|
 |
a2b5ed |
From 4dea7eefc1a7ff0083bf47cda22247067488ace0 Mon Sep 17 00:00:00 2001
|
|
|
a2b5ed |
From: unclejack <unclejacksons@gmail.com>
|
|
|
a2b5ed |
Date: Thu, 27 Nov 2014 23:55:03 +0200
|
|
|
a2b5ed |
Subject: [PATCH 7/9] validate image ID properly & before load
|
|
|
a2b5ed |
|
|
|
a2b5ed |
Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
|
|
|
a2b5ed |
---
|
|
|
a2b5ed |
graph/load.go | 5 +++++
|
|
|
a2b5ed |
graph/tags_unit_test.go | 2 +-
|
|
|
a2b5ed |
registry/registry.go | 4 ++--
|
|
|
a2b5ed |
utils/utils.go | 12 +++++++-----
|
|
|
a2b5ed |
4 files changed, 15 insertions(+), 8 deletions(-)
|
|
|
a2b5ed |
|
|
|
a2b5ed |
diff --git a/graph/load.go b/graph/load.go
|
|
|
a2b5ed |
index fcbeef6..f27aca4 100644
|
|
|
a2b5ed |
--- a/graph/load.go
|
|
|
a2b5ed |
+++ b/graph/load.go
|
|
|
a2b5ed |
@@ -12,6 +12,7 @@ import (
|
|
|
a2b5ed |
"github.com/docker/docker/pkg/archive"
|
|
|
a2b5ed |
"github.com/docker/docker/pkg/chrootarchive"
|
|
|
a2b5ed |
"github.com/docker/docker/pkg/log"
|
|
|
a2b5ed |
+ "github.com/docker/docker/utils"
|
|
|
a2b5ed |
)
|
|
|
a2b5ed |
|
|
|
a2b5ed |
// Loads a set of images into the repository. This is the complementary of ImageExport.
|
|
|
a2b5ed |
@@ -112,6 +113,10 @@ func (s *TagStore) recursiveLoad(eng *engine.Engine, address, tmpImageDir string
|
|
|
a2b5ed |
log.Debugf("Error unmarshalling json", err)
|
|
|
a2b5ed |
return err
|
|
|
a2b5ed |
}
|
|
|
a2b5ed |
+ if err := utils.ValidateID(img.ID); err != nil {
|
|
|
a2b5ed |
+ log.Debugf("Error validating ID: %s", err)
|
|
|
a2b5ed |
+ return err
|
|
|
a2b5ed |
+ }
|
|
|
a2b5ed |
if img.Parent != "" {
|
|
|
a2b5ed |
if !s.graph.Exists(img.Parent) {
|
|
|
a2b5ed |
if err := s.recursiveLoad(eng, img.Parent, tmpImageDir); err != nil {
|
|
|
a2b5ed |
diff --git a/graph/tags_unit_test.go b/graph/tags_unit_test.go
|
|
|
a2b5ed |
index da51254..bf94deb 100644
|
|
|
a2b5ed |
--- a/graph/tags_unit_test.go
|
|
|
a2b5ed |
+++ b/graph/tags_unit_test.go
|
|
|
a2b5ed |
@@ -16,7 +16,7 @@ import (
|
|
|
a2b5ed |
|
|
|
a2b5ed |
const (
|
|
|
a2b5ed |
testImageName = "myapp"
|
|
|
a2b5ed |
- testImageID = "foo"
|
|
|
a2b5ed |
+ testImageID = "1a2d3c4d4e5fa2d2a21acea242a5e2345d3aefc3e7dfa2a2a2a21a2a2ad2d234"
|
|
|
a2b5ed |
)
|
|
|
a2b5ed |
|
|
|
a2b5ed |
func fakeTar() (io.Reader, error) {
|
|
|
a2b5ed |
diff --git a/registry/registry.go b/registry/registry.go
|
|
|
a2b5ed |
index a03790a..e0285a2 100644
|
|
|
a2b5ed |
--- a/registry/registry.go
|
|
|
a2b5ed |
+++ b/registry/registry.go
|
|
|
a2b5ed |
@@ -23,7 +23,6 @@ var (
|
|
|
a2b5ed |
ErrInvalidRepositoryName = errors.New("Invalid repository name (ex: \"registry.domain.tld/myrepos\")")
|
|
|
a2b5ed |
ErrDoesNotExist = errors.New("Image does not exist")
|
|
|
a2b5ed |
errLoginRequired = errors.New("Authentication is required.")
|
|
|
a2b5ed |
- validHex = regexp.MustCompile(`^([a-f0-9]{64})$`)
|
|
|
a2b5ed |
validNamespace = regexp.MustCompile(`^([a-z0-9_]{4,30})$`)
|
|
|
a2b5ed |
validRepo = regexp.MustCompile(`^([a-z0-9-_.]+)$`)
|
|
|
a2b5ed |
)
|
|
|
a2b5ed |
@@ -177,7 +176,8 @@ func validateRepositoryName(repositoryName string) error {
|
|
|
a2b5ed |
namespace = "library"
|
|
|
a2b5ed |
name = nameParts[0]
|
|
|
a2b5ed |
|
|
|
a2b5ed |
- if validHex.MatchString(name) {
|
|
|
a2b5ed |
+ // the repository name must not be a valid image ID
|
|
|
a2b5ed |
+ if err := utils.ValidateID(name); err == nil {
|
|
|
a2b5ed |
return fmt.Errorf("Invalid repository name (%s), cannot specify 64-byte hexadecimal strings", name)
|
|
|
a2b5ed |
}
|
|
|
a2b5ed |
} else {
|
|
|
a2b5ed |
diff --git a/utils/utils.go b/utils/utils.go
|
|
|
a2b5ed |
index 792b80b..4c65f13 100644
|
|
|
a2b5ed |
--- a/utils/utils.go
|
|
|
a2b5ed |
+++ b/utils/utils.go
|
|
|
a2b5ed |
@@ -31,6 +31,10 @@ type KeyValuePair struct {
|
|
|
a2b5ed |
Value string
|
|
|
a2b5ed |
}
|
|
|
a2b5ed |
|
|
|
a2b5ed |
+var (
|
|
|
a2b5ed |
+ validHex = regexp.MustCompile(`^([a-f0-9]{64})$`)
|
|
|
a2b5ed |
+)
|
|
|
a2b5ed |
+
|
|
|
a2b5ed |
// Request a given URL and return an io.Reader
|
|
|
a2b5ed |
func Download(url string) (resp *http.Response, err error) {
|
|
|
a2b5ed |
if resp, err = http.Get(url); err != nil {
|
|
|
a2b5ed |
@@ -190,11 +194,9 @@ func GenerateRandomID() string {
|
|
|
a2b5ed |
}
|
|
|
a2b5ed |
|
|
|
a2b5ed |
func ValidateID(id string) error {
|
|
|
a2b5ed |
- if id == "" {
|
|
|
a2b5ed |
- return fmt.Errorf("Id can't be empty")
|
|
|
a2b5ed |
- }
|
|
|
a2b5ed |
- if strings.Contains(id, ":") {
|
|
|
a2b5ed |
- return fmt.Errorf("Invalid character in id: ':'")
|
|
|
a2b5ed |
+ if ok := validHex.MatchString(id); !ok {
|
|
|
a2b5ed |
+ err := fmt.Errorf("image ID '%s' is invalid", id)
|
|
|
a2b5ed |
+ return err
|
|
|
a2b5ed |
}
|
|
|
a2b5ed |
return nil
|
|
|
a2b5ed |
}
|
|
|
a2b5ed |
--
|
|
|
a2b5ed |
1.9.3 (Apple Git-50)
|
|
|
a2b5ed |
|