Re: [PR] [FLINK-29122][core] Improve robustness of FileUtils.expandDirectory() [flink]
rmetzger merged PR #24307: URL: https://github.com/apache/flink/pull/24307 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [FLINK-29122][core] Improve robustness of FileUtils.expandDirectory() [flink]
anupamaggarwal closed pull request #24307: [FLINK-29122][core] Improve robustness of FileUtils.expandDirectory() URL: https://github.com/apache/flink/pull/24307 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] [FLINK-29122][core] Improve robustness of FileUtils.expandDirectory() [flink]
flinkbot commented on PR #24307: URL: https://github.com/apache/flink/pull/24307#issuecomment-1941503032 ## CI report: * 0ab33ce4a51fbfefa0280f1123dee49d37275dcb UNKNOWN Bot commands The @flinkbot bot supports the following commands: - `@flinkbot run azure` re-run the last Azure build -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] [FLINK-29122][core] Improve robustness of FileUtils.expandDirectory() [flink]
anupamaggarwal opened a new pull request, #24307: URL: https://github.com/apache/flink/pull/24307 ## What is the purpose of the change This pull request adds additional checks to improve robustness of FileUtils.expandDirectory() method. ## Brief change log - Adds additional checks in expandDirectory() method to ensure any paths don't refer to locations outside target directory. Check is recursive and ensures the expanded path is fully contained inside the target directory. ## Verifying this change This change added tests and can be verified as follows: - Added unit test to account for relative paths within target directory (these accesses should be allowed) - Added unit test for access outside target directory (these should fail with I/O Exception) ## Does this pull request potentially affect one of the following parts: - Dependencies (does it add or upgrade a dependency): no - The public API, i.e., is any changed class annotated with `@Public(Evolving)`: no - The serializers: no - The runtime per-record code paths (performance sensitive): no - Anything that affects deployment or recovery: JobManager (and its components), Checkpointing, Kubernetes/Yarn, ZooKeeper: no - The S3 file system connector: no ## Documentation - Does this pull request introduce a new feature? no -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@flink.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
