Skip to content

Commit e8803bb

Browse files
committed
bindings: artifact extract reject invalid names
The server already does validate this so this is not strictly needed and the client must trust the server no matter what. But adding an extra check here does not hurt and may help prevent future bugs. Signed-off-by: Paul Holzinger <pholzing@redhat.com> (cherry picked from commit 12bec19) Signed-off-by: Paul Holzinger <pholzing@redhat.com>
1 parent a0e436e commit e8803bb

1 file changed

Lines changed: 8 additions & 1 deletion

File tree

pkg/bindings/artifacts/extract.go

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -73,7 +73,14 @@ func Extract(ctx context.Context, artifactName string, target string, options *E
7373
// If destination isn't a file, extract to target/filename
7474
fileTarget := target
7575
if targetIsDirectory {
76-
fileTarget = filepath.Join(target, header.Name)
76+
filename := header.Name
77+
// This matches the logic from generateArtifactBlobName().
78+
for i := range len(filename) {
79+
if os.IsPathSeparator(filename[i]) {
80+
return fmt.Errorf("invalid filename: %q cannot contain %c", filename, filename[i])
81+
}
82+
}
83+
fileTarget = filepath.Join(target, filename)
7784
}
7885

7986
if header.Typeflag == tar.TypeReg {

0 commit comments

Comments
 (0)