kubernetes-sigs/kustomize
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/kustomize.git synced 2026-06-30 01:46:23 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

Disallow cloned kustomization from using a local base outside the clone dir.

Browse Source
This commit is contained in:
Jeffrey Regan
2019-01-25 15:01:18 -08:00
committed by jregan
parent 00e9657025
commit 8c2bff2c91
2 changed files with 107 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
pkg/loader/fileloader.go
View File

@@ -176,6 +176,9 @@ func (l *fileLoader) New(path string) (ifc.Loader, error) {
if err != nil {
return nil, err
}
if err := l.errIfGitContainmentViolation(root); err != nil {
return nil, err
}
if err := l.errIfArgEqualOrHigher(root); err != nil {
return nil, err
}
@@ -215,6 +218,34 @@ func newLoaderAtGitClone(
}, nil
}
func (l *fileLoader) errIfGitContainmentViolation(
base fs.ConfirmedDir) error {
containingRepo := l.containingRepo()
if containingRepo == nil {
return nil
}
if !base.HasPrefix(containingRepo.CloneDir()) {
return fmt.Errorf(
"security; bases in kustomizations found in "+
"cloned git repos must be within the repo, "+
"but base '%s' is outside '%s'",
base, containingRepo.CloneDir())
}
return nil
}
// Looks back through referrers for a git repo, returning nil
// if none found.
func (l *fileLoader) containingRepo() *git.RepoSpec {
if l.repoSpec != nil {
return l.repoSpec
}
if l.referrer == nil {
return nil
}
return l.referrer.containingRepo()
}
// errIfArgEqualOrHigher tests whether the argument,
// is equal to or above the root of any ancestor.
func (l *fileLoader) errIfArgEqualOrHigher(