From f5de2e7ff3c9e158d42df10667f03306b2c26e2e Mon Sep 17 00:00:00 2001
From: Brendan Burns <bburns@microsoft.com>
Date: Thu, 10 Dec 2020 00:19:02 +0000
Subject: [PATCH] Add path normalization for archive files.

---
 pom.xml                                           | 6 ++++++
 util/pom.xml                                      | 4 ++++
 util/src/main/java/io/kubernetes/client/Copy.java | 7 ++++++-
 3 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 80a858d595..cf6329d38e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -48,6 +48,7 @@
     <common.codec.version>1.14</common.codec.version>
     <spring.boot.version>2.3.1.RELEASE</spring.boot.version>
     <spring.version>5.2.8.RELEASE</spring.version>
+    <apache.commons.io>2.8.0</apache.commons.io>
 
     <gpg.keyname>48540ECBBF00A28EACCF04E720FD12AFB0C9EBA9</gpg.keyname>
     <gpg.passphrase>${env.GPG_PASSPHRASE}</gpg.passphrase>
@@ -97,6 +98,11 @@
         <artifactId>commons-compress</artifactId>
         <version>${apache.commons.compress}</version>
       </dependency>
+      <dependency>
+        <groupId>commons-io</groupId>
+        <artifactId>commons-io</artifactId>
+        <version>${apache.commons.io}</version>
+      </dependency>
       <dependency>
         <groupId>com.google.guava</groupId>
         <artifactId>guava</artifactId>
diff --git a/util/pom.xml b/util/pom.xml
index a886cea0c9..f64e9f90f2 100644
--- a/util/pom.xml
+++ b/util/pom.xml
@@ -38,6 +38,10 @@
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
         </dependency>
+        <dependency>
+            <groupId>commons-io</groupId>
+            <artifactId>commons-io</artifactId>
+        </dependency>
         <dependency>
             <groupId>com.google.guava</groupId>
             <artifactId>guava</artifactId>
diff --git a/util/src/main/java/io/kubernetes/client/Copy.java b/util/src/main/java/io/kubernetes/client/Copy.java
index 72e02bc592..8ea56ca283 100644
--- a/util/src/main/java/io/kubernetes/client/Copy.java
+++ b/util/src/main/java/io/kubernetes/client/Copy.java
@@ -35,6 +35,7 @@
 import org.apache.commons.compress.archivers.tar.TarArchiveInputStream;
 import org.apache.commons.compress.archivers.tar.TarArchiveOutputStream;
 import org.apache.commons.compress.compressors.gzip.GzipCompressorInputStream;
+import org.apache.commons.io.FilenameUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -137,7 +138,11 @@ public void copyDirectoryFromPod(
           log.error("Can't read: " + entry);
           continue;
         }
-        File f = new File(destination.toFile(), entry.getName());
+        String normalName = FilenameUtils.normalize(entry.getName());
+        if (normalName == null) {
+          throw new IOException("Invalid entry: " + entry.getName());
+        }
+        File f = new File(destination.toFile(), normalName);
         if (entry.isDirectory()) {
           if (!f.isDirectory() && !f.mkdirs()) {
             throw new IOException("create directory failed: " + f);