summaryrefslogtreecommitdiff
path: root/libmat2/archive.py
diff options
context:
space:
mode:
Diffstat (limited to 'libmat2/archive.py')
-rw-r--r--libmat2/archive.py8
1 files changed, 7 insertions, 1 deletions
diff --git a/libmat2/archive.py b/libmat2/archive.py
index f90385b..39fb23e 100644
--- a/libmat2/archive.py
+++ b/libmat2/archive.py
@@ -190,8 +190,14 @@ class ArchiveBasedAbstractParser(abstract.AbstractParser):
190 if member_name[-1] == '/': # `is_dir` is added in Python3.6 190 if member_name[-1] == '/': # `is_dir` is added in Python3.6
191 continue # don't keep empty folders 191 continue # don't keep empty folders
192 192
193 zin.extract(member=item, path=temp_folder)
194 full_path = os.path.join(temp_folder, member_name) 193 full_path = os.path.join(temp_folder, member_name)
194 if not os.path.abspath(full_path).startswith(temp_folder):
195 logging.error("%s contains a file (%s) pointing outside (%s) of its root.",
196 self.filename, member_name, full_path)
197 abort = True
198 break
199
200 zin.extract(member=item, path=temp_folder)
195 201
196 try: 202 try:
197 original_permissions = os.stat(full_path).st_mode 203 original_permissions = os.stat(full_path).st_mode