diff options
author | cyphar <cyphar@cyphar.com> | 2014-05-10 16:38:47 +1000 |
---|---|---|
committer | cyphar <cyphar@cyphar.com> | 2014-05-14 11:14:59 +1000 |
commit | bfc3a4192ae5723e401470688cdae59b95bd61f1 (patch) | |
tree | f981cd2be7e6a3bd8906b3ae1b0d4e60e993b567 | |
parent | f637eaca5daad914dfb42dadd535502ad82eb264 (diff) | |
download | docker-bfc3a4192ae5723e401470688cdae59b95bd61f1.tar.gz |
daemon: container: ensure cp cannot traverse outside container rootfs
This patch fixes the bug that allowed cp to copy files outside of
the containers rootfs, by passing a relative path (such as
../../../../../../../../etc/shadow). This is fixed by first converting
the path to an absolute path (relative to /) and then appending it
to the container's rootfs before continuing.
Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
-rw-r--r-- | AUTHORS | 1 | ||||
-rw-r--r-- | daemon/container.go | 5 |
2 files changed, 6 insertions, 0 deletions
@@ -6,6 +6,7 @@ Aanand Prasad <aanand.prasad@gmail.com> Aaron Feng <aaron.feng@gmail.com> Abel MuiƱo <amuino@gmail.com> +Aleksa Sarai <cyphar@cyphar.com> Alexander Larsson <alexl@redhat.com> Alexey Shamrin <shamrin@gmail.com> Alex Gaynor <alex.gaynor@gmail.com> diff --git a/daemon/container.go b/daemon/container.go index 7b6b65494e..7250b442a6 100644 --- a/daemon/container.go +++ b/daemon/container.go @@ -745,8 +745,13 @@ func (container *Container) Copy(resource string) (io.ReadCloser, error) { if err := container.Mount(); err != nil { return nil, err } + var filter []string + + // Ensure path is local to container basefs + resource = path.Join("/", resource) basePath := path.Join(container.basefs, resource) + stat, err := os.Stat(basePath) if err != nil { container.Unmount() |