Skip to content

Commit 399f4ea

Browse files
dkjsonedkjsone
committed
Update test cases with clearer exception assertions;
Update news entry
1 parent dcd1ff5 commit 399f4ea

File tree

2 files changed

+9
-8
lines changed

2 files changed

+9
-8
lines changed

news/13550.bugfix.rst

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,2 @@
1-
Pip will now raise an installation error for a source distribution when it includes a symlink that
2-
points outside the source distribution archive.
1+
For Python versions that do not support PEP 706, pip will now raise an installation error for a
2+
source distribution when it includes a symlink that points outside the source distribution archive.

tests/unit/test_utils_unpacking.py

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -336,8 +336,8 @@ def test_unpack_evil_tar_link1_no_data_filter(
336336
with pytest.raises(InstallationError) as e:
337337
untar_file(tar_filepath, extract_path)
338338

339-
assert "trying to install outside target directory" in str(e.value)
340-
assert "import_file" in str(e.value)
339+
msg = "The tar file ({}) has a file ({}) trying to install outside target directory ({})"
340+
assert msg.format(tar_filepath, "evil_symlink", import_filepath) in str(e.value)
341341

342342
assert not os.path.exists(os.path.join(extract_path, "evil_symlink"))
343343

@@ -359,18 +359,19 @@ def test_unpack_evil_tar_link2_no_data_filter(
359359

360360
extract_path = os.path.join(self.tempdir, "extract_path")
361361

362+
link_path = ".." + os.sep + import_filename
363+
362364
with tarfile.open(tar_filepath, "w") as tar:
363365
info = tarfile.TarInfo("evil_symlink")
364366
info.type = tarfile.SYMTYPE
365-
info.linkpath = ".." + os.sep + import_filename
367+
info.linkpath = link_path
366368
tar.addfile(info)
367369

368370
with pytest.raises(InstallationError) as e:
369371
untar_file(tar_filepath, extract_path)
370372

371-
assert "trying to install outside target directory" in str(e.value)
372-
assert ".." in str(e.value)
373-
assert import_filename in str(e.value)
373+
msg = "The tar file ({}) has a file ({}) trying to install outside target directory ({})"
374+
assert msg.format(tar_filepath, "evil_symlink", link_path) in str(e.value)
374375

375376
assert not os.path.exists(os.path.join(extract_path, "evil_symlink"))
376377

0 commit comments

Comments
 (0)