[Python-checkins] r53155 - in python/trunk: Lib/tarfile.py Lib/test/test_tarfile.py Misc/NEWS
lars.gustaebel
python-checkins at python.org
Sat Dec 23 18:57:24 CET 2006
Author: lars.gustaebel
Date: Sat Dec 23 18:57:23 2006
New Revision: 53155
Modified:
python/trunk/Lib/tarfile.py
python/trunk/Lib/test/test_tarfile.py
python/trunk/Misc/NEWS
Log:
Patch #1262036: Prevent TarFiles from being added to themselves under
certain conditions.
Will backport to 2.5.
Modified: python/trunk/Lib/tarfile.py
==============================================================================
--- python/trunk/Lib/tarfile.py (original)
+++ python/trunk/Lib/tarfile.py Sat Dec 23 18:57:23 2006
@@ -1052,7 +1052,7 @@
can be determined, `mode' is overridden by `fileobj's mode.
`fileobj' is not closed, when TarFile is closed.
"""
- self.name = name
+ self.name = os.path.abspath(name)
if len(mode) > 1 or mode not in "raw":
raise ValueError("mode must be 'r', 'a' or 'w'")
@@ -1064,7 +1064,7 @@
self._extfileobj = False
else:
if self.name is None and hasattr(fileobj, "name"):
- self.name = fileobj.name
+ self.name = os.path.abspath(fileobj.name)
if hasattr(fileobj, "mode"):
self.mode = fileobj.mode
self._extfileobj = True
@@ -1200,24 +1200,12 @@
except (ImportError, AttributeError):
raise CompressionError("gzip module is not available")
- pre, ext = os.path.splitext(name)
- pre = os.path.basename(pre)
- if ext == ".tgz":
- ext = ".tar"
- if ext == ".gz":
- ext = ""
- tarname = pre + ext
-
if fileobj is None:
fileobj = file(name, mode + "b")
- if mode != "r":
- name = tarname
-
try:
- t = cls.taropen(tarname, mode,
- gzip.GzipFile(name, mode, compresslevel, fileobj)
- )
+ t = cls.taropen(name, mode,
+ gzip.GzipFile(name, mode, compresslevel, fileobj))
except IOError:
raise ReadError("not a gzip file")
t._extfileobj = False
@@ -1236,21 +1224,13 @@
except ImportError:
raise CompressionError("bz2 module is not available")
- pre, ext = os.path.splitext(name)
- pre = os.path.basename(pre)
- if ext == ".tbz2":
- ext = ".tar"
- if ext == ".bz2":
- ext = ""
- tarname = pre + ext
-
if fileobj is not None:
fileobj = _BZ2Proxy(fileobj, mode)
else:
fileobj = bz2.BZ2File(name, mode, compresslevel=compresslevel)
try:
- t = cls.taropen(tarname, mode, fileobj)
+ t = cls.taropen(name, mode, fileobj)
except IOError:
raise ReadError("not a bzip2 file")
t._extfileobj = False
@@ -1455,8 +1435,7 @@
arcname = name
# Skip if somebody tries to archive the archive...
- if self.name is not None \
- and os.path.abspath(name) == os.path.abspath(self.name):
+ if self.name is not None and os.path.abspath(name) == self.name:
self._dbg(2, "tarfile: Skipped %r" % name)
return
Modified: python/trunk/Lib/test/test_tarfile.py
==============================================================================
--- python/trunk/Lib/test/test_tarfile.py (original)
+++ python/trunk/Lib/test/test_tarfile.py Sat Dec 23 18:57:23 2006
@@ -290,6 +290,20 @@
else:
self.dst.addfile(tarinfo, f)
+ def test_add_self(self):
+ dstname = os.path.abspath(self.dstname)
+
+ self.assertEqual(self.dst.name, dstname, "archive name must be absolute")
+
+ self.dst.add(dstname)
+ self.assertEqual(self.dst.getnames(), [], "added the archive to itself")
+
+ cwd = os.getcwd()
+ os.chdir(dirname())
+ self.dst.add(dstname)
+ os.chdir(cwd)
+ self.assertEqual(self.dst.getnames(), [], "added the archive to itself")
+
class Write100Test(BaseTest):
# The name field in a tar header stores strings of at most 100 chars.
Modified: python/trunk/Misc/NEWS
==============================================================================
--- python/trunk/Misc/NEWS (original)
+++ python/trunk/Misc/NEWS Sat Dec 23 18:57:23 2006
@@ -103,6 +103,9 @@
Library
-------
+- Patch #1262036: Prevent TarFiles from being added to themselves under
+ certain conditions.
+
- Patch #1230446: tarfile.py: fix ExFileObject so that read() and tell()
work correctly together with readline().
More information about the Python-checkins
mailing list