projects / python3.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 348f784) | patch
[3.9] gh-109858: Protect zipfile from "quoted-overlap" zipbomb (GH-110016) (GH-113915)
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Wed, 17 Jan 2024 13:48:06 +0000 (14:48 +0100)
committerArnaud Rebillout <arnaudr@debian.org>
Thu, 14 May 2026 03:00:00 +0000 (10:00 +0700)
commit84902a7332e77072561493d3f1e07e9e4cc82f65
treeba1b606262a9fa6588c74fd076ea57931ad640e1tree | snapshot
parent348f784573e42fd5450b3564f68cad3c4b6d42b1commit | diff
[3.9] gh-109858: Protect zipfile from "quoted-overlap" zipbomb (GH-110016) (GH-113915)

Raise BadZipFile when try to read an entry that overlaps with other entry or
central directory.
(cherry picked from commit 66363b9a7b9fe7c99eba3a185b74c5fdbf842eba)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Gbp-Pq: Name 0020-3.9-gh-109858-Protect-zipfile-from-quoted-overlap-zi.patch
Lib/test/test_zipfile.py diff | blob | history
Lib/zipfile.py diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.