From 42c98edf90388beb2ef9f8c6c9b37fab7c7e26a2 Mon Sep 17 00:00:00 2001
From: Sebastian Schuberth <sebastian.schuberth@bosch.io>
Date: Wed, 25 May 2022 10:17:12 +0200
Subject: [PATCH] ArchiveUtils: Also do not follow symbolic links to
 directories

The fix in 3342e50 was incomplete in that only symbolic links to files
were not followed. Extend this to symbolic links to directories.

Resolves #5376, again.

Signed-off-by: Sebastian Schuberth <sebastian.schuberth@bosch.io>
---
 utils/common/src/main/kotlin/ArchiveUtils.kt   |  2 +-
 .../common/src/test/kotlin/ArchiveUtilsTest.kt | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/utils/common/src/main/kotlin/ArchiveUtils.kt b/utils/common/src/main/kotlin/ArchiveUtils.kt
index 6427b86fa3643..5286e8d3f860d 100644
--- a/utils/common/src/main/kotlin/ArchiveUtils.kt
+++ b/utils/common/src/main/kotlin/ArchiveUtils.kt
@@ -204,7 +204,7 @@ fun File.packZip(
         output.setLevel(Deflater.BEST_COMPRESSION)
 
         walkTopDown().onEnter {
-            directoryFilter(it)
+            Files.isDirectory(it.toPath(), LinkOption.NOFOLLOW_LINKS) && directoryFilter(it)
         }.filter {
             Files.isRegularFile(it.toPath(), LinkOption.NOFOLLOW_LINKS) && fileFilter(it) && it != targetFile
         }.forEach { file ->
diff --git a/utils/common/src/test/kotlin/ArchiveUtilsTest.kt b/utils/common/src/test/kotlin/ArchiveUtilsTest.kt
index e455ebbcde716..c974f0ec1abe8 100644
--- a/utils/common/src/test/kotlin/ArchiveUtilsTest.kt
+++ b/utils/common/src/test/kotlin/ArchiveUtilsTest.kt
@@ -31,6 +31,7 @@ import io.kotest.matchers.string.shouldContain
 
 import java.io.File
 import java.io.IOException
+import java.nio.file.Files
 
 import org.apache.commons.compress.archivers.ArchiveEntry
 
@@ -413,6 +414,23 @@ class ArchiveUtilsTest : WordSpec() {
                 exception.message shouldContain noArchive.toString()
             }
         }
+
+        "packZip" should {
+            "not follow symbolic links".config(enabled = Os.isLinux) {
+                val inputDir = createTestTempDir()
+                val parentDir = inputDir.resolve("parent").apply { safeMkdirs() }
+                val readmeFile = parentDir.resolve("readme.txt").apply { writeText("Hello World!") }
+                Files.createSymbolicLink(parentDir.resolve("loop-link").toPath(), parentDir.toPath())
+                Files.createSymbolicLink(parentDir.resolve("readme-link.txt").toPath(), readmeFile.toPath())
+
+                val zipFile = inputDir.packZip(outputDir.resolve("archive.zip")) {
+                    it shouldBe readmeFile
+                    true
+                }
+
+                zipFile shouldBe aFile()
+            }
+        }
     }
 }