1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
From fd4c80b8de768d7132cef0720cd46167173a653b Mon Sep 17 00:00:00 2001
From: xuxuepeng <xuxuepeng1@huawei.com>
Date: Mon, 19 Feb 2024 01:05:18 +0000
Subject: [PATCH 14/43] !2371 Allow iSulad to pull/load image with symlink *
Allow iSulad to pull/load image with symlink
---
src/utils/tar/util_archive.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/src/utils/tar/util_archive.c b/src/utils/tar/util_archive.c
index e4c302bc..52b51162 100644
--- a/src/utils/tar/util_archive.c
+++ b/src/utils/tar/util_archive.c
@@ -637,6 +637,11 @@ static void try_to_replace_exited_dst(const char *dst_path, struct archive_entry
}
}
+/**
+ * This function has to be used with chroot to prevent a potential attack from manipulating
+ * the path of the file to be extracted, such as using a symbolic link to extract the file to
+ * a location outside the path.
+ */
int archive_unpack_handler(const struct io_read_wrapper *content, const struct archive_options *options)
{
int ret = 0;
@@ -671,10 +676,12 @@ int archive_unpack_handler(const struct io_read_wrapper *content, const struct a
flags |= ARCHIVE_EXTRACT_PERM;
flags |= ARCHIVE_EXTRACT_ACL;
flags |= ARCHIVE_EXTRACT_FFLAGS;
- flags |= ARCHIVE_EXTRACT_SECURE_SYMLINKS;
- flags |= ARCHIVE_EXTRACT_SECURE_NODOTDOT;
flags |= ARCHIVE_EXTRACT_XATTR;
- flags |= ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
+ /**
+ * ARCHIVE_EXTRACT_SECURE_SYMLINKS, ARCHIVE_EXTRACT_SECURE_NODOTDOT,
+ * ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS flags are not set here,
+ * since this function is called after chroot, the security of the path is guaranteed.
+ */
a = archive_read_new();
if (a == NULL) {
--
2.34.1
|