Commit ffee05c2 authored by Grzegorz Bizon's avatar Grzegorz Bizon

Improve invalid build artifacts metadata path matcher

parent f80d7a86
...@@ -43,6 +43,7 @@ module Gitlab ...@@ -43,6 +43,7 @@ module Gitlab
def match_entries(gz) def match_entries(gz)
paths, metadata = [], [] paths, metadata = [], []
match_pattern = %r{^#{Regexp.escape(@path)}[^/\s]*/?$} match_pattern = %r{^#{Regexp.escape(@path)}[^/\s]*/?$}
invalid_pattern = %r{(^\.?\.?/)|(/\.?\.?/)}
until gz.eof? do until gz.eof? do
begin begin
...@@ -50,7 +51,7 @@ module Gitlab ...@@ -50,7 +51,7 @@ module Gitlab
meta = read_string(gz) meta = read_string(gz)
next unless path =~ match_pattern next unless path =~ match_pattern
next unless path_valid?(path) next if path =~ invalid_pattern
paths.push(path) paths.push(path)
metadata.push(JSON.parse(meta.chomp, symbolize_names: true)) metadata.push(JSON.parse(meta.chomp, symbolize_names: true))
...@@ -62,10 +63,6 @@ module Gitlab ...@@ -62,10 +63,6 @@ module Gitlab
[paths, metadata] [paths, metadata]
end end
def path_valid?(path)
!(path.start_with?('/') || path =~ %r{\.?\./})
end
def read_version def read_version
gzip do|gz| gzip do|gz|
version_string = read_string(gz) version_string = read_string(gz)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment