Process changed files to avoid path traversal.
(ctx: Context, event_name: str, changed_files: pathlib.Path)
| 76 | }, |
| 77 | ) |
| 78 | def process_changed_files(ctx: Context, event_name: str, changed_files: pathlib.Path): |
| 79 | """ |
| 80 | Process changed files to avoid path traversal. |
| 81 | """ |
| 82 | github_output = os.environ.get("GITHUB_OUTPUT") |
| 83 | if github_output is None: |
| 84 | ctx.warn("The 'GITHUB_OUTPUT' variable is not set.") |
| 85 | ctx.exit(1) |
| 86 | |
| 87 | if TYPE_CHECKING: |
| 88 | assert github_output is not None |
| 89 | |
| 90 | if not changed_files.exists(): |
| 91 | ctx.error(f"The '{changed_files}' file does not exist.") |
| 92 | ctx.exit(1) |
| 93 | |
| 94 | contents = changed_files.read_text() |
| 95 | if not contents: |
| 96 | if event_name == "pull_request": |
| 97 | ctx.error(f"The '{changed_files}' file is empty.") |
| 98 | ctx.exit(1) |
| 99 | else: |
| 100 | ctx.debug(f"The '{changed_files}' file is empty.") |
| 101 | with open(github_output, "a", encoding="utf-8") as wfh: |
| 102 | wfh.write(f"changed-files={json.dumps({})}\n") |
| 103 | ctx.exit(0) |
| 104 | |
| 105 | try: |
| 106 | changed_files_contents = json.loads(contents) |
| 107 | except Exception as exc: |
| 108 | ctx.error(f"Could not load the changed files from '{changed_files}': {exc}") |
| 109 | ctx.exit(1) |
| 110 | |
| 111 | sanitized_changed_files = {} |
| 112 | ctx.info("Sanitizing paths and confirming no path traversal is being used...") |
| 113 | for key, data in changed_files_contents.items(): |
| 114 | try: |
| 115 | loaded_data = json.loads(data) |
| 116 | except ValueError: |
| 117 | loaded_data = data |
| 118 | if key.endswith("_files"): |
| 119 | files = set() |
| 120 | for entry in list(loaded_data): |
| 121 | if not entry: |
| 122 | loaded_data.remove(entry) |
| 123 | try: |
| 124 | entry = ( |
| 125 | tools.utils.REPO_ROOT.joinpath(entry) |
| 126 | .resolve() |
| 127 | .relative_to(tools.utils.REPO_ROOT) |
| 128 | ) |
| 129 | except ValueError: |
| 130 | ctx.error( |
| 131 | f"While processing the changed files key {key!r}, the " |
| 132 | f"path entry {entry!r} was checked and it's not relative " |
| 133 | "to the repository root." |
| 134 | ) |
| 135 | ctx.exit(1) |