Potential fix for code scanning alert no. 703: Arbitrary file write during tarfile extraction

[beat-buesser]

Potential fix for https://github.com/Trusted-AI/adversarial-robustness-toolbox/security/code-scanning/703

To fix the problem, we need to ensure that the paths within the tar archive do not contain any directory traversal elements (..). This can be achieved by validating each entry in the tar archive before extracting it. Specifically, we should check that the entry name is not an absolute path and does not contain any .. elements.

1. Modify the _extract function to include validation for each entry in the tar archive.
2. Raise an error if any entry is found to be unsafe.

Suggested fixes powered by Copilot Autofix. Review carefully before merging.

[codecov]

Codecov Report

Attention: Patch coverage is 33.33333% with 2 lines in your changes missing coverage. Please review.

Project coverage is 85.40%. Comparing base (8c1214e) to head (4df299d).
Report is 4 commits behind head on dev_1.19.2.

Files with missing lines	Patch %	Lines
art/utils.py	33.33%	1 Missing and 1 partial ⚠️

Additional details and impacted files

@@              Coverage Diff               @@
##           dev_1.19.2    #2586      +/-   ##
==============================================
- Coverage       85.41%   85.40%   -0.02%     
==============================================
  Files             334      334              
  Lines           31002    31005       +3     
  Branches         5300     5302       +2     
==============================================
- Hits            26481    26479       -2     
- Misses           3053     3056       +3     
- Partials         1468     1470       +2     

Files with missing lines	Coverage Δ
art/utils.py	79.38% <33.33%> (-0.20%)	⬇️

... and 2 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.