[Python-checkins] [3.11] gh-107396: tarfiles: set self.exception before _init_read_gz() (GH-107485) (GH-108208)

encukou webhook-mailer at python.org
Mon Aug 21 11:17:03 EDT 2023 

https://github.com/python/cpython/commit/75617ac3f002a8e9d0dedab45f2293d921cd1a25
commit: 75617ac3f002a8e9d0dedab45f2293d921cd1a25
branch: 3.11
author: Miss Islington (bot) <31488909+miss-islington at users.noreply.github.com>
committer: encukou <encukou at gmail.com>
date: 2023-08-21T17:16:59+02:00
summary:

[3.11] gh-107396: tarfiles: set self.exception before _init_read_gz() (GH-107485) (GH-108208)

gh-107396: tarfiles: set self.exception before _init_read_gz() (GH-107485)

In the stack call of: _init_read_gz()
```
_read, tarfile.py:548
read, tarfile.py:526
_init_read_gz, tarfile.py:491
```
a try;except exists that uses `self.exception`, so it needs to be set before
calling _init_read_gz().
(cherry picked from commit 37135d25e269ede92bc7da363bebfa574782e59a)

Co-authored-by: balmeida-nokia <83089745+balmeida-nokia at users.noreply.github.com>

files:
A Misc/NEWS.d/next/Library/2023-07-31-07-36-24.gh-issue-107396.3_Kh6D.rst
M Lib/tarfile.py
M Lib/test/test_tarfile.py

diff --git a/Lib/tarfile.py b/Lib/tarfile.py
index 130b5e0f45dcd..b7adff6e1723b 100755
--- a/Lib/tarfile.py
+++ b/Lib/tarfile.py
@@ -372,8 +372,8 @@ def __init__(self, name, mode, comptype, fileobj, bufsize):
                 self.zlib = zlib
                 self.crc = zlib.crc32(b"")
                 if mode == "r":
-                    self._init_read_gz()
                     self.exception = zlib.error
+                    self._init_read_gz()
                 else:
                     self._init_write_gz()
 
diff --git a/Lib/test/test_tarfile.py b/Lib/test/test_tarfile.py
index cdea033ec1244..dc7ff852363cf 100644
--- a/Lib/test/test_tarfile.py
+++ b/Lib/test/test_tarfile.py
@@ -908,6 +908,23 @@ class LzmaDetectReadTest(LzmaTest, DetectReadTest):
     pass
 
 
+class GzipBrokenHeaderCorrectException(GzipTest, unittest.TestCase):
+    """
+    See: https://github.com/python/cpython/issues/107396
+    """
+    def runTest(self):
+        f = io.BytesIO(
+            b'\x1f\x8b'  # header
+            b'\x08'  # compression method
+            b'\x04'  # flags
+            b'\0\0\0\0\0\0'  # timestamp, compression data, OS ID
+            b'\0\x01'  # size
+            b'\0\0\0\0\0'  # corrupt data (zeros)
+        )
+        with self.assertRaises(tarfile.ReadError):
+            tarfile.open(fileobj=f, mode='r|gz')
+
+
 class MemberReadTest(ReadTest, unittest.TestCase):
 
     def _test_member(self, tarinfo, chksum=None, **kwargs):
diff --git a/Misc/NEWS.d/next/Library/2023-07-31-07-36-24.gh-issue-107396.3_Kh6D.rst b/Misc/NEWS.d/next/Library/2023-07-31-07-36-24.gh-issue-107396.3_Kh6D.rst
new file mode 100644
index 0000000000000..73bff4bdbe024
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2023-07-31-07-36-24.gh-issue-107396.3_Kh6D.rst
@@ -0,0 +1 @@
+tarfiles; Fixed use before assignment of self.exception for gzip decompression

More information about the Python-checkins mailing list