cos-extensions: prevent path traversal in module download Implements path validation to ensure the downloaded module path is always within the intended local directory. This mitigates a potential vulnerability where a crafted module name could cause writes outside the target directory. BUG=b/507259567 TEST=built cos-extensions and tested on image, cloudbuild Change-Id: I6e432b9a43f05234c629e3a3b9f001ad8a2f5baf Reviewed-on: https://cos-review.googlesource.com/c/cos/cos-extensions/+/152503 Tested-by: Angel Adetula <angeladetula@google.com> Reviewed-by: He Gao <hegao@google.com>
cos-extensions is a tool used in Container-Optimized OS. It provides utility to manage COS extensions.
See CONTRIBUTING.md for how to contribute.