From 0582be71e0d7aaa539392d033b6c16e4a2a30198 Mon Sep 17 00:00:00 2001
From: wangcichen <wangcichen_yewu@cmss.chinamobile.com>
Date: Thu, 25 May 2023 08:27:55 +0800
Subject: [PATCH] mounting library: secure the isolated actions

---
 repos/system_upgrade/el7toel8/libraries/mounting.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/repos/system_upgrade/el7toel8/libraries/mounting.py b/repos/system_upgrade/el7toel8/libraries/mounting.py
index c39f5ceb..670da947 100644
--- a/repos/system_upgrade/el7toel8/libraries/mounting.py
+++ b/repos/system_upgrade/el7toel8/libraries/mounting.py
@@ -140,11 +140,14 @@ class IsolatedActions(object):
         """
         Transform the path given to be prefixed with the base_dir, to get the real path on the system.
 
+        The function is secured, so it is not possible to return path outside
+        of the self.base_dir directory.
+
         Example: self.base_dir = '/var/lib/leapp/scratch/userspace'
                  path = '/etc/yum.repos.d/redhat.repo'
                  The result would be: /var/lib/leapp/scratch/userspace/etc/yum.repos.d/redhat.repo
         """
-        return os.path.join(self.base_dir, path.lstrip('/'))
+        return os.path.join(self.base_dir, os.path.abspath(path).lstrip('/'))
 
     def open(self, path, *args, **kwargs):
         """
-- 
Gitee