Merge branch 'fix/import-export-symlink-vulnerability' into 'security'

Fix symlink vulnerability in Import/Export Replaces https://dev.gitlab.org/gitlab/gitlabhq/merge_requests/2018 made by @james Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/23822 See merge request !2022 Signed-off-by: Rémy Coutable <remy@rymai.me>
author: Douwe Maan <douwe@gitlab.com> 2016-10-27 18:10:19 +0300
committer: Rémy Coutable <remy@rymai.me> 2016-11-03 18:04:18 +0300
commit: dc9b3db8b0e278399c5ce4ff9b0c5e388ecfe5b0 (patch)
tree: 21342674480918dd297a8a05f6dc511ff57783be /spec/support/import_export
parent: cfb511ea692fedffbad5b6ee1a7638b1eb78a4d6 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/spec/support/import_export/common_util.rb b/spec/support/import_export/common_util.rb
new file mode 100644
index 00000000000..2542a59bb00
--- /dev/null
+++ b/spec/support/import_export/common_util.rb
@@ -0,0 +1,10 @@
+module ImportExport
+  module CommonUtil
+    def setup_symlink(tmpdir, symlink_name)
+      allow_any_instance_of(Gitlab::ImportExport).to receive(:storage_path).and_return(tmpdir)
+
+      File.open("#{tmpdir}/test", 'w') { |file| file.write("test") }
+      FileUtils.ln_s("#{tmpdir}/test", "#{tmpdir}/#{symlink_name}")
+    end
+  end
+end
author	Douwe Maan <douwe@gitlab.com>	2016-10-27 18:10:19 +0300
committer	Rémy Coutable <remy@rymai.me>	2016-11-03 18:04:18 +0300
commit	dc9b3db8b0e278399c5ce4ff9b0c5e388ecfe5b0 (patch)
tree	21342674480918dd297a8a05f6dc511ff57783be /spec/support/import_export
parent	cfb511ea692fedffbad5b6ee1a7638b1eb78a4d6 (diff)