From 90a3fd55136fb18641c8221792b013ee1dbc17f5 Mon Sep 17 00:00:00 2001
From: xiadanni <xiadanni1@huawei.com>
Date: Mon, 24 Jan 2022 19:15:14 +0800
Subject: [PATCH] [Backport]Use chmod path for checking symlink

fix CVE-2021-32760
Conflict:NA
Reference:https://github.com/containerd/containerd/commit/03aa748c11663e87a72fab92b7ab7c88c28bf13e

Signed-off-by: xiadanni <xiadanni1@huawei.com>
---
 archive/tar_unix.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/archive/tar_unix.go b/archive/tar_unix.go
index 022dd6d4f..7f3857c7d 100644
--- a/archive/tar_unix.go
+++ b/archive/tar_unix.go
@@ -127,7 +127,7 @@ func handleTarTypeBlockCharFifo(hdr *tar.Header, path string) error {
 
 func handleLChmod(hdr *tar.Header, path string, hdrInfo os.FileInfo) error {
 	if hdr.Typeflag == tar.TypeLink {
-		if fi, err := os.Lstat(hdr.Linkname); err == nil && (fi.Mode()&os.ModeSymlink == 0) {
+		if fi, err := os.Lstat(path); err == nil && (fi.Mode()&os.ModeSymlink == 0) {
 			if err := os.Chmod(path, hdrInfo.Mode()); err != nil {
 				return err
 			}
-- 
2.27.0