Gregory P. Smith <g...@krypto.org> added the comment:

TL;DR - A tar file being extracted doesn't check to see if it is overwriting an 
existing file, which could be a symlink to elsewhere leading to elsewhere's 
contents being clobbered assuming the elsewhere file exists.

doing an unlink before opening the destination file (ignoring either success or 
FileNotFound) during extract would avoid this _specific_ case.

But tarfile is already documented with a warning about untrusted inputs being 
able to do bad things:

https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extractall

fixing this one serialized case doesn't do anything about other cases or race 
conditions we won't claim protection against, so I'm not sure this issue is 
serious from a stdlib perspective.

----------
nosy: +gregory.p.smith

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue44023>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Reply via email to