We use cookies to ensure you get the best experience on our website
Inicio Explorar Axuda
Rexistro Iniciar sesión
0ct0pu5
/
moby
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Explorar o código

pkg/containerfs: deprecate ResolveScopedPath

If was a very shallow wrapper around symlink.FollowSymlinkInScope, so inline
that code instead.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn hai 1 ano
pai
90f37f48e2
achega
b8f2caa80a
Modificáronse 5 ficheiros con 12 adicións e 8 borrados
Dividir vista Mostrar estatísticas de Diff
  1. 2 2
      builder/dockerfile/copy.go
  2. 2 2
      builder/remotecontext/archive.go
  3. 4 2
      builder/remotecontext/detect.go
  4. 2 2
      container/container.go
  5. 2 0
      pkg/containerfs/containerfs.go

+ 2 - 2
builder/dockerfile/copy.go
Ver ficheiro 

@@ -17,13 +17,13 @@ import (
 
 	"github.com/docker/docker/builder/remotecontext"
 
 	"github.com/docker/docker/builder/remotecontext/urlutil"
 
 	"github.com/docker/docker/pkg/archive"
 
-	"github.com/docker/docker/pkg/containerfs"
 
 	"github.com/docker/docker/pkg/idtools"
 
 	"github.com/docker/docker/pkg/longpath"
 
 	"github.com/docker/docker/pkg/progress"
 
 	"github.com/docker/docker/pkg/streamformatter"
 
 	"github.com/docker/docker/pkg/system"
 
 	"github.com/moby/buildkit/frontend/dockerfile/instructions"
 
+	"github.com/moby/sys/symlink"
 
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 
 	"github.com/pkg/errors"
 
 )
 
@@ -45,7 +45,7 @@ type copyInfo struct {
 
 }
 
 
 func (c copyInfo) fullPath() (string, error) {
 
-	return containerfs.ResolveScopedPath(c.root, c.path)
 
+	return symlink.FollowSymlinkInScope(filepath.Join(c.root, c.path), c.root)
 
 }
 
 
 func newCopyInfoFromSource(source builder.Source, path string, hash string) copyInfo {

+ 2 - 2
builder/remotecontext/archive.go
Ver ficheiro 

@@ -8,9 +8,9 @@ import (
 
 	"github.com/docker/docker/builder"
 
 	"github.com/docker/docker/pkg/archive"
 
 	"github.com/docker/docker/pkg/chrootarchive"
 
-	"github.com/docker/docker/pkg/containerfs"
 
 	"github.com/docker/docker/pkg/longpath"
 
 	"github.com/docker/docker/pkg/tarsum"
 
+	"github.com/moby/sys/symlink"
 
 	"github.com/pkg/errors"
 
 )
 
 
@@ -117,7 +117,7 @@ func (c *archiveContext) Hash(path string) (string, error) {
 
 
 func normalize(path string, root string) (cleanPath, fullPath string, err error) {
 
 	cleanPath = filepath.Clean(string(filepath.Separator) + path)[1:]
 
-	fullPath, err = containerfs.ResolveScopedPath(root, path)
 
+	fullPath, err = symlink.FollowSymlinkInScope(filepath.Join(root, path), root)
 
 	if err != nil {
 
 		return "", "", errors.Wrapf(err, "forbidden path outside the build context: %s (%s)", path, cleanPath)
 
 	}

+ 4 - 2
builder/remotecontext/detect.go
Ver ficheiro 

@@ -6,6 +6,7 @@ import (
 
 	"fmt"
 
 	"io"
 
 	"os"
 
+	"path/filepath"
 
 	"runtime"
 
 	"strings"
 
 
@@ -15,10 +16,10 @@ import (
 
 	"github.com/docker/docker/builder"
 
 	"github.com/docker/docker/builder/remotecontext/urlutil"
 
 	"github.com/docker/docker/errdefs"
 
-	"github.com/docker/docker/pkg/containerfs"
 
 	"github.com/moby/buildkit/frontend/dockerfile/parser"
 
 	"github.com/moby/patternmatcher"
 
 	"github.com/moby/patternmatcher/ignorefile"
 
+	"github.com/moby/sys/symlink"
 
 	"github.com/pkg/errors"
 
 )
 
 
@@ -177,7 +178,8 @@ func StatAt(remote builder.Source, path string) (os.FileInfo, error) {
 
 
 // FullPath is a helper for getting a full path for a path from a source
 
 func FullPath(remote builder.Source, path string) (string, error) {
 
-	fullPath, err := containerfs.ResolveScopedPath(remote.Root(), path)
 
+	remoteRoot := remote.Root()
 
+	fullPath, err := symlink.FollowSymlinkInScope(filepath.Join(remoteRoot, path), remoteRoot)
 
 	if err != nil {
 
 		if runtime.GOOS == "windows" {
 
 			return "", fmt.Errorf("failed to resolve scoped path %s (%s): %s. Possible cause is a forbidden path outside the build context", path, fullPath, err)

+ 2 - 2
container/container.go
Ver ficheiro 

@@ -310,8 +310,8 @@ func (container *Container) GetResourcePath(path string) (string, error) {
 
 		return "", errors.New("GetResourcePath: BaseFS of container " + container.ID + " is unexpectedly empty")
 
 	}
 
 	// IMPORTANT - These are paths on the OS where the daemon is running, hence
 
-	// any filepath operations must be done in an OS agnostic way.
 
-	r, e := containerfs.ResolveScopedPath(container.BaseFS, containerfs.CleanScopedPath(path))
 
+	// any filepath operations must be done in an OS-agnostic way.
 
+	r, e := symlink.FollowSymlinkInScope(filepath.Join(container.BaseFS, containerfs.CleanScopedPath(path)), container.BaseFS)
 
 
 	// Log this here on the daemon side as there's otherwise no indication apart
 
 	// from the error being propagated all the way back to the client. This makes

+ 2 - 0
pkg/containerfs/containerfs.go
Ver ficheiro 

@@ -20,6 +20,8 @@ func CleanScopedPath(path string) string {
 
 
 // ResolveScopedPath evaluates the given path scoped to the root.
 
 // For example, if root=/a, and path=/b/c, then this function would return /a/b/c.
 
+//
 
+// Deprecated: use [symlink.FollowSymlinkInScope].
 
 func ResolveScopedPath(root, path string) (string, error) {
 
 	return symlink.FollowSymlinkInScope(filepath.Join(root, path), root)
 
 }

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5