File 0001-tighten-up-plugin-finding-logic.patch of Package cni-plugins.26899
From ada67263b12ff0c65f1256e120f6d9f7f0277388 Mon Sep 17 00:00:00 2001
From: Casey Callendrello <cdc@redhat.com>
Date: Tue, 19 Jan 2021 15:36:49 +0100
Subject: [PATCH] tighten up plugin-finding logic
Signed-off-by: Casey Callendrello <cdc@redhat.com>
---
vendor/github.com/containernetworking/cni/pkg/invoke/find.go | 5 +++++
2 files changed, 13 insertions(+)
diff --git a/vendor/github.com/containernetworking/cni/pkg/invoke/find.go b/vendor/github.com/containernetworking/cni/pkg/invoke/find.go
index e815404c..e62029eb 100644
--- a/vendor/github.com/containernetworking/cni/pkg/invoke/find.go
+++ b/vendor/github.com/containernetworking/cni/pkg/invoke/find.go
@@ -18,6 +18,7 @@ import (
"fmt"
"os"
"path/filepath"
+ "strings"
)
// FindInPath returns the full path of the plugin by searching in the provided path
@@ -26,6 +27,10 @@ func FindInPath(plugin string, paths []string) (string, error) {
return "", fmt.Errorf("no plugin name provided")
}
+ if strings.ContainsRune(plugin, os.PathSeparator) {
+ return "", fmt.Errorf("invalid plugin name: %s", plugin)
+ }
+
if len(paths) == 0 {
return "", fmt.Errorf("no paths provided")
}