You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Backport(v1.19) output: enforce strict path boundary validation for tag (#5391)
**Which issue(s) this PR fixes**:
Fixes #
**What this PR does / why we need it**:
This PR enhances the robustness of the `${tag}` placeholder expansion by
preventing unintended path boundaries from being crossed.
Previously, tags containing relative parent directory patterns (`../`)
or absolute paths (e.g., `/etc/passwd`, `\Windows`) were expanded
without validation in `extract_placeholders`. This could lead to
unexpected file creation or access outside of the intended base
directories, especially when using plugins like `out_file`.
To address this, we introduced a strict, highly optimized path boundary
validation inside `extract_placeholders` specifically for the `${tag}`
variable.
* By validating the variable before substitution, all core and
third-party plugins using `extract_placeholders` automatically benefit
from this boundary check.
* Backward Compatibility
* Tags containing safe slashes (e.g., `app/web`) are still permitted,
ensuring URL expansions (e.g., in `out_http`) or safe nested directories
remain fully functional.
**Docs Changes**:
**Release Note**:
Signed-off-by: Shizuo Fujita <fujita@clear-code.com>
0 commit comments