Comment 1 Ulrich Müller 2012-04-08 20:55:27 UTC

When executing the commands separately:
   $ xz -d foo.tar.xz
   $ tar xf foo.tar
neither of the two commands throws an error. So according to xz, it's a valid xz file. And according to tar, the uncompressed file is a valid archive.

I don't have a strong opinion on the matter, but maybe tar should be considered the authoritative entity that decides if an archive is valid?

You need to use "tar --ignore-zeros" to get a visible notification of the corruption.

The tar documentation states

"When reading an archive, a reasonable system should properly handle an archive whose last record is shorter than the rest, or which contains garbage records after a zero block."

so I think we ought to accept these, annoying as it is.  Also, when tar itself runs the decompressor it ignores a SIGPIPE exit status, so for consistency we should do the same.

Comment 4 Zac Medico 2012-04-21 21:24:03 UTC

*** This bug has been marked as a duplicate of bug 410861 ***

You still need to do something about this... You're silently ignoring corruption in tarballs.

Comment 6 Zac Medico 2012-04-21 21:29:05 UTC

What can we do about it?

Use pipes for every compression format, reject every tarball that gives a SIGPIPE, and make ebuild maintainers fix the breakage. There are a whole bunch of corrupted tarballs on distfiles.g.o where ebuilds are ending up with partial uncompressions or similar, and developer testing obviously isn't good enough that it's been noticed.

Comment 8 Zac Medico 2012-04-21 21:41:10 UTC

In order to go through with this, we'll need some real data, not just a vague reference to "a whole bunch of corrupted tarballs."

Comment 9 Zac Medico 2012-04-21 21:43:07 UTC

How about if we trigger a "QA Notice" message when we detect the SIGPIPE? That would allow us to collect some real data.

http://paste.pocoo.org/show/579355/ was a run over a distfiles mirror, giving you a rough idea of the extent of the problem.