extractWithLibarchive extracted every entry regardless of its declared
uncompressed size, with no ceiling. The signed-install path is tempered
by install.zig's whole-archive hash verification against trusted repo
metadata before extraction runs, but mere dev import (import.zig) and
build-source unpacking (source_unpacker.zig) extract before any such
binding exists, so a small crafted archive could claim to expand to an
arbitrary amount of data.
Add checkEntryExtractedSize, called per entry before extraction, which
rejects any entry whose archive_entry_size() exceeds a 4 GiB ceiling,
with a diagnostic message naming the entry and stating the declared
size and the limit rather than a generic "invalid input".