maco 1.2.7__py3-none-any.whl → 1.2.8__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. maco/cli.py +7 -2
  2. {maco-1.2.7.dist-info → maco-1.2.8.dist-info}/METADATA +1 -1
  3. {maco-1.2.7.dist-info → maco-1.2.8.dist-info}/RECORD +8 -8
  4. model_setup/maco/cli.py +7 -2
  5. {maco-1.2.7.dist-info → maco-1.2.8.dist-info}/LICENSE.md +0 -0
  6. {maco-1.2.7.dist-info → maco-1.2.8.dist-info}/WHEEL +0 -0
  7. {maco-1.2.7.dist-info → maco-1.2.8.dist-info}/entry_points.txt +0 -0
  8. {maco-1.2.7.dist-info → maco-1.2.8.dist-info}/top_level.txt +0 -0
maco/cli.py CHANGED
@@ -123,10 +123,15 @@ def process_filesystem(
123
123
  logger.error(f"not file or folder: {path_samples}")
124
124
  exit(2)
125
125
  try:
126
- for path, dirs, files in walker:
126
+ base_directory = os.path.abspath(path_samples)
127
+ for path, _, files in walker:
127
128
  for file in files:
128
129
  num_analysed += 1
129
- path_file = os.path.join(path, file)
130
+ path_file = os.path.abspath(os.path.join(path, file))
131
+ if not path_file.startswith(base_directory):
132
+ logger.error(f"Attempted path traversal detected: {path_file}")
133
+ continue
134
+
130
135
  try:
131
136
  with open(path_file, "rb") as stream:
132
137
  resp = process_file(
{maco-1.2.7.dist-info → maco-1.2.8.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: maco
3
- Version: 1.2.7
3
+ Version: 1.2.8
4
4
  Author: sl-govau
5
5
  Maintainer: cccs-rs
6
6
  License: MIT License
{maco-1.2.7.dist-info → maco-1.2.8.dist-info}/RECORD RENAMED
@@ -9,7 +9,7 @@ demo_extractors/complex/complex.py,sha256=tXrzj_zWIXbTOwj7Lezapk-qkrM-lfwcyjd5m-
9
9
  demo_extractors/complex/complex_utils.py,sha256=aec8kJsYUrMPo-waihkVLt-0QpiOPkw7dDqfT9MNuHk,123
10
10
  maco/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
11
11
  maco/base_test.py,sha256=cjGLEy2c69wl9sjn74QFz7X-VxWOfdin4W8MvYsXc4Q,2718
12
- maco/cli.py,sha256=NTzV8eu9V0qQNttRo592j-Rdzac7q1NAMraqJF2h_6k,8171
12
+ maco/cli.py,sha256=pPS8euWaLV-6csBCCzT1Mtc7GwP7a_RikDjfUYxoxU8,8415
13
13
  maco/collector.py,sha256=LraWYlCA72FCmQP0dHWc-ekd7R1SxR6h6rMD95_6mMs,7077
14
14
  maco/extractor.py,sha256=uGSGiCQ4jd8jFmfw2T99BGcY5iQJzXHcG_RoTIxClTE,2802
15
15
  maco/utils.py,sha256=RbG36i04iWoe5gBUxbnbJ_lDvYY5OkYtiy0EdXF9OHw,20870
@@ -18,7 +18,7 @@ maco/model/__init__.py,sha256=ULdyHx8R5D2ICHZo3VoCk1YTlewTok36TYIpwx__pNY,45
18
18
  maco/model/model.py,sha256=4uY88WphbP3iu-L2WjuYwtgZCS_wNul_hr0bAVuTpvc,23740
19
19
  model_setup/maco/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
20
20
  model_setup/maco/base_test.py,sha256=cjGLEy2c69wl9sjn74QFz7X-VxWOfdin4W8MvYsXc4Q,2718
21
- model_setup/maco/cli.py,sha256=NTzV8eu9V0qQNttRo592j-Rdzac7q1NAMraqJF2h_6k,8171
21
+ model_setup/maco/cli.py,sha256=pPS8euWaLV-6csBCCzT1Mtc7GwP7a_RikDjfUYxoxU8,8415
22
22
  model_setup/maco/collector.py,sha256=LraWYlCA72FCmQP0dHWc-ekd7R1SxR6h6rMD95_6mMs,7077
23
23
  model_setup/maco/extractor.py,sha256=uGSGiCQ4jd8jFmfw2T99BGcY5iQJzXHcG_RoTIxClTE,2802
24
24
  model_setup/maco/utils.py,sha256=RbG36i04iWoe5gBUxbnbJ_lDvYY5OkYtiy0EdXF9OHw,20870
@@ -36,9 +36,9 @@ tests/extractors/basic_longer.py,sha256=1ClU2QD-Y0TOl_loNFvEqIEpTR5TSVJ6zg9ZmC-E
36
36
  tests/extractors/test_basic.py,sha256=FLKekfSGM69HaiF7Vu_7D7KDXHZko-9hZkMO8_DoyYA,697
37
37
  tests/extractors/bob/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
38
38
  tests/extractors/bob/bob.py,sha256=G5aOoz58J0ZQK2_lA7HRxAzeLzBxssWxBTZcv1pSbi8,176
39
- maco-1.2.7.dist-info/LICENSE.md,sha256=gMSjshPhXvV_F1qxmeNkKdBqGWkd__fEJf4glS504bM,1478
40
- maco-1.2.7.dist-info/METADATA,sha256=09_OhgEFJ1kNPB6tg0NiJQmIrlLDB51bbR2rnrdW-wU,15855
41
- maco-1.2.7.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
42
- maco-1.2.7.dist-info/entry_points.txt,sha256=TpcwG1gedIg8Y7a9ZOv8aQpuwEUftCefDrAjzeP-o6U,39
43
- maco-1.2.7.dist-info/top_level.txt,sha256=iMRwuzmrHA3zSwiSeMIl6FWhzRpn_st-I4fAv-kw5_o,49
44
- maco-1.2.7.dist-info/RECORD,,
39
+ maco-1.2.8.dist-info/LICENSE.md,sha256=gMSjshPhXvV_F1qxmeNkKdBqGWkd__fEJf4glS504bM,1478
40
+ maco-1.2.8.dist-info/METADATA,sha256=b4CSO15F8ybyH1oxBZnmL1NaDhZ7ONSRahUsVh4qKiM,15855
41
+ maco-1.2.8.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
42
+ maco-1.2.8.dist-info/entry_points.txt,sha256=TpcwG1gedIg8Y7a9ZOv8aQpuwEUftCefDrAjzeP-o6U,39
43
+ maco-1.2.8.dist-info/top_level.txt,sha256=iMRwuzmrHA3zSwiSeMIl6FWhzRpn_st-I4fAv-kw5_o,49
44
+ maco-1.2.8.dist-info/RECORD,,
model_setup/maco/cli.py CHANGED
@@ -123,10 +123,15 @@ def process_filesystem(
123
123
  logger.error(f"not file or folder: {path_samples}")
124
124
  exit(2)
125
125
  try:
126
- for path, dirs, files in walker:
126
+ base_directory = os.path.abspath(path_samples)
127
+ for path, _, files in walker:
127
128
  for file in files:
128
129
  num_analysed += 1
129
- path_file = os.path.join(path, file)
130
+ path_file = os.path.abspath(os.path.join(path, file))
131
+ if not path_file.startswith(base_directory):
132
+ logger.error(f"Attempted path traversal detected: {path_file}")
133
+ continue
134
+
130
135
  try:
131
136
  with open(path_file, "rb") as stream:
132
137
  resp = process_file(
{maco-1.2.7.dist-info → maco-1.2.8.dist-info}/WHEEL RENAMED
File without changes