A safe zipfile library
Project description
safezipfile: A safe zipfile extract library for python
Summary
This library simply overrides the extractall method of the python ZipFile class
with additional checks to prevent zip-slip and zip-bomb attacks. It can be used the same
way as the usual extractall method but also accepts additional arguments to limit the number
of allowed files in the archive, limit the size of each extract file, the total extracted file
size and also the maximum allowed compression ratio (zip bombs have a very high compression ratio).
To make the base use case safe it already starts with some quite relaxed limits of:
- 500 files in a zip
- 1GB extracted file size
- 10GB total extracted file size
But they can all be configured:
import safezipfile
# Base use case
with safezipfile.ZipFile("test.zip", "r") as zf:
zf.extractall("./outdir")
# Or configure the limits
with safezipfile.ZipFile("test.zip", "r") as zf:
zf.extractall(
"./outdir",
max_files = 500,
max_file_size = 1 * 1024 * 1024 * 1024,
max_total_size = 10 * 1024 * 1024 * 1024,
max_compression_ratio = 100.0
)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file safezipfile-0.1.4.tar.gz.
File metadata
- Download URL: safezipfile-0.1.4.tar.gz
- Upload date:
- Size: 5.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dc9cc2f41eb951fd69a0e86ec7b957c501ff2cf857dd93c306f724a3ab803e14
|
|
| MD5 |
a5c577dcb258089ca0ecc6bfe98e8e3f
|
|
| BLAKE2b-256 |
dc8534eff4056252053281ca2467bf770047f7735df7ccc3e8cd7a234b0ef5d4
|
