kubernetes-sigs/kustomize
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kustomize.git synced 2026-06-13 01:50:55 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

Prevent repoSpec path from exiting repo

Browse Source
This commit is contained in:
Anna Song
2022-11-23 14:29:22 -08:00
parent 62f0dab2ac
commit 07063a2652
4 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
api/loader/fileloader_test.go
View File

@@ -5,6 +5,7 @@ package loader
import (
"bytes"
"fmt"
"io"
"net/http"
"os"
@@ -444,6 +445,27 @@ func TestLoaderDisallowsLocalBaseFromRemoteOverlay(t *testing.T) {
"base '/whatever/highBase' is outside '/whatever/someClone'")
}
func TestLoaderDisallowsRemoteBaseExitRepo(t *testing.T) {
fSys := filesys.MakeFsOnDisk()
dir, err := filesys.NewTmpConfirmedDir()
require.NoError(t, err)
t.Cleanup(func() {
_ = fSys.RemoveAll(dir.String())
})
repo := dir.Join("repo")
require.NoError(t, fSys.Mkdir(repo))
base := filepath.Join(repo, "base")
require.NoError(t, os.Symlink(dir.String(), base))
repoSpec, err := git.NewRepoSpecFromURL("https://github.com/org/repo/base")
require.NoError(t, err)
_, err = newLoaderAtGitClone(repoSpec, fSys, nil, git.DoNothingCloner(filesys.ConfirmedDir(repo)))
require.Error(t, err)
require.Contains(t, err.Error(), fmt.Sprintf("%q refers to directory outside of repo %q", base, repo))
}
func TestLocalLoaderReferencingGitBase(t *testing.T) {
require := require.New(t)