Improve handling of nonexistent symlinks for extractions + programkind (

#709) * Improve handling of nonexistent symlinks for extractions + programkind Signed-off-by: egibs <20933572+egibs@users.noreply.github.com> * Appease the linter Signed-off-by: egibs <20933572+egibs@users.noreply.github.com> --------- Signed-off-by: egibs <20933572+egibs@users.noreply.github.com>
chainguard-dev · Dec 16, 2024 · 191c6f3 · 191c6f3
1 parent 4cb8edf
commit 191c6f3
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 3 deletions.
diff --git a/pkg/action/archive.go b/pkg/action/archive.go
@@ -195,7 +195,21 @@ func extractTar(ctx context.Context, d string, f string) error {
 				return fmt.Errorf("failed to close file: %w", err)
 			}
 		case tar.TypeSymlink:
-			if err := os.Symlink(header.Linkname, target); err != nil {
+			// Skip symlinks for targets that do not exist
+			_, err = os.Readlink(target)
+			if os.IsNotExist(err) {
+				continue
+			}
+			// Ensure that symlinks are not relative path traversals
+			// #nosec G305 // L208 handles the check
+			linkReal, err := filepath.EvalSymlinks(filepath.Join(d, header.Linkname))
+			if err != nil {
+				return fmt.Errorf("failed to evaluate symlink: %w", err)
+			}
+			if !strings.HasPrefix(linkReal, filepath.Clean(d)+string(os.PathSeparator)) {
+				return fmt.Errorf("symlink points outside temporary directory: %s", linkReal)
+			}
+			if err := os.Symlink(linkReal, target); err != nil {
 				return fmt.Errorf("failed to create symlink: %w", err)
 			}
 		}
@@ -428,7 +442,7 @@ func extractDeb(ctx context.Context, d, f string) error {
 
 	for {
 		header, err := df.Data.Next()
-		if err == io.EOF {
+		if errors.Is(err, io.EOF) {
 			break
 		}
 		if err != nil {
@@ -469,7 +483,21 @@ func extractDeb(ctx context.Context, d, f string) error {
 				return fmt.Errorf("failed to close file: %w", err)
 			}
 		case tar.TypeSymlink:
-			if err := os.Symlink(header.Linkname, target); err != nil {
+			// Skip symlinks for targets that do not exist
+			_, err = os.Readlink(target)
+			if os.IsNotExist(err) {
+				continue
+			}
+			// Ensure that symlinks are not relative path traversals
+			// #nosec G305 // L208 handles the check
+			linkReal, err := filepath.EvalSymlinks(filepath.Join(d, header.Linkname))
+			if err != nil {
+				return fmt.Errorf("failed to evaluate symlink: %w", err)
+			}
+			if !strings.HasPrefix(linkReal, filepath.Clean(d)+string(os.PathSeparator)) {
+				return fmt.Errorf("symlink points outside temporary directory: %s", linkReal)
+			}
+			if err := os.Symlink(linkReal, target); err != nil {
 				return fmt.Errorf("failed to create symlink: %w", err)
 			}
 		}

diff --git a/pkg/programkind/programkind.go b/pkg/programkind/programkind.go
@@ -102,6 +102,12 @@ func makeFileType(path string, ext string, mime string) *FileType {
 
 // File detects what kind of program this file might be.
 func File(path string) (*FileType, error) {
+	// Follow symlinks and return cleanly if the target does not exist
+	_, err := filepath.EvalSymlinks(path)
+	if os.IsNotExist(err) {
+		return nil, nil
+	}
+
 	st, err := os.Stat(path)
 	if err != nil {
 		return nil, fmt.Errorf("stat: %w", err)