containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

podman network create: validate user input 

Disallow invalid/confusing names such as '../bar' or 'foo '
Closes #4184

Signed-off-by: Mrigank Krishan <mrigankkrishan@gmail.com>
This commit is contained in:
Mrigank Krishan 2019-10-04 02:00:29 +05:30
parent 86c8650c23
commit c5e26f8e40
3 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/podman/network_create.go
View File

@ -4,11 +4,12 @@ package main
import ( import (
"fmt" "fmt"
"github.com/containers/libpod/pkg/network"
"net" "net"
"github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/libpod"
"github.com/containers/libpod/pkg/adapter" "github.com/containers/libpod/pkg/adapter"
"github.com/containers/libpod/pkg/network"
"github.com/containers/libpod/pkg/rootless" "github.com/containers/libpod/pkg/rootless"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/spf13/cobra" "github.com/spf13/cobra"
@ -58,6 +59,9 @@ func networkcreateCmd(c *cliconfig.NetworkCreateValues) error {
if len(c.InputArgs) > 1 { if len(c.InputArgs) > 1 {
return errors.Errorf("only one network can be created at a time") return errors.Errorf("only one network can be created at a time")
} }
if len(c.InputArgs) > 0 && !libpod.NameRegex.MatchString(c.InputArgs[0]) {
return libpod.RegexError
}
runtime, err := adapter.GetRuntimeNoStore(getContext(), &c.PodmanCommand) runtime, err := adapter.GetRuntimeNoStore(getContext(), &c.PodmanCommand)
if err != nil { if err != nil {
return err return err

20
libpod/options.go
View File

@ -20,8 +20,8 @@ import (
) )
var ( var (
nameRegex = regexp.MustCompile("^[a-zA-Z0-9][a-zA-Z0-9_.-]*$") NameRegex = regexp.MustCompile("^[a-zA-Z0-9][a-zA-Z0-9_.-]*$")
regexError = errors.Wrapf(define.ErrInvalidArg, "names must match [a-zA-Z0-9][a-zA-Z0-9_.-]*") RegexError = errors.Wrapf(define.ErrInvalidArg, "names must match [a-zA-Z0-9][a-zA-Z0-9_.-]*")
) )
// Runtime Creation Options // Runtime Creation Options
@ -648,8 +648,8 @@ func WithName(name string) CtrCreateOption {
} }
// Check the name against a regex // Check the name against a regex
if !nameRegex.MatchString(name) { if !NameRegex.MatchString(name) {
return regexError return RegexError
} }
ctr.config.Name = name ctr.config.Name = name
@ -1426,8 +1426,8 @@ func WithVolumeName(name string) VolumeCreateOption {
} }
// Check the name against a regex // Check the name against a regex
if !nameRegex.MatchString(name) { if !NameRegex.MatchString(name) {
return regexError return RegexError
} }
volume.config.Name = name volume.config.Name = name
@ -1532,8 +1532,8 @@ func WithPodName(name string) PodCreateOption {
} }
// Check the name against a regex // Check the name against a regex
if !nameRegex.MatchString(name) { if !NameRegex.MatchString(name) {
return regexError return RegexError
} }
pod.config.Name = name pod.config.Name = name
@ -1550,8 +1550,8 @@ func WithPodHostname(hostname string) PodCreateOption {
} }
// Check the hostname against a regex // Check the hostname against a regex
if !nameRegex.MatchString(hostname) { if !NameRegex.MatchString(hostname) {
return regexError return RegexError
} }
pod.config.Hostname = hostname pod.config.Hostname = hostname

6
test/e2e/network_create_test.go
View File

@ -208,4 +208,10 @@ var _ = Describe("Podman network create", func() {
Expect(ncFail.ExitCode()).ToNot(BeZero()) Expect(ncFail.ExitCode()).ToNot(BeZero())
}) })
It("podman network create with invalid network name", func() {
nc := podmanTest.Podman([]string{"network", "create", "foo "})
nc.WaitWithDefaultTimeout()
Expect(nc.ExitCode()).ToNot(BeZero())
})
}) })