Extract GitLab Pages using RubyZip

RubyZip allows us to perform strong validation of expanded paths where we do extract file. We introduce the following additional checks to extract routines: 1. None of path components can be symlinked, 2. We drop privileges support for directories, 3. Symlink source needs to point within the target directory, like `public/`, 4. The symlink source needs to exist ahead of time.
author: Kamil Trzciński <ayufan@ayufan.eu> 2019-01-02 22:01:11 +0300
committer: Yorick Peterse <yorickpeterse@gmail.com> 2019-01-31 18:52:48 +0300
commit: 66744469d4f2c444c0248b84096d252db749d01c (patch)
tree: 0b71d2c71a195d61dca9b814e7fff31abe59004e /lib/safe_zip/extract_params.rb
parent: a1bf088201702ec4d36015c8f4cb635fa2ee2c5b (diff)
1 files changed, 36 insertions, 0 deletions
diff --git a/lib/safe_zip/extract_params.rb b/lib/safe_zip/extract_params.rb
new file mode 100644
index 00000000000..bd3b788bac9
--- /dev/null
+++ b/lib/safe_zip/extract_params.rb
@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module SafeZip
+  class ExtractParams
+    include Gitlab::Utils::StrongMemoize
+
+    attr_reader :directories, :extract_path
+
+    def initialize(directories:, to:)
+      @directories = directories
+      @extract_path = ::File.realpath(to)
+    end
+
+    def matching_target_directory(path)
+      target_directories.find do |directory|
+        path.start_with?(directory)
+      end
+    end
+
+    def target_directories
+      strong_memoize(:target_directories) do
+        directories.map do |directory|
+          ::File.join(::File.expand_path(directory, extract_path), '')
+        end
+      end
+    end
+
+    def directories_wildcard
+      strong_memoize(:directories_wildcard) do
+        directories.map do |directory|
+          ::File.join(directory, '*')
+        end
+      end
+    end
+  end
+end
author	Kamil Trzciński <ayufan@ayufan.eu>	2019-01-02 22:01:11 +0300
committer	Yorick Peterse <yorickpeterse@gmail.com>	2019-01-31 18:52:48 +0300
commit	66744469d4f2c444c0248b84096d252db749d01c (patch)
tree	0b71d2c71a195d61dca9b814e7fff31abe59004e /lib/safe_zip/extract_params.rb
parent	a1bf088201702ec4d36015c8f4cb635fa2ee2c5b (diff)