From 16aa36832bd7ca268cb4b1733ad3304035846ad8 Mon Sep 17 00:00:00 2001
From: Carlos A Becker <caarlos0@users.noreply.github.com>
Date: Wed, 11 May 2022 23:36:21 -0300
Subject: [PATCH] fix: archive should not actually verify links

Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
---
 pkg/archive/tar/tar.go      | 10 +++++-----
 pkg/archive/tar/tar_test.go | 10 +++-------
 pkg/archive/zip/zip.go      | 13 ++++++++-----
 pkg/archive/zip/zip_test.go | 11 +++++++++++
 4 files changed, 27 insertions(+), 17 deletions(-)

diff --git a/pkg/archive/tar/tar.go b/pkg/archive/tar/tar.go
index bdae3c4a2ba..9fa79059b60 100644
--- a/pkg/archive/tar/tar.go
+++ b/pkg/archive/tar/tar.go
@@ -28,11 +28,6 @@ func (a Archive) Close() error {
 
 // Add file to the archive.
 func (a Archive) Add(f config.File) error {
-	file, err := os.Open(f.Source) // #nosec
-	if err != nil {
-		return err
-	}
-	defer file.Close()
 	info, err := os.Lstat(f.Source) // #nosec
 	if err != nil {
 		return err
@@ -69,6 +64,11 @@ func (a Archive) Add(f config.File) error {
 	if info.IsDir() || info.Mode()&os.ModeSymlink != 0 {
 		return nil
 	}
+	file, err := os.Open(f.Source) // #nosec
+	if err != nil {
+		return err
+	}
+	defer file.Close()
 	_, err = io.Copy(a.tw, file)
 	return err
 }
diff --git a/pkg/archive/tar/tar_test.go b/pkg/archive/tar/tar_test.go
index a5beeb5eca2..b635d5c5447 100644
--- a/pkg/archive/tar/tar_test.go
+++ b/pkg/archive/tar/tar_test.go
@@ -151,15 +151,11 @@ func TestTarFileInfo(t *testing.T) {
 }
 
 func TestTarInvalidLink(t *testing.T) {
-	tmp := t.TempDir()
-	f, err := os.Create(filepath.Join(tmp, "test.tar"))
-	require.NoError(t, err)
-	defer f.Close() // nolint: errcheck
-	archive := New(f)
+	archive := New(io.Discard)
 	defer archive.Close() // nolint: errcheck
 
-	require.EqualError(t, archive.Add(config.File{
+	require.NoError(t, archive.Add(config.File{
 		Source:      "../testdata/badlink.txt",
 		Destination: "badlink.txt",
-	}), "open ../testdata/badlink.txt: no such file or directory")
+	}))
 }
diff --git a/pkg/archive/zip/zip.go b/pkg/archive/zip/zip.go
index ec2e6361ad8..507c843077f 100644
--- a/pkg/archive/zip/zip.go
+++ b/pkg/archive/zip/zip.go
@@ -34,11 +34,6 @@ func (a Archive) Close() error {
 
 // Add a file to the zip archive.
 func (a Archive) Add(f config.File) error {
-	file, err := os.Open(f.Source) // #nosec
-	if err != nil {
-		return err
-	}
-	defer file.Close()
 	info, err := os.Lstat(f.Source) // #nosec
 	if err != nil {
 		return err
@@ -62,6 +57,14 @@ func (a Archive) Add(f config.File) error {
 	if err != nil {
 		return err
 	}
+	if info.IsDir() || info.Mode()&os.ModeSymlink != 0 {
+		return nil
+	}
+	file, err := os.Open(f.Source) // #nosec
+	if err != nil {
+		return err
+	}
+	defer file.Close()
 	_, err = io.Copy(w, file)
 	return err
 }
diff --git a/pkg/archive/zip/zip_test.go b/pkg/archive/zip/zip_test.go
index fb3711496f7..464e6058e33 100644
--- a/pkg/archive/zip/zip_test.go
+++ b/pkg/archive/zip/zip_test.go
@@ -2,6 +2,7 @@ package zip
 
 import (
 	"archive/zip"
+	"io"
 	"io/fs"
 	"os"
 	"path/filepath"
@@ -136,3 +137,13 @@ func TestZipFileInfo(t *testing.T) {
 		require.Equal(t, fs.FileMode(0o755), next.FileInfo().Mode())
 	}
 }
+
+func TestTarInvalidLink(t *testing.T) {
+	archive := New(io.Discard)
+	defer archive.Close() // nolint: errcheck
+
+	require.NoError(t, archive.Add(config.File{
+		Source:      "../testdata/badlink.txt",
+		Destination: "badlink.txt",
+	}))
+}