do not allow backsteps in host volume plugin

Fixes #47107

pkg/volume/validation/pv_validation.go

@@ -17,6 +17,10 @@ limitations under the License.
 package validation
 
 import (
+	"errors"
+	"path/filepath"
+	"strings"
+
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"k8s.io/kubernetes/pkg/api"
 )
@@ -53,3 +57,15 @@ func checkMountOption(pv *api.PersistentVolume) field.ErrorList {
 	}
 	return allErrs
 }
+
+// ValidatePathNoBacksteps will make sure the targetPath does not have any element which is ".."
+func ValidatePathNoBacksteps(targetPath string) error {
+	parts := strings.Split(filepath.ToSlash(targetPath), "/")
+	for _, item := range parts {
+		if item == ".." {
+			return errors.New("must not contain '..'")
+		}
+	}
+
+	return nil
+}