diff options
| author | Paul Cristian Sarbu <paul.cristian.sarbu@huawei.com> | 2025-01-13 13:14:07 +0100 |
|---|---|---|
| committer | Paul Cristian Sarbu <paul.cristian.sarbu@huawei.com> | 2025-01-13 15:01:55 +0100 |
| commit | 311c88641e3b4be067ed6575369b401288e8984c (patch) | |
| tree | 6e30808a7b1df635e26d63bf58009b25281db03f /src/other_tools/utils/parse_archive.cpp | |
| parent | 48171d6a20823ea8157b723b223ca0129ac42fde (diff) | |
| download | justbuild-311c88641e3b4be067ed6575369b401288e8984c.tar.gz | |
just-mr setup: Fix ensuring 'subdir' only accepts non-upwards paths
...which implicitly also enforces non-absolute.
This ensures that there is no access outside the root directory of
a Git checkout or the temporary unpack directory of an archive.
Diffstat (limited to 'src/other_tools/utils/parse_archive.cpp')
| -rw-r--r-- | src/other_tools/utils/parse_archive.cpp | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/other_tools/utils/parse_archive.cpp b/src/other_tools/utils/parse_archive.cpp index 50b9d4a3..e31109a9 100644 --- a/src/other_tools/utils/parse_archive.cpp +++ b/src/other_tools/utils/parse_archive.cpp @@ -26,6 +26,7 @@ #include "src/buildtool/crypto/hash_function.hpp" #include "src/buildtool/crypto/hash_info.hpp" #include "src/buildtool/file_system/symlinks_map/pragma_special.hpp" +#include "src/utils/cpp/path.hpp" auto ParseArchiveContent(ExpressionPtr const& repo_desc, std::string const& origin) @@ -129,9 +130,9 @@ auto ParseArchiveDescription(ExpressionPtr const& repo_desc, ? repo_desc_subdir->String() : "") .lexically_normal(); - if (subdir.is_absolute()) { + if (not PathIsNonUpwards(subdir)) { (*logger)(fmt::format("ArchiveCheckout: Expected field \"subdir\" to " - "be a relative path, but found {}", + "be a non-upwards path, but found {}", subdir.string()), /*fatal=*/true); return std::nullopt; |