Add latest changes from gitlab-org/security/gitlab@16-2-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-07-31 17:35:12 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-07-31 17:35:24 +0300
commit: 1ebdda69d61ae26379f8fac27671103374031944 (patch)
tree: 3f91337bb928fa638e02b84a20a7568090d23bcb /app/services
parent: 3c93d74713f5a845429b4c19b046f57cc8ea325c (diff)
2 files changed, 2 insertions, 6 deletions
diff --git a/app/services/bulk_imports/archive_extraction_service.rb b/app/services/bulk_imports/archive_extraction_service.rb
index 4485b19035b..bce2a67218a 100644
--- a/app/services/bulk_imports/archive_extraction_service.rb
+++ b/app/services/bulk_imports/archive_extraction_service.rb
@@ -49,11 +49,7 @@ module BulkImports
     end
 
     def validate_symlink
-      raise(BulkImports::Error, 'Invalid file') if symlink?(filepath)
-    end
-
-    def symlink?(filepath)
-      File.lstat(filepath).symlink?
+      raise(BulkImports::Error, 'Invalid file') if Gitlab::Utils::FileInfo.linked?(filepath)
     end
 
     def extract_archive
diff --git a/app/services/bulk_imports/file_decompression_service.rb b/app/services/bulk_imports/file_decompression_service.rb
index 94573f6bb13..77638f10f54 100644
--- a/app/services/bulk_imports/file_decompression_service.rb
+++ b/app/services/bulk_imports/file_decompression_service.rb
@@ -53,7 +53,7 @@ module BulkImports
     end
 
     def validate_symlink(filepath)
-      raise(ServiceError, 'Invalid file') if File.lstat(filepath).symlink?
+      raise(ServiceError, 'Invalid file') if Gitlab::Utils::FileInfo.linked?(filepath)
     end
 
     def decompress_file
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-07-31 17:35:12 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-07-31 17:35:24 +0300
commit	1ebdda69d61ae26379f8fac27671103374031944 (patch)
tree	3f91337bb928fa638e02b84a20a7568090d23bcb /app/services
parent	3c93d74713f5a845429b4c19b046f57cc8ea325c (diff)