Please review changes against upstream code using SCM,
see the Vcs-* tags in debian/control for its location.

--- pax-20140703.orig/file_subs.c
+++ pax-20140703/file_subs.c
@@ -1158,7 +1158,7 @@ set_crc(ARCHD *arcn, int fd)
 	int i;
 	int res;
 	off_t cpcnt = 0L;
-	u_long size;
+	size_t size;
 	u_int32_t crc = 0;
 	char tbuf[FILEBLK];
 	struct stat sb;
@@ -1171,8 +1171,8 @@ set_crc(ARCHD *arcn, int fd)
 		return(0);
 	}
 
-	if ((size = (u_long)arcn->sb.st_blksize) > (u_long)sizeof(tbuf))
-		size = (u_long)sizeof(tbuf);
+	if ((size = (size_t)arcn->sb.st_blksize) > sizeof(tbuf))
+		size = sizeof(tbuf);
 
 	/*
 	 * read all the bytes we think that there are in the file. If the user
--- pax-20140703.orig/tables.c
+++ pax-20140703/tables.c
@@ -379,6 +379,10 @@ chk_ftime(ARCHD *arcn)
 	u_int indx;
 	char ckname[PAXPATHLEN+1];
 
+	if (arcn->nlen > PAXPATHLEN)
+		/*XXX just skip over this file */
+		return (-1);
+
 	/*
 	 * no info, go ahead and add to archive
 	 */
