mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
6395b8b3dc
The commit '0a13f827a10d3bf61744d9b3f7165c5885a39c5d' introduces an import test for CVE-2017-14992, it uses a 8GB image to make sure we don't revert CVE-2017-14992, but unfortunately this test can't finish in 5-min on AArch64, as a fact, in most cases we have to crate a very big image to make the test effective on AArch64, but this will result in a test panic, so now we skip it order to avoid termination of others tests followed. Signed-off-by: Dennis Chen <dennis.chen@arm.com>
42 lines
1,014 B
Go
42 lines
1,014 B
Go
package image
|
|
|
|
import (
|
|
"archive/tar"
|
|
"bytes"
|
|
"context"
|
|
"io"
|
|
"runtime"
|
|
"testing"
|
|
|
|
"github.com/docker/docker/api/types"
|
|
"github.com/docker/docker/integration/util/request"
|
|
"github.com/docker/docker/internal/testutil"
|
|
)
|
|
|
|
// Ensure we don't regress on CVE-2017-14992.
|
|
func TestImportExtremelyLargeImageWorks(t *testing.T) {
|
|
if runtime.GOARCH == "arm64" {
|
|
t.Skip("effective test will be time out")
|
|
}
|
|
|
|
client := request.NewAPIClient(t)
|
|
|
|
// Construct an empty tar archive with about 8GB of junk padding at the
|
|
// end. This should not cause any crashes (the padding should be mostly
|
|
// ignored).
|
|
var tarBuffer bytes.Buffer
|
|
|
|
tw := tar.NewWriter(&tarBuffer)
|
|
if err := tw.Close(); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
imageRdr := io.MultiReader(&tarBuffer, io.LimitReader(testutil.DevZero, 8*1024*1024*1024))
|
|
|
|
_, err := client.ImageImport(context.Background(),
|
|
types.ImageImportSource{Source: imageRdr, SourceName: "-"},
|
|
"test1234:v42",
|
|
types.ImageImportOptions{})
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|