fix CWE-23: prevent zipslip/directory traversal attacks

Add filter='data' parameter to all tar.extractall() calls to prevent
directory traversal (zipslip) vulnerabilities. This change ensures that
tar extraction operations reject any archive members that attempt to
write outside the intended extraction directory.

Affected modules:
- amg: restore operations from Grafana archive files
- aosm: helm package extraction for AOSM definitions
- confcom: container image tar file processing and manifest extraction
- connectedk8s: Arc Connectivity proxy binary extraction
- containerapp: Java buildpack source code extraction
- networkcloud: custom action result blob extraction
- ssh: SSH proxy binary extraction from MCR packages

The filter='data' parameter is available in Python 3.11.4+ and provides
built-in protection against malicious tar archives containing entries with
absolute paths or relative paths that traverse outside the extraction directory.

References:
- https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extractall
- https://cwe.mitre.org/data/definitions/23.html

Author: locus-x64

src/amg/azext_amg/restore.py

@@ -38,7 +38,7 @@ def restore(grafana_url, archive_file, components, http_headers, destination_dat
 
     with tarfile.open(name=archive_file, mode='r:gz') as tar:
         with tempfile.TemporaryDirectory() as tmpdir:
-            tar.extractall(tmpdir)
+            tar.extractall(tmpdir, filter='data')
             tar.close()
             _restore_components(grafana_url, restore_functions, tmpdir, components, http_headers,
                                 destination_datasources=destination_datasources)

src/aosm/azext_aosm/common/utils.py

@@ -101,10 +101,10 @@ def extract_tarfile(file_path: Path, target_dir: Path) -> Path:
 
     if file_extension in (".gz", ".tgz"):
         with tarfile.open(file_path, "r:gz") as tar:
-            tar.extractall(path=target_dir)
+            tar.extractall(path=target_dir, filter='data')
     elif file_extension == ".tar":
         with tarfile.open(file_path, "r:") as tar:
-            tar.extractall(path=target_dir)
+            tar.extractall(path=target_dir, filter='data')
     else:
         raise InvalidFileTypeError(
             f"ERROR: The helm package, '{file_path}', is not"

src/confcom/azext_confcom/os_util.py

@@ -170,7 +170,7 @@ def map_image_from_tar_backwards_compatibility(image_name: str, tar: TarFile, ta
         # extract just the manifest file and see if any of the RepoTags match the image_name we're searching for
         # the manifest.json should have a list of all the image tags
         # and what json files they map to to get env vars, startup cmd, etc.
-        tar.extract("manifest.json", path=tar_dir)
+        tar.extract("manifest.json", path=tar_dir, filter='data')
         manifest_path = os.path.join(tar_dir, "manifest.json")
         manifest = load_json_from_file(manifest_path)
         # if we match a RepoTag to the image, stop searching
@@ -187,7 +187,7 @@ def map_image_from_tar_backwards_compatibility(image_name: str, tar: TarFile, ta
 
     if not info_file:
         return None
-    tar.extract(info_file.name, path=tar_dir)
+    tar.extract(info_file.name, path=tar_dir, filter='data')
 
     # get the path of the json file and read it in
     image_info_file_path = os.path.join(tar_dir, info_file.name)
@@ -259,7 +259,7 @@ def map_image_from_tar(image_name: str, tar: TarFile, tar_location: str):
     # extract just the manifest file and see if any of the RepoTags match the image_name we're searching for
     # the manifest.json should have a list of all the image tags
     # and what json files they map to to get env vars, startup cmd, etc.
-    tar.extract(info_file_name, path=tar_dir)
+    tar.extract(info_file_name, path=tar_dir, filter='data')
     manifest_path = os.path.join(tar_dir, info_file_name)
     manifest = load_json_from_file(manifest_path)
     try:
@@ -274,7 +274,7 @@ def map_image_from_tar(image_name: str, tar: TarFile, tar_location: str):
 
     if not info_file:
         return None
-    tar.extract(info_file, path=tar_dir)
+    tar.extract(info_file, path=tar_dir, filter='data')
 
     # get the path of the json file and read it in
     image_info_file_path = os.path.join(tar_dir, info_file)

src/confcom/azext_confcom/tests/latest/test_confcom_fragment.py

@@ -498,7 +498,7 @@ def test_tar_file_fragment(self):
                 tar_mapping_file = {"mcr.microsoft.com/aks/e2e/library-busybox:master.220314.1-linux-amd64": filename2}
                 create_tar_file(filename)
                 with TarFile(filename, "r") as tar:
-                    tar.extractall(path=folder)
+                    tar.extractall(path=folder, filter='data')
 
                 with TarFile.open(filename2, mode="w") as out_tar:
                     out_tar.add(os.path.join(folder, "index.json"), "index.json")

src/confcom/azext_confcom/tests/latest/test_confcom_tar.py

@@ -180,7 +180,7 @@ def test_oci_tar_file(self):
                 tar_mapping_file = {"mcr.microsoft.com/aks/e2e/library-busybox:master.220314.1-linux-amd64": filename2}
                 create_tar_file(filename)
                 with TarFile(filename, "r") as tar:
-                    tar.extractall(path=folder)
+                    tar.extractall(path=folder, filter='data')
 
                 with TarFile.open(filename2, mode="w") as out_tar:
                     out_tar.add(os.path.join(folder, "index.json"), "index.json")

src/connectedk8s/azext_connectedk8s/clientproxyhelper/_binaryutils.py

@@ -182,7 +182,7 @@ def _extract_proxy_tar_files(
 
                 members.append(member)
 
-        tar.extractall(members=members, path=install_dir)
+        tar.extractall(members=members, path=install_dir, filter='data')
 
 
 def _check_proxy_installation(

src/containerapp/azext_containerapp/tests/latest/test_containerapp_create_update_up_java.py

@@ -37,7 +37,7 @@ def download_java_source(source_path):
                     shutil.rmtree(source_path)
 
                 with tarfile.open(temp_file.name, 'r:gz') as tar:
-                    tar.extractall(path=source_path)
+                    tar.extractall(path=source_path, filter='data')
 
                 os.remove(temp_file.name)
 

src/networkcloud/azext_networkcloud/operations/custom_properties.py

@@ -59,7 +59,7 @@ def _output(parent_cmd, *args, **kwargs):  # pylint: disable=unused-argument
                 try:
                     with urllib.request.urlopen(result_url) as result:
                         with tarfile.open(fileobj=result, mode="r:gz") as tar:
-                            tar.extractall(path=output_directory)
+                            tar.extractall(path=output_directory, filter='data')
                             logger.warning(
                                 "Extracted results are available in directory: %s",
                                 output_directory,
@@ -126,7 +126,7 @@ def _output(parent_cmd, *args, **kwargs):  # pylint: disable=unused-argument
                 try:
                     # Extract the downloaded blob
                     with tarfile.open(downloaded_blob_name, mode="r:gz") as tar:
-                        tar.extractall(path=output_directory)
+                        tar.extractall(path=output_directory, filter='data')
                         logger.warning(
                             "Extracted results are available in directory: %s",
                             output_directory,

src/ssh/azext_ssh/connectivity_utils.py

@@ -325,7 +325,7 @@ def _extract_proxy_tar_files(proxy_package_path, install_dir, proxy_name):
 
                 members.append(member)
 
-        tar.extractall(members=members, path=install_dir)
+        tar.extractall(members=members, path=install_dir, filter='data')
 
 
 def _check_proxy_installation(install_dir, proxy_name):