1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
commit 6ca857feb07a5fdc96fd947afef03916291673d8
Author: Aditya R <arajan@redhat.com>
Date: Fri Feb 10 15:16:27 2023 +0530
volume,container: chroot to source before exporting content
* Utils must support higher level API to create Tar with chrooted into
directory
* Volume export: use TarwithChroot instead of Tar so we can make sure no
symlink can be exported by tar if it exists outside of the source
directory.
* container export: use chroot and Tar instead of Tar so we can make sure no
symlink can be exported by tar if it exists outside of the mointPoint.
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Race needs combination of external/in-container mechanism which is hard to repro in CI.
Closes: BZ:#2168256
CVE: https://access.redhat.com/security/cve/CVE-2023-0778
Signed-off-by: Aditya R <arajan@redhat.com>
Index: libpod/libpod/container_internal.go
===================================================================
--- libpod.orig/libpod/container_internal.go
+++ libpod/libpod/container_internal.go
@@ -34,7 +34,7 @@ import (
"github.com/containers/podman/v4/pkg/systemd/notifyproxy"
"github.com/containers/podman/v4/pkg/util"
"github.com/containers/storage"
- "github.com/containers/storage/pkg/archive"
+ "github.com/containers/storage/pkg/chrootarchive"
"github.com/containers/storage/pkg/idtools"
"github.com/containers/storage/pkg/lockfile"
"github.com/containers/storage/pkg/mount"
@@ -754,7 +754,7 @@ func (c *Container) export(path string)
}()
}
- input, err := archive.Tar(mountPoint, archive.Uncompressed)
+ input, err := chrootarchive.Tar(mountPoint, nil, mountPoint)
if err != nil {
return fmt.Errorf("reading container directory %q: %w", c.ID(), err)
}
Index: libpod/utils/utils.go
===================================================================
--- libpod.orig/utils/utils.go
+++ libpod/utils/utils.go
@@ -13,6 +13,7 @@ import (
"github.com/containers/common/pkg/cgroups"
"github.com/containers/storage/pkg/archive"
+ "github.com/containers/storage/pkg/chrootarchive"
"github.com/godbus/dbus/v5"
"github.com/sirupsen/logrus"
)
@@ -63,7 +64,7 @@ func CreateTarFromSrc(source string, des
return fmt.Errorf("could not create tarball file '%s': %w", dest, err)
}
defer file.Close()
- return TarToFilesystem(source, file)
+ return TarChrootToFilesystem(source, file)
}
// TarToFilesystem creates a tarball from source and writes to an os.file
@@ -87,6 +88,28 @@ func Tar(source string) (io.ReadCloser,
return archive.Tar(source, archive.Uncompressed)
}
+// TarChrootToFilesystem creates a tarball from source and writes to an os.file
+// provided while chrooted to the source.
+func TarChrootToFilesystem(source string, tarball *os.File) error {
+ tb, err := TarWithChroot(source)
+ if err != nil {
+ return err
+ }
+ _, err = io.Copy(tarball, tb)
+ if err != nil {
+ return err
+ }
+ logrus.Debugf("wrote tarball file %s", tarball.Name())
+ return nil
+}
+
+// TarWithChroot creates a tarball from source and returns a readcloser of it
+// while chrooted to the source.
+func TarWithChroot(source string) (io.ReadCloser, error) {
+ logrus.Debugf("creating tarball of %s", source)
+ return chrootarchive.Tar(source, nil, source)
+}
+
// RemoveScientificNotationFromFloat returns a float without any
// scientific notation if the number has any.
// golang does not handle conversion of float64s that have scientific
|
