cpython: 5fbca37de9b1 (original) (raw)

Mercurial > cpython

changeset 82065:5fbca37de9b1 3.3

Issue #6972: keep the warning about untrusted extraction and mention the version it was improved in. [#6972]

Gregory P. Smith greg@krypto.org
date	Thu, 07 Feb 2013 22:15:51 -0800
parents	3942c20bebdb(current diff)1c2d41850147(diff)
children	f5e3f2f0fe79 ae92c8759c43
files	Doc/library/zipfile.rst
diffstat	1 files changed, 8 insertions(+), 2 deletions(-)[+] [-] Doc/library/zipfile.rst 10

line wrap: on

line diff

--- a/Doc/library/zipfile.rst +++ b/Doc/library/zipfile.rst @@ -260,9 +260,15 @@ ZipFile Objects be a subset of the list returned by :meth:namelist. pwd is the password used for encrypted files.

.. note::

.. warning::

```
 See :meth:`extract` note.[](#l1.10)
```

 Never extract archives from untrusted sources without prior inspection.[](#l1.11)

 It is possible that files are created outside of *path*, e.g. members[](#l1.12)

 that have absolute filenames starting with ``"/"`` or filenames with two[](#l1.13)

```
 dots ``".."``.[](#l1.14)
```

.. versionchanged:: 3.3.1

 The zipfile module attempts to prevent that.  See :meth:`extract` note.[](#l1.17)

.. method:: ZipFile.printdir()