Mercurial > repos > jdv > nanopolish

changeset 2:e4b6d4a53f2e draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
planemo upload for repository https://github.com/jvolkening/galaxy-tools/tree/master/tools/nanopolish commit d8cc434bd1704b2834f89b7d91370f356e3ac85a
author jdv
date Tue, 03 Oct 2017 21:23:56 -0400
parents a5db82bec597
children a1d433401bc2
files nanopolish_extract.py
diffstat 1 files changed, 13 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/nanopolish_extract.py	Fri Sep 08 18:12:54 2017 -0400
+++ b/nanopolish_extract.py	Tue Oct 03 21:23:56 2017 -0400
@@ -2,7 +2,6 @@
 
 import sys, os
 import glob
-import tarfile
 import subprocess
 import shutil
 import h5py
@@ -15,9 +14,10 @@
 
     extract_fast5(tar_file)
 
-    subprocess.call(["nanopolish",
-		"extract",
-		"--recurse",
+    subprocess.call([
+        "nanopolish",
+        "extract",
+        "--recurse",
         "--fastq",
         "--output", out_file,
         "in_dir" ])
@@ -29,8 +29,15 @@
         if not os.path.exists(in_dir):
             os.makedirs(in_dir)
 
-        tar = tarfile.open(fn, mode='r')
-        tar.extractall(path=in_dir)
+        # python's tarfile interface does not sanitize file paths within
+        # tarballs, which can be a big security risk. GNU tar does sanitize by
+        # default, so it's easier/safer here just to call the system tar
+        subprocess.call([
+            "tar",
+            "-xf",
+            fn,
+            "-C",
+            "in_dir"])
 
         files = glob.glob(
             os.path.join(in_dir, "**", "*.fast5"),