Fixed skipping extraction of files or directories containing '..' in

their names.

--HG--
branch : setuptools-0.6
extra : convert_revision : svn%3A6015fed2-1504-0410-9fe1-9d1591cc4771/sandbox/branches/setuptools-0.6%4088795

1 files changed, 2 insertions, 2 deletions

diff --git a/setuptools/archive_util.py b/setuptools/archive_util.py
index d26b383b..d44264f8 100755
--- a/setuptools/archive_util.py
+++ b/setuptools/archive_util.py
@@ -138,7 +138,7 @@ def unpack_zipfile(filename, extract_dir, progress_filter=default_filter):
             name = info.filename
 
             # don't extract absolute paths or ones with .. in them
-            if name.startswith('/') or '..' in name:
+            if name.startswith('/') or '..' in name.split('/'):
                 continue
 
             target = os.path.join(extract_dir, *name.split('/'))
@@ -180,7 +180,7 @@ def unpack_tarfile(filename, extract_dir, progress_filter=default_filter):
         for member in tarobj:
             name = member.name
             # don't extract absolute paths or ones with .. in them
-            if not name.startswith('/') and '..' not in name:
+            if not name.startswith('/') and '..' not in name.split('/'):
                 dst = os.path.join(extract_dir, *name.split('/'))
                 while member is not None and (member.islnk() or member.issym()):
                     linkpath = member.linkname