Return early if allowedPath is the root dir

author: Jaime Martinez <jmartinez@gitlab.com> 2021-04-14 05:00:34 +0300
committer: Jaime Martinez <jmartinez@gitlab.com> 2021-04-14 05:00:34 +0300
commit: d7385218659e2eb3d3948fafab5c46782809bb17 (patch)
tree: b3f314ee320b6bc1732430b0637337f1d6d9a7b7
parent: 868dab812f2ef6e23edbfa2dc86862ccc909d893 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/internal/httpfs/http_fs.go b/internal/httpfs/http_fs.go
index 1e9dff1c..17518301 100644
--- a/internal/httpfs/http_fs.go
+++ b/internal/httpfs/http_fs.go
@@ -83,6 +83,13 @@ func (p *fileSystemPaths) Open(name string) (http.File, error) {
 		return nil, err
 	}
 	for _, allowedPath := range p.allowedPaths {
+		// filepath.Abs(allowedPath) in NewFileSystemPath resolves an allowedPath to be `/` when
+		// chrootPath == allowedPath, so we need to return early if in chroot
+		//and we have stripped p.chrootPath from absPath && allowedPath
+		if p.chrootPath != "" && allowedPath == "/" {
+			return os.Open(absPath)
+		}
+
 		if strings.HasPrefix(absPath, allowedPath+"/") {
 			return os.Open(absPath)
 		}
author	Jaime Martinez <jmartinez@gitlab.com>	2021-04-14 05:00:34 +0300
committer	Jaime Martinez <jmartinez@gitlab.com>	2021-04-14 05:00:34 +0300
commit	d7385218659e2eb3d3948fafab5c46782809bb17 (patch)
tree	b3f314ee320b6bc1732430b0637337f1d6d9a7b7
parent	868dab812f2ef6e23edbfa2dc86862ccc909d893 (diff)