diff options
Diffstat (limited to 'setuptools/command/easy_install.py')
| -rwxr-xr-x | setuptools/command/easy_install.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/setuptools/command/easy_install.py b/setuptools/command/easy_install.py index 2c127126..1b32b1c8 100755 --- a/setuptools/command/easy_install.py +++ b/setuptools/command/easy_install.py @@ -2024,11 +2024,21 @@ class ScriptWriter(object): for type_ in 'console', 'gui': group = type_ + '_scripts' for name, ep in dist.get_entry_map(group).items(): + cls._ensure_safe_name(name) script_text = cls.template % locals() args = cls._get_script_args(type_, name, header, script_text) for res in args: yield res + @staticmethod + def _ensure_safe_name(name): + """ + Prevent paths in *_scripts entry point names. + """ + has_path_sep = re.search(r'[\\/]', name) + if has_path_sep: + raise ValueError("Path separators not allowed in script names") + @classmethod def get_writer(cls, force_windows): # for backward compatibility |