From: Serhiy Storchaka <storchaka@gmail.com>
Date: Sat, 2 Feb 2013 16:34:57 +0000 (+0200)
Subject: Preserve backslashes in malicious zip files for testing issue #6972.
X-Git-Tag: v2.7.4rc1~162
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=05fd7441227d47eeaec2fff44da05d3149055a55;p=python

Preserve backslashes in malicious zip files for testing issue #6972.
---

diff --git a/Lib/test/test_zipfile.py b/Lib/test/test_zipfile.py
index f535e56e9b..b5fff7fa72 100644
--- a/Lib/test/test_zipfile.py
+++ b/Lib/test/test_zipfile.py
@@ -461,12 +461,17 @@ class TestsWithSourceFile(unittest.TestCase):
             hacknames.extend([
                 ('//foo/bar', 'foo/bar'),
                 ('../../foo../../ba..r', 'foo../ba..r'),
+                (r'foo/..\bar', r'foo/..\bar'),
             ])
 
         for arcname, fixedname in hacknames:
             content = b'foobar' + arcname.encode()
             with zipfile.ZipFile(TESTFN2, 'w', zipfile.ZIP_STORED) as zipfp:
-                zipfp.writestr(arcname, content)
+                zinfo = zipfile.ZipInfo()
+                # preserve backslashes
+                zinfo.filename = arcname
+                zinfo.external_attr = 0o600 << 16
+                zipfp.writestr(zinfo, content)
 
             targetpath = os.path.join('target', 'subdir', 'subsub')
             correctfile = os.path.join(targetpath, *fixedname.split('/'))