| route-pattern | /_view_fragments/voltron/pull_requests/show/:user_id/:repository/:id/pull_request_layout(.:format) |
| route-controller | voltron_pull_requests_fragments |
| route-action | pull_request_layout |
| fetch-nonce | v2:213abda6-1f52-099d-af91-e29ac819e301 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | 9818:267E4D:3C0C36A:4F428C5:69747814 |
| html-safe-nonce | 6ffcf825b880162e77a6226bc96a2b4f47ee48f65ab55dff8ffb824208a4fa06 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI5ODE4OjI2N0U0RDozQzBDMzZBOjRGNDI4QzU6Njk3NDc4MTQiLCJ2aXNpdG9yX2lkIjoiMjMxMzQ1MTk0NDk3OTc1NzA3NiIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | a52c4ad545422ea8364cc9bb140d37e828943b8b1db32d2ea99e541254bca78a |
| hovercard-subject-tag | pull_request:1672534287 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | ///voltron/pull_requests_fragments/pull_request_layout |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/voltron/pull_requests/show/python/cpython/113916/pull_request_layout |
| twitter:image | https://opengraph.githubassets.com/a2705a88ef91778f4edd7f92e34eda21df384c2000fa6aa85eb75fb5dfd9b225/python/cpython/pull/113916 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/a2705a88ef91778f4edd7f92e34eda21df384c2000fa6aa85eb75fb5dfd9b225/python/cpython/pull/113916 |
| og:image:alt | Raise BadZipFile when try to read an entry that overlaps with other entry or central directory.
(cherry picked from commit 66363b9)
Issue: Python "zipfile" can't detect "quoted... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| og:author:username | serhiy-storchaka |
| hostname | github.com |
| expected-hostname | github.com |
| None | e0b95d743b7672c9ac0e1032d5f117950182dc164a83434a7db86510e8f0b37c |
| turbo-cache-control | no-preview |
| go-import | github.com/python/cpython git https://github.com/python/cpython.git |
| octolytics-dimension-user_id | 1525981 |
| octolytics-dimension-user_login | python |
| octolytics-dimension-repository_id | 81598961 |
| octolytics-dimension-repository_nwo | python/cpython |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 81598961 |
| octolytics-dimension-repository_network_root_nwo | python/cpython |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 56fe7e2e8de6e57740bca50402351ea656f7a4bf |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
| Skip to content | https://github.com/python/cpython/pull/113916#start-of-content |
|
| https://github.com/ |
|
Sign in
| https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fpython%2Fcpython%2Fpull%2F113916 |
| GitHub CopilotWrite better code with AI | https://github.com/features/copilot |
| GitHub SparkBuild and deploy intelligent apps | https://github.com/features/spark |
| GitHub ModelsManage and compare prompts | https://github.com/features/models |
| MCP RegistryNewIntegrate external tools | https://github.com/mcp |
| ActionsAutomate any workflow | https://github.com/features/actions |
| CodespacesInstant dev environments | https://github.com/features/codespaces |
| IssuesPlan and track work | https://github.com/features/issues |
| Code ReviewManage code changes | https://github.com/features/code-review |
| GitHub Advanced SecurityFind and fix vulnerabilities | https://github.com/security/advanced-security |
| Code securitySecure your code as you build | https://github.com/security/advanced-security/code-security |
| Secret protectionStop leaks before they start | https://github.com/security/advanced-security/secret-protection |
| Why GitHub | https://github.com/why-github |
| Documentation | https://docs.github.com |
| Blog | https://github.blog |
| Changelog | https://github.blog/changelog |
| Marketplace | https://github.com/marketplace |
| View all features | https://github.com/features |
| Enterprises | https://github.com/enterprise |
| Small and medium teams | https://github.com/team |
| Startups | https://github.com/enterprise/startups |
| Nonprofits | https://github.com/solutions/industry/nonprofits |
| App Modernization | https://github.com/solutions/use-case/app-modernization |
| DevSecOps | https://github.com/solutions/use-case/devsecops |
| DevOps | https://github.com/solutions/use-case/devops |
| CI/CD | https://github.com/solutions/use-case/ci-cd |
| View all use cases | https://github.com/solutions/use-case |
| Healthcare | https://github.com/solutions/industry/healthcare |
| Financial services | https://github.com/solutions/industry/financial-services |
| Manufacturing | https://github.com/solutions/industry/manufacturing |
| Government | https://github.com/solutions/industry/government |
| View all industries | https://github.com/solutions/industry |
| View all solutions | https://github.com/solutions |
| AI | https://github.com/resources/articles?topic=ai |
| Software Development | https://github.com/resources/articles?topic=software-development |
| DevOps | https://github.com/resources/articles?topic=devops |
| Security | https://github.com/resources/articles?topic=security |
| View all topics | https://github.com/resources/articles |
| Customer stories | https://github.com/customer-stories |
| Events & webinars | https://github.com/resources/events |
| Ebooks & reports | https://github.com/resources/whitepapers |
| Business insights | https://github.com/solutions/executive-insights |
| GitHub Skills | https://skills.github.com |
| Documentation | https://docs.github.com |
| Customer support | https://support.github.com |
| Community forum | https://github.com/orgs/community/discussions |
| Trust center | https://github.com/trust-center |
| Partners | https://github.com/partners |
| GitHub SponsorsFund open source developers | https://github.com/sponsors |
| Security Lab | https://securitylab.github.com |
| Maintainer Community | https://maintainers.github.com |
| Accelerator | https://github.com/accelerator |
| Archive Program | https://archiveprogram.github.com |
| Topics | https://github.com/topics |
| Trending | https://github.com/trending |
| Collections | https://github.com/collections |
| Enterprise platformAI-powered developer platform | https://github.com/enterprise |
| GitHub Advanced SecurityEnterprise-grade security features | https://github.com/security/advanced-security |
| Copilot for BusinessEnterprise-grade AI features | https://github.com/features/copilot/copilot-business |
| Premium SupportEnterprise-grade 24/7 support | https://github.com/premium-support |
| Pricing | https://github.com/pricing |
| Search syntax tips | https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax |
| documentation | https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax |
|
Sign in
| https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fpython%2Fcpython%2Fpull%2F113916 |
|
Sign up
| https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fpull_requests_fragments%2Fpull_request_layout&source=header-repo&source_repo=python%2Fcpython |
| Reload | https://github.com/python/cpython/pull/113916 |
| Reload | https://github.com/python/cpython/pull/113916 |
| Reload | https://github.com/python/cpython/pull/113916 |
|
python
| https://github.com/python |
| cpython | https://github.com/python/cpython |
| Please reload this page | https://github.com/python/cpython/pull/113916 |
|
Notifications
| https://github.com/login?return_to=%2Fpython%2Fcpython |
|
Fork
33.9k
| https://github.com/login?return_to=%2Fpython%2Fcpython |
|
Star
71.2k
| https://github.com/login?return_to=%2Fpython%2Fcpython |
|
Code
| https://github.com/python/cpython |
|
Issues
5k+
| https://github.com/python/cpython/issues |
|
Pull requests
2.1k
| https://github.com/python/cpython/pulls |
|
Actions
| https://github.com/python/cpython/actions |
|
Projects
31
| https://github.com/python/cpython/projects |
|
Security
0
| https://github.com/python/cpython/security |
|
Insights
| https://github.com/python/cpython/pulse |
|
Code
| https://github.com/python/cpython |
|
Issues
| https://github.com/python/cpython/issues |
|
Pull requests
| https://github.com/python/cpython/pulls |
|
Actions
| https://github.com/python/cpython/actions |
|
Projects
| https://github.com/python/cpython/projects |
|
Security
| https://github.com/python/cpython/security |
|
Insights
| https://github.com/python/cpython/pulse |
| Sign up for GitHub
| https://github.com/signup?return_to=%2Fpython%2Fcpython%2Fissues%2Fnew%2Fchoose |
| terms of service | https://docs.github.com/terms |
| privacy statement | https://docs.github.com/privacy |
| Sign in | https://github.com/login?return_to=%2Fpython%2Fcpython%2Fissues%2Fnew%2Fchoose |
| Jump to bottom | https://github.com/python/cpython/pull/113916#issue-comment-box |
| ambv | https://github.com/ambv |
| python:3.8 | https://github.com/python/cpython/tree/3.8 |
| serhiy-storchaka:backport-66363b9-3.8 | https://github.com/serhiy-storchaka/cpython/tree/backport-66363b9-3.8 |
|
[3.8] gh-109858: Protect zipfile from "quoted-overlap" zipbomb (GH-110016)
| https://github.com/python/cpython/pull/113916#top |
| ambv | https://github.com/ambv |
| python:3.8 | https://github.com/python/cpython/tree/3.8 |
| serhiy-storchaka:backport-66363b9-3.8 | https://github.com/serhiy-storchaka/cpython/tree/backport-66363b9-3.8 |
|
Conversation
0
| https://github.com/python/cpython/pull/113916 |
|
Commits
1
| https://github.com/python/cpython/pull/113916/commits |
|
Checks
0
| https://github.com/python/cpython/pull/113916/checks |
|
Files changed
| https://github.com/python/cpython/pull/113916/files |
| Please reload this page | https://github.com/python/cpython/pull/113916 |
| https://github.co/hiddenchars |
| https://github.com/python/cpython/pull/{{ revealButtonHref }} |
|
| https://github.com/serhiy-storchaka |
| serhiy-storchaka | https://github.com/serhiy-storchaka |
| Jan 10, 2024 | https://github.com/python/cpython/pull/113916#issue-2074484229 |
| Please reload this page | https://github.com/python/cpython/pull/113916 |
| 66363b9 | https://github.com/python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba |
| Python "zipfile" can't detect "quoted-overlap" zipbomb that can be used as a DoS attack #109858 | https://github.com/python/cpython/issues/109858 |
| Please reload this page | https://github.com/python/cpython/pull/113916 |
| https://github.com/apps/bedevere-app |
| bedevere-app | https://github.com/apps/bedevere-app |
|
awaiting core review
| https://github.com/python/cpython/issues?q=state%3Aopen%20label%3A%22awaiting%20core%20review%22 |
| Jan 10, 2024 | https://github.com/python/cpython/pull/113916#event-11443910276 |
| https://github.com/apps/bedevere-app |
| bedevere-app | https://github.com/apps/bedevere-app |
|
Jan 10, 2024
| https://github.com/python/cpython/pull/113916#ref-pullrequest-1917170423 |
|
gh-109858: Protect zipfile from "quoted-overlap" zipbomb
#110016
| https://github.com/python/cpython/pull/110016 |
| https://github.com/apps/bedevere-app |
| bedevere-app | https://github.com/apps/bedevere-app |
|
type-security
| https://github.com/python/cpython/issues?q=state%3Aopen%20label%3Atype-security |
| Jan 10, 2024 | https://github.com/python/cpython/pull/113916#event-11443910790 |
| https://github.com/apps/bedevere-app |
| bedevere-app | https://github.com/apps/bedevere-app |
|
Jan 10, 2024
| https://github.com/python/cpython/pull/113916#ref-issue-1911928055 |
|
Python "zipfile" can't detect "quoted-overlap" zipbomb that can be used as a DoS attack
#109858
| https://github.com/python/cpython/issues/109858 |
| https://github.com/serhiy-storchaka |
| serhiy-storchaka | https://github.com/serhiy-storchaka |
| force-pushed | https://github.com/python/cpython/compare/68c3c48d5c77483a07dc3afda8f7e528598c5e61..e32baeb03c3cd9301f3f25486efcaedfdb586ec4 |
| 68c3c48 | https://github.com/python/cpython/commit/68c3c48d5c77483a07dc3afda8f7e528598c5e61 |
| e32baeb | https://github.com/python/cpython/commit/e32baeb03c3cd9301f3f25486efcaedfdb586ec4 |
|
Compare
| https://github.com/python/cpython/compare/68c3c48d5c77483a07dc3afda8f7e528598c5e61..e32baeb03c3cd9301f3f25486efcaedfdb586ec4 |
| January 10, 2024 15:14 | https://github.com/python/cpython/pull/113916#event-11444580602 |
|
| https://github.com/serhiy-storchaka |
| [3.8] | https://github.com/python/cpython/pull/113916/commits/eb686f2048193ef0b608992bb3eb53b8d756e0b3 |
| pythongh-109858 | https://github.com/python/cpython/issues/109858 |
| : Protect zipfile from "quoted-overlap" zipbomb ( | https://github.com/python/cpython/pull/113916/commits/eb686f2048193ef0b608992bb3eb53b8d756e0b3 |
| p… | https://github.com/python/cpython/pull/110016 |
| eb686f2 | https://github.com/python/cpython/pull/113916/commits/eb686f2048193ef0b608992bb3eb53b8d756e0b3 |
| …ythonGH-110016 | https://github.com/python/cpython/pull/110016 |
| 66363b9 | https://github.com/serhiy-storchaka/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba |
| https://github.com/serhiy-storchaka |
| serhiy-storchaka | https://github.com/serhiy-storchaka |
| force-pushed | https://github.com/python/cpython/compare/e32baeb03c3cd9301f3f25486efcaedfdb586ec4..eb686f2048193ef0b608992bb3eb53b8d756e0b3 |
| e32baeb | https://github.com/python/cpython/commit/e32baeb03c3cd9301f3f25486efcaedfdb586ec4 |
| eb686f2 | https://github.com/python/cpython/commit/eb686f2048193ef0b608992bb3eb53b8d756e0b3 |
|
Compare
| https://github.com/python/cpython/compare/e32baeb03c3cd9301f3f25486efcaedfdb586ec4..eb686f2048193ef0b608992bb3eb53b8d756e0b3 |
| January 10, 2024 16:06 | https://github.com/python/cpython/pull/113916#event-11445244555 |
| https://github.com/gpshead |
| gpshead | https://github.com/gpshead |
| ambv | https://github.com/ambv |
| Jan 11, 2024 | https://github.com/python/cpython/pull/113916#event-11461084913 |
| https://github.com/sethmlarson |
| sethmlarson | https://github.com/sethmlarson |
|
release-blocker
| https://github.com/python/cpython/issues?q=state%3Aopen%20label%3Arelease-blocker |
| Jan 11, 2024 | https://github.com/python/cpython/pull/113916#event-11462215978 |
| https://github.com/ambv |
| ambv | https://github.com/ambv |
| d05bac0 | https://github.com/python/cpython/commit/d05bac0b74153beb541b88b4fca33bf053990183 |
| Jan 17, 2024 | https://github.com/python/cpython/pull/113916#event-11511586478 |
| https://github.com/apps/bedevere-app |
| bedevere-app | https://github.com/apps/bedevere-app |
|
awaiting core review
| https://github.com/python/cpython/issues?q=state%3Aopen%20label%3A%22awaiting%20core%20review%22 |
| Jan 17, 2024 | https://github.com/python/cpython/pull/113916#event-11511587088 |
| https://github.com/serhiy-storchaka |
| serhiy-storchaka | https://github.com/serhiy-storchaka |
| February 19, 2024 18:22 | https://github.com/python/cpython/pull/113916#event-11853113154 |
| mcepl | https://github.com/mcepl |
|
Apr 25, 2024
| https://github.com/python/cpython/pull/113916#ref-commit-38b9607 |
|
| https://github.com/serhiy-storchaka |
|
| https://github.com/mcepl |
| [3.8] | https://github.com/openSUSE-Python/cpython/commit/38b9607c5ec8c068c72d939e0d7a26fae646c075 |
| pythongh-109858 | https://github.com/python/cpython/issues/109858 |
| : Protect zipfile from "quoted-overlap" zipbomb ( | https://github.com/openSUSE-Python/cpython/commit/38b9607c5ec8c068c72d939e0d7a26fae646c075 |
| p… | https://github.com/python/cpython/pull/110016 |
| 38b9607 | https://github.com/openSUSE-Python/cpython/commit/38b9607c5ec8c068c72d939e0d7a26fae646c075 |
| …ythonGH-110016 | https://github.com/python/cpython/pull/110016 |
| pythonGH-113916 | https://github.com/python/cpython/pull/113916 |
| 66363b9 | https://github.com/openSUSE-Python/cpython/commit/66363b9a7b9fe7c99eba3a185b74c5fdbf842eba |
| Sign up for free | https://github.com/join?source=comment-repo |
| Sign in to comment | https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fpython%2Fcpython%2Fpull%2F113916 |
|
| https://github.com/ambv |
|
ambv
| https://github.com/ambv |
|
release-blocker
| https://github.com/python/cpython/issues?q=state%3Aopen%20label%3Arelease-blocker |
|
type-security
| https://github.com/python/cpython/issues?q=state%3Aopen%20label%3Atype-security |
|
Release and Deferred blockers 🚫
| https://github.com/orgs/python/projects/2 |
| Please reload this page | https://github.com/python/cpython/pull/113916 |
|
| https://github.com/serhiy-storchaka |
|
| https://github.com/ambv |
|
| https://github.com/sethmlarson |
|
| https://github.com |
| Terms | https://docs.github.com/site-policy/github-terms/github-terms-of-service |
| Privacy | https://docs.github.com/site-policy/privacy-policies/github-privacy-statement |
| Security | https://github.com/security |
| Status | https://www.githubstatus.com/ |
| Community | https://github.community/ |
| Docs | https://docs.github.com/ |
| Contact | https://support.github.com?tags=dotcom-footer |