diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-07-31 17:35:12 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-07-31 17:35:24 +0300 |
commit | 1ebdda69d61ae26379f8fac27671103374031944 (patch) | |
tree | 3f91337bb928fa638e02b84a20a7568090d23bcb /app/services | |
parent | 3c93d74713f5a845429b4c19b046f57cc8ea325c (diff) |
Add latest changes from gitlab-org/security/gitlab@16-2-stable-ee
Diffstat (limited to 'app/services')
-rw-r--r-- | app/services/bulk_imports/archive_extraction_service.rb | 6 | ||||
-rw-r--r-- | app/services/bulk_imports/file_decompression_service.rb | 2 |
2 files changed, 2 insertions, 6 deletions
diff --git a/app/services/bulk_imports/archive_extraction_service.rb b/app/services/bulk_imports/archive_extraction_service.rb index 4485b19035b..bce2a67218a 100644 --- a/app/services/bulk_imports/archive_extraction_service.rb +++ b/app/services/bulk_imports/archive_extraction_service.rb @@ -49,11 +49,7 @@ module BulkImports end def validate_symlink - raise(BulkImports::Error, 'Invalid file') if symlink?(filepath) - end - - def symlink?(filepath) - File.lstat(filepath).symlink? + raise(BulkImports::Error, 'Invalid file') if Gitlab::Utils::FileInfo.linked?(filepath) end def extract_archive diff --git a/app/services/bulk_imports/file_decompression_service.rb b/app/services/bulk_imports/file_decompression_service.rb index 94573f6bb13..77638f10f54 100644 --- a/app/services/bulk_imports/file_decompression_service.rb +++ b/app/services/bulk_imports/file_decompression_service.rb @@ -53,7 +53,7 @@ module BulkImports end def validate_symlink(filepath) - raise(ServiceError, 'Invalid file') if File.lstat(filepath).symlink? + raise(ServiceError, 'Invalid file') if Gitlab::Utils::FileInfo.linked?(filepath) end def decompress_file |