[Reproducible-commits] [diffoscope] 02/02: Prevent overwriting the destination when extracting with libarchive

[Jérémy Bobbio]

This is an automated email from the git hooks/post-receive script.

lunar pushed a commit to branch master
in repository diffoscope.

commit c8c4bc40f8123f0bfbdb628911618024297bc7fe
Author: Jérémy Bobbio <lunar at debian.org>
Date:   Thu Dec 3 12:14:26 2015 +0000

    Prevent overwriting the destination when extracting with libarchive
    
    Thanks Baptiste Daroussin for the inspiration.
---
 diffoscope/comparators/libarchive.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/diffoscope/comparators/libarchive.py b/diffoscope/comparators/libarchive.py
index f8d5b4f..7d93d44 100644
--- a/diffoscope/comparators/libarchive.py
+++ b/diffoscope/comparators/libarchive.py
@@ -120,7 +120,10 @@ class LibarchiveContainer(Archive):
         return member_names
 
     def extract(self, member_name, dest_dir):
-        dest_path = os.path.join(dest_dir, os.path.basename(member_name))
+        dest_name = os.path.basename(member_name)
+        if not dest_name:
+            raise ValueError('member_name should not be a directory')
+        dest_path = os.path.join(dest_dir, dest_name)
         logger.debug('libarchive extracting %s to %s', member_name, dest_path)
         with libarchive.file_reader(self.source.path) as archive:
             for entry in archive:

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/reproducible/diffoscope.git