Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

golang-crossbuild: fix the issue with the CVE-2022-24765 #34241

Closed
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion dev-tools/mage/crossbuild.go
Original file line number Diff line number Diff line change
Expand Up @@ -272,7 +272,7 @@ func (b GolangCrossBuilder) Build() error {
return fmt.Errorf("failed to determine repo root and package sub dir: %w", err)
}

mountPoint := filepath.ToSlash(filepath.Join("/go", "src", repoInfo.CanonicalRootImportPath))
mountPoint, _ := DockerMountPoint()
// use custom dir for build if given, subdir if not:
cwd := repoInfo.SubDir
if b.InDir != "" {
Expand Down Expand Up @@ -346,6 +346,15 @@ func (b GolangCrossBuilder) Build() error {
return dockerRun(args...)
}

func DockerMountPoint() (string, error) {
repoInfo, err := GetProjectRepoInfo()
if err != nil {
return "", err
}

return filepath.ToSlash(filepath.Join("/go", "src", repoInfo.CanonicalRootImportPath)), nil
}

// DockerChown chowns files generated during build. EXEC_UID and EXEC_GID must
// be set in the containers environment otherwise this is a noop.
func DockerChown(path string) {
Expand Down
11 changes: 11 additions & 0 deletions dev-tools/mage/pkgdeps.go
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,17 @@ func (i *PackageInstaller) Install(p PlatformDescription) error {
}

func installDependencies(arch string, pkgs ...string) error {
fmt.Printf(">>> installDependencies: Building for %v\n", arch)
// See https://github.com/elastic/golang-crossbuild/issues/232
mountPoint, err := DockerMountPoint()
if err != nil {
return err
}
// use custom dir for build if given, subdir if not:
if err := sh.Run("git", "config", "--global", "--add", "safe.directory", mountPoint); err != nil {
return err
}

if arch != "" {
err := sh.Run("dpkg", "--add-architecture", arch)
if err != nil {
Expand Down