[New-bugs-announce] [issue17102] tarfile extract can write files outside the destination path
Gregory P. Smith
report at bugs.python.org
Sat Feb 2 07:02:27 CET 2013
New submission from Gregory P. Smith:
Create a malicious .tar file with entries containing absolute or relative paths and the tarfile module happily uses them as is without sanity checking.
filed in response to http://bugs.python.org/issue6972 which fixed the zipfile module for this.
I'm attaching an example tar file to demonstrate this (safely) but much worse things could obviously be done.
----------
files: absolute_path.tar
messages: 181133
nosy: gregory.p.smith
priority: high
severity: normal
status: open
title: tarfile extract can write files outside the destination path
type: security
versions: Python 2.7, Python 3.2, Python 3.3, Python 3.4
Added file: http://bugs.python.org/file28931/absolute_path.tar
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue17102>
_______________________________________
More information about the New-bugs-announce
mailing list