Merge pull request #172 from priyawadhwa/symlink-bug

Ignore symlinks during file extraction if link is whitelisted
2018-05-10 14:07:07 -04:00 · 2018-05-10 14:07:07 -04:00 · 676e6696b6
parent d19a6e4df7 d040c89af6
commit 676e6696b6
2 changed files with 7 additions and 1 deletions
--- a/integration_tests/dockerfiles/Dockerfile_test_copy
+++ b/integration_tests/dockerfiles/Dockerfile_test_copy
@ -1,4 +1,4 @@
-FROM gcr.io/distroless/base
+FROM alpine:3.7
 COPY context/foo foo
 COPY context/foo /foodir/
 COPY context/bar/b* bar/
--- a/pkg/util/fs_util.go
+++ b/pkg/util/fs_util.go
@ -94,6 +94,12 @@ func GetFSFromImage(img v1.Image) error {
 				logrus.Infof("Not adding %s because it is whitelisted", path)
 				continue
 			}
+			if hdr.Typeflag == tar.TypeSymlink {
+				if checkWhitelist(hdr.Linkname, whitelist) {
+					logrus.Debugf("skipping symlink from %s to %s because %s is whitelisted", hdr.Linkname, path, hdr.Linkname)
+					continue
+				}
+			}
 			fs[path] = struct{}{}

 			if err := extractFile("/", hdr, tr); err != nil {