docker
/
docker-py
mirror of https://github.com/docker/docker-py.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Rewrite access check in create_archive with EAFP 

Signed-off-by: Joffrey F <joffrey@docker.com>
This commit is contained in:
Joffrey F 2018-02-05 13:11:19 -08:00
parent 539b321bd1
commit 6de7bab22f
2 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docker/utils/utils.py
View File

@ -97,10 +97,6 @@ def create_archive(root, files=None, fileobj=None, gzip=False):
for path in files:
full_path = os.path.join(root, path)
if os.lstat(full_path).st_mode & os.R_OK == 0:
raise IOError(
'Can not access file in context: {}'.format(full_path)
)
i = t.gettarinfo(full_path, arcname=path)
if i is None:
# This happens when we encounter a socket file. We can safely
@ -121,7 +117,9 @@ def create_archive(root, files=None, fileobj=None, gzip=False):
with open(full_path, 'rb') as f:
t.addfile(i, f)
except IOError:
t.addfile(i, None)
raise IOError(
'Can not read file in context: {}'.format(full_path)
)
else:
# Directories, FIFOs, symlinks... don't need to be read.
t.addfile(i, None)

8
tests/unit/utils_test.py
View File

@ -933,7 +933,10 @@ class TarTest(unittest.TestCase):
tar_data = tarfile.open(fileobj=archive)
assert sorted(tar_data.getnames()) == ['bar', 'foo']
@pytest.mark.skipif(IS_WINDOWS_PLATFORM, reason='No chmod on Windows')
@pytest.mark.skipif(
IS_WINDOWS_PLATFORM or os.geteuid() == 0,
reason='root user always has access ; no chmod on Windows'
)
def test_tar_with_inaccessible_file(self):
base = tempfile.mkdtemp()
full_path = os.path.join(base, 'foo')
@ -944,8 +947,9 @@ class TarTest(unittest.TestCase):
with pytest.raises(IOError) as ei:
tar(base)
assert 'Can not access file in context: {}'.format(full_path) in \
assert 'Can not read file in context: {}'.format(full_path) in (
ei.exconly()
)
@pytest.mark.skipif(IS_WINDOWS_PLATFORM, reason='No symlinks on Windows')
def test_tar_with_file_symlinks(self):