[gentoo-commits] proj/portage:master commit in: lib/portage/

Zac Medico Sun, 09 Jun 2024 10:54:39 -0700

commit:     f620a0769a509966295954c2b0c76e46e8fb4289
Author:     Zac Medico <zmedico <AT> gentoo <DOT> org>
AuthorDate: Sun Jun  2 21:53:04 2024 +0000
Commit:     Zac Medico <zmedico <AT> gentoo <DOT> org>
CommitDate: Sun Jun  9 17:53:31 2024 +0000
URL:        https://gitweb.gentoo.org/proj/portage.git/commit/?id=f620a076


tar_safe_extract: Use tarfile.fully_trusted_filter

This suppresses a DeprecationWarning triggered because the
tarfile.data_filter will become the new default in python3.14.
The fully_trusted filter should be suitable here because
tar_safe_extract already performs security validation on
tar members prior to extraction.

Bug: https://bugs.gentoo.org/933433
Signed-off-by: Zac Medico <zmedico <AT> gentoo.org>

 lib/portage/gpkg.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/lib/portage/gpkg.py b/lib/portage/gpkg.py
index 9606f6d3c8..fdb54c69b8 100644
--- a/lib/portage/gpkg.py
+++ b/lib/portage/gpkg.py
@@ -628,6 +628,15 @@ class tar_safe_extract:
         if self.closed:
             raise OSError("Tar file is closed.")
         temp_dir = tempfile.TemporaryDirectory(dir=dest_dir)
+        # The below tar member security checks can be refactored as a filter 
function
+        # that raises an exception. Use tarfile.fully_trusted_filter for now, 
which
+        # is simply an identity function:
+        # def fully_trusted_filter(member, dest_path):
+        #     return member
+        try:
+            self.tar.extraction_filter = tarfile.fully_trusted_filter
+        except AttributeError:
+            pass
         try:
             while True:
                 member = self.tar.next()

[gentoo-commits] proj/portage:master commit in: lib/portage/

Reply via email to