[Python-Dev] [Python-checkins] cpython (2.7): Fix closes issue10761: tarfile.extractall failure when symlinked files are (original) (raw)
Eli Bendersky eliben at gmail.com
Fri Apr 29 08:26:27 CEST 2011
- Previous message: [Python-Dev] [Python-checkins] cpython (2.7): Fix closes issue10761: tarfile.extractall failure when symlinked files are
- Next message: [Python-Dev] [Python-checkins] cpython (2.7): Fix closes issue10761: tarfile.extractall failure when symlinked files are
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, Apr 28, 2011 at 04:20:06PM +0200, Éric Araujo wrote: > > if hasattr(os, "symlink") and hasattr(os, "link"): > > # For systems that support symbolic and hard links. > > if tarinfo.issym(): > > + if os.path.exists(targetpath): > > + os.unlink(targetpath) > > Is there a race condition here?
The lock to avoid race conditions (if you were thinking along those lines) would usually be implemented at the higher level code which is using extractall in threads. A lock would only protect only against multi-threaded use of the tarfile module, which is probably quite rare and therefore not a real concern. The kind of race condition which can happen here is if an attacker creates "targetpath" between os.path.exists and os.unlink. Whether it is an exploitable flaw would need a detailed analysis, of course.
Just out of curiosity, could you please elaborate on the potential threat of this? If the "exists" condition is true, targetpath already exists, so what use there is in overwriting it? If the condition is false, unlink isn't executed, so no harm either. What am I missing?
Eli
- Previous message: [Python-Dev] [Python-checkins] cpython (2.7): Fix closes issue10761: tarfile.extractall failure when symlinked files are
- Next message: [Python-Dev] [Python-checkins] cpython (2.7): Fix closes issue10761: tarfile.extractall failure when symlinked files are
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]