From f6cbd825ac9017c328ece0786fe1f35705f1b356 Mon Sep 17 00:00:00 2001
From: Daniel McCloy <dan@mccloy.info>
Date: Fri, 24 Jan 2025 17:18:56 -0600
Subject: [PATCH] Explicitly pass `filter` to `TarFile.extractall` on Python
 >=3.12 (#458)

Pass a `filter="data"` argument to `TarFile.extractall` to prevent
dangerous security issues. The `filter` argument was added in Python
3.12, so only pass it on versions greater or equal than that. This
change matches the default behaviour that will take place since Python
3.14.
---
 pooch/processors.py | 9 +++++++--
 pyproject.toml      | 1 +
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/pooch/processors.py b/pooch/processors.py
index 16670f9c..dfeebb38 100644
--- a/pooch/processors.py
+++ b/pooch/processors.py
@@ -8,12 +8,14 @@
 """
 Post-processing hooks
 """
+
 import abc
 import os
 import bz2
 import gzip
 import lzma
 import shutil
+import sys
 from zipfile import ZipFile
 from tarfile import TarFile
 
@@ -253,13 +255,14 @@ def _extract_file(self, fname, extract_dir):
         This method receives an argument for the archive to extract and the
         destination path.
         """
+        filter_kwarg = {} if sys.version_info < (3, 12) else {"filter": "data"}
         with TarFile.open(fname, "r") as tar_file:
             if self.members is None:
                 get_logger().info(
                     "Untarring contents of '%s' to '%s'", fname, extract_dir
                 )
                 # Unpack all files from the archive into our new folder
-                tar_file.extractall(path=extract_dir)
+                tar_file.extractall(path=extract_dir, **filter_kwarg)
             else:
                 for member in self.members:
                     get_logger().info(
@@ -281,7 +284,9 @@ def _extract_file(self, fname, extract_dir):
                         )
                     ]
                     # Extract the data file from within the archive
-                    tar_file.extractall(members=subdir_members, path=extract_dir)
+                    tar_file.extractall(
+                        members=subdir_members, path=extract_dir, **filter_kwarg
+                    )
 
 
 class Decompress:  # pylint: disable=too-few-public-methods
diff --git a/pyproject.toml b/pyproject.toml
index b453da10..cd00149f 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -38,6 +38,7 @@ dependencies = [
 progress = ["tqdm>=4.41.0,<5.0.0"]
 sftp = ["paramiko>=2.7.0"]
 xxhash = ["xxhash>=1.4.3"]
+test = ["pytest-httpserver", "pytest-localftpserver"]
 
 [project.urls]
 "Documentation" = "https://www.fatiando.org/pooch"