kotovalexarian-likes-github
/
moby--moby
mirror of https://github.com/moby/moby.git
1
0
Fork 0
Code Releases Activity

validate image ID properly & before load 

Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>

Conflicts:
	graph/load.go
This commit is contained in:
unclejack 2014-11-27 23:55:03 +02:00 committed by Tibor Vass
parent af2021955c
commit bff1d9dbce
4 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
graph/load.go
View File

@ -14,6 +14,7 @@ import (
"github.com/docker/docker/image" "github.com/docker/docker/image"
"github.com/docker/docker/pkg/archive" "github.com/docker/docker/pkg/archive"
"github.com/docker/docker/pkg/chrootarchive" "github.com/docker/docker/pkg/chrootarchive"
"github.com/docker/docker/utils"
) )
// Loads a set of images into the repository. This is the complementary of ImageExport. // Loads a set of images into the repository. This is the complementary of ImageExport.
@ -114,6 +115,10 @@ func (s *TagStore) recursiveLoad(eng *engine.Engine, address, tmpImageDir string
log.Debugf("Error unmarshalling json", err) log.Debugf("Error unmarshalling json", err)
return err return err
} }
if err := utils.ValidateID(img.ID); err != nil {
log.Debugf("Error validating ID: %s", err)
return err
}
if img.Parent != "" { if img.Parent != "" {
if !s.graph.Exists(img.Parent) { if !s.graph.Exists(img.Parent) {
if err := s.recursiveLoad(eng, img.Parent, tmpImageDir); err != nil { if err := s.recursiveLoad(eng, img.Parent, tmpImageDir); err != nil {

2
graph/tags_unit_test.go
View File

@ -16,7 +16,7 @@ import (
const ( const (
testImageName = "myapp" testImageName = "myapp"
testImageID = "foo" testImageID = "1a2d3c4d4e5fa2d2a21acea242a5e2345d3aefc3e7dfa2a2a2a21a2a2ad2d234"
) )
func fakeTar() (io.Reader, error) { func fakeTar() (io.Reader, error) {

4
registry/registry.go
View File

@ -23,7 +23,6 @@ var (
ErrInvalidRepositoryName = errors.New("Invalid repository name (ex: \"registry.domain.tld/myrepos\")") ErrInvalidRepositoryName = errors.New("Invalid repository name (ex: \"registry.domain.tld/myrepos\")")
ErrDoesNotExist = errors.New("Image does not exist") ErrDoesNotExist = errors.New("Image does not exist")
errLoginRequired = errors.New("Authentication is required.") errLoginRequired = errors.New("Authentication is required.")
validHex = regexp.MustCompile(`^([a-f0-9]{64})$`)
validNamespace = regexp.MustCompile(`^([a-z0-9_]{4,30})$`) validNamespace = regexp.MustCompile(`^([a-z0-9_]{4,30})$`)
validRepo = regexp.MustCompile(`^([a-z0-9-_.]+)$`) validRepo = regexp.MustCompile(`^([a-z0-9-_.]+)$`)
) )
@ -171,7 +170,8 @@ func validateRepositoryName(repositoryName string) error {
namespace = "library" namespace = "library"
name = nameParts[0] name = nameParts[0]
if validHex.MatchString(name) { // the repository name must not be a valid image ID
if err := utils.ValidateID(name); err == nil {
return fmt.Errorf("Invalid repository name (%s), cannot specify 64-byte hexadecimal strings", name) return fmt.Errorf("Invalid repository name (%s), cannot specify 64-byte hexadecimal strings", name)
} }
} else { } else {

12
utils/utils.go
View File

@ -31,6 +31,10 @@ type KeyValuePair struct {
Value string Value string
} }
var (
validHex = regexp.MustCompile(`^([a-f0-9]{64})$`)
)
// Request a given URL and return an io.Reader // Request a given URL and return an io.Reader
func Download(url string) (resp *http.Response, err error) { func Download(url string) (resp *http.Response, err error) {
if resp, err = http.Get(url); err != nil { if resp, err = http.Get(url); err != nil {
@ -190,11 +194,9 @@ func GenerateRandomID() string {
} }
func ValidateID(id string) error { func ValidateID(id string) error {
if id == "" { if ok := validHex.MatchString(id); !ok {
return fmt.Errorf("Id can't be empty") err := fmt.Errorf("image ID '%s' is invalid", id)
} return err
if strings.Contains(id, ":") {
return fmt.Errorf("Invalid character in id: ':'")
} }
return nil return nil
} }