Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2026-06-05 01:10:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

gh-146581: Update docs for dangerous filenames in ZIP files (GH-149994)

Browse source 
Co-authored-by: Sebastian Gassner <sebastian.gassner@gmail.com>
This commit is contained in:
Serhiy Storchaka 2026-05-19 11:36:12 +03:00 committed by GitHub
parent 517d3d2c10
commit ba0aca3bff
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Doc/library/shutil.rst
View file

@ -749,8 +749,8 @@ provided. They rely on the :mod:`zipfile` and :mod:`tarfile` modules.
Never extract archives from untrusted sources without prior inspection.
It is possible that files are created outside of the path specified in
the *extract_dir* argument, e.g. members that have absolute filenames
starting with "/" or filenames with two dots "..".
the *extract_dir* argument, for example, members that have absolute filenames
or filenames with ".." components.
Since Python 3.14, the defaults for both built-in formats (zip and tar
files) will prevent the most dangerous of such security issues,

8
Doc/library/zipfile.rst
View file

@ -411,9 +411,9 @@ ZipFile objects
.. warning::
Never extract archives from untrusted sources without prior inspection.
It is possible that files are created outside of *path*, e.g. members
that have absolute filenames starting with ``"/"`` or filenames with two
dots ``".."``. This module attempts to prevent that.
It is possible that files are created outside of *path*, for example, members
that have absolute filenames or filenames with ".." components.
This module attempts to prevent that.
See :meth:`extract` note.
.. versionchanged:: 3.6
@ -590,7 +590,7 @@ Path objects
The :class:`Path` class does not sanitize filenames within the ZIP archive. Unlike
the :meth:`ZipFile.extract` and :meth:`ZipFile.extractall` methods, it is the
caller's responsibility to validate or sanitize filenames to prevent path traversal
vulnerabilities (e.g., filenames containing ".." or absolute paths). When handling
vulnerabilities (for example, absolute paths or paths with ".." components). When handling
untrusted archives, consider resolving filenames using :func:`os.path.abspath`
and checking against the target directory with :func:`os.path.commonpath`.