From 534d9fc276f50fd7f2f6af88d2689c5cc4c33fa4 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn <github@gone.nl>
Date: Tue, 25 Mar 2025 13:36:00 +0100
Subject: [PATCH] vendor: github.com/docker/docker v28.0.4

full diff: https://github.com/docker/docker/compare/v28.0.2...v28.0.4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
---
 go.mod                                        |  2 +-
 go.sum                                        |  4 +-
 .../docker/pkg/atomicwriter/atomicwriter.go   | 69 +++++++++++++++++--
 vendor/modules.txt                            |  2 +-
 4 files changed, 69 insertions(+), 8 deletions(-)

diff --git a/go.mod b/go.mod
index 3e6f1064..345df38d 100644
--- a/go.mod
+++ b/go.mod
@@ -19,7 +19,7 @@ require (
 	github.com/distribution/reference v0.6.0
 	github.com/docker/cli v28.0.2+incompatible
 	github.com/docker/cli-docs-tool v0.9.0
-	github.com/docker/docker v28.0.2+incompatible
+	github.com/docker/docker v28.0.4+incompatible
 	github.com/docker/go-units v0.5.0
 	github.com/gofrs/flock v0.12.1
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
diff --git a/go.sum b/go.sum
index 3a627b14..478727fb 100644
--- a/go.sum
+++ b/go.sum
@@ -128,8 +128,8 @@ github.com/docker/cli-docs-tool v0.9.0/go.mod h1:ClrwlNW+UioiRyH9GiAOe1o3J/TsY3T
 github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
 github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
 github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v28.0.2+incompatible h1:9BILleFwug5FSSqWBgVevgL3ewDJfWWWyZVqlDMttE8=
-github.com/docker/docker v28.0.2+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v28.0.4+incompatible h1:JNNkBctYKurkw6FrHfKqY0nKIDf5nrbxjVBtS+cdcok=
+github.com/docker/docker v28.0.4+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo=
 github.com/docker/docker-credential-helpers v0.8.2/go.mod h1:P3ci7E3lwkZg6XiHdRKft1KckHiO9a2rNtyFbZ/ry9M=
 github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c h1:lzqkGL9b3znc+ZUgi7FlLnqjQhcXxkNM/quxIjBVMD0=
diff --git a/vendor/github.com/docker/docker/pkg/atomicwriter/atomicwriter.go b/vendor/github.com/docker/docker/pkg/atomicwriter/atomicwriter.go
index abf46275..e8aa7807 100644
--- a/vendor/github.com/docker/docker/pkg/atomicwriter/atomicwriter.go
+++ b/vendor/github.com/docker/docker/pkg/atomicwriter/atomicwriter.go
@@ -1,16 +1,75 @@
 package atomicwriter
 
 import (
+	"errors"
+	"fmt"
 	"io"
 	"os"
 	"path/filepath"
 )
 
+func validateDestination(fileName string) error {
+	if fileName == "" {
+		return errors.New("file name is empty")
+	}
+
+	// Deliberately using Lstat here to match the behavior of [os.Rename],
+	// which is used when completing the write and does not resolve symlinks.
+	//
+	// TODO(thaJeztah): decide whether we want to disallow symlinks or to follow them.
+	if fi, err := os.Lstat(fileName); err != nil {
+		if !os.IsNotExist(err) {
+			return fmt.Errorf("failed to stat output path: %w", err)
+		}
+	} else if err := validateFileMode(fi.Mode()); err != nil {
+		return err
+	}
+	if dir := filepath.Dir(fileName); dir != "" && dir != "." {
+		if _, err := os.Stat(dir); errors.Is(err, os.ErrNotExist) {
+			return fmt.Errorf("invalid file path: %w", err)
+		}
+	}
+	return nil
+}
+
+func validateFileMode(mode os.FileMode) error {
+	switch {
+	case mode.IsRegular():
+		return nil // Regular file
+	case mode&os.ModeDir != 0:
+		return errors.New("cannot write to a directory")
+	// TODO(thaJeztah): decide whether we want to disallow symlinks or to follow them.
+	// case mode&os.ModeSymlink != 0:
+	// 	return errors.New("cannot write to a symbolic link directly")
+	case mode&os.ModeNamedPipe != 0:
+		return errors.New("cannot write to a named pipe (FIFO)")
+	case mode&os.ModeSocket != 0:
+		return errors.New("cannot write to a socket")
+	case mode&os.ModeDevice != 0:
+		if mode&os.ModeCharDevice != 0 {
+			return errors.New("cannot write to a character device file")
+		}
+		return errors.New("cannot write to a block device file")
+	case mode&os.ModeSetuid != 0:
+		return errors.New("cannot write to a setuid file")
+	case mode&os.ModeSetgid != 0:
+		return errors.New("cannot write to a setgid file")
+	case mode&os.ModeSticky != 0:
+		return errors.New("cannot write to a sticky bit file")
+	default:
+		// Unknown file mode; let's assume it works
+		return nil
+	}
+}
+
 // New returns a WriteCloser so that writing to it writes to a
 // temporary file and closing it atomically changes the temporary file to
 // destination path. Writing and closing concurrently is not allowed.
 // NOTE: umask is not considered for the file's permissions.
 func New(filename string, perm os.FileMode) (io.WriteCloser, error) {
+	if err := validateDestination(filename); err != nil {
+		return nil, err
+	}
 	abspath, err := filepath.Abs(filename)
 	if err != nil {
 		return nil, err
@@ -49,10 +108,12 @@ type atomicFileWriter struct {
 	f        *os.File
 	fn       string
 	writeErr error
+	written  bool
 	perm     os.FileMode
 }
 
 func (w *atomicFileWriter) Write(dt []byte) (int, error) {
+	w.written = true
 	n, err := w.f.Write(dt)
 	if err != nil {
 		w.writeErr = err
@@ -62,12 +123,12 @@ func (w *atomicFileWriter) Write(dt []byte) (int, error) {
 
 func (w *atomicFileWriter) Close() (retErr error) {
 	defer func() {
-		if retErr != nil || w.writeErr != nil {
-			os.Remove(w.f.Name())
+		if err := os.Remove(w.f.Name()); !errors.Is(err, os.ErrNotExist) && retErr == nil {
+			retErr = err
 		}
 	}()
 	if err := w.f.Sync(); err != nil {
-		w.f.Close()
+		_ = w.f.Close()
 		return err
 	}
 	if err := w.f.Close(); err != nil {
@@ -76,7 +137,7 @@ func (w *atomicFileWriter) Close() (retErr error) {
 	if err := os.Chmod(w.f.Name(), w.perm); err != nil {
 		return err
 	}
-	if w.writeErr == nil {
+	if w.writeErr == nil && w.written {
 		return os.Rename(w.f.Name(), w.fn)
 	}
 	return nil
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 31507158..74279b08 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -284,7 +284,7 @@ github.com/docker/distribution/registry/client/transport
 github.com/docker/distribution/registry/storage/cache
 github.com/docker/distribution/registry/storage/cache/memory
 github.com/docker/distribution/uuid
-# github.com/docker/docker v28.0.2+incompatible
+# github.com/docker/docker v28.0.4+incompatible
 ## explicit
 github.com/docker/docker/api
 github.com/docker/docker/api/types