Open
Description
Zip unpacking can generate outputs thousands of times larger than the input. We should provide a security API that lets callers limit the resources that can be spent for unpacking untrusted archives.
It might be enough to limit the output size, if CPU and memory are always dependent on it.