Commit 5828105
Use extract_path (not CWD) as tar-extraction containment base
The pre-3.12 fallback in custom_extractall_tarfile filtered members with
_get_safe_members, which resolved its containment base from the current
working directory (_get_resolved_path("")) instead of the extraction
target. A crafted model/code tarball could therefore write outside the
intended extract_path; the post-extraction validator only walks
extract_path and cannot see escapes. Pass extract_path into
_get_safe_members so members are validated against the extraction target,
matching _validate_extracted_paths and the _repack_model.py sibling.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>1 parent a15a449 commit 5828105
1 file changed
Lines changed: 3 additions & 3 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1767 | 1767 | | |
1768 | 1768 | | |
1769 | 1769 | | |
1770 | | - | |
| 1770 | + | |
1771 | 1771 | | |
1772 | 1772 | | |
1773 | 1773 | | |
| |||
1778 | 1778 | | |
1779 | 1779 | | |
1780 | 1780 | | |
1781 | | - | |
| 1781 | + | |
1782 | 1782 | | |
1783 | 1783 | | |
1784 | 1784 | | |
| |||
1842 | 1842 | | |
1843 | 1843 | | |
1844 | 1844 | | |
1845 | | - | |
| 1845 | + | |
1846 | 1846 | | |
1847 | 1847 | | |
1848 | 1848 | | |
| |||
0 commit comments