-
-
Notifications
You must be signed in to change notification settings - Fork 33.2k
Closed
Labels
type-bugAn unexpected behavior, bug, or errorAn unexpected behavior, bug, or errortype-securityA security issueA security issue
Description
As reported in jaraco/zipp#119, malformed paths in a zipfile can lead to undesirable behaviors (infinite loops) when traversed using zipfile.Path.
This issue tracks porting that fix to CPython.
Linked PRs
- gh-122905: Sanitize names in zipfile.Path. #122906
- [3.13] gh-122905: Sanitize names in zipfile.Path. (GH-122906) #122922
- [3.12] gh-122905: Sanitize names in zipfile.Path. (GH-122906) #122923
- [3.11] gh-122905: Sanitize names in zipfile.Path. (GH-122906) #122925
- [3.10] gh-122905: Sanitize names in zipfile.Path. (GH-122906) #123160
- [3.9] gh-122905: Sanitize names in zipfile.Path. (GH-122906) #123161
- [3.8] gh-122905: Sanitize names in zipfile.Path. (GH-122906) #123162
Metadata
Metadata
Assignees
Labels
type-bugAn unexpected behavior, bug, or errorAn unexpected behavior, bug, or errortype-securityA security issueA security issue