fepegar / torchio
Showing 1 of 1 files from the diff.

@@ -98,68 +98,68 @@
Loading
98 98
    if _is_tar(from_path):
99 99
        with tarfile.open(from_path, 'r') as tar:
100 100
            def is_within_directory(directory, target):
101 -
                
101 +
102 102
                abs_directory = os.path.abspath(directory)
103 103
                abs_target = os.path.abspath(target)
104 -
            
104 +
105 105
                prefix = os.path.commonprefix([abs_directory, abs_target])
106 -
                
106 +
107 107
                return prefix == abs_directory
108 -
            
109 -
            def safe_extract(tar, path=".", members=None, *, numeric_owner=False):
110 -
            
108 +
109 +
            def safe_extract(tar, path='.', members=None, *, numeric_owner=False):
110 +
111 111
                for member in tar.getmembers():
112 112
                    member_path = os.path.join(path, member.name)
113 113
                    if not is_within_directory(path, member_path):
114 -
                        raise Exception("Attempted Path Traversal in Tar File")
115 -
            
116 -
                tar.extractall(path, members, numeric_owner=numeric_owner) 
117 -
                
118 -
            
114 +
                        raise Exception('Attempted Path Traversal in Tar File')
115 +
116 +
                tar.extractall(path, members, numeric_owner=numeric_owner)
117 +
118 +
119 119
            safe_extract(tar, path=to_path)
120 120
    elif _is_targz(from_path) or _is_tgz(from_path):
121 121
        with tarfile.open(from_path, 'r:gz') as tar:
122 122
            def is_within_directory(directory, target):
123 -
                
123 +
124 124
                abs_directory = os.path.abspath(directory)
125 125
                abs_target = os.path.abspath(target)
126 -
            
126 +
127 127
                prefix = os.path.commonprefix([abs_directory, abs_target])
128 -
                
128 +
129 129
                return prefix == abs_directory
130 -
            
131 -
            def safe_extract(tar, path=".", members=None, *, numeric_owner=False):
132 -
            
130 +
131 +
            def safe_extract(tar, path='.', members=None, *, numeric_owner=False):
132 +
133 133
                for member in tar.getmembers():
134 134
                    member_path = os.path.join(path, member.name)
135 135
                    if not is_within_directory(path, member_path):
136 -
                        raise Exception("Attempted Path Traversal in Tar File")
137 -
            
138 -
                tar.extractall(path, members, numeric_owner=numeric_owner) 
139 -
                
140 -
            
136 +
                        raise Exception('Attempted Path Traversal in Tar File')
137 +
138 +
                tar.extractall(path, members, numeric_owner=numeric_owner)
139 +
140 +
141 141
            safe_extract(tar, path=to_path)
142 142
    elif _is_tarxz(from_path):
143 143
        with tarfile.open(from_path, 'r:xz') as tar:
144 144
            def is_within_directory(directory, target):
145 -
                
145 +
146 146
                abs_directory = os.path.abspath(directory)
147 147
                abs_target = os.path.abspath(target)
148 -
            
148 +
149 149
                prefix = os.path.commonprefix([abs_directory, abs_target])
150 -
                
150 +
151 151
                return prefix == abs_directory
152 -
            
153 -
            def safe_extract(tar, path=".", members=None, *, numeric_owner=False):
154 -
            
152 +
153 +
            def safe_extract(tar, path='.', members=None, *, numeric_owner=False):
154 +
155 155
                for member in tar.getmembers():
156 156
                    member_path = os.path.join(path, member.name)
157 157
                    if not is_within_directory(path, member_path):
158 -
                        raise Exception("Attempted Path Traversal in Tar File")
159 -
            
160 -
                tar.extractall(path, members, numeric_owner=numeric_owner) 
161 -
                
162 -
            
158 +
                        raise Exception('Attempted Path Traversal in Tar File')
159 +
160 +
                tar.extractall(path, members, numeric_owner=numeric_owner)
161 +
162 +
163 163
            safe_extract(tar, path=to_path)
164 164
    elif _is_gzip(from_path):
165 165
        stem = os.path.splitext(os.path.basename(from_path))[0]
Files Coverage
src/torchio 85.70%
Project Totals (92 files) 85.70%
Sunburst
The inner-most circle is the entire project, moving away from the center are folders then, finally, a single file. The size and color of each slice is representing the number of statements and the coverage, respectively.
Icicle
The top section represents the entire project. Proceeding with folders and finally individual files. The size and color of each slice is representing the number of statements and the coverage, respectively.
Grid
Each block represents a single file in the project. The size and color of each block is represented by the number of statements and the coverage, respectively.
Loading