git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/blob

   1 From 73960393a559d0de5edf07b022d182cac54df9dc Mon Sep 17 00:00:00 2001
   2 From: Petr Viktorin <encukou@gmail.com>
   3 Date: Wed, 23 Aug 2023 20:00:07 +0200
   4 Subject: [PATCH] gh-107811: tarfile: treat overflow in UID/GID as failure to
   5  set it (#108369)
   6
   7 Upstream-Status: Backport [https://github.com/python/cpython/pull/108369]
   8 Signed-off-by: Khem Raj <raj.khem@gmail.com>
   9 ---
  10  Lib/tarfile.py                                                 | 3 ++-
  11  .../Library/2023-08-23-17-34-39.gh-issue-107811.3Fng72.rst     | 3 +++
  12  2 files changed, 5 insertions(+), 1 deletion(-)
  13  create mode 100644 Misc/NEWS.d/next/Library/2023-08-23-17-34-39.gh-issue-107811.3Fng72.rst
  14
  15 diff --git a/Lib/tarfile.py b/Lib/tarfile.py
  16 index 0a0f31e..4dfb67d 100755
  17 --- a/Lib/tarfile.py
  18 +++ b/Lib/tarfile.py
  19 @@ -2590,7 +2590,8 @@ class TarFile(object):
  20                      os.lchown(targetpath, u, g)
  21                  else:
  22                      os.chown(targetpath, u, g)
  23 -            except OSError as e:
  24 +            except (OSError, OverflowError) as e:
  25 +                # OverflowError can be raised if an ID doesn't fit in `id_t`
  26                  raise ExtractError("could not change owner") from e
  27
  28      def chmod(self, tarinfo, targetpath):
  29 diff --git a/Misc/NEWS.d/next/Library/2023-08-23-17-34-39.gh-issue-107811.3Fng72.rst b/Misc/NEWS.d/next/Library/2023-08-23-17-34-39.gh-issue-107811.3Fng72.rst
  30 new file mode 100644
  31 index 0000000..ffca413
  32 --- /dev/null
  33 +++ b/Misc/NEWS.d/next/Library/2023-08-23-17-34-39.gh-issue-107811.3Fng72.rst
  34 @@ -0,0 +1,3 @@
  35 +:mod:`tarfile`: extraction of members with overly large UID or GID (e.g. on
  36 +an OS with 32-bit :c:type:`!id_t`) now fails in the same way as failing to
  37 +set the ID.