Hello, I have noticed while auditing tar decode_options() function, that new_argc is prone to integer overflow.
In the case of handling arguments, if no "-" is provided and the arguments provided are near max_int it will overflow resulting in under-allocation of the new_argv[]. In practice this probably can't happen since default ARG_MAX will be exceeded when testing. [image: image.png] This might be complete nonsense but I would like to know your take on this.
