Python tarfile GNU Long Name Type Misclassification Fix

### Vulnerability Overview This vulnerability involves the normalization of `TarInfo.DIRTYTYPE` during GNU long filename processing. Specifically, when processing tar files containing GNU long filenames, if a filename ends with `/`, its type is incorrectly converted to `DIRTYTYPE`, leading to issues in subsequent processing. ### Impact Scope - **Affected File**: `Lib/tarfile.py` - **Affected Functions**: `_frombuf` and `_fromtarfile` - **Impact Scenario**: Processing tar files containing GNU long filenames, particularly when the filename ends with `/`. ### Remediation Plan 1. **Modify the `_frombuf` function**: - In the `_frombuf` function, add handling for the `dircheck` parameter to ensure that when `dircheck` is `True`, `AREGTYPE` entries with filenames ending in `/` are correctly converted to `DIRTYTYPE`. - In the `_frombuf` function, add handling for the `dircheck` parameter to ensure that when `dircheck` is `False`, `AREGTYPE` entries with filenames ending in `/` are not converted to `DIRTYTYPE`. 2. **Modify the `_fromtarfile` function**: - In the `_fromtarfile` function, add the passing of the `dircheck` parameter to ensure that the `dircheck` parameter is correctly passed when calling `_frombuf`. 3. **Add Test Cases**: - In `Lib/test/test_tarfile.py`, add the test case `test_longname_file_not_directory` to verify that the behavior is correct after the fix. ### POC Code ```python def test_longname_file_not_directory(self): # Test reading a longname file and ensure it is not handled as a directory # Issue #141707 buf = io.BytesIO() with tarfile.open(mode='w', fileobj=buf, format=self.format) as tar: ti = tarfile.TarInfo() ti.type = tarfile.AREGTYPE ti.name = ('a' * 99) + '/' + ('b' * 3) tar.addfile(ti) expected = (t.name, t.type for t in tar.getmembers()) buf.seek(0) with tarfile.open(mode='r', fileobj=buf) as tar: actual = (t.name, t.type for t in tar.getmembers()) self.assertEqual(expected, actual) ``` ### Summary This remediation plan adjusts the logic in the `_frombuf` and `_fromtarfile` functions to ensure that `AREGTYPE` entries with filenames ending in `/` are handled correctly during GNU long filename processing, preventing incorrect conversion to `DIRTYTYPE`. Additionally, the effectiveness of the fix is verified by adding test cases.

Goal Reached Thanks to every supporter — we hit 100%!

Python tarfile GNU Long Name Type Misclassification Fix

More from this source