[Python-checkins] [3.12] gh-107396: tarfiles: set self.exception before _init_read_gz() (GH-107485) (#108207)

Yhg1s webhook-mailer at python.org
Mon Aug 21 08:35:22 EDT 2023 

https://github.com/python/cpython/commit/e1b069fe06d953500c2c906d26c2a06eddff5523
commit: e1b069fe06d953500c2c906d26c2a06eddff5523
branch: 3.12
author: Miss Islington (bot) <31488909+miss-islington at users.noreply.github.com>
committer: Yhg1s <thomas at python.org>
date: 2023-08-21T14:35:18+02:00
summary:

[3.12] gh-107396: tarfiles: set self.exception before _init_read_gz() (GH-107485) (#108207)

gh-107396: tarfiles: set self.exception before _init_read_gz() (GH-107485)

In the stack call of: _init_read_gz()
```
_read, tarfile.py:548
read, tarfile.py:526
_init_read_gz, tarfile.py:491
```
a try;except exists that uses `self.exception`, so it needs to be set before
calling _init_read_gz().
(cherry picked from commit 37135d25e269ede92bc7da363bebfa574782e59a)

Co-authored-by: balmeida-nokia <83089745+balmeida-nokia at users.noreply.github.com>

files:
A Misc/NEWS.d/next/Library/2023-07-31-07-36-24.gh-issue-107396.3_Kh6D.rst
M Lib/tarfile.py
M Lib/test/test_tarfile.py

diff --git a/Lib/tarfile.py b/Lib/tarfile.py
index 7781a430839ea..50212d3f7d879 100755
--- a/Lib/tarfile.py
+++ b/Lib/tarfile.py
@@ -372,8 +372,8 @@ def __init__(self, name, mode, comptype, fileobj, bufsize,
                 self.zlib = zlib
                 self.crc = zlib.crc32(b"")
                 if mode == "r":
-                    self._init_read_gz()
                     self.exception = zlib.error
+                    self._init_read_gz()
                 else:
                     self._init_write_gz(compresslevel)
 
diff --git a/Lib/test/test_tarfile.py b/Lib/test/test_tarfile.py
index e8d322d20a5a8..4077a758e3cf1 100644
--- a/Lib/test/test_tarfile.py
+++ b/Lib/test/test_tarfile.py
@@ -915,6 +915,23 @@ class LzmaDetectReadTest(LzmaTest, DetectReadTest):
     pass
 
 
+class GzipBrokenHeaderCorrectException(GzipTest, unittest.TestCase):
+    """
+    See: https://github.com/python/cpython/issues/107396
+    """
+    def runTest(self):
+        f = io.BytesIO(
+            b'\x1f\x8b'  # header
+            b'\x08'  # compression method
+            b'\x04'  # flags
+            b'\0\0\0\0\0\0'  # timestamp, compression data, OS ID
+            b'\0\x01'  # size
+            b'\0\0\0\0\0'  # corrupt data (zeros)
+        )
+        with self.assertRaises(tarfile.ReadError):
+            tarfile.open(fileobj=f, mode='r|gz')
+
+
 class MemberReadTest(ReadTest, unittest.TestCase):
 
     def _test_member(self, tarinfo, chksum=None, **kwargs):
diff --git a/Misc/NEWS.d/next/Library/2023-07-31-07-36-24.gh-issue-107396.3_Kh6D.rst b/Misc/NEWS.d/next/Library/2023-07-31-07-36-24.gh-issue-107396.3_Kh6D.rst
new file mode 100644
index 0000000000000..73bff4bdbe024
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2023-07-31-07-36-24.gh-issue-107396.3_Kh6D.rst
@@ -0,0 +1 @@
+tarfiles; Fixed use before assignment of self.exception for gzip decompression

More information about the Python-checkins mailing list