Skip to content

gh-79459: Sanitize the prefix and suffix parameters to tempfile functions.#143889

Open
mbyrnepr2 wants to merge 6 commits into
python:mainfrom
mbyrnepr2:tempfile_security_directory_traversal
Open

gh-79459: Sanitize the prefix and suffix parameters to tempfile functions.#143889
mbyrnepr2 wants to merge 6 commits into
python:mainfrom
mbyrnepr2:tempfile_security_directory_traversal

Conversation

@mbyrnepr2
Copy link
Copy Markdown
Contributor

@mbyrnepr2 mbyrnepr2 commented Jan 15, 2026
edited by github-actions Bot
Loading

gh-79459: Sanitize the prefix and suffix parameters to the tempfile functions:

  • tempfile.mkdtemp.
  • tempfile.mkstemp.
  • tempfile.NamedTemporaryFile.

📚 Documentation preview 📚: https://cpython-previews--143889.org.readthedocs.build/

@bedevere-app bedevere-app Bot mentioned this pull request Jan 15, 2026
Open
@mbyrnepr2
Copy link
Copy Markdown
Contributor Author

mbyrnepr2 commented Jan 16, 2026

In terms of the decisions made in the PR, I've tried to follow the suggestions mentioned in the issue from both Victor's comment and the comment of mjpieters.
The details around deprecation dates I've not spent too much time on because there will probably be feedback/ideas on that from others.

@mbyrnepr2 mbyrnepr2 marked this pull request as ready for review January 16, 2026 12:19
@mbyrnepr2 mbyrnepr2 requested a review from AA-Turner as a code owner January 16, 2026 12:19
@mbyrnepr2 mbyrnepr2 force-pushed the tempfile_security_directory_traversal branch from 69768c3 to e9add85 Compare January 20, 2026 15:41
mbyrnepr2 and others added 5 commits March 19, 2026 15:54
@mbyrnepr2
pythongh-79459: Sanitize the prefix and suffix parameters to …
9205118 
…the `tempfile` functions:

- `tempfile.mkdtemp`.
- `tempfile.mkstemp`.
- `tempfile.NamedTemporaryFile`.
@blurb-it @mbyrnepr2
📜🤖 Added by blurb_it.
810536d
@blurb-it @mbyrnepr2
📜🤖 Added by blurb_it.
552b19f
@mbyrnepr2
Delete Misc/NEWS.d/next/Library/2026-01-16-09-52-54.gh-issue-79459:.x…
6794174 
…1acn-.rst

Remove news file that was incorrectly named.
@mbyrnepr2
Move the new tests to the existing test function which tests files na…
ddbef77 
…med with bytes.
@mbyrnepr2 mbyrnepr2 force-pushed the tempfile_security_directory_traversal branch from 15c9051 to ddbef77 Compare March 19, 2026 14:55
@mbyrnepr2
Copy link
Copy Markdown
Contributor Author

mbyrnepr2 commented Apr 5, 2026

Howdy @vstinner would you have some time in the coming period to give some high-level feedback if this change looks like it's on the right track?
Sorry for the ping😬

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 17, 2026

This PR is stale because it has been open for 30 days with no activity.

@github-actions github-actions Bot added the stale Stale PR or inactive for long period of time. label May 17, 2026
@read-the-docs-community
Copy link
Copy Markdown

read-the-docs-community Bot commented May 21, 2026

Documentation build overview

📚 cpython-previews | 🛠️ Build #32791483 | 📁 Comparing 459fcfb against main (c35b0f2)

  🔍 Preview build  

2 files changed
± whatsnew/3.15.html
± whatsnew/changelog.html

@vstinner
Copy link
Copy Markdown
Member

vstinner commented May 21, 2026

I'm not sure that striping silently the directory is the right move. I would feel safer to raise a hard error (exception) if the caller pass a prefix or suffix with a directory. @mbyrnepr2: Do you want to propose a different PR to implement this change?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AA-Turner AA-Turner Awaiting requested review from AA-Turner AA-Turner is a code owner

Assignees

No one assigned

Labels

awaiting review stale Stale PR or inactive for long period of time.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mbyrnepr2 @vstinner