diff options
Diffstat (limited to '0014-2371-Allow-iSulad-to-pull-load-image-with-symlink.patch')
| -rw-r--r-- | 0014-2371-Allow-iSulad-to-pull-load-image-with-symlink.patch | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/0014-2371-Allow-iSulad-to-pull-load-image-with-symlink.patch b/0014-2371-Allow-iSulad-to-pull-load-image-with-symlink.patch new file mode 100644 index 0000000..4a1fa1f --- /dev/null +++ b/0014-2371-Allow-iSulad-to-pull-load-image-with-symlink.patch @@ -0,0 +1,45 @@ +From fd4c80b8de768d7132cef0720cd46167173a653b Mon Sep 17 00:00:00 2001 +From: xuxuepeng <xuxuepeng1@huawei.com> +Date: Mon, 19 Feb 2024 01:05:18 +0000 +Subject: [PATCH 14/43] !2371 Allow iSulad to pull/load image with symlink * + Allow iSulad to pull/load image with symlink + +--- + src/utils/tar/util_archive.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/src/utils/tar/util_archive.c b/src/utils/tar/util_archive.c +index e4c302bc..52b51162 100644 +--- a/src/utils/tar/util_archive.c ++++ b/src/utils/tar/util_archive.c +@@ -637,6 +637,11 @@ static void try_to_replace_exited_dst(const char *dst_path, struct archive_entry + } + } + ++/** ++ * This function has to be used with chroot to prevent a potential attack from manipulating ++ * the path of the file to be extracted, such as using a symbolic link to extract the file to ++ * a location outside the path. ++ */ + int archive_unpack_handler(const struct io_read_wrapper *content, const struct archive_options *options) + { + int ret = 0; +@@ -671,10 +676,12 @@ int archive_unpack_handler(const struct io_read_wrapper *content, const struct a + flags |= ARCHIVE_EXTRACT_PERM; + flags |= ARCHIVE_EXTRACT_ACL; + flags |= ARCHIVE_EXTRACT_FFLAGS; +- flags |= ARCHIVE_EXTRACT_SECURE_SYMLINKS; +- flags |= ARCHIVE_EXTRACT_SECURE_NODOTDOT; + flags |= ARCHIVE_EXTRACT_XATTR; +- flags |= ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS; ++ /** ++ * ARCHIVE_EXTRACT_SECURE_SYMLINKS, ARCHIVE_EXTRACT_SECURE_NODOTDOT, ++ * ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS flags are not set here, ++ * since this function is called after chroot, the security of the path is guaranteed. ++ */ + + a = archive_read_new(); + if (a == NULL) { +-- +2.34.1 + |