kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Return error on invalid --change command

Browse source 
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>

Docker-DCO-1.1-Signed-off-by: Michael Crosby <crosbymichael@gmail.com> (github: rhatdan)
This commit is contained in:
Michael Crosby 2014-10-24 21:11:00 +00:00 committed by Dan Walsh
parent 6d4cd446fe
commit 3210d13fc8
1 changed files with 22 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
builder/job.go
View file

@ -3,7 +3,6 @@ package builder
import ( import (
"bytes" "bytes"
"encoding/json" "encoding/json"
"fmt"
"io" "io"
"io/ioutil" "io/ioutil"
"os" "os"
@ -22,6 +21,18 @@ import (
"github.com/docker/docker/utils" "github.com/docker/docker/utils"
) )
// whitelist of commands allowed for a commit
var validCommitCommands = map[string]bool{
"entrypoint": true,
"cmd": true,
"user": true,
"workdir": true,
"env": true,
"volume": true,
"expose": true,
"onbuild": true,
}
type BuilderJob struct { type BuilderJob struct {
Engine *engine.Engine Engine *engine.Engine
Daemon *daemon.Daemon Daemon *daemon.Daemon
@ -149,18 +160,8 @@ func (b *BuilderJob) CmdBuildConfig(job *engine.Job) engine.Status {
if len(job.Args) != 0 { if len(job.Args) != 0 {
return job.Errorf("Usage: %s\n", job.Name) return job.Errorf("Usage: %s\n", job.Name)
} }
var (
validCmd = map[string]struct{}{
"entrypoint": {},
"cmd": {},
"user": {},
"workdir": {},
"env": {},
"volume": {},
"expose": {},
"onbuild": {},
}
var (
changes = job.Getenv("changes") changes = job.Getenv("changes")
newConfig runconfig.Config newConfig runconfig.Config
) )
@ -174,6 +175,13 @@ func (b *BuilderJob) CmdBuildConfig(job *engine.Job) engine.Status {
return job.Error(err) return job.Error(err)
} }
// ensure that the commands are valid
for _, n := range ast.Children {
if !validCommitCommands[n.Value] {
return job.Errorf("%s is not a valid change command", n.Value)
}
}
builder := &Builder{ builder := &Builder{
Daemon: b.Daemon, Daemon: b.Daemon,
Engine: b.Engine, Engine: b.Engine,
@ -184,13 +192,8 @@ func (b *BuilderJob) CmdBuildConfig(job *engine.Job) engine.Status {
} }
for i, n := range ast.Children { for i, n := range ast.Children {
cmd := n.Value if err := builder.dispatch(i, n); err != nil {
if _, ok := validCmd[cmd]; ok { return job.Error(err)
if err := builder.dispatch(i, n); err != nil {
return job.Error(err)
}
} else {
fmt.Fprintf(builder.ErrStream, "# Skipping serialization of instruction %s\n", strings.ToUpper(cmd))
} }
} }