Add path validation for symlink extraction

vicheey · vicheey · commit 3c07efb6bcfa · 2026-01-23T15:47:02.000-08:00
diff --git a/samcli/local/lambdafn/zip.py b/samcli/local/lambdafn/zip.py
@@ -48,6 +48,11 @@ def _extract(file_info, output_dir, zip_ref):
     -------
     string
         Returns the target path the Zip Entry was extracted to.
+
+    Raises
+    ------
+    ValueError
+        If the extraction path would escape the output directory
     """
 
     # Handle any regular file/directory entries
@@ -57,6 +62,14 @@ def _extract(file_info, output_dir, zip_ref):
     source = zip_ref.read(file_info.filename).decode("utf8")
     link_name = os.path.normpath(os.path.join(output_dir, file_info.filename))
 
+    output_dir_abs = os.path.abspath(output_dir)
+    link_name_abs = os.path.abspath(link_name)
+
+    if not link_name_abs.startswith(output_dir_abs + os.sep) and link_name_abs != output_dir_abs:
+        raise ValueError(
+            f"Entry '{file_info.filename}' would extract outside target directory."
+        )
+
     # make leading dirs if needed
     leading_dirs = os.path.dirname(link_name)
     if not os.path.exists(leading_dirs):
