projects / python3.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1d188ad) | patch
[3.9] gh-109858: Protect zipfile from "quoted-overlap" zipbomb (GH-110016) (GH-113915)
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Wed, 17 Jan 2024 13:48:06 +0000 (14:48 +0100)
committerAdrian Bunk <bunk@debian.org>
Sun, 1 Dec 2024 12:12:57 +0000 (14:12 +0200)
commit7944a22e33f9314bb0accd792c507ed4bda690c0
treea00dc853e60dddf98e33e994856bd8a274cb8816tree | snapshot
parent1d188ad9fa8c20284da704fd32243f54f1446055commit | diff
[3.9] gh-109858: Protect zipfile from "quoted-overlap" zipbomb (GH-110016) (GH-113915)

Raise BadZipFile when try to read an entry that overlaps with other entry or
central directory.
(cherry picked from commit 66363b9a7b9fe7c99eba3a185b74c5fdbf842eba)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Gbp-Pq: Name 0020-3.9-gh-109858-Protect-zipfile-from-quoted-overlap-zi.patch
Lib/test/test_zipfile.py diff | blob | history
Lib/zipfile.py diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.