Running something like the following produces a corrupt
.zip file.  The builtin XP zip folder view won't show
any documents and attempting to extract via "right
click -> Extract files..." will set off an untrusted
file alert:

import zipfile
z = zipfile.ZipFile("c:\\foo.zip","w")
z.write("c:\\autoexec.bat", "\\autoexec.bat")
z.close()

zipfile should either throw an error when adding these
files or attempt to normalize the path.  I would prefer
that zipfile make the assumption that any files
starting with absolute or relative pathnames
("\\foo\\bar.txt" or ".\\foo\\bar.txt") should join in
at the root of the zipfile ("foo\\bar.txt" in this case).

Patch to accomplish the latter is attached.

Logged In: YES 
user_id=699438

Just wanted to note that the documentation of the .zip
format from pkzip explicitly states that a drive letter or
leading slash is not allowed.  The pertinent text:

file name: (Variable)

          The name of the file, with optional relative path.
          The path stored should not contain a drive or
          device letter, or a leading slash.  All slashes
          should be forward slashes '/' as opposed to
          backwards slashes '\' for compatibility with Amiga
          and UNIX file systems etc.  If input came from
standard
          input, there is no file name field.  If encrypting
          the central directory and general purpose bit flag
13 is set 
          indicating masking, the file name stored in the
Local Header 
          will not be the actual file name.  A masking value
consisting 
          of a unique hexadecimal value will be stored. 
This value will 
          be sequentially incremented for each file in the
archive. See
          the section on the Strong Encryption Specification
for details 
          on retrieving the encrypted file name. 

Logged In: YES 
user_id=1188172

Thanks for the bug report, fixed in rev. 42508.