-
Notifications
You must be signed in to change notification settings - Fork 23.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Targeted fix for installing roles with symlinks containing '..' #82165
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ansibot
added
bug
This issue/PR relates to a bug.
needs_triage
Needs a first human triage before being processed.
has_issue
labels
Nov 7, 2023
ansibot
added
the
needs_revision
This PR fails CI tests or a maintainer has requested a review/revision of the PR.
label
Nov 7, 2023
/azp run |
Azure Pipelines successfully started running 1 pipeline(s). |
ansibot
removed
the
needs_revision
This PR fails CI tests or a maintainer has requested a review/revision of the PR.
label
Nov 8, 2023
bcoca
reviewed
Nov 15, 2023
Set the tarfile attribute to a normalized value from unfrackpath instead of validating path parts and omiting potentially invald parts Allow tarfile paths/links containing '..', '$', '~' as long as the normalized realpath is in the tarfile's role directory
s-hertel
force-pushed
the
targeted-role-symlink-fix
branch
from
November 16, 2023 18:59
e81a29a
to
68088b3
Compare
ansibot
added
needs_revision
This PR fails CI tests or a maintainer has requested a review/revision of the PR.
and removed
needs_revision
This PR fails CI tests or a maintainer has requested a review/revision of the PR.
labels
Nov 16, 2023
I thought I might be able to simplify this quite a bit by using try:
# throw KeyError if the member missing or external
file_data = role_tar_file.extractfile(member)
except KeyError as e:
raise AnsibleError(f"Invalid tarfile member is not a subpath of the role: {e}")
if file_data is None:
# happens when not (member.isreg() or member.issym()) - we don't extract these
continue
# then extract as usual But |
ansibot
added
the
stale_ci
This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested.
label
Nov 29, 2023
/azp run |
Azure Pipelines successfully started running 1 pipeline(s). |
ansibot
removed
the
stale_ci
This PR has been tested by CI more than one week ago. Close and re-open this PR to get it retested.
label
Nov 30, 2023
bcoca
reviewed
Nov 30, 2023
bcoca
approved these changes
Nov 30, 2023
@bcoca thanks for the reviews |
s-hertel
added a commit
to s-hertel/ansible
that referenced
this pull request
Nov 30, 2023
…ble#82165) Set the tarfile attribute to a normalized value from unfrackpath instead of validating path parts and omiting potentially invald parts Allow tarfile paths/links containing '..', '$', '~' as long as the normalized realpath is in the tarfile's role directory (cherry picked from commit 3a42a00)
s-hertel
added a commit
to s-hertel/ansible
that referenced
this pull request
Nov 30, 2023
…ble#82165) Set the tarfile attribute to a normalized value from unfrackpath instead of validating path parts and omiting potentially invald parts Allow tarfile paths/links containing '..', '$', '~' as long as the normalized realpath is in the tarfile's role directory (cherry picked from commit 3a42a00)
s-hertel
added a commit
to s-hertel/ansible
that referenced
this pull request
Nov 30, 2023
…ble#82165) Set the tarfile attribute to a normalized value from unfrackpath instead of validating path parts and omiting potentially invald parts Allow tarfile paths/links containing '..', '$', '~' as long as the normalized realpath is in the tarfile's role directory (cherry picked from commit 3a42a00)
This was referenced Nov 30, 2023
s-hertel
added a commit
to s-hertel/ansible
that referenced
this pull request
Dec 20, 2023
…ble#82165) Set the tarfile attribute to a normalized value from unfrackpath instead of validating path parts and omiting potentially invald parts Allow tarfile paths/links containing '..', '$', '~' as long as the normalized realpath is in the tarfile's role directory (cherry picked from commit 3a42a00)
s-hertel
added a commit
to s-hertel/ansible
that referenced
this pull request
Dec 20, 2023
…ble#82165) Set the tarfile attribute to a normalized value from unfrackpath instead of validating path parts and omiting potentially invald parts Allow tarfile paths/links containing '..', '$', '~' as long as the normalized realpath is in the tarfile's role directory (cherry picked from commit 3a42a00)
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
Fixes #81965
I'd like to backport this as far as acceptable since the fix for the symlink CVE was backported to 2.13, so I separated this from the other fixes in #82052 related to installing broken roles.
ISSUE TYPE
ADDITIONAL INFORMATION