From fb63cfa9a502e2410597422f8877cf16b0bbaad2 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Sat, 11 Jan 2014 05:46:11 -0700
Subject: [PATCH 1/2] Stop ADD from following symlinks outside the context when
 passed as the first argument

Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
---
 buildfile.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/buildfile.go b/buildfile.go
index de03e5879f..6b568d7563 100644
--- a/buildfile.go
+++ b/buildfile.go
@@ -287,6 +287,11 @@ func (b *buildFile) CmdVolume(args string) error {
 
 func (b *buildFile) checkPathForAddition(orig string) error {
 	origPath := path.Join(b.contextPath, orig)
+	if p, err := filepath.EvalSymlinks(origPath); err != nil {
+		return err
+	} else {
+		origPath = p
+	}
 	if !strings.HasPrefix(origPath, b.contextPath) {
 		return fmt.Errorf("Forbidden path outside the build context: %s (%s)", orig, origPath)
 	}

From 7a6255efbcb83458ca179b2148fda7a0160a4bd7 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Tue, 14 Jan 2014 11:42:03 -0700
Subject: [PATCH 2/2] Fix "foo: no such file or directory" test failure, and
 normalize creation of custom error to always depend on if os.IsNotExist(err)
 so we don't hide other errors that might crop up in these tests

Docker-DCO-1.1-Signed-off-by: Andrew Page <admwiggin@gmail.com> (github: tianon)
---
 buildfile.go | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/buildfile.go b/buildfile.go
index 6b568d7563..2b6d40c15d 100644
--- a/buildfile.go
+++ b/buildfile.go
@@ -288,6 +288,9 @@ func (b *buildFile) CmdVolume(args string) error {
 func (b *buildFile) checkPathForAddition(orig string) error {
 	origPath := path.Join(b.contextPath, orig)
 	if p, err := filepath.EvalSymlinks(origPath); err != nil {
+		if os.IsNotExist(err) {
+			return fmt.Errorf("%s: no such file or directory", orig)
+		}
 		return err
 	} else {
 		origPath = p
@@ -297,7 +300,10 @@ func (b *buildFile) checkPathForAddition(orig string) error {
 	}
 	_, err := os.Stat(origPath)
 	if err != nil {
-		return fmt.Errorf("%s: no such file or directory", orig)
+		if os.IsNotExist(err) {
+			return fmt.Errorf("%s: no such file or directory", orig)
+		}
+		return err
 	}
 	return nil
 }
@@ -313,7 +319,10 @@ func (b *buildFile) addContext(container *Container, orig, dest string) error {
 	}
 	fi, err := os.Stat(origPath)
 	if err != nil {
-		return fmt.Errorf("%s: no such file or directory", orig)
+		if os.IsNotExist(err) {
+			return fmt.Errorf("%s: no such file or directory", orig)
+		}
+		return err
 	}
 	if fi.IsDir() {
 		if err := archive.CopyWithTar(origPath, destPath); err != nil {