MirroredRepos/thefuck
1
0
Fork 0
mirror of https://github.com/nvbn/thefuck.git synced 2025-01-18 12:06:04 +00:00
Code Issues Releases Wiki Activity

NA: Fix possible changes in files outside of working directory (#1206)

Browse Source
This commit is contained in:
Vladimir Iakovlev 2021-06-08 22:04:51 +02:00 committed by GitHub
parent 6da0bc557f
commit e343c577cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
thefuck/rules/dirty_untar.py
View File

@ -41,6 +41,10 @@ def get_new_command(command):
def side_effect(old_cmd, command):
with tarfile.TarFile(_tar_file(old_cmd.script_parts)[0]) as archive:
for file in archive.getnames():
if not os.path.abspath(file).startswith(os.getcwd()):
# it's unsafe to overwrite files outside of the current directory
continue
try:
os.remove(file)
except OSError:

4
thefuck/rules/dirty_unzip.py
View File

@ -45,6 +45,10 @@ def get_new_command(command):
def side_effect(old_cmd, command):
with zipfile.ZipFile(_zip_file(old_cmd), 'r') as archive:
for file in archive.namelist():
if not os.path.abspath(file).startswith(os.getcwd()):
# it's unsafe to overwrite files outside of the current directory
continue
try:
os.remove(file)
except OSError: