archive-tar: guard get_path_prefix against zero-length input

get_path_prefix() uses a do-while loop that unconditionally
decrements the size_t index variable i before checking the loop
condition. When i is 0 on entry, the decrement wraps to SIZE_MAX,
and path[SIZE_MAX] is an out-of-bounds read.

The current caller (write_tar_entry at line 281) only invokes
this function when pathlen > sizeof(header.name) (100 bytes), so
i is always at least 100 on entry and the bug is unreachable in
practice. However, the function's interface accepts arbitrary
pathlen and maxlen values, and a future caller or a maxlen of 0
could trigger the wrap.

Add an early return for i == 0 before the do-while loop.

Pointed out by Coverity.

Assisted-by: Claude Opus 4.6
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

Author: dscho

archive-tar.c

@@ -210,6 +210,8 @@ static size_t get_path_prefix(const char *path, size_t pathlen, size_t maxlen)
 		i--;
 	if (i > maxlen)
 		i = maxlen;
+	if (!i)
+		return 0;
 	do {
 		i--;
 	} while (i > 0 && path[i] != '/');