From 3d38013418d0c5304dfbafcb0b2a5b4062964c53 Mon Sep 17 00:00:00 2001
From: zhongtao <zhongtao17@huawei.com>
Date: Wed, 13 Dec 2023 15:13:12 +0800
Subject: [PATCH 55/64] verify the mount dir first and then create tmpdir

Signed-off-by: zhongtao <zhongtao17@huawei.com>
---
 src/utils/tar/util_archive.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/utils/tar/util_archive.c b/src/utils/tar/util_archive.c
index 29c2bc03..655b3516 100644
--- a/src/utils/tar/util_archive.c
+++ b/src/utils/tar/util_archive.c
@@ -235,6 +235,12 @@ static int make_safedir_is_noexec(const char *flock_path, const char *dstdir, ch
         return -1;
     }
 
+    // prevent the parent directory from being bind mounted to the subdirectory
+    if (is_parent_directory(dstdir, tmp_dir) == 0) {
+        ERROR("Cannot bind mount the parent directory: %s to its subdirectory: %s", dstdir, tmp_dir);
+        return -1;
+    }
+
     if (stat(dstdir, &buf) < 0) {
         SYSERROR("Check chroot dir failed");
         return -1;
@@ -255,12 +261,6 @@ static int make_safedir_is_noexec(const char *flock_path, const char *dstdir, ch
         return -1;
     }
 
-    // prevent the parent directory from being bind mounted to the subdirectory
-    if (is_parent_directory(dstdir, tmp_dir) == 0) {
-        ERROR("Cannot bind mount the parent directory: %s to its subdirectory: %s", dstdir, tmp_dir);
-        return -1;
-    }
-
     if (bind_mount_with_flock(flock_path, dstdir, tmp_dir) != 0) {
         ERROR("Failed to bind mount from %s to %s with flock", dstdir, tmp_dir);
         if (util_path_remove(tmp_dir) != 0) {
-- 
2.42.0