fix(utils): harden zip extraction#495
Merged
Merged
Conversation
- Validate ZIP members before extraction to reject absolute paths, traversal segments, and empty member names. - Add regression coverage for safe archives and unsafe member names so the extraction guard stays enforced. --- Co-authored-by: Codex <codex@openai.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR hardens the internal ZIP extraction utility (trackers.utils.downloader._extract_zip) against Zip Slip-style directory traversal by validating ZIP member paths before extraction, and adds targeted tests to confirm both safe extraction and rejection of unsafe member paths.
Changes:
- Added
_validate_zip_member_pathto reject empty, absolute, or traversal member names that would resolve outside the output directory. - Updated
_extract_zipto validate all members before callingextractall, and documented the newValueErrorbehavior. - Added new unit tests covering safe extraction and parameterized unsafe member rejection with “no partial extraction” assertions.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| src/trackers/utils/downloader.py | Adds path validation for ZIP members and enforces validation prior to extraction to prevent directory traversal. |
| tests/utils/test_downloader.py | Introduces helper ZIP writer and tests for safe extraction plus rejection of unsafe member paths. |
- Anchor ZIP extraction to an opened output directory so a path swap cannot redirect writes. - Expand downloader tests with outside-path assertions, empty-member coverage, Windows-style member coverage, and a path-swap regression. --- Co-authored-by: Codex <codex@openai.com>
Member
Author
|
Measured on this machine:
Takeaway:
|
…aner error handling
- Keep the Unix fd-anchored no-follow extractor for symlink-safe containment on platforms that support dir_fd. - Add a Windows fallback plus a skipped Unix-only swap probe so the downloader tests pass cross-platform. --- Co-authored-by: Codex <codex@openai.com>
- Add a raw ZipInfo helper so the backslash case is not normalized away by platform-specific separator handling. - Keep the unsafe-member matrix exercising the intended Windows-style rejection path directly. --- Co-authored-by: Codex <codex@openai.com>
- Add `_safe_zip_member_parts` validation method to reject unsafe raw backslash separators in ZIP member names. - Skip Windows-specific tests where `zipfile` normalizes backslashes. - Add new test cases to assert behavior of `_safe_zip_member_parts`.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request adds security checks to ZIP extraction to prevent directory traversal attacks and introduces comprehensive tests to verify the new behavior. The most important changes are:
Security improvements to ZIP extraction:
_validate_zip_member_pathindownloader.pyto ensure that ZIP archive members cannot extract files outside the intended output directory, raising aValueErrorif an unsafe path is detected._extract_zipto validate all member paths before extraction and to document the new error behavior in its docstring.Testing for ZIP extraction safety:
test_extract_zip_extracts_safe_membersto verify that safe ZIP members are extracted correctly into the output directory.test_extract_zip_rejects_unsafe_members(with parameterization) to assert that unsafe ZIP members (such as those with..or absolute paths) are rejected and that no files are extracted in these cases._write_zipfor creating test ZIP archives with arbitrary members.resolves #477