- Don't compress/decompress layers with unknown MIME types, and layers
in OCI artifacts.
- Don't even change manifest MIME types in these situations, whatever
happens.
- Don't substitute compressed/uncompressed variants (via
TryReusingBlobWithOptions) for OCI artifacts, if we discover the
same variants when copying images that refer to the same blobs.
Note that this does _not_ restrict compression to algorithms supported
by the SourcedImage, because that would prohibit a single-pass
conversion from v2s2 to OCI while compressing to zstd [1], and that's
a feature we currently exercise in tests. So, this prevents us from
failing to copy OCI artifacts, but users of zstd still need to be careful
about choosing OCI manually.
[1] We would need to ask the _destination_ format handler about
zstd, not the source-format SourcedImage, and we don't currently have
that infrastructure. It's also not immediately clear how to combine
this with the sequence of alternative manifest formats returned by
determineManifestConversion.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Add manifestSchema2FromFixture and manifestOCI1FromFixture
instead of open-coding the read+decode steps over and over.
The tests also fail immediately if they can't use the
fixture, instead of somehow trying to continue (and probably
crashing).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Having each test case streched across four lines doesn't
make it any more readable; seeing the test cases on the
same screen as the test body is more valuable.
Should not change (test) behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Mostly just name changes that should not change behavior,
apart from ioutil.ReadDir -> os.ReadDir avoiding per-item
lstat(2) in some cases.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Refuse to process manifest / manifest list data
that could possibly be interpreted as two different
manifest formats, because differences in how those
ambiguities are resolved could be used to bypass
image verification or review mechanisms.
Fixes CVE-2021-41190 / GHSA-77vh-xpmg-72qh .
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
... so that major-version-aware Go module import
(as opposed to vX.Y.Z+incompatible, which does not allow different
packages to use different versions) works right.
Also requires adding some more GO111MODULE=on options to Makefile.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
When copying an image, record the compression in the BlobInfo and use
the information when updating the manifest's layer infos to set the
layers' media types correctly.
Also check for supported media types when parsing a v2s2/OCI1 manifest.
Note that consumers of the containers/image library need to update
opencontainers/image-spec to commit 775207bd45b6cb8153ce218cc59351799217451f.
Fixes: github.com/containers/libpod/issues/2013
Fixes: github.com/containers/buildah/issues/1589
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Miloslav Trmač