MirroredRepos/thefuck
1
0
Fork 0
mirror of https://github.com/nvbn/thefuck.git synced 2025-03-14 06:38:32 +00:00
Code Issues Releases Wiki Activity

NA: Fix possible changes in files outside of working directory

Browse Source
This commit is contained in:
Vladimir Iakovlev 2021-06-08 21:50:53 +02:00
parent 6da0bc557f
commit 80b3b1602e
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
thefuck/rules/dirty_untar.py
View File

@ -41,6 +41,10 @@ def get_new_command(command):
def side_effect(old_cmd, command):
with tarfile.TarFile(_tar_file(old_cmd.script_parts)[0]) as archive:
for file in archive.getnames():
if not os.path.abspath(file).startswith(os.getcwd()):
# it's unsafe to overwrite files outside of the current directory
continue
try:
os.remove(file)
except OSError:

4
thefuck/rules/dirty_unzip.py
View File

@ -45,6 +45,10 @@ def get_new_command(command):
def side_effect(old_cmd, command):
with zipfile.ZipFile(_zip_file(old_cmd), 'r') as archive:
for file in archive.namelist():
if not os.path.abspath(file).startswith(os.getcwd()):
# it's unsafe to overwrite files outside of the current directory
continue
try:
os.remove(file)
except OSError: