actions/fluxcd-flux2
3
0
Fork 0
mirror of https://github.com/fluxcd/flux2.git synced 2026-04-15 16:25:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Add safe guards for relative paths

Browse source 
This commit adds multiple safe guards for relative paths, ensuring they
never traverse outside the working directory.

The `SafeRelativePath` flag calculates the safe relative path based on a
relative base dir, which results in a flattened path.

The write methods of `manifestgen` make use of the `SecureJoin` as well,
to ensure writes are never outside of the given directory when used as
a lib outside of the CLI.

Signed-off-by: Hidde Beydals <hello@hidde.co>
This commit is contained in:
Hidde Beydals 2020-12-14 14:21:41 +01:00
parent 008b3b8408
commit 5ea4e814f5
13 changed files with 180 additions and 71 deletions
Download patch file Download diff file Expand all files Collapse all files

1
go.mod
View file

@ -4,6 +4,7 @@ go 1.15
require (
github.com/blang/semver/v4 v4.0.0
github.com/cyphar/filepath-securejoin v0.2.2
github.com/fluxcd/helm-controller/api v0.4.3
github.com/fluxcd/image-automation-controller/api v0.1.0
github.com/fluxcd/image-reflector-controller/api v0.1.0