zipfile.write should check that it isn't appending an archive to itself #104527
Labels
stdlib
Python modules in the Lib dir
type-bug
An unexpected behavior, bug, or error
type-feature
A feature request or enhancement
A common use pattern for zipfile is to recursively compress an entire directory into a single .zip file. A common implementation of this pattern looks like this:
However, if outputfile is a path that is a child of targetdir, this results in the operation hanging once the
rglob
operation eventually causes the archive to attempt to writeoutfile
intooutfile
, causing the write operation to continue indefinitely until the filesystem runs out of space or the archive hits its max file size, like can be observed in this example:Needless to say, this is hardly an intuitive error path, and can cause difficulties with debugging.
Note that it is not simply third party libraries that allow this error to happen. Neither zipapp nor shutil.make_archive include a check making sure the output file is not a child of the target dir.
There are two ways I think this could be fixed:
I think the first, at the least, should be implemented, in order to provide an actual error message in this situation, instead of hanging for however long it takes for someone to notice a multi-gb zip file growing by the second. Ill be submitting a PR doing so shortly.
Linked PRs
The text was updated successfully, but these errors were encountered: