Copy With More Than Two Arguments Not Ending With Slash

  • Query id: 6db6e0c2-32a3-4a2e-93b5-72c35f4119db
  • Query name: Copy With More Than Two Arguments Not Ending With Slash
  • Platform: Dockerfile
  • Severity: High
  • Category: Build Process
  • URL: Github

Description

When a COPY command has more than two arguments, the last one should end with a slash
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - dockerfile file
FROM node:carbon2
COPY package.json yarn.lock my_app

Code samples without security vulnerabilities

Negative test num. 1 - dockerfile file
FROM node:carbon
COPY package.json yarn.lock my_app/
Negative test num. 2 - dockerfile file
FROM node:carbon1
COPY package.json yarn.lock