mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-11-25 12:44:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

Issue #6972: keep the warning about untrusted extraction and mention

Browse source 
the version it was improved in.
This commit is contained in:
Gregory P. Smith 2013-02-07 22:15:51 -08:00
commit 5546b002de
1 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
Doc/library/zipfile.rst
View file

@ -260,9 +260,15 @@ ZipFile Objects
be a subset of the list returned by :meth:`namelist`. *pwd* is the password
used for encrypted files.
.. note::
.. warning::
See :meth:`extract` note.
Never extract archives from untrusted sources without prior inspection.
It is possible that files are created outside of *path*, e.g. members
that have absolute filenames starting with ``"/"`` or filenames with two
dots ``".."``.
.. versionchanged:: 3.3.1
The zipfile module attempts to prevent that. See :meth:`extract` note.
.. method:: ZipFile.printdir()