mirrors/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-11-26 14:06:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(security): potential vulnerability of path traversal attacks EE-5303 (#8728)

Browse Source
This commit is contained in:
cmeng
2023-04-04 09:00:17 +12:00
committed by GitHub
parent 1a451823d9
commit 30a2bb0495
3 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/exec/compose_stack.go
View File

@@ -53,7 +53,7 @@ func (manager *ComposeStackManager) Up(ctx context.Context, stack *portainer.Sta
return errors.Wrap(err, "failed to create env file")
}
filePaths := stackutils.GetStackFilePaths(stack, false)
filePaths := stackutils.GetStackFilePaths(stack, true)
err = manager.deployer.Deploy(ctx, filePaths, libstack.DeployOptions{
Options: libstack.Options{
WorkingDir: stack.ProjectPath,
@@ -106,7 +106,7 @@ func (manager *ComposeStackManager) Pull(ctx context.Context, stack *portainer.S
return errors.Wrap(err, "failed to create env file")
}
filePaths := stackutils.GetStackFilePaths(stack, false)
filePaths := stackutils.GetStackFilePaths(stack, true)
err = manager.deployer.Pull(ctx, filePaths, libstack.Options{
WorkingDir: stack.ProjectPath,
EnvFilePath: envFilePath,