From 98003b449757cc19d456f006b211333f20c72eda Mon Sep 17 00:00:00 2001
From: Xiangce Liu <xiangceliu@redhat.com>
Date: Wed, 15 Jan 2025 19:10:12 +0800
Subject: [PATCH] fix: CWE-23 detected by Snyk in apply_spec_filters

- RHINENG-14792, RHINENG-14796

Signed-off-by: Xiangce Liu <xiangceliu@redhat.com>
---
 insights/tools/apply_spec_filters.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/insights/tools/apply_spec_filters.py b/insights/tools/apply_spec_filters.py
index 296238ce59..068144192d 100644
--- a/insights/tools/apply_spec_filters.py
+++ b/insights/tools/apply_spec_filters.py
@@ -42,6 +42,8 @@ def apply_filters(_format, _plugins, output=None):
 
     load_packages(parse_plugins(_plugins))
 
+    output = os.path.realpath(output)
+
     if _format == "yaml":
         yaml_path = output
         if not yaml_path:
@@ -85,12 +87,12 @@ def apply_filters(_format, _plugins, output=None):
         uploader_json["version"] = datetime.now().isoformat()
 
         pattern = re.compile(",")
-        output = "\n".join(
+        json_content = "\n".join(
             pattern.sub(",", l) for l in json.dumps(uploader_json, indent=4).splitlines()
         )
 
         with open(json_path, "w") as fp:
-            fp.write(output)
+            fp.write(json_content)
     return 0