d6fb72d02a
Signed-off-by: zhongtao <zhongtao17@huawei.com> (cherry picked from commit 0cdbd434956257cb303368fcba4dcc192b4955cf)
46 lines
1.7 KiB
Diff
46 lines
1.7 KiB
Diff
From fd4c80b8de768d7132cef0720cd46167173a653b Mon Sep 17 00:00:00 2001
|
|
From: xuxuepeng <xuxuepeng1@huawei.com>
|
|
Date: Mon, 19 Feb 2024 01:05:18 +0000
|
|
Subject: [PATCH 14/26] !2371 Allow iSulad to pull/load image with symlink *
|
|
Allow iSulad to pull/load image with symlink
|
|
|
|
---
|
|
src/utils/tar/util_archive.c | 13 ++++++++++---
|
|
1 file changed, 10 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/src/utils/tar/util_archive.c b/src/utils/tar/util_archive.c
|
|
index e4c302bc..52b51162 100644
|
|
--- a/src/utils/tar/util_archive.c
|
|
+++ b/src/utils/tar/util_archive.c
|
|
@@ -637,6 +637,11 @@ static void try_to_replace_exited_dst(const char *dst_path, struct archive_entry
|
|
}
|
|
}
|
|
|
|
+/**
|
|
+ * This function has to be used with chroot to prevent a potential attack from manipulating
|
|
+ * the path of the file to be extracted, such as using a symbolic link to extract the file to
|
|
+ * a location outside the path.
|
|
+ */
|
|
int archive_unpack_handler(const struct io_read_wrapper *content, const struct archive_options *options)
|
|
{
|
|
int ret = 0;
|
|
@@ -671,10 +676,12 @@ int archive_unpack_handler(const struct io_read_wrapper *content, const struct a
|
|
flags |= ARCHIVE_EXTRACT_PERM;
|
|
flags |= ARCHIVE_EXTRACT_ACL;
|
|
flags |= ARCHIVE_EXTRACT_FFLAGS;
|
|
- flags |= ARCHIVE_EXTRACT_SECURE_SYMLINKS;
|
|
- flags |= ARCHIVE_EXTRACT_SECURE_NODOTDOT;
|
|
flags |= ARCHIVE_EXTRACT_XATTR;
|
|
- flags |= ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS;
|
|
+ /**
|
|
+ * ARCHIVE_EXTRACT_SECURE_SYMLINKS, ARCHIVE_EXTRACT_SECURE_NODOTDOT,
|
|
+ * ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS flags are not set here,
|
|
+ * since this function is called after chroot, the security of the path is guaranteed.
|
|
+ */
|
|
|
|
a = archive_read_new();
|
|
if (a == NULL) {
|
|
--
|
|
2.25.1
|
|
|