New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bpo-35278: Sanitize tempfile prefix to prevent directory treversal #10627

Open
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
3 participants
@Thorleon
Copy link

Thorleon commented Nov 21, 2018

  • Fixed _sanitize_params function in order to detect malicious path
  • Added tests

https://bugs.python.org/issue35278

@the-knights-who-say-ni

This comment has been minimized.

Copy link

the-knights-who-say-ni commented Nov 21, 2018

Hello, and thanks for your contribution!

I'm a bot set up to make sure that the project can legally accept your contribution by verifying you have signed the PSF contributor agreement (CLA).

Our records indicate we have not received your CLA. For legal reasons we need you to sign this before we can look at your contribution. Please follow the steps outlined in the CPython devguide to rectify this issue.

If you have recently signed the CLA, please wait at least one business day
before our records are updated.

You can check yourself to see if the CLA has been received.

Thanks again for your contribution, we look forward to reviewing it!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment