[pre-commit.ci] auto fixes from pre-commit.com hooks

pre-commit-ci[bot] · pre-commit-ci[bot] · commit bad190702b54 · 2025-09-11T14:55:04.000Z
for more information, see https://pre-commit.ci
diff --git a/monai/apps/utils.py b/monai/apps/utils.py
@@ -11,14 +11,12 @@
 
 from __future__ import annotations
 
-import os  
+import os
 import shutil
 import hashlib
 import json
 import logging
-import os
 import re
-import shutil
 import sys
 import tarfile
 import tempfile
@@ -122,32 +120,32 @@ def update_to(self, b: int = 1, bsize: int = 1, tsize: int | None = None) -> Non
         logger.error(f"Download failed from {url} to {filepath}.")
         raise e
 
-def safe_extract_member(member, extract_to):  
-    """Securely verify compressed package member paths to prevent path traversal attacks"""  
-    # Get member path (handle different compression formats)  
-    if hasattr(member, 'filename'):  
-        member_path = member.filename  # zipfile  
-    elif hasattr(member, 'name'):  
-        member_path = member.name  # tarfile  
-    else:  
-        member_path = str(member)  
-        
-    member_path = os.path.normpath(member_path)  
-       
-    if os.path.isabs(member_path) or '..' in member_path.split(os.sep):  
-        raise ValueError(f"Unsafe path detected in archive: {member_path}")  
-        
-    full_path = os.path.join(extract_to, member_path)  
-    full_path = os.path.normpath(full_path)  
-        
-    extract_to_abs = os.path.abspath(extract_to)  
-    full_path_abs = os.path.abspath(full_path)  
-      
-    if not (full_path_abs == extract_to_abs or full_path_abs.startswith(extract_to_abs + os.sep)):  
-        raise ValueError(f"Path traversal attack detected: {member_path}")  
-      
+def safe_extract_member(member, extract_to):
+    """Securely verify compressed package member paths to prevent path traversal attacks"""
+    # Get member path (handle different compression formats)
+    if hasattr(member, 'filename'):
+        member_path = member.filename  # zipfile
+    elif hasattr(member, 'name'):
+        member_path = member.name  # tarfile
+    else:
+        member_path = str(member)
+
+    member_path = os.path.normpath(member_path)
+
+    if os.path.isabs(member_path) or '..' in member_path.split(os.sep):
+        raise ValueError(f"Unsafe path detected in archive: {member_path}")
+
+    full_path = os.path.join(extract_to, member_path)
+    full_path = os.path.normpath(full_path)
+
+    extract_to_abs = os.path.abspath(extract_to)
+    full_path_abs = os.path.abspath(full_path)
+
+    if not (full_path_abs == extract_to_abs or full_path_abs.startswith(extract_to_abs + os.sep)):
+        raise ValueError(f"Path traversal attack detected: {member_path}")
+
     return full_path
-    
+
 def check_hash(filepath: PathLike, val: str | None = None, hash_type: str = "md5") -> bool:
     """
     Verify hash signature of specified file.
@@ -313,27 +311,27 @@ def extractall(
     logger.info(f"Writing into directory: {output_dir}.")
     _file_type = file_type.lower().strip()
     if filepath.name.endswith("zip") or _file_type == "zip":
-        with zipfile.ZipFile(filepath, 'r') as zip_file:  
-            for member in zip_file.infolist():  
-                if member.is_dir():  
-                    continue  
-                safe_path = safe_extract_member(member, output_dir) 
-                os.makedirs(os.path.dirname(safe_path), exist_ok=True)  
-                with zip_file.open(member) as source:  
-                    with open(safe_path, 'wb') as target:  
+        with zipfile.ZipFile(filepath, 'r') as zip_file:
+            for member in zip_file.infolist():
+                if member.is_dir():
+                    continue
+                safe_path = safe_extract_member(member, output_dir)
+                os.makedirs(os.path.dirname(safe_path), exist_ok=True)
+                with zip_file.open(member) as source:
+                    with open(safe_path, 'wb') as target:
                         shutil.copyfileobj(source, target)
         return
     if filepath.name.endswith("tar") or filepath.name.endswith("tar.gz") or "tar" in _file_type:
-        with tarfile.open(filepath, 'r') as tar_file:  
-            for member in tar_file.getmembers():   
-                if not member.isfile():  
-                    continue  
-                
-                safe_path = safe_extract_member(member, output_dir)  
-                os.makedirs(os.path.dirname(safe_path), exist_ok=True)  
-                with tar_file.extractfile(member) as source:  
-                    if source:  
-                        with open(safe_path, 'wb') as target:  
+        with tarfile.open(filepath, 'r') as tar_file:
+            for member in tar_file.getmembers():
+                if not member.isfile():
+                    continue
+
+                safe_path = safe_extract_member(member, output_dir)
+                os.makedirs(os.path.dirname(safe_path), exist_ok=True)
+                with tar_file.extractfile(member) as source:
+                    if source:
+                        with open(safe_path, 'wb') as target:
                             shutil.copyfileobj(source, target)
         return
     raise NotImplementedError(
