From 2cc83682862c28c05f68c0070b26f8dfa36bd2f7 Mon Sep 17 00:00:00 2001 From: WangFengTu Date: Tue, 16 Aug 2022 10:07:09 +0800 Subject: [PATCH 20/21] do clean path and check if file exist Signed-off-by: WangFengTu --- src/daemon/executor/image_cb/image_cb.c | 19 +++++++++++++++++-- src/daemon/modules/image/oci/oci_export.c | 20 ++++++++++++++++++-- 2 files changed, 35 insertions(+), 4 deletions(-) diff --git a/src/daemon/executor/image_cb/image_cb.c b/src/daemon/executor/image_cb/image_cb.c index 55e12d51..5beda5f4 100644 --- a/src/daemon/executor/image_cb/image_cb.c +++ b/src/daemon/executor/image_cb/image_cb.c @@ -55,11 +55,13 @@ #include "utils_regex.h" #include "utils_timestamp.h" #include "utils_verify.h" +#include "path.h" static int do_import_image(const char *file, const char *tag, char **id) { int ret = 0; im_import_request *request = NULL; + char cleanpath[PATH_MAX] = { 0 }; if (file == NULL || tag == NULL || id == NULL) { ERROR("Invalid input arguments"); @@ -67,6 +69,12 @@ static int do_import_image(const char *file, const char *tag, char **id) goto out; } + if (util_clean_path(file, cleanpath, sizeof(cleanpath)) == NULL) { + ERROR("clean path for %s failed", file); + ret = -1; + goto out; + } + request = util_common_calloc_s(sizeof(im_import_request)); if (request == NULL) { ERROR("Out of memory"); @@ -75,7 +83,7 @@ static int do_import_image(const char *file, const char *tag, char **id) } request->tag = util_strdup_s(tag); - request->file = util_strdup_s(file); + request->file = util_strdup_s(cleanpath); ret = im_import_image(request, id); if (ret != 0) { @@ -147,6 +155,7 @@ static int do_load_image(const char *file, const char *tag, const char *type) int ret = 0; im_load_request *request = NULL; im_load_response *response = NULL; + char cleanpath[PATH_MAX] = { 0 }; if (file == NULL || type == NULL) { ERROR("Invalid input arguments"); @@ -154,6 +163,12 @@ static int do_load_image(const char *file, const char *tag, const char *type) goto out; } + if (util_clean_path(file, cleanpath, sizeof(cleanpath)) == NULL) { + ERROR("clean path for %s failed", file); + ret = -1; + goto out; + } + request = util_common_calloc_s(sizeof(im_load_request)); if (request == NULL) { ERROR("Out of memory"); @@ -163,7 +178,7 @@ static int do_load_image(const char *file, const char *tag, const char *type) if (tag != NULL) { request->tag = util_strdup_s(tag); } - request->file = util_strdup_s(file); + request->file = util_strdup_s(cleanpath); request->type = util_strdup_s(type); ret = im_load_image(request, &response); diff --git a/src/daemon/modules/image/oci/oci_export.c b/src/daemon/modules/image/oci/oci_export.c index 4b9d5183..e27ed6d8 100644 --- a/src/daemon/modules/image/oci/oci_export.c +++ b/src/daemon/modules/image/oci/oci_export.c @@ -15,11 +15,14 @@ #include "oci_export.h" #include #include +#include #include "storage.h" #include "isula_libutils/log.h" #include "err_msg.h" #include "util_archive.h" +#include "path.h" +#include "utils_file.h" int oci_do_export(char *id, char *file) { @@ -27,12 +30,25 @@ int oci_do_export(char *id, char *file) int ret2 = 0; char *mount_point = NULL; char *errmsg = NULL; + char cleanpath[PATH_MAX] = { 0 }; if (id == NULL || file == NULL) { ERROR("Invalid NULL param"); return -1; } + if (util_clean_path(file, cleanpath, sizeof(cleanpath)) == NULL) { + ERROR("clean path for %s failed", file); + ret = -1; + goto out; + } + + if (util_fileself_exists(cleanpath)) { + ERROR("dst file %s exist", cleanpath); + ret = -1; + goto out; + } + mount_point = storage_rootfs_mount(id); if (mount_point == NULL) { ERROR("mount container %s failed", id); @@ -40,9 +56,9 @@ int oci_do_export(char *id, char *file) return -1; } - ret = archive_chroot_tar(mount_point, file, &errmsg); + ret = archive_chroot_tar(mount_point, cleanpath, &errmsg); if (ret != 0) { - ERROR("failed to export container %s to file %s: %s", id, file, errmsg); + ERROR("failed to export container %s to file %s: %s", id, cleanpath, errmsg); isulad_set_error_message("Failed to export rootfs with error: %s", errmsg); goto out; } -- 2.25.1