Open peterstory opened 4 months ago
Enabling this option will be a one-line change:
diff --git a/src/pydiode/tar.py b/src/pydiode/tar.py
index 991b43e..ecfce64 100644
--- a/src/pydiode/tar.py
+++ b/src/pydiode/tar.py
@@ -36,7 +36,7 @@ def main():
elif "path" in args:
try:
with tarfile.open(fileobj=sys.stdin.buffer, mode="r|") as tar:
- tar.extractall(args.path)
+ tar.extractall(args.path, filter="data")
# Don't print the full stack trace for known error types
except tarfile.ReadError as e:
if str(e) == "empty file":
Python's tarfile module has options to increase the security of files received. We should enable this option after updating to Python 3.12.
https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extractall https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter