[v0.13.0-beta1-m.1] backport: security: path traversal and git option injection fixes#7
Open
smerkviladze wants to merge 11 commits into
Open
Conversation
Add executor.ValidContainerID and enforce it in runc/containerd Run paths. Only runc executor used the ID in filesystem operations. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> (cherry picked from commit 789df2422341960b7549d14ea475add43e73cd74) (cherry picked from commit 5e285127899ea49bad2437f2d53114bbe30dd36f) (cherry picked from commit 099cf80) Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
Add safeFileName and route all getFileName sources through it. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> (cherry picked from commit 9d117af5ab1e1032f75658884384328fea440843) (cherry picked from commit ee4de4c2aa53a76fb2ba135cfcb2daa8e45c5b80) (cherry picked from commit 9ce6f62) Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
Use securejoin.SecureJoin to compute a path confined to the root directory before performing operations such as opening, changing ownership, or updating timestamps on the downloaded file. This prevents path traversal attacks using crafted filenames. os.OpenRoot (introduced in Go 1.24) is not available on this branch; securejoin provides equivalent root confinement functionality. (cherry-picked from commit df43783) Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
Validate user-provided refs once during identifier construction and reject option-like refs with leading '-'. There is no known attack related to previous core, patch is to make ref handling more robust and improve errors. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> (cherry picked from commit f5462c2) Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
Normalize Git subdir fragments and validate checkout subdir components so each segment must be a real directory, preventing traversal and symlink escapes. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> (cherry picked from commit 45b038c) Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
Linux:
- Uses openat with O_PATH | O_NOFOLLOW per component to eliminate TOCTOU
races.
- Traversal fd is only for validation; a readable fd is opened via
readdirnames for listing directory entries.
Windows:
- Falls back to os.Lstat per component and os.Open for readability.
- TOCTOU exists theoretically, but acceptable for controlled BuildKit
temp dirs.
Benefits:
- Prevents symlink escapes at kernel level, strengthening CVE-2026-33748 fix.
- Returns a reusable *os.File, removing the separate validate+open two-step.
- Cross-platform API via platform-specific files simplifies call site.
Updated tests verify openSubdirSafe correctness and that readdirnames
correctly obtains a readable fd from an O_PATH anchor on Linux.
Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
github-actions
Bot
added
area/testing
area/executor
area/source
area/windows
area/dependencies
labels
docker/bake-action < v5 is not compatible with buildx >= 0.20.0. Update both .test.yml and validate.yml to use bake-action@v5. Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
Signed-off-by: Sopho Merkviladze <smerkviladze@mirantis.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport of security fixes for CVE-2026-33747 onto the
v0.13.0-beta1pseudo-version base (d5c1d78) used in MCR 25.0.16.Cherry-picked from Mirantis/buildkit#5 (v0.12 backport), adapted for the v0.13.0-beta1 codebase.
Changes:
filepath-securejointo restrict writes to the cache root-to prevent option injectionFixes CVE-2026-33747 and CVE-2026-33748