2] }

+func (h *headerSTAR) UserName() []byte   { return h[265:][:32] }

+func (h *headerSTAR) GroupName() []byte  { return h[297:][:32] }

+func (h *headerSTAR) DevMajor() []byte   { return h[329:][:8] }

+func (h *headerSTAR) DevMinor() []byte   { return h[337:][:8] }

+func (h *headerSTAR) Prefix() []byte     { return h[345:][:131] }

+func (h *headerSTAR) AccessTime() []byte { return h[476:][:12] }

+func (h *headerSTAR) ChangeTime() []byte { return h[488:][:12] }

+func (h *headerSTAR) Trailer() []byte    { return h[508:][:4] }

+

+type headerUSTAR [blockSize]byte

+

+func (h *headerUSTAR) V7() *headerV7     { return (*headerV7)(h) }

+func (h *headerUSTAR) Magic() []byte     { return h[257:][:6] }

+func (h *headerUSTAR) Version() []byte   { return h[263:][:2] }

+func (h *headerUSTAR) UserName() []byte  { return h[265:][:32] }

+func (h *headerUSTAR) GroupName() []byte { return h[297:][:32] }

+func (h *headerUSTAR) DevMajor() []byte  { return h[329:][:8] }

+func (h *headerUSTAR) DevMinor() []byte  { return h[337:][:8] }

+func (h *headerUSTAR) Prefix() []byte    { return h[345:][:155] }

+

+type sparseArray []byte

+

+func (s sparseArray) Entry(i int) sparseNode { return (sparseNode)(s[i*24:]) }

+func (s sparseArray) IsExtended() []byte     { return s[24*s.MaxEntries():][:1] }

+func (s sparseArray) MaxEntries() int        { return len(s) / 24 }

+

+type sparseNode []byte

+

+func (s sparseNode) Offset() []byte   { return s[00:][:12] }

+func (s sparseNode) NumBytes() []byte { return s[12:][:12] }

new file mode 100644

@@ -0,0 +1,800 @@

+// Copyright 2009 The Go Authors. All rights reserved.

+// Use of this source code is governed by a BSD-style

+// license that can be found in the LICENSE file.

+

+package tar

+

+// TODO(dsymonds):

+//   - pax extensions

+

+import (

+	"bytes"

+	"errors"

+	"io"

+	"io/ioutil"

+	"math"

+	"strconv"

+	"strings"

+	"time"

+)

+

+var (

+	ErrHeader = errors.New("archive/tar: invalid tar header")

+)

+

+// A Reader provides sequential access to the contents of a tar archive.

+// A tar archive consists of a sequence of files.

+// The Next method advances to the next file in the archive (including the first),

+// and then it can be treated as an io.Reader to access the file's data.

+type Reader struct {

+	r    io.Reader

+	pad  int64          // amount of padding (ignored) after current file entry

+	curr numBytesReader // reader for current file entry

+	blk  block          // buffer to use as temporary local storage

+

+	// err is a persistent error.

+	// It is only the responsibility of every exported method of Reader to

+	// ensure that this error is sticky.

+	err error

+}

+

+// A numBytesReader is an io.Reader with a numBytes method, returning the number

+// of bytes remaining in the underlying encoded data.

+type numBytesReader interface {

+	io.Reader

+	numBytes() int64

+}

+

+// A regFileReader is a numBytesReader for reading file data from a tar archive.

+type regFileReader struct {

+	r  io.Reader // underlying reader

+	nb int64     // number of unread bytes for current file entry

+}

+

+// A sparseFileReader is a numBytesReader for reading sparse file data from a

+// tar archive.

+type sparseFileReader struct {

+	rfr   numBytesReader // Reads the sparse-encoded file data

+	sp    []sparseEntry  // The sparse map for the file

+	pos   int64          // Keeps track of file position

+	total int64          // Total size of the file

+}

+

+// A sparseEntry holds a single entry in a sparse file's sparse map.

+//

+// Sparse files are represented using a series of sparseEntrys.

+// Despite the name, a sparseEntry represents an actual data fragment that

+// references data found in the underlying archive stream. All regions not

+// covered by a sparseEntry are logically filled with zeros.

+//

+// For example, if the underlying raw file contains the 10-byte data:

+//	var compactData = "abcdefgh"

+//

+// And the sparse map has the following entries:

+//	var sp = []sparseEntry{

+//		{offset: 2,  numBytes: 5} // Data fragment for [2..7]

+//		{offset: 18, numBytes: 3} // Data fragment for [18..21]

+//	}

+//

+// Then the content of the resulting sparse file with a "real" size of 25 is:

+//	var sparseData = "\x00"*2 + "abcde" + "\x00"*11 + "fgh" + "\x00"*4

+type sparseEntry struct {

+	offset   int64 // Starting position of the fragment

+	numBytes int64 // Length of the fragment

+}

+

+// Keywords for GNU sparse files in a PAX extended header

+const (

+	paxGNUSparseNumBlocks = "GNU.sparse.numblocks"

+	paxGNUSparseOffset    = "GNU.sparse.offset"

+	paxGNUSparseNumBytes  = "GNU.sparse.numbytes"

+	paxGNUSparseMap       = "GNU.sparse.map"

+	paxGNUSparseName      = "GNU.sparse.name"

+	paxGNUSparseMajor     = "GNU.sparse.major"

+	paxGNUSparseMinor     = "GNU.sparse.minor"

+	paxGNUSparseSize      = "GNU.sparse.size"

+	paxGNUSparseRealSize  = "GNU.sparse.realsize"

+)

+

+// NewReader creates a new Reader reading from r.

+func NewReader(r io.Reader) *Reader { return &Reader{r: r} }

+

+// Next advances to the next entry in the tar archive.

+//

+// io.EOF is returned at the end of the input.

+func (tr *Reader) Next() (*Header, error) {

+	if tr.err != nil {

+		return nil, tr.err

+	}

+	hdr, err := tr.next()

+	tr.err = err

+	return hdr, err

+}

+

+func (tr *Reader) next() (*Header, error) {

+	var extHdrs map[string]string

+

+	// Externally, Next iterates through the tar archive as if it is a series of

+	// files. Internally, the tar format often uses fake "files" to add meta

+	// data that describes the next file. These meta data "files" should not

+	// normally be visible to the outside. As such, this loop iterates through

+	// one or more "header files" until it finds a "normal file".

+loop:

+	for {

+		if err := tr.skipUnread(); err != nil {

+			return nil, err

+		}

+		hdr, rawHdr, err := tr.readHeader()

+		if err != nil {

+			return nil, err

+		}

+		if err := tr.handleRegularFile(hdr); err != nil {

+			return nil, err

+		}

+

+		// Check for PAX/GNU special headers and files.

+		switch hdr.Typeflag {

+		case TypeXHeader:

+			extHdrs, err = parsePAX(tr)

+			if err != nil {

+				return nil, err

+			}

+			continue loop // This is a meta header affecting the next header

+		case TypeGNULongName, TypeGNULongLink:

+			realname, err := ioutil.ReadAll(tr)

+			if err != nil {

+				return nil, err

+			}

+

+			// Convert GNU extensions to use PAX headers.

+			if extHdrs == nil {

+				extHdrs = make(map[string]string)

+			}

+			var p parser

+			switch hdr.Typeflag {

+			case TypeGNULongName:

+				extHdrs[paxPath] = p.parseString(realname)

+			case TypeGNULongLink:

+				extHdrs[paxLinkpath] = p.parseString(realname)

+			}

+			if p.err != nil {

+				return nil, p.err

+			}

+			continue loop // This is a meta header affecting the next header

+		default:

+			// The old GNU sparse format is handled here since it is technically

+			// just a regular file with additional attributes.

+

+			if err := mergePAX(hdr, extHdrs); err != nil {

+				return nil, err

+			}

+

+			// The extended headers may have updated the size.

+			// Thus, setup the regFileReader again after merging PAX headers.

+			if err := tr.handleRegularFile(hdr); err != nil {

+				return nil, err

+			}

+

+			// Sparse formats rely on being able to read from the logical data

+			// section; there must be a preceding call to handleRegularFile.

+			if err := tr.handleSparseFile(hdr, rawHdr, extHdrs); err != nil {

+				return nil, err

+			}

+			return hdr, nil // This is a file, so stop

+		}

+	}

+}

+

+// handleRegularFile sets up the current file reader and padding such that it

+// can only read the following logical data section. It will properly handle

+// special headers that contain no data section.

+func (tr *Reader) handleRegularFile(hdr *Header) error {

+	nb := hdr.Size

+	if isHeaderOnlyType(hdr.Typeflag) {

+		nb = 0

+	}

+	if nb < 0 {

+		return ErrHeader

+	}

+

+	tr.pad = -nb & (blockSize - 1) // blockSize is a power of two

+	tr.curr = &regFileReader{r: tr.r, nb: nb}

+	return nil

+}

+

+// handleSparseFile checks if the current file is a sparse format of any type

+// and sets the curr reader appropriately.

+func (tr *Reader) handleSparseFile(hdr *Header, rawHdr *block, extHdrs map[string]string) error {

+	var sp []sparseEntry

+	var err error

+	if hdr.Typeflag == TypeGNUSparse {

+		sp, err = tr.readOldGNUSparseMap(hdr, rawHdr)

+		if err != nil {

+			return err

+		}

+	} else {

+		sp, err = tr.checkForGNUSparsePAXHeaders(hdr, extHdrs)

+		if err != nil {

+			return err

+		}

+	}

+

+	// If sp is non-nil, then this is a sparse file.

+	// Note that it is possible for len(sp) to be zero.

+	if sp != nil {

+		tr.curr, err = newSparseFileReader(tr.curr, sp, hdr.Size)

+	}

+	return err

+}

+

+// checkForGNUSparsePAXHeaders checks the PAX headers for GNU sparse headers. If they are found, then

+// this function reads the sparse map and returns it. Unknown sparse formats are ignored, causing the file to

+// be treated as a regular file.

+func (tr *Reader) checkForGNUSparsePAXHeaders(hdr *Header, headers map[string]string) ([]sparseEntry, error) {

+	var sparseFormat string

+

+	// Check for sparse format indicators

+	major, majorOk := headers[paxGNUSparseMajor]

+	minor, minorOk := headers[paxGNUSparseMinor]

+	sparseName, sparseNameOk := headers[paxGNUSparseName]

+	_, sparseMapOk := headers[paxGNUSparseMap]

+	sparseSize, sparseSizeOk := headers[paxGNUSparseSize]

+	sparseRealSize, sparseRealSizeOk := headers[paxGNUSparseRealSize]

+

+	// Identify which, if any, sparse format applies from which PAX headers are set

+	if majorOk && minorOk {

+		sparseFormat = major + "." + minor

+	} else if sparseNameOk && sparseMapOk {

+		sparseFormat = "0.1"

+	} else if sparseSizeOk {

+		sparseFormat = "0.0"

+	} else {

+		// Not a PAX format GNU sparse file.

+		return nil, nil

+	}

+

+	// Check for unknown sparse format

+	if sparseFormat != "0.0" && sparseFormat != "0.1" && sparseFormat != "1.0" {

+		return nil, nil

+	}

+

+	// Update hdr from GNU sparse PAX headers

+	if sparseNameOk {

+		hdr.Name = sparseName

+	}

+	if sparseSizeOk {

+		realSize, err := strconv.ParseInt(sparseSize, 10, 64)

+		if err != nil {

+			return nil, ErrHeader

+		}

+		hdr.Size = realSize

+	} else if sparseRealSizeOk {

+		realSize, err := strconv.ParseInt(sparseRealSize, 10, 64)

+		if err != nil {

+			return nil, ErrHeader

+		}

+		hdr.Size = realSize

+	}

+

+	// Set up the sparse map, according to the particular sparse format in use

+	var sp []sparseEntry

+	var err error

+	switch sparseFormat {

+	case "0.0", "0.1":

+		sp, err = readGNUSparseMap0x1(headers)

+	case "1.0":

+		sp, err = readGNUSparseMap1x0(tr.curr)

+	}

+	return sp, err

+}

+

+// mergePAX merges well known headers according to PAX standard.

+// In general headers with the same name as those found

+// in the header struct overwrite those found in the header

+// struct with higher precision or longer values. Esp. useful

+// for name and linkname fields.

+func mergePAX(hdr *Header, headers map[string]string) (err error) {

+	var id64 int64

+	for k, v := range headers {

+		switch k {

+		case paxPath:

+			hdr.Name = v

+		case paxLinkpath:

+			hdr.Linkname = v

+		case paxUname:

+			hdr.Uname = v

+		case paxGname:

+			hdr.Gname = v

+		case paxUid:

+			id64, err = strconv.ParseInt(v, 10, 64)

+			hdr.Uid = int(id64) // Integer overflow possible

+		case paxGid:

+			id64, err = strconv.ParseInt(v, 10, 64)

+			hdr.Gid = int(id64) // Integer overflow possible

+		case paxAtime:

+			hdr.AccessTime, err = parsePAXTime(v)

+		case paxMtime:

+			hdr.ModTime, err = parsePAXTime(v)

+		case paxCtime:

+			hdr.ChangeTime, err = parsePAXTime(v)

+		case paxSize:

+			hdr.Size, err = strconv.ParseInt(v, 10, 64)

+		default:

+			if strings.HasPrefix(k, paxXattr) {

+				if hdr.Xattrs == nil {

+					hdr.Xattrs = make(map[string]string)

+				}

+				hdr.Xattrs[k[len(paxXattr):]] = v

+			}

+		}

+		if err != nil {

+			return ErrHeader

+		}

+	}

+	return nil

+}

+

+// parsePAX parses PAX headers.

+// If an extended header (type 'x') is invalid, ErrHeader is returned

+func parsePAX(r io.Reader) (map[string]string, error) {

+	buf, err := ioutil.ReadAll(r)

+	if err != nil {

+		return nil, err

+	}

+	sbuf := string(buf)

+

+	// For GNU PAX sparse format 0.0 support.

+	// This function transforms the sparse format 0.0 headers into format 0.1

+	// headers since 0.0 headers were not PAX compliant.

+	var sparseMap []string

+

+	extHdrs := make(map[string]string)

+	for len(sbuf) > 0 {

+		key, value, residual, err := parsePAXRecord(sbuf)

+		if err != nil {

+			return nil, ErrHeader

+		}

+		sbuf = residual

+

+		switch key {

+		case paxGNUSparseOffset, paxGNUSparseNumBytes:

+			// Validate sparse header order and value.

+			if (len(sparseMap)%2 == 0 && key != paxGNUSparseOffset) ||

+				(len(sparseMap)%2 == 1 && key != paxGNUSparseNumBytes) ||

+				strings.Contains(value, ",") {

+				return nil, ErrHeader