diff options
author | Grzegorz Bizon <grzesiek.bizon@gmail.com> | 2016-01-12 10:04:26 +0100 |
---|---|---|
committer | Grzegorz Bizon <grzesiek.bizon@gmail.com> | 2016-01-14 12:48:16 +0100 |
commit | 2be76355caa579d444c8e3c0d25563eb9778bfb2 (patch) | |
tree | 8557630f049a70f1e1d3058d5feb0f7f33320298 /lib/gitlab/ci/build/artifacts/metadata.rb | |
parent | ffee05c242c87e004054b48747287c3160d1c19a (diff) | |
download | gitlab-ce-2be76355caa579d444c8e3c0d25563eb9778bfb2.tar.gz |
Support only valid UTF-8 paths in build artifacts browser
Diffstat (limited to 'lib/gitlab/ci/build/artifacts/metadata.rb')
-rw-r--r-- | lib/gitlab/ci/build/artifacts/metadata.rb | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/lib/gitlab/ci/build/artifacts/metadata.rb b/lib/gitlab/ci/build/artifacts/metadata.rb index 2b17712cdbe..d9c051be9f3 100644 --- a/lib/gitlab/ci/build/artifacts/metadata.rb +++ b/lib/gitlab/ci/build/artifacts/metadata.rb @@ -10,7 +10,8 @@ module Gitlab attr_reader :file, :path, :full_version def initialize(file, path) - @file, @path = file, path + @file = file + @path = path.force_encoding('ASCII-8BIT') @full_version = read_version end @@ -42,7 +43,7 @@ module Gitlab def match_entries(gz) paths, metadata = [], [] - match_pattern = %r{^#{Regexp.escape(@path)}[^/\s]*/?$} + match_pattern = %r{^#{Regexp.escape(@path)}[^/]*/?$} invalid_pattern = %r{(^\.?\.?/)|(/\.?\.?/)} until gz.eof? do @@ -51,11 +52,12 @@ module Gitlab meta = read_string(gz) next unless path =~ match_pattern + next unless path.force_encoding('UTF-8').valid_encoding? next if path =~ invalid_pattern paths.push(path) metadata.push(JSON.parse(meta.chomp, symbolize_names: true)) - rescue JSON::ParserError + rescue JSON::ParserError, Encoding::CompatibilityError next end end |