luciano/markitdown
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Don't have ZipConverter accept OOXML files. This will never yield a good result. (#1078)

Browse source
This commit is contained in:
afourney 2025-02-28 09:54:19 -08:00 committed by GitHub
parent 9a19fdd134
commit 9182923375
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
packages/markitdown/src/markitdown/converters/_zip_converter.py
View file

@ -77,6 +77,10 @@ class ZipConverter(DocumentConverter):
try:
# Extract the zip file safely
with zipfile.ZipFile(local_path, "r") as zipObj:
# Bail if we discover it's an Office OOXML file
if "[Content_Types].xml" in zipObj.namelist():
return None
# Safeguard against path traversal
for member in zipObj.namelist():
member_path = os.path.normpath(os.path.join(extraction_dir, member))