Use securejoin to resolve /proc #1175
Conversation
This change updates the proc mount when updating ldconfig to use secure join to align with the other functions. Signed-off-by: Evan Lezar <[email protected]>
elezar
added
the
must-backport
Pull Request Test Coverage Report for Build 16113025035Warning: This coverage report may be inaccurate.This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.
Details
💛 - Coveralls |
There was a problem hiding this comment.
Pull Request Overview
This PR improves the mountProc function in ldconfig_linux.go by using securejoin.SecureJoin to resolve the /proc path and switching directory creation to utils.MkdirAllInRoot for consistency and security.
- Use
securejoin.SecureJoininstead offilepath.Joinfor the proc mount target - Replace
os.MkdirAllwithutils.MkdirAllInRoot - Update error handling in
mountProc
| return fmt.Errorf("error creating directory: %w", err) | ||
| target, err := securejoin.SecureJoin(newroot, "proc") | ||
| if err != nil { | ||
| return err |
There was a problem hiding this comment.
Wrap the error from securejoin.SecureJoin with context to aid debugging. For example: return fmt.Errorf("failed to resolve proc path: %w", err)
| return err | |
| return fmt.Errorf("failed to resolve proc path: %w", err) |
| return err | ||
| } | ||
| if err := utils.MkdirAllInRoot(newroot, target, 0755); err != nil { | ||
| return err |
There was a problem hiding this comment.
Provide additional context when returning this error, e.g., return fmt.Errorf("failed to create proc directory: %w", err) to clarify which operation failed.
| return err | |
| return fmt.Errorf("failed to create proc directory at %s: %w", target, err) |
3 participants
This change updates the proc mount when updating ldconfig to use secure join to align with the other functions.