Merge pull request moby#49152 from thaJeztah/pkg_archive_nolookups

pkg/archive: nosysFileInfo: implement tar.FileInfoNames to prevent lookups
thaJeztah · Jan 10, 2025 · d34a5f5 · d34a5f5
2 parents c2617e2 + 2b4db93
commit d34a5f5
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/pkg/archive/archive.go b/pkg/archive/archive.go
@@ -472,13 +472,35 @@ func (compression *Compression) Extension() string {
 	return ""
 }
 
+// assert that we implement [tar.FileInfoNames].
+//
+// TODO(thaJeztah): disabled to allow compiling on < go1.23. un-comment once we drop support for older versions of go.
+// var _ tar.FileInfoNames = (*nosysFileInfo)(nil)
+
 // nosysFileInfo hides the system-dependent info of the wrapped FileInfo to
 // prevent tar.FileInfoHeader from introspecting it and potentially calling into
 // glibc.
+//
+// It implements [tar.FileInfoNames] to further prevent [tar.FileInfoHeader]
+// from performing any lookups on go1.23 and up. see https://go.dev/issue/50102
 type nosysFileInfo struct {
 	os.FileInfo
 }
 
+// Uname stubs out looking up username. It implements [tar.FileInfoNames]
+// to prevent [tar.FileInfoHeader] from loading libraries to perform
+// username lookups.
+func (fi nosysFileInfo) Uname() (string, error) {
+	return "", nil
+}
+
+// Gname stubs out looking up group-name. It implements [tar.FileInfoNames]
+// to prevent [tar.FileInfoHeader] from loading libraries to perform
+// username lookups.
+func (fi nosysFileInfo) Gname() (string, error) {
+	return "", nil
+}
+
 func (fi nosysFileInfo) Sys() interface{} {
 	// A Sys value of type *tar.Header is safe as it is system-independent.
 	// The tar.FileInfoHeader function copies the fields into the returned