[New-bugs-announce] [issue18134] zipfile extractall accepts wrong password
report at bugs.python.org
Tue Jun 4 22:24:26 CEST 2013
New submission from Benedict Kwok:
Steps to reproduce:
1) create a ssn.txt file with social security numbers of customers
2) create a zip file with a password: zip -P secret ssn ssn.txt
3) create a python script to extract the zipfile by:
except Exception, e:
This will extract the ssn.txt into the directory by using the right password "secret"different
4) However, by using a wrong password "proa" this does not get the exception. Instead create a ssn.txt file which is corrupted.
5) Other wrong password will get the exception but not the one descripted in step 4.
title: zipfile extractall accepts wrong password
versions: Python 2.7
Python tracker <report at bugs.python.org>
More information about the New-bugs-announce