From c4b777db2fe1707f1bd12d9d5f592905be2cbff9 Mon Sep 17 00:00:00 2001
From: neargle <yourneargo@gmail.com>
Date: Fri, 15 Nov 2024 20:26:30 +0800
Subject: [PATCH 1/2] fix (exp shim-pwn): #104 merged directory appears twice
 in path

---
 pkg/exploit/escaping/containerd_shim_pwn.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/pkg/exploit/escaping/containerd_shim_pwn.go b/pkg/exploit/escaping/containerd_shim_pwn.go
index d74361b..6beea23 100644
--- a/pkg/exploit/escaping/containerd_shim_pwn.go
+++ b/pkg/exploit/escaping/containerd_shim_pwn.go
@@ -26,6 +26,7 @@ import (
 	"log"
 	"net"
 	"os"
+	"path/filepath"
 	"regexp"
 	"strings"
 
@@ -123,7 +124,9 @@ func containerdShimApiExp(sock, shellCmd, rhost, rport string) error {
 	localBundlePath := fmt.Sprintf("/cdk_%s", util.RandString(6))
 	os.Mkdir(localBundlePath, os.ModePerm)
 
-	dockerAbsPath := GetDockerAbsPath() + "/merged" + localBundlePath
+	absPath := GetDockerAbsPath()
+	absPath = strings.TrimSuffix(absPath, "/merged")
+	dockerAbsPath := filepath.Join(absPath, "merged", localBundlePath)
 
 	var payloadShellCmd = ""
 	if len(shellCmd) > 0 {

From adbae2f9653c3b1e2f8596fc33bb9394af1eddc3 Mon Sep 17 00:00:00 2001
From: neargle <yourneargo@gmail.com>
Date: Fri, 15 Nov 2024 20:48:35 +0800
Subject: [PATCH 2/2] fix(gh action - release): automatically failed because it
 uses a deprecated version

---
 .github/workflows/build_and_release.yml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/build_and_release.yml b/.github/workflows/build_and_release.yml
index 98d8003..1f6d0b4 100644
--- a/.github/workflows/build_and_release.yml
+++ b/.github/workflows/build_and_release.yml
@@ -1,8 +1,9 @@
 name: CDK CI
 
 on:
+  workflow_dispatch:
   release:
-      types: [released]
+      types: [released, prereleased]
 
 jobs:
 
@@ -13,7 +14,7 @@ jobs:
     steps:
       - uses: actions/setup-go@v2
         with:
-          go-version: 1.15
+          go-version: 1.22.2
       - uses: actions/setup-node@v1
         with:
           node-version: 10.x
@@ -21,7 +22,7 @@ jobs:
         with:
           fetch-depth: 0
 
-      - uses: actions/download-artifact@v2
+      - uses: actions/download-artifact@v4
       - name: Upload Release and Renew Changelog
         env:
           UPLOAD_URL: ${{ github.event.release.upload_url }}
@@ -30,6 +31,7 @@ jobs:
           RELEASE_URL: ${{ github.event.release.url }}
 
         run: |
+          set -euo pipefail
           set -x
 
           go get github.com/mitchellh/gox