Index: Lib/test/test_zipfile.py
===================================================================
--- Lib/test/test_zipfile.py	(revision 75148)
+++ Lib/test/test_zipfile.py	(working copy)
@@ -1066,6 +1066,31 @@
             unlink(TESTFN)
 
 
+class TestDirectoryEscape(unittest.TestCase):
+    def setUp(self):
+        os.mkdir(TESTFN)
+
+        self.jail = os.path.join(TESTFN, 'jail')
+        os.mkdir(os.path.join(self.jail))
+
+    def test_directory_escape(self):
+        tf = open(TESTFN2, 'w')
+        tf.write("I'm evil!")
+        tf.close()
+        
+        zipf = zipfile.ZipFile(os.path.join(self.jail, 'jail.zip'), 'w')
+        zipf.write(TESTFN2, '../evil.txt')
+        self.assertRaises(zipfile.BadZipfile, zipf.extractall, self.jail)
+        zipf.close()
+       
+        self.assertFalse(os.path.exists(os.path.join(TESTFN, 'evil.txt')))
+
+    def tearDown(self):
+        shutil.rmtree(TESTFN)
+        
+        if os.path.exists(TESTFN2):
+            unlink(TESTFN2)
+
 class UniversalNewlineTests(unittest.TestCase):
     def setUp(self):
         self.line_gen = ["Test of zipfile line %d." % i for i in xrange(FIXEDTEST_SIZE)]
@@ -1176,8 +1201,8 @@
 def test_main():
     run_unittest(TestsWithSourceFile, TestZip64InSmallFiles, OtherTests,
                  PyZipFileTests, DecryptionTests, TestsWithMultipleOpens,
-                 TestWithDirectory, UniversalNewlineTests,
-                 TestsWithRandomBinaryFiles)
+                 TestWithDirectory, TestDirectoryEscape,
+                 UniversalNewlineTests, TestsWithRandomBinaryFiles)
 
 if __name__ == "__main__":
     test_main()