Due to CVE-2020-29488, Percona XtraBackup is modifying how xbstream handles absolute paths to prevent malicious file injections. Like the tar archiving utility, the new behavior removes the leading ‘/’ character and references to the parent directory.
Fixes are available in Percona XtraBackup versions:
>= 2.4.22
>= 8.0.23-16.0
For example, ../../../d1/../d2/h.txt
will be saved in the stream with the relative path ./d2/h.txt
.
The updated function provides a warning when creating a stream with a file with an absolute path:
$ xbstream -c /tmp/data
xbstream: Removing leading '/' from member names
The function also will not extract files with absolute paths:
$ cat a.xb | xbstream -x -C ./restore
xbstream: absolute path not allowed: /tmp/bar.txt
Note: a stream can contain an absolute path if created with an older version of xbstream or if the following parameter is used:
-P, --absolute-names
Be aware of the following:
Scripts that call xbstream to store the path/file in an absolute path will strip the leading ‘/’ and references to ‘../’. This action could cause an unexpected result.
Extracting older formatted binaries which do contain the leading ‘/’ and path/file produce an error message and are not extracted.