Add exceptions to TAR extended attribute constructors to disallow '=' and '\n' characters in keys and values.

src/libraries/System.Formats.Tar/src/Resources/Strings.resx

@@ -264,4 +264,10 @@
   <data name="TarSizeFieldTooLargeForEntryFormat" xml:space="preserve">
     <value>The value of the size field for the current entry of format '{0}' is greater than the format allows.</value>
   </data>
-</root>
+  <data name="TarExtAttrDisallowedKeyChar" xml:space="preserve">
+    <value>The extended attribute key '{0}' contains a disallowed '{1}' character.</value>
+  </data>
+  <data name="TarExtAttrDisallowedValueChar" xml:space="preserve">
+    <value>The value of the extended attribute key '{0}' contains a disallowed '{1}' character.</value>
+  </data>
+</root>

src/libraries/System.Formats.Tar/src/System/Formats/Tar/TarHeader.cs

@@ -113,7 +113,27 @@ internal TarHeader(TarEntryFormat format, TarEntryType typeFlag, TarHeader other
         internal void InitializeExtendedAttributesWithExisting(IEnumerable<KeyValuePair<string, string>> existing)
         {
             Debug.Assert(_ea == null);
-            _ea = new Dictionary<string, string>(existing);
+            Debug.Assert(existing != null);
+
+            using IEnumerator<KeyValuePair<string, string>> enumerator = existing.GetEnumerator();
+            while (enumerator.MoveNext())
+            {
+                KeyValuePair<string, string> kvp = enumerator.Current;
+
+                int index = kvp.Key.IndexOfAny(new char[] { '=', '\n' });
+                if (index >= 0)
+                {
+                    throw new ArgumentException(SR.Format(SR.TarExtAttrDisallowedKeyChar, kvp.Key, kvp.Key[index] == '\n' ? "\\n" : kvp.Key[index]));
+                }
+                if (kvp.Value.IndexOf('\n') != -1)
+                {
+                    throw new ArgumentException(SR.Format(SR.TarExtAttrDisallowedValueChar, kvp.Key, "\\n"));
+                }
+
+                _ea ??= new Dictionary<string, string>();
+
+                _ea.Add(kvp.Key, kvp.Value);
+            }
         }
 
         private static string GetMagicForFormat(TarEntryFormat format) => format switch

src/libraries/System.Formats.Tar/tests/TarEntry/PaxTarEntry.Tests.cs

@@ -1,8 +1,7 @@
 // Licensed to the .NET Foundation under one or more agreements.
 // The .NET Foundation licenses this file to you under the MIT license.
 
-using System.IO;
-using System.Linq;
+using System.Collections.Generic;
 using Xunit;
 
 namespace System.Formats.Tar.Tests
@@ -36,6 +35,30 @@ public void Constructor_UnsupportedEntryTypes()
             Assert.Throws<ArgumentException>(() => new PaxTarEntry(TarEntryType.GlobalExtendedAttributes, InitialEntryName));
         }
 
+
+        [Theory]
+        [InlineData("\n", "value")]
+        [InlineData("=", "value")]
+        [InlineData("key", "\n")]
+        [InlineData("\nkey", "value")]
+        [InlineData("k\ney", "value")]
+        [InlineData("key\n", "value")]
+        [InlineData("=key", "value")]
+        [InlineData("ke=y", "value")]
+        [InlineData("key=", "value")]
+        [InlineData("key", "\nvalue")]
+        [InlineData("key", "val\nue")]
+        [InlineData("key", "value\n")]
+        [InlineData("key=", "value\n")]
+        [InlineData("key\n", "value\n")]
+        public void Disallowed_ExtendedAttributes_SeparatorCharacters(string key, string value)
+        {
+            Dictionary<string, string> extendedAttribute = new Dictionary<string, string>() { { key, value } };
+
+            Assert.Throws<ArgumentException>(() => new PaxTarEntry(TarEntryType.RegularFile, InitialEntryName, extendedAttribute));
+            Assert.Throws<ArgumentException>(() => new PaxGlobalExtendedAttributesTarEntry(extendedAttribute));
+        }
+
         [Fact]
         public void SupportedEntryType_RegularFile()
         {