Threat: Fix zip slip in Android deploy wheel extraction

ShyamQt · ShyamQt · commit 2a9f60a6d490 · 2026-05-15T13:46:07.000Z
- Bare ZipFile.extractall() allows archive entries to write outside the
  target directory
- Add safe_extractall() to android_helper.py; validate entries with
  Path.is_relative_to()
- Replace bare extractall() in android_config.py with safe_extractall()
- Add local safe_extractall() to PySide6 and shiboken6 recipe templates
  . This replace extractall() calls

Task-number: PYSIDE-3319
Change-Id: I9ba59d91d74c839f5e0cdba4b06f2f2a962b7879
Reviewed-by: Friedemann Kleint &lt;Friedemann.Kleint@qt.io&gt;
Reviewed-by: Ece Cinucen &lt;ece.cinucen@qt.io&gt;
diff --git a/sources/pyside-tools/deploy_lib/android/__init__.py b/sources/pyside-tools/deploy_lib/android/__init__.py
@@ -16,5 +16,5 @@
 
 from .android_helper import (create_recipe, extract_and_copy_jar, get_wheel_android_arch,
                              AndroidData, get_llvm_readobj, find_lib_dependencies,
-                             find_qtlibs_in_wheel)
+                             find_qtlibs_in_wheel, safe_extractall)
 from .android_config import AndroidConfig
diff --git a/sources/pyside-tools/deploy_lib/android/android_config.py b/sources/pyside-tools/deploy_lib/android/android_config.py
@@ -13,7 +13,7 @@
 
 from . import (extract_and_copy_jar, get_wheel_android_arch, find_lib_dependencies,
                get_llvm_readobj, find_qtlibs_in_wheel, platform_map, create_recipe,
-               ANDROID_DEPLOY_CACHE)
+               ANDROID_DEPLOY_CACHE, safe_extractall)
 from .. import (Config, get_all_pyside_modules, MAJOR_VERSION)
 from .android_utilities import (ANDROID_NDK_VERSION, ANDROID_NDK_VERSION_NUMBER_SUFFIX,
                                 download_android_ndk)
@@ -307,7 +307,7 @@ def _find_dependent_qt_modules(self, modules: list[str]) -> list[str]:
         lib_path_suffix = Path(str(self.qt_libs_path)).relative_to(self.wheel_pyside)
 
         with tempfile.TemporaryDirectory() as tmpdir:
-            archive.extractall(tmpdir)
+            safe_extractall(archive, Path(tmpdir))
             qt_libs_tmpdir = Path(tmpdir) / lib_path_suffix
             # find the lib folder where Qt libraries are stored
             for module_name in sorted(modules):
diff --git a/sources/pyside-tools/deploy_lib/android/android_helper.py b/sources/pyside-tools/deploy_lib/android/android_helper.py
@@ -59,6 +59,22 @@ def create_recipe(version: str, component: str, wheel_path: str, generated_files
         recipe.write(content)
 
 
+def safe_extractall(archive: ZipFile, target_path: Path) -> None:
+    """
+    Extract all members of a zip archive into target_path, checking that each entry
+    resolves inside target_path to prevent path traversal attacks.
+    """
+    resolved_target = target_path.resolve()
+    for member in archive.infolist():
+        member_path = (target_path / member.filename).resolve()
+        if not member_path.is_relative_to(resolved_target):
+            raise RuntimeError(
+                f"[DEPLOY] Refusing to extract '{member.filename}': "
+                f"path resolves outside the extraction directory"
+            )
+        archive.extract(member, target_path)
+
+
 def extract_and_copy_jar(wheel_path: Path, generated_files_path: Path) -> str:
     '''
     extracts the PySide6 wheel and copies the 'jar' folder to 'generated_files_path'.
diff --git a/sources/pyside-tools/deploy_lib/android/recipes/PySide6/__init__.tmpl.py b/sources/pyside-tools/deploy_lib/android/recipes/PySide6/__init__.tmpl.py
@@ -9,6 +9,21 @@
 from pythonforandroid.logger import info
 from pythonforandroid.recipe import PythonRecipe
 
+def safe_extractall(zip_ref: zipfile.ZipFile, target_path: Path) -> None:
+    """
+    Extract all members of zip_ref into target_path, checking that each entry
+    resolves inside target_path to prevent path traversal attacks.
+    """
+    resolved_target = target_path.resolve()
+    for member in zip_ref.infolist():
+        member_path = (target_path / member.filename).resolve()
+        if not member_path.is_relative_to(resolved_target):
+            raise RuntimeError(
+                f"Refusing to extract '{member.filename}': "
+                f"path resolves outside the extraction directory"
+            )
+        zip_ref.extract(member, target_path)
+
 
 class PySideRecipe(PythonRecipe):
     version = '{{ version }}'
@@ -27,7 +42,7 @@ def build_arch(self, arch):
         info(f"Installing {self.name} into site-packages")
         with zipfile.ZipFile(self.wheel_path, "r") as zip_ref:
             info("Unzip wheels and copy into {}".format(self.ctx.get_python_install_dir(arch.arch)))
-            zip_ref.extractall(self.ctx.get_python_install_dir(arch.arch))
+            safe_extractall(zip_ref, Path(self.ctx.get_python_install_dir(arch.arch)))
 
         lib_dir = Path(f"{self.ctx.get_python_install_dir(arch.arch)}/PySide6/Qt/lib")
 
diff --git a/sources/pyside-tools/deploy_lib/android/recipes/shiboken6/__init__.tmpl.py b/sources/pyside-tools/deploy_lib/android/recipes/shiboken6/__init__.tmpl.py
@@ -10,6 +10,22 @@
 from pythonforandroid.recipe import PythonRecipe
 
 
+def safe_extractall(zip_ref: zipfile.ZipFile, target_path: Path) -> None:
+    """
+    Extract all members of zip_ref into target_path, checking that each entry
+    resolves inside target_path to prevent path traversal attacks.
+    """
+    resolved_target = target_path.resolve()
+    for member in zip_ref.infolist():
+        member_path = (target_path / member.filename).resolve()
+        if not member_path.is_relative_to(resolved_target):
+            raise RuntimeError(
+                f"Refusing to extract '{member.filename}': "
+                f"path resolves outside the extraction directory"
+            )
+        zip_ref.extract(member, target_path)
+
+
 class ShibokenRecipe(PythonRecipe):
     version = '{{ version }}'
     wheel_path = '{{ wheel_path }}'
@@ -22,7 +38,7 @@ def build_arch(self, arch):
         info('Installing {} into site-packages'.format(self.name))
         with zipfile.ZipFile(self.wheel_path, 'r') as zip_ref:
             info('Unzip wheels and copy into {}'.format(self.ctx.get_python_install_dir(arch.arch)))
-            zip_ref.extractall(self.ctx.get_python_install_dir(arch.arch))
+            safe_extractall(zip_ref, Path(self.ctx.get_python_install_dir(arch.arch)))
 
         lib_dir = Path(f"{self.ctx.get_python_install_dir(arch.arch)}/shiboken6")
         shutil.copyfile(lib_dir / "libshiboken6.abi3.so",
