Add a check for path traversal in manifest_file_name (!79688) · Merge requests · GitLab.org / GitLab

Dominic Couture requested to merge dcouture-check-pt-manifest_file_name into master Feb 01, 2022

What does this MR do and why?

It was highlighted in the issue above that we could check for path traversals here out of caution (there are no known exploits). This MR adds the check.

Screenshots or screen recordings

These are strongly recommended to assist reviewers and reduce the time to merge your change.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Feb 07, 2022 by Dominic Couture

Add a check for path traversal in manifest_file_name

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports