diff --git a/pkg/chartutil/load.go b/pkg/chartutil/load.go index 0cbc956d1..13724671a 100644 --- a/pkg/chartutil/load.go +++ b/pkg/chartutil/load.go @@ -355,6 +355,13 @@ func LoadDir(dir string) (*chart.Chart, error) { return nil } + // Irregular files include devices, sockets, and other uses of files that + // are not regular files. In Go they have a file mode type bit set. + // See https://golang.org/pkg/os/#FileMode for examples. + if !fi.Mode().IsRegular() { + return fmt.Errorf("cannot load irregular file %s as it has file mode type bits set", name) + } + data, err := ioutil.ReadFile(name) if err != nil { return fmt.Errorf("error reading %s: %s", n, err) diff --git a/pkg/chartutil/load_test.go b/pkg/chartutil/load_test.go index 8ef45e01f..17da4b172 100644 --- a/pkg/chartutil/load_test.go +++ b/pkg/chartutil/load_test.go @@ -23,6 +23,7 @@ import ( "os" "path" "path/filepath" + "runtime" "strings" "testing" "time" @@ -51,6 +52,40 @@ func TestLoadNonV1Chart(t *testing.T) { t.Fatalf("chart with v2 apiVersion should not load") } +func TestLoadDirWithSymlinks(t *testing.T) { + sym := filepath.Join("..", "frobnitz", "README.md") + link := filepath.Join("testdata", "frobnitz_symlinks", "README.md") + + if err := os.Symlink(sym, link); err != nil { + t.Fatal(err) + } + + defer os.Remove(link) + + c, err := Load("testdata/frobnitz_symlinks") + if err != nil { + t.Fatalf("Failed to load testdata: %s", err) + } + verifyFrobnitz(t, c) + verifyChart(t, c) + verifyRequirements(t, c) +} + +func TestLoadDirWithBadSymlinks(t *testing.T) { + if runtime.GOOS == "windows" { + t.Skip("test only works on unix systems with /dev/null present") + } + + _, err := Load("testdata/bad_symlink") + if err == nil { + t.Fatal("Failed to detect bad symlink") + } + + if !strings.HasPrefix(err.Error(), "cannot load irregular file") { + t.Errorf("Expected bad symlink error got %q", err) + } +} + func TestLoadFile(t *testing.T) { c, err := Load("testdata/frobnitz-1.2.3.tgz") if err != nil { diff --git a/pkg/chartutil/testdata/bad_symlink/Chart.yaml b/pkg/chartutil/testdata/bad_symlink/Chart.yaml new file mode 100644 index 000000000..8efc8bd68 --- /dev/null +++ b/pkg/chartutil/testdata/bad_symlink/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +name: badsymlink +description: A bad symlink is in here +version: "1.0.0" diff --git a/pkg/chartutil/testdata/bad_symlink/LICENSE b/pkg/chartutil/testdata/bad_symlink/LICENSE new file mode 100644 index 000000000..6121943b1 --- /dev/null +++ b/pkg/chartutil/testdata/bad_symlink/LICENSE @@ -0,0 +1 @@ +LICENSE placeholder. diff --git a/pkg/chartutil/testdata/bad_symlink/README.md b/pkg/chartutil/testdata/bad_symlink/README.md new file mode 100644 index 000000000..8cf4cc3d7 --- /dev/null +++ b/pkg/chartutil/testdata/bad_symlink/README.md @@ -0,0 +1,11 @@ +# Frobnitz + +This is an example chart. + +## Usage + +This is an example. It has no usage. + +## Development + +For developer info, see the top-level repository. diff --git a/pkg/chartutil/testdata/bad_symlink/dnull b/pkg/chartutil/testdata/bad_symlink/dnull new file mode 120000 index 000000000..dc1dc0cde --- /dev/null +++ b/pkg/chartutil/testdata/bad_symlink/dnull @@ -0,0 +1 @@ +/dev/null \ No newline at end of file diff --git a/pkg/chartutil/testdata/bad_symlink/templates/template.tpl b/pkg/chartutil/testdata/bad_symlink/templates/template.tpl new file mode 100644 index 000000000..c651ee6a0 --- /dev/null +++ b/pkg/chartutil/testdata/bad_symlink/templates/template.tpl @@ -0,0 +1 @@ +Hello {{.Name | default "world"}} diff --git a/pkg/chartutil/testdata/bad_symlink/values.yaml b/pkg/chartutil/testdata/bad_symlink/values.yaml new file mode 100644 index 000000000..61f501258 --- /dev/null +++ b/pkg/chartutil/testdata/bad_symlink/values.yaml @@ -0,0 +1,6 @@ +# A values file contains configuration. + +name: "Some Name" + +section: + name: "Name in a section" diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/.helmignore b/pkg/chartutil/testdata/frobnitz_symlinks/.helmignore new file mode 100644 index 000000000..9973a57b8 --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/.helmignore @@ -0,0 +1 @@ +ignore/ diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/Chart.yaml b/pkg/chartutil/testdata/frobnitz_symlinks/Chart.yaml new file mode 100644 index 000000000..134cd1109 --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/Chart.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +name: frobnitz +description: This is a frobnitz. +version: "1.2.3" +keywords: + - frobnitz + - sprocket + - dodad +maintainers: + - name: The Helm Team + email: helm@example.com + - name: Someone Else + email: nobody@example.com +sources: + - https://example.com/foo/bar +home: http://example.com +icon: https://example.com/64x64.png +annotations: + extrakey: extravalue + anotherkey: anothervalue diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/INSTALL.txt b/pkg/chartutil/testdata/frobnitz_symlinks/INSTALL.txt new file mode 100644 index 000000000..2010438c2 --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/INSTALL.txt @@ -0,0 +1 @@ +This is an install document. The client may display this. diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/LICENSE b/pkg/chartutil/testdata/frobnitz_symlinks/LICENSE new file mode 100644 index 000000000..6121943b1 --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/LICENSE @@ -0,0 +1 @@ +LICENSE placeholder. diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/charts/_ignore_me b/pkg/chartutil/testdata/frobnitz_symlinks/charts/_ignore_me new file mode 100644 index 000000000..2cecca682 --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/charts/_ignore_me @@ -0,0 +1 @@ +This should be ignored by the loader, but may be included in a chart. diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/Chart.yaml b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/Chart.yaml new file mode 100644 index 000000000..79e0d65db --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +name: alpine +description: Deploy a basic Alpine Linux pod +version: 0.1.0 +home: https://helm.sh/helm diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/README.md b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/README.md new file mode 100644 index 000000000..b30b949dd --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/README.md @@ -0,0 +1,9 @@ +This example was generated using the command `helm create alpine`. + +The `templates/` directory contains a very simple pod resource with a +couple of parameters. + +The `values.toml` file contains the default values for the +`alpine-pod.yaml` template. + +You can install this example using `helm install ./alpine`. diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/charts/mast1/Chart.yaml b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/charts/mast1/Chart.yaml new file mode 100644 index 000000000..1c9dd5fa4 --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/charts/mast1/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +name: mast1 +description: A Helm chart for Kubernetes +version: 0.1.0 +home: "" diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/charts/mast1/values.yaml b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/charts/mast1/values.yaml new file mode 100644 index 000000000..42c39c262 --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/charts/mast1/values.yaml @@ -0,0 +1,4 @@ +# Default values for mast1. +# This is a YAML-formatted file. +# Declare name/value pairs to be passed into your templates. +# name = "value" diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/templates/alpine-pod.yaml b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/templates/alpine-pod.yaml new file mode 100644 index 000000000..21ae20aad --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/templates/alpine-pod.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Pod +metadata: + name: {{.Release.Name}}-{{.Chart.Name}} + labels: + app.kubernetes.io/managed-by: {{.Release.Service}} + app.kubernetes.io/name: {{.Chart.Name}} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" +spec: + restartPolicy: {{default "Never" .restart_policy}} + containers: + - name: waiter + image: "alpine:3.9" + command: ["/bin/sleep","9000"] diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/values.yaml b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/values.yaml new file mode 100644 index 000000000..6c2aab7ba --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/charts/alpine/values.yaml @@ -0,0 +1,2 @@ +# The pod name +name: "my-alpine" diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/charts/mariner-4.3.2.tgz b/pkg/chartutil/testdata/frobnitz_symlinks/charts/mariner-4.3.2.tgz new file mode 100644 index 000000000..3190136b0 Binary files /dev/null and b/pkg/chartutil/testdata/frobnitz_symlinks/charts/mariner-4.3.2.tgz differ diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/docs/README.md b/pkg/chartutil/testdata/frobnitz_symlinks/docs/README.md new file mode 100644 index 000000000..d40747caf --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/docs/README.md @@ -0,0 +1 @@ +This is a placeholder for documentation. diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/icon.svg b/pkg/chartutil/testdata/frobnitz_symlinks/icon.svg new file mode 100644 index 000000000..892130606 --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/icon.svg @@ -0,0 +1,8 @@ + + + Example icon + + + diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/ignore/me.txt b/pkg/chartutil/testdata/frobnitz_symlinks/ignore/me.txt new file mode 100644 index 000000000..e69de29bb diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/requirements.lock b/pkg/chartutil/testdata/frobnitz_symlinks/requirements.lock new file mode 100755 index 000000000..6fcc2ed9f --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/requirements.lock @@ -0,0 +1,8 @@ +dependencies: + - name: alpine + version: "0.1.0" + repository: https://example.com/charts + - name: mariner + version: "4.3.2" + repository: https://example.com/charts +digest: invalid diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/requirements.yaml b/pkg/chartutil/testdata/frobnitz_symlinks/requirements.yaml new file mode 100755 index 000000000..5eb0bc98b --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/requirements.yaml @@ -0,0 +1,7 @@ +dependencies: + - name: alpine + version: "0.1.0" + repository: https://example.com/charts + - name: mariner + version: "4.3.2" + repository: https://example.com/charts diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/templates/template.tpl b/pkg/chartutil/testdata/frobnitz_symlinks/templates/template.tpl new file mode 100644 index 000000000..c651ee6a0 --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/templates/template.tpl @@ -0,0 +1 @@ +Hello {{.Name | default "world"}} diff --git a/pkg/chartutil/testdata/frobnitz_symlinks/values.yaml b/pkg/chartutil/testdata/frobnitz_symlinks/values.yaml new file mode 100644 index 000000000..61f501258 --- /dev/null +++ b/pkg/chartutil/testdata/frobnitz_symlinks/values.yaml @@ -0,0 +1,6 @@ +# A values file contains configuration. + +name: "Some Name" + +section: + name: "Name in a section" diff --git a/pkg/sympath/walk.go b/pkg/sympath/walk.go index 175d3fa95..9a62261d0 100644 --- a/pkg/sympath/walk.go +++ b/pkg/sympath/walk.go @@ -22,6 +22,7 @@ package sympath import ( "fmt" + "log" "os" "path/filepath" "sort" @@ -69,6 +70,7 @@ func symwalk(path string, info os.FileInfo, walkFn filepath.WalkFunc) error { if err != nil { return fmt.Errorf("error evaluating symlink %s: %s", path, err) } + log.Printf("found symbolic link in path: %s resolves to %s", path, resolved) if info, err = os.Lstat(resolved); err != nil { return err }