mirror of
https://github.com/containers/podman.git
synced 2025-07-02 08:47:43 +08:00
Merge pull request #22584 from containers/renovate/github.com-cyphar-filepath-securejoin-0.x
Update module github.com/cyphar/filepath-securejoin to v0.2.5
This commit is contained in:
openshift-merge-bot[bot]
2
go.mod
2
go.mod
@ -27,7 +27,7 @@ require (
|
|||||||
github.com/coreos/stream-metadata-go v0.4.4
|
github.com/coreos/stream-metadata-go v0.4.4
|
||||||
github.com/crc-org/crc/v2 v2.35.0
|
github.com/crc-org/crc/v2 v2.35.0
|
||||||
github.com/crc-org/vfkit v0.5.1
|
github.com/crc-org/vfkit v0.5.1
|
||||||
github.com/cyphar/filepath-securejoin v0.2.4
|
github.com/cyphar/filepath-securejoin v0.2.5
|
||||||
github.com/digitalocean/go-qemu v0.0.0-20230711162256-2e3d0186973e
|
github.com/digitalocean/go-qemu v0.0.0-20230711162256-2e3d0186973e
|
||||||
github.com/docker/distribution v2.8.3+incompatible
|
github.com/docker/distribution v2.8.3+incompatible
|
||||||
github.com/docker/docker v26.1.1+incompatible
|
github.com/docker/docker v26.1.1+incompatible
|
||||||
|
|||||||
4
go.sum
4
go.sum
@ -122,8 +122,8 @@ github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
|
|||||||
github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
|
github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
|
||||||
github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f h1:eHnXnuK47UlSTOQexbzxAZfekVz6i+LKRdj1CU5DPaM=
|
github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f h1:eHnXnuK47UlSTOQexbzxAZfekVz6i+LKRdj1CU5DPaM=
|
||||||
github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw=
|
github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw=
|
||||||
github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
|
github.com/cyphar/filepath-securejoin v0.2.5 h1:6iR5tXJ/e6tJZzzdMc1km3Sa7RRIVBKAK32O2s7AYfo=
|
||||||
github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
|
github.com/cyphar/filepath-securejoin v0.2.5/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
|
||||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
|
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
|
||||||
|
|||||||
2
vendor/github.com/cyphar/filepath-securejoin/VERSION
generated
vendored
2
vendor/github.com/cyphar/filepath-securejoin/VERSION
generated
vendored
@ -1 +1 @@
|
|||||||
0.2.4
|
0.2.5
|
||||||
|
|||||||
77
vendor/github.com/cyphar/filepath-securejoin/join.go
generated
vendored
77
vendor/github.com/cyphar/filepath-securejoin/join.go
generated
vendored
@ -11,7 +11,6 @@
|
|||||||
package securejoin
|
package securejoin
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
|
||||||
"errors"
|
"errors"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
@ -19,6 +18,8 @@ import (
|
|||||||
"syscall"
|
"syscall"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const maxSymlinkLimit = 255
|
||||||
|
|
||||||
// IsNotExist tells you if err is an error that implies that either the path
|
// IsNotExist tells you if err is an error that implies that either the path
|
||||||
// accessed does not exist (or path components don't exist). This is
|
// accessed does not exist (or path components don't exist). This is
|
||||||
// effectively a more broad version of os.IsNotExist.
|
// effectively a more broad version of os.IsNotExist.
|
||||||
@ -51,71 +52,69 @@ func SecureJoinVFS(root, unsafePath string, vfs VFS) (string, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
unsafePath = filepath.FromSlash(unsafePath)
|
unsafePath = filepath.FromSlash(unsafePath)
|
||||||
var path bytes.Buffer
|
var (
|
||||||
n := 0
|
currentPath string
|
||||||
for unsafePath != "" {
|
remainingPath = unsafePath
|
||||||
if n > 255 {
|
linksWalked int
|
||||||
return "", &os.PathError{Op: "SecureJoin", Path: root + string(filepath.Separator) + unsafePath, Err: syscall.ELOOP}
|
)
|
||||||
|
for remainingPath != "" {
|
||||||
|
if v := filepath.VolumeName(remainingPath); v != "" {
|
||||||
|
remainingPath = remainingPath[len(v):]
|
||||||
}
|
}
|
||||||
|
|
||||||
if v := filepath.VolumeName(unsafePath); v != "" {
|
// Get the next path component.
|
||||||
unsafePath = unsafePath[len(v):]
|
var part string
|
||||||
}
|
if i := strings.IndexRune(remainingPath, filepath.Separator); i == -1 {
|
||||||
|
part, remainingPath = remainingPath, ""
|
||||||
// Next path component, p.
|
|
||||||
i := strings.IndexRune(unsafePath, filepath.Separator)
|
|
||||||
var p string
|
|
||||||
if i == -1 {
|
|
||||||
p, unsafePath = unsafePath, ""
|
|
||||||
} else {
|
} else {
|
||||||
p, unsafePath = unsafePath[:i], unsafePath[i+1:]
|
part, remainingPath = remainingPath[:i], remainingPath[i+1:]
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create a cleaned path, using the lexical semantics of /../a, to
|
// Apply the component lexically to the path we are building.
|
||||||
// create a "scoped" path component which can safely be joined to fullP
|
// currentPath does not contain any symlinks, and we are lexically
|
||||||
// for evaluation. At this point, path.String() doesn't contain any
|
// dealing with a single component, so it's okay to do a filepath.Clean
|
||||||
// symlink components.
|
// here.
|
||||||
cleanP := filepath.Clean(string(filepath.Separator) + path.String() + p)
|
nextPath := filepath.Join(string(filepath.Separator), currentPath, part)
|
||||||
if cleanP == string(filepath.Separator) {
|
if nextPath == string(filepath.Separator) {
|
||||||
path.Reset()
|
currentPath = ""
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
fullP := filepath.Clean(root + cleanP)
|
fullPath := root + string(filepath.Separator) + nextPath
|
||||||
|
|
||||||
// Figure out whether the path is a symlink.
|
// Figure out whether the path is a symlink.
|
||||||
fi, err := vfs.Lstat(fullP)
|
fi, err := vfs.Lstat(fullPath)
|
||||||
if err != nil && !IsNotExist(err) {
|
if err != nil && !IsNotExist(err) {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
// Treat non-existent path components the same as non-symlinks (we
|
// Treat non-existent path components the same as non-symlinks (we
|
||||||
// can't do any better here).
|
// can't do any better here).
|
||||||
if IsNotExist(err) || fi.Mode()&os.ModeSymlink == 0 {
|
if IsNotExist(err) || fi.Mode()&os.ModeSymlink == 0 {
|
||||||
path.WriteString(p)
|
currentPath = nextPath
|
||||||
path.WriteRune(filepath.Separator)
|
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
// Only increment when we actually dereference a link.
|
// It's a symlink, so get its contents and expand it by prepending it
|
||||||
n++
|
// to the yet-unparsed path.
|
||||||
|
linksWalked++
|
||||||
|
if linksWalked > maxSymlinkLimit {
|
||||||
|
return "", &os.PathError{Op: "SecureJoin", Path: root + string(filepath.Separator) + unsafePath, Err: syscall.ELOOP}
|
||||||
|
}
|
||||||
|
|
||||||
// It's a symlink, expand it by prepending it to the yet-unparsed path.
|
dest, err := vfs.Readlink(fullPath)
|
||||||
dest, err := vfs.Readlink(fullP)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
remainingPath = dest + string(filepath.Separator) + remainingPath
|
||||||
// Absolute symlinks reset any work we've already done.
|
// Absolute symlinks reset any work we've already done.
|
||||||
if filepath.IsAbs(dest) {
|
if filepath.IsAbs(dest) {
|
||||||
path.Reset()
|
currentPath = ""
|
||||||
}
|
}
|
||||||
unsafePath = dest + string(filepath.Separator) + unsafePath
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// We have to clean path.String() here because it may contain '..'
|
// There should be no lexical components like ".." left in the path here,
|
||||||
// components that are entirely lexical, but would be misleading otherwise.
|
// but for safety clean up the path before joining it to the root.
|
||||||
// And finally do a final clean to ensure that root is also lexically
|
finalPath := filepath.Join(string(filepath.Separator), currentPath)
|
||||||
// clean.
|
return filepath.Join(root, finalPath), nil
|
||||||
fullP := filepath.Clean(string(filepath.Separator) + path.String())
|
|
||||||
return filepath.Clean(root + fullP), nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// SecureJoin is a wrapper around SecureJoinVFS that just uses the os.* library
|
// SecureJoin is a wrapper around SecureJoinVFS that just uses the os.* library
|
||||||
|
|||||||
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
@ -443,7 +443,7 @@ github.com/crc-org/vfkit/pkg/util
|
|||||||
# github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f
|
# github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f
|
||||||
## explicit
|
## explicit
|
||||||
github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer
|
github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer
|
||||||
# github.com/cyphar/filepath-securejoin v0.2.4
|
# github.com/cyphar/filepath-securejoin v0.2.5
|
||||||
## explicit; go 1.13
|
## explicit; go 1.13
|
||||||
github.com/cyphar/filepath-securejoin
|
github.com/cyphar/filepath-securejoin
|
||||||
# github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
|
# github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
|
||||||
|
|||||||
Reference in New Issue
Block a user