Use filepath.Rel for subdirectory comparison
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
This commit is contained in:
Michael Crosby
parent
c08e43409d
commit
2323c4c48d
|
|
@ -218,32 +218,17 @@ func checkMountDestination(rootfs, dest string) error {
|
||||||
"/sys",
|
"/sys",
|
||||||
}
|
}
|
||||||
for _, invalid := range invalidDestinations {
|
for _, invalid := range invalidDestinations {
|
||||||
if dirIsChild(filepath.Join(rootfs, invalid), dest) {
|
path, err := filepath.Rel(filepath.Join(rootfs, invalid), dest)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if path == "." || !strings.HasPrefix(path, "..") {
|
||||||
return fmt.Errorf("%q cannot be mounted because it is located inside %q", dest, invalid)
|
return fmt.Errorf("%q cannot be mounted because it is located inside %q", dest, invalid)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// dirIsChild compare the parts of the dir to check if it is located
|
|
||||||
// inside root. comparing the individual parts ensures that false positives
|
|
||||||
// are not found.
|
|
||||||
func dirIsChild(root, dir string) bool {
|
|
||||||
var (
|
|
||||||
rootParts = strings.Split(filepath.Clean(root), string(filepath.Separator))
|
|
||||||
dirParts = strings.Split(filepath.Clean(dir), string(filepath.Separator))
|
|
||||||
)
|
|
||||||
if len(dirParts) < len(rootParts) {
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
for i, p := range rootParts {
|
|
||||||
if p != dirParts[i] {
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
|
|
||||||
func setupDevSymlinks(rootfs string) error {
|
func setupDevSymlinks(rootfs string) error {
|
||||||
var links = [][2]string{
|
var links = [][2]string{
|
||||||
{"/proc/self/fd", "/dev/fd"},
|
{"/proc/self/fd", "/dev/fd"},
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue