From 7631634813784899d68d266c80d60ea582a13543 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= Date: Sat, 11 Sep 2021 05:50:24 +0200 Subject: [PATCH] Make validateKey a bit more strict MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit For now, reject things that look like tags or digests, but still accept clearly invalid characters. Signed-off-by: Miloslav Trmač --- pkg/docker/config/config.go | 19 ++++++++++++++++--- pkg/docker/config/config_test.go | 6 ++++++ 2 files changed, 22 insertions(+), 3 deletions(-) diff --git a/pkg/docker/config/config.go b/pkg/docker/config/config.go index 66dc3d8cb0..642057cd73 100644 --- a/pkg/docker/config/config.go +++ b/pkg/docker/config/config.go @@ -773,11 +773,24 @@ func normalizeRegistry(registry string) string { // validateKey verifies that the input key does not have a prefix that is not // allowed and returns an indicator if the key is namespaced. -func validateKey(key string) (isNamespaced bool, err error) { +func validateKey(key string) (bool, error) { if strings.HasPrefix(key, "http://") || strings.HasPrefix(key, "https://") { - return isNamespaced, errors.Errorf("key %s contains http[s]:// prefix", key) + return false, errors.Errorf("key %s contains http[s]:// prefix", key) } + // Ideally this should only accept explicitly valid keys, compare + // validateIdentityRemappingPrefix. For now, just reject values that look + // like tagged or digested values. + if strings.ContainsRune(key, '@') { + return false, fmt.Errorf(`key %s contains a '@' character`, key) + } + + firstSlash := strings.IndexRune(key, '/') + isNamespaced := firstSlash != -1 + // Reject host/repo:tag, but allow localhost:5000 and localhost:5000/foo. + if isNamespaced && strings.ContainsRune(key[firstSlash+1:], ':') { + return false, fmt.Errorf(`key %s contains a ':' character after host[:port]`, key) + } // check if the provided key contains one or more subpaths. - return strings.ContainsRune(key, '/'), nil + return isNamespaced, nil } diff --git a/pkg/docker/config/config_test.go b/pkg/docker/config/config_test.go index 444e0b4226..8b4036aa21 100644 --- a/pkg/docker/config/config_test.go +++ b/pkg/docker/config/config_test.go @@ -862,6 +862,10 @@ func TestValidateKey(t *testing.T) { // Invalid keys for _, key := range []string{ "https://my-registry.local", + "host/foo:tag", + "host/foo@digest", + "localhost:5000/repo:tag", + "localhost:5000/repo@digest", } { _, err := validateKey(key) assert.Error(t, err, key) @@ -875,6 +879,8 @@ func TestValidateKey(t *testing.T) { {"my-registry.local", false}, {"my-registry.local/path", true}, {"quay.io/a/b/c/d", true}, + {"localhost:5000", false}, + {"localhost:5000/repo", true}, } { isNamespaced, err := validateKey(tc.key) require.NoError(t, err, tc.key)