Add a check to ensure the name resolves relative to the tmpdir.

jaraco · emanuelc-activestate · commit 962ae0e56900 · 2025-08-07T17:21:28.000-03:00
Closes pypa#4946
diff --git a/setuptools/package_index.py b/setuptools/package_index.py
@@ -801,10 +801,25 @@ def open_url(self, url, warning=None):  # noqa: C901  # is too complex (12)
             else:
                 raise DistutilsError("Download error for %s: %s" % (url, v)) from v
 
-    def _download_url(self, url, tmpdir):
-        # Determine download filename
-        #
-        name, fragment = egg_info_for_url(url)
+    @staticmethod
+    def _resolve_download_filename(url, tmpdir):
+        """
+        >>> import pathlib
+        >>> du = PackageIndex._resolve_download_filename
+        >>> root = getfixture('tmp_path')
+        >>> url = 'https://files.pythonhosted.org/packages/a9/5a/0db.../setuptools-78.1.0.tar.gz'
+        >>> str(pathlib.Path(du(url, root)).relative_to(root))
+        'setuptools-78.1.0.tar.gz'
+
+        Ensures the target is always in tmpdir.
+
+        >>> url = 'https://anyhost/%2fhome%2fuser%2f.ssh%2fauthorized_keys'
+        >>> du(url, root)
+        Traceback (most recent call last):
+        ...
+        ValueError: Invalid filename...
+        """
+        name, _fragment = egg_info_for_url(url)
         if name:
             while '..' in name:
                 name = name.replace('..', '.').replace('\\', '_')
@@ -816,6 +831,12 @@ def _download_url(self, url, tmpdir):
 
         filename = os.path.join(tmpdir, name)
 
+        # ensure path resolves within the tmpdir
+        if not filename.startswith(str(tmpdir)):
+            raise ValueError(f"Invalid filename {filename}")
+
+        return filename
+
         return self._download_vcs(url, filename) or self._download_other(url, filename)
 
     @staticmethod
