2018-12-11 09:03:47 -05:00
|
|
|
package manager
|
|
|
|
|
|
|
|
import (
|
Use golang.org/x/sys/execabs
On Windows, the os/exec.{Command,CommandContext,LookPath} functions
resolve command names that have neither path separators nor file extension
(e.g., "git") by first looking in the current working directory before
looking in the PATH environment variable.
Go maintainers intended to match cmd.exe's historical behavior.
However, this is pretty much never the intended behavior and as an abundance of precaution
this patch prevents that when executing commands.
Example of commands that docker.exe may execute: `git`, `docker-buildx` (or other cli plugin), `docker-credential-wincred`, `docker`.
Note that this was prompted by the [Go 1.15.7 security fixes](https://blog.golang.org/path-security), but unlike in `go.exe`,
the windows path lookups in docker are not in a code path allowing remote code execution, thus there is no security impact on docker.
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 8d199d5bba9db46b6610bd959d815ce7197402b3)
Signed-off-by: Tibor Vass <tibor@docker.com>
2021-01-25 14:18:54 -05:00
|
|
|
exec "golang.org/x/sys/execabs"
|
2018-12-11 09:03:47 -05:00
|
|
|
)
|
|
|
|
|
|
|
|
// Candidate represents a possible plugin candidate, for mocking purposes
|
|
|
|
type Candidate interface {
|
|
|
|
Path() string
|
|
|
|
Metadata() ([]byte, error)
|
|
|
|
}
|
|
|
|
|
|
|
|
type candidate struct {
|
|
|
|
path string
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *candidate) Path() string {
|
|
|
|
return c.path
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *candidate) Metadata() ([]byte, error) {
|
|
|
|
return exec.Command(c.path, MetadataSubcommandName).Output()
|
|
|
|
}
|