def _assert_tarinfo

def _assert_tarinfo_safe()

in src/buildstream_plugins/sources/docker.py [0:0]

14 lines of code
4 McCabe index (conditional complexity)


    def _assert_tarinfo_safe(self, member: tarfile.TarInfo, target_dir: str):
        final_path = os.path.abspath(os.path.join(target_dir, member.path))
        if not final_path.startswith(target_dir):
            raise SourceError(
                "{}: Tarfile attempts to extract outside the staging area: "
                "{} -> {}".format(self, member.path, final_path)
            )

        if member.islnk():
            linked_path = os.path.abspath(os.path.join(target_dir, member.linkname))
            if not linked_path.startswith(target_dir):
                raise SourceError(
                    "{}: Tarfile attempts to hardlink outside the staging area: "
                    "{} -> {}".format(self, member.path, final_path)
                )