project: add basic path checks for <copyfile> & <linkfile>

Reject paths in <copyfile> & <linkfile> that try to use symlinks or non-file or non-dirs. We don't fully validate <linkfile> when src is a glob as it's a bit complicated -- any component in the src could be the glob. We make sure the destination is a directory, and that any paths in that dir are created as symlinks. So while this can be used to read any path, it can't be abused to write to any paths. Bug: https://crbug.com/gerrit/11218 Change-Id: I68b6d789b5ca4e43f569e75e8b293b3e13d3224b Reviewed-on: https://gerrit-review.googlesource.com/c/git-repo/+/233074 Tested-by: Mike Frysinger <vapier@google.com> Reviewed-by: Mike Frysinger <vapier@google.com> Reviewed-by: Michael Mortensen <mmortensen@google.com>
author: Mike Frysinger <vapier@google.com> 2019-08-02 15:57:57 -0400
committer: Mike Frysinger <vapier@google.com> 2020-02-04 20:34:23 +0000
commit: e6a202f790daaf204513b8c53b824fcc246f9972 (patch)
tree: 6907f26e5a17a7b39f62e401b895088f1c178540 /manifest_xml.py
parent: 04122b7261319dae3abcaf0eb63af7ed937dc463 (diff)
download: git-repo-e6a202f790daaf204513b8c53b824fcc246f9972.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/manifest_xml.py b/manifest_xml.py
index 69105c9e..4f7bd498 100644
--- a/manifest_xml.py
+++ b/manifest_xml.py
@@ -1026,7 +1026,7 @@ class XmlManifest(object):
      # dest is relative to the top of the tree.
      # We only validate paths if we actually plan to process them.
      self._ValidateFilePaths('copyfile', src, dest)
-      project.AddCopyFile(src, dest, os.path.join(self.topdir, dest))
+      project.AddCopyFile(src, dest, self.topdir)
  def _ParseLinkFile(self, project, node):
    src = self._reqatt(node, 'src')
@@ -1036,7 +1036,7 @@ class XmlManifest(object):
      # dest is relative to the top of the tree.
      # We only validate paths if we actually plan to process them.
      self._ValidateFilePaths('linkfile', src, dest)
-      project.AddLinkFile(src, dest, os.path.join(self.topdir, dest))
+      project.AddLinkFile(src, dest, self.topdir)
  def _ParseAnnotation(self, project, node):
    name = self._reqatt(node, 'name')
author	Mike Frysinger <vapier@google.com>	2019-08-02 15:57:57 -0400
committer	Mike Frysinger <vapier@google.com>	2020-02-04 20:34:23 +0000
commit	e6a202f790daaf204513b8c53b824fcc246f9972 (patch)
tree	6907f26e5a17a7b39f62e401b895088f1c178540 /manifest_xml.py
parent	04122b7261319dae3abcaf0eb63af7ed937dc463 (diff)
download	git-repo-e6a202f790daaf204513b8c53b824fcc246f9972.tar.gz

diff --git a/manifest_xml.py b/manifest_xml.py index 69105c9e..4f7bd498 100644 --- a/manifest_xml.py +++ b/manifest_xml.py
@@ -1026,7 +1026,7 @@ class XmlManifest(object):
1026	# dest is relative to the top of the tree.	1026	# dest is relative to the top of the tree.
1027	# We only validate paths if we actually plan to process them.	1027	# We only validate paths if we actually plan to process them.
1028	self._ValidateFilePaths('copyfile', src, dest)	1028	self._ValidateFilePaths('copyfile', src, dest)
1029	project.AddCopyFile(src, dest, os.path.join(self.topdir, dest))	1029	project.AddCopyFile(src, dest, self.topdir)
1030		1030
1031	def _ParseLinkFile(self, project, node):	1031	def _ParseLinkFile(self, project, node):
1032	src = self._reqatt(node, 'src')	1032	src = self._reqatt(node, 'src')
@@ -1036,7 +1036,7 @@ class XmlManifest(object):
1036	# dest is relative to the top of the tree.	1036	# dest is relative to the top of the tree.
1037	# We only validate paths if we actually plan to process them.	1037	# We only validate paths if we actually plan to process them.
1038	self._ValidateFilePaths('linkfile', src, dest)	1038	self._ValidateFilePaths('linkfile', src, dest)
1039	project.AddLinkFile(src, dest, os.path.join(self.topdir, dest))	1039	project.AddLinkFile(src, dest, self.topdir)
1040		1040
1041	def _ParseAnnotation(self, project, node):	1041	def _ParseAnnotation(self, project, node):
1042	name = self._reqatt(node, 'name')	1042	name = self._reqatt(node, 'name')