projects / python3.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f5855aa) | patch
[3.9] gh-109858: Protect zipfile from "quoted-overlap" zipbomb (GH-110016) (GH-113915)
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Wed, 17 Jan 2024 13:48:06 +0000 (14:48 +0100)
committerAndrej Shadura <andrewsh@debian.org>
Sun, 25 Jan 2026 13:37:52 +0000 (14:37 +0100)
commite1ae176630f729d95282ea946efc4633b96f0e95
tree6d57ab518f8e838ba803d3112c0c2b3e552086c2tree | snapshot
parentf5855aa56cd97cd6a32c259fb219cf2deb6a7e0ccommit | diff
[3.9] gh-109858: Protect zipfile from "quoted-overlap" zipbomb (GH-110016) (GH-113915)

Raise BadZipFile when try to read an entry that overlaps with other entry or
central directory.
(cherry picked from commit 66363b9a7b9fe7c99eba3a185b74c5fdbf842eba)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Gbp-Pq: Name 0020-3.9-gh-109858-Protect-zipfile-from-quoted-overlap-zi.patch
Lib/test/test_zipfile.py diff | blob | history
Lib/zipfile.py diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.