|
@@ -287,6 +287,11 @@ func (b *buildFile) CmdVolume(args string) error {
|
|
|
|
|
|
|
|
func (b *buildFile) checkPathForAddition(orig string) error {
|
|
func (b *buildFile) checkPathForAddition(orig string) error {
|
|
|
origPath := path.Join(b.contextPath, orig)
|
|
origPath := path.Join(b.contextPath, orig)
|
|
|
|
|
+ if p, err := filepath.EvalSymlinks(origPath); err != nil {
|
|
|
|
|
+ return err
|
|
|
|
|
+ } else {
|
|
|
|
|
+ origPath = p
|
|
|
|
|
+ }
|
|
|
if !strings.HasPrefix(origPath, b.contextPath) {
|
|
if !strings.HasPrefix(origPath, b.contextPath) {
|
|
|
return fmt.Errorf("Forbidden path outside the build context: %s (%s)", orig, origPath)
|
|
return fmt.Errorf("Forbidden path outside the build context: %s (%s)", orig, origPath)
|
|
|
}
|
|
}
|
Tianon Gravi