fix tarfile extraction (#1868)

* fix tarfile extraction

* fix onnxruntime version

requirements.txt

@@ -15,7 +15,7 @@ sphinx-rtd-theme
 torchmetrics==0.8
 hydra-core>=1.2.0
 omegaconf
-onnxruntime==1.16.0
+onnxruntime==1.15.0
 onnx==1.15.0
 pillow>=5.3.0,!=8.3
 pip-tools>=6.12.1

src/super_gradients/training/utils/utils.py

@@ -509,6 +509,20 @@ def download_one(url, dir):
         download_one(u, dir)
 
 
+def safe_untar(tar_file, extract_path):
+    """
+    Protect against Tar Slip vulnerability.
+    Calling extractall to extract all files from a tar file without sanitization
+    may result files outside destination directory to be overwritten, resulting in an arbitrary file write.
+    CVE-2007-4559 https://nvd.nist.gov/vuln/detail/CVE-2007-4559
+    """
+    with tarfile.TarFile(tar_file, "r") as tf:
+        for member in tf:
+            file_path = os.path.realpath(os.path.join(extract_path, member.name))
+            if file_path.startswith(os.path.realpath(extract_path)):
+                tf.extract(member, extract_path)
+
+
 def download_and_untar_from_url(urls: List[str], dir: Union[str, Path] = "."):
     """
     Download a file from url and untar.
@@ -533,8 +547,7 @@ def download_and_untar_from_url(urls: List[str], dir: Union[str, Path] = "."):
         assert filepath.suffix in modes.keys(), f"{filepath} has {filepath.suffix} suffix which is not supported"
 
         logger.info(f"Extracting to {dir}...")
-        with tarfile.open(filepath, mode=modes[filepath.suffix]) as f:
-            f.extractall(dir)
+        safe_untar(filepath, dir)
         filepath.unlink()