Under specific circumstances tar(1) can crash with flag 0xff00 if the binary turnin(1) has no permission to read the input file.
Additionally, turnin(1) can crash if it has no permission to read the files during isbinaryfile() called by addfile().
A (race condition triggering) bash(1) script to demo these vulnerabilities can be found here:

printf "y\ny" | turnin hw@course hello.c & sleep 0.001; chmod 000 hello.c

where 0.001 should probably be changed until you manage to reproduce both crashes. For minimum values that sleep(1) cannot perform, use an echo(1) and maybe an echo(1) to a file.