diff options
author | Matthew Heon <matthew.heon@pm.me> | 2019-05-28 12:43:09 -0400 |
---|---|---|
committer | Matthew Heon <matthew.heon@pm.me> | 2019-05-29 22:53:50 -0400 |
commit | 7b7d54242c2aa0846766f2063e3bd4fe72999a3b (patch) | |
tree | 6a002ee83bc3acdee57b36003a1f795bf27e3def | |
parent | c871653e195d8051ddfb899c2b73cc95de8e6443 (diff) | |
download | podman-7b7d54242c2aa0846766f2063e3bd4fe72999a3b.tar.gz podman-7b7d54242c2aa0846766f2063e3bd4fe72999a3b.tar.bz2 podman-7b7d54242c2aa0846766f2063e3bd4fe72999a3b.zip |
Use securejoin to merge paths in `podman cp`
Securejoin ensures that paths are resolved in the container, not
on the host.
Fixes #3211
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
-rw-r--r-- | cmd/podman/cp.go | 32 |
1 files changed, 26 insertions, 6 deletions
diff --git a/cmd/podman/cp.go b/cmd/podman/cp.go index 8240cc193..5addf88d3 100644 --- a/cmd/podman/cp.go +++ b/cmd/podman/cp.go @@ -17,6 +17,7 @@ import ( "github.com/containers/storage/pkg/archive" "github.com/containers/storage/pkg/chrootarchive" "github.com/containers/storage/pkg/idtools" + securejoin "github.com/cyphar/filepath-securejoin" digest "github.com/opencontainers/go-digest" specs "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" @@ -112,19 +113,38 @@ func copyBetweenHostAndContainer(runtime *libpod.Runtime, src string, dest strin var glob []string if isFromHostToCtr { if filepath.IsAbs(destPath) { - destPath = filepath.Join(mountPoint, destPath) - + cleanedPath, err := securejoin.SecureJoin(mountPoint, destPath) + if err != nil { + return err + } + destPath = cleanedPath } else { - if err = idtools.MkdirAllAndChownNew(filepath.Join(mountPoint, ctr.WorkingDir()), 0755, hostOwner); err != nil { + ctrWorkDir, err := securejoin.SecureJoin(mountPoint, ctr.WorkingDir()) + if err != nil { + return err + } + if err = idtools.MkdirAllAndChownNew(ctrWorkDir, 0755, hostOwner); err != nil { return errors.Wrapf(err, "error creating directory %q", destPath) } - destPath = filepath.Join(mountPoint, ctr.WorkingDir(), destPath) + cleanedPath, err := securejoin.SecureJoin(mountPoint, filepath.Join(ctr.WorkingDir(), destPath)) + if err != nil { + return err + } + destPath = cleanedPath } } else { if filepath.IsAbs(srcPath) { - srcPath = filepath.Join(mountPoint, srcPath) + cleanedPath, err := securejoin.SecureJoin(mountPoint, srcPath) + if err != nil { + return err + } + srcPath = cleanedPath } else { - srcPath = filepath.Join(mountPoint, ctr.WorkingDir(), srcPath) + cleanedPath, err := securejoin.SecureJoin(mountPoint, filepath.Join(ctr.WorkingDir(), srcPath)) + if err != nil { + return err + } + srcPath = cleanedPath } } glob, err = filepath.Glob(srcPath) |