def VerifySafeArchive(archive):
def ResolvePath(path_name):
return os.path.realpath(os.path.abspath(path_name))
# Must add pathsep to avoid false positives.
# Ex: /tmp/abc/bad_file.py starts with /tmp/a but not /tmp/a/
base_path = ResolvePath(os.getcwd()) + os.path.sep
for member in archive.namelist():
if not ResolvePath(os.path.join(base_path, member)).startswith(base_path):
raise exceptions.ArchiveError(
'Archive %s contains a bad member: %s.' % (archive.filename, member))
def GetUnzippedPath(self):
if self.ShouldUnzipArchive():
# TODO(aiolos): Replace UnzipFile with zipfile.extractall once python
# version 2.7.4 or later can safely be assumed.
dependency_manager_util.UnzipArchive(self._archive_file,
self._unzip_path)
if self.ShouldUnzipArchive():
raise exceptions.ArchiveError(
"Expected path '%s' was not extracted from archive '%s'." %
(self._dependency_path, self._archive_file))
return self._dependency_path
def GetUnzippedPath(self):
if self.ShouldUnzipArchive():
# Remove stale unzip results
if self._stale_unzip_path_glob:
for path in glob.glob(self._stale_unzip_path_glob):
shutil.rmtree(path, ignore_errors=True)
# TODO(aiolos): Replace UnzipFile with zipfile.extractall once python
# version 2.7.4 or later can safely be assumed.
dependency_manager_util.UnzipArchive(self._archive_file,
self._unzip_path)
if self.ShouldUnzipArchive():
raise exceptions.ArchiveError(
"Expected path '%s' was not extracted from archive '%s'." %
(self._dependency_path, self._archive_file))
return self._dependency_path
def ShouldUnzipArchive(self):
if not self._has_minimum_data:
raise exceptions.ArchiveError(
'Missing needed info to unzip archive. Known data: %s',
self.data_string)
return not os.path.exists(self._dependency_path)