archive: Unconditionally honor PAX size (#441)

archive: Unconditionally honor PAX size (#441)

This synchronizes our behavior with most other tar parsers
(including astral-tokio-tar and Go archive/tar) ensuring
that we don't parse things differently.

The problem with parsing size in particular differently is
it's easy to craft a tar archive that appears completely differently
between two parsers. This is the case with e.g. crates.io where
astral-tokio-tar is used for validation server side, but cargo uses
the `tar` crate to upload.

With this, the two projects agree.

Signed-off-by: Colin Walters <walters@verbum.org>
Co-authored-by: Colin Walters <walters@verbum.org>
FG: drop test-related changes
Signed-off-by: Fabian Grünbichler <debian@fabian.gruenbichler.email>
Fixes: CVE-2026-33055
Gbp-Pq: Topic vendor
Gbp-Pq: Name tar-CVE-2026-33055.patch