Never extract archives from untrusted sources without prior inspection.
It is possible that files are created outside of the path specified in
- the *extract_dir* argument, e.g. members that have absolute filenames
- starting with "/" or filenames with two dots "..".
+ the *extract_dir* argument, for example, members that have absolute filenames
+ or filenames with ".." components.
Since Python 3.14, the defaults for both built-in formats (zip and tar
files) will prevent the most dangerous of such security issues,
.. warning::
Never extract archives from untrusted sources without prior inspection.
- It is possible that files are created outside of *path*, e.g. members
- that have absolute filenames starting with ``"/"`` or filenames with two
- dots ``".."``. This module attempts to prevent that.
+ It is possible that files are created outside of *path*, for example, members
+ that have absolute filenames or filenames with ".." components.
+ This module attempts to prevent that.
See :meth:`extract` note.
.. versionchanged:: 3.6
The :class:`Path` class does not sanitize filenames within the ZIP archive. Unlike
the :meth:`ZipFile.extract` and :meth:`ZipFile.extractall` methods, it is the
caller's responsibility to validate or sanitize filenames to prevent path traversal
- vulnerabilities (e.g., filenames containing ".." or absolute paths). When handling
+ vulnerabilities (for example, absolute paths or paths with ".." components). When handling
untrusted archives, consider resolving filenames using :func:`os.path.abspath`
and checking against the target directory with :func:`os.path.commonpath`.
projects / thirdparty / Python / cpython.git / commitdiff
