Backport CVE-2026-1703: use os.path.commonpath in is_within_directory

`os.path.commonprefix` operates character-by-character, so it treated
`/foo/parent/child` and `/foo/parent/childfoo` as sharing the prefix
`/foo/parent/child` and reported them as "within" the same directory.
A crafted wheel could exploit this to write files into a sibling
directory whose name is a prefix of the install path.

Switch to `os.path.commonpath`, which operates on path components, and
add a regression test for the prefix-vs-component substring case.

Equivalent of upstream commit 4c651b7 (Seth Michael Larson,
"Use os.path.commonpath() instead of commonprefix()"). `os.path.commonpath`
is available since CPython 3.5, so this is safe on Python 3.7.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: icanhasmath

src/pip/_internal/utils/unpacking.py

@@ -81,7 +81,7 @@ def is_within_directory(directory: str, target: str) -> bool:
     abs_directory = os.path.abspath(directory)
     abs_target = os.path.abspath(target)
 
-    prefix = os.path.commonprefix([abs_directory, abs_target])
+    prefix = os.path.commonpath([abs_directory, abs_target])
     return prefix == abs_directory
 
 

tests/unit/test_utils_unpacking.py

@@ -386,6 +386,8 @@ def test_unpack_tar_unicode(tmpdir: Path) -> None:
         (("parent/", "parent/sub"), True),
         # Test target outside parent
         (("parent/", "parent/../sub"), False),
+        # Test target sub-string of parent
+        (("parent/child", "parent/childfoo"), False),
     ],
 )
 def test_is_within_directory(args: Tuple[str, str], expected: bool) -> None: