Skip to content

Commit 858316a

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request #1450 from kubernetes-client/release-10.0.1
Add path normalization for archive files.
2 parents eb0f078 + eb2cfe9 commit 858316a

File tree

3 files changed

+19
-4
lines changed

3 files changed

+19
-4
lines changed

pom.xml

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -48,10 +48,11 @@
4848
<apache.commons.lang3.version>3.11</apache.commons.lang3.version>
4949
<apache.commons.collections4.version>4.4</apache.commons.collections4.version>
5050
<apache.commons.compress>1.20</apache.commons.compress>
51-
<common.codec.version>1.15</common.codec.version>
52-
<spring.boot.version>2.3.3.RELEASE</spring.boot.version>
53-
<spring.version>5.2.9.RELEASE</spring.version>
51+
<common.codec.version>1.14</common.codec.version>
52+
<spring.boot.version>2.3.1.RELEASE</spring.boot.version>
53+
<spring.version>5.2.8.RELEASE</spring.version>
5454
<prometheus.client.version>0.9.0</prometheus.client.version>
55+
<apache.commons.io>2.8.0</apache.commons.io>
5556

5657
<e2e.skip>true</e2e.skip>
5758

@@ -103,6 +104,11 @@
103104
<artifactId>commons-compress</artifactId>
104105
<version>${apache.commons.compress}</version>
105106
</dependency>
107+
<dependency>
108+
<groupId>commons-io</groupId>
109+
<artifactId>commons-io</artifactId>
110+
<version>${apache.commons.io}</version>
111+
</dependency>
106112
<dependency>
107113
<groupId>com.google.guava</groupId>
108114
<artifactId>guava</artifactId>

util/pom.xml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,10 @@
4646
<groupId>org.apache.commons</groupId>
4747
<artifactId>commons-lang3</artifactId>
4848
</dependency>
49+
<dependency>
50+
<groupId>commons-io</groupId>
51+
<artifactId>commons-io</artifactId>
52+
</dependency>
4953
<dependency>
5054
<groupId>com.google.guava</groupId>
5155
<artifactId>guava</artifactId>

util/src/main/java/io/kubernetes/client/Copy.java

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@
3939
import org.apache.commons.compress.archivers.tar.TarArchiveInputStream;
4040
import org.apache.commons.compress.archivers.tar.TarArchiveOutputStream;
4141
import org.apache.commons.compress.compressors.gzip.GzipCompressorInputStream;
42+
import org.apache.commons.io.FilenameUtils;
4243
import org.slf4j.Logger;
4344
import org.slf4j.LoggerFactory;
4445

@@ -170,7 +171,11 @@ public void copyDirectoryFromPod(
170171
log.error("Can't read: " + entry);
171172
continue;
172173
}
173-
File f = new File(destination.toFile(), entry.getName());
174+
String normalName = FilenameUtils.normalize(entry.getName());
175+
if (normalName == null) {
176+
throw new IOException("Invalid entry: " + entry.getName());
177+
}
178+
File f = new File(destination.toFile(), normalName);
174179
if (entry.isDirectory()) {
175180
if (!f.isDirectory() && !f.mkdirs()) {
176181
throw new IOException("create directory failed: " + f);

0 commit comments

Comments
 (0)