libpod: Ensure that generated container names are random

Fixes containers#15569. Signed-off-by: Doug Rabson <[email protected]>
mheon · Sep 6, 2022 · 85f3c27 · 85f3c27
1 parent 48a02aa
commit 85f3c27
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 0 deletions.
diff --git a/libpod/runtime.go b/libpod/runtime.go
@@ -6,6 +6,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"math/rand"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -127,6 +128,13 @@ type Runtime struct {
 	secretsManager *secrets.SecretsManager
 }
 
+func init() {
+	// generateName calls namesgenerator.GetRandomName which the
+	// global RNG from math/rand. Seed it here to make sure we
+	// don't get the same name every time.
+	rand.Seed(time.Now().UnixNano())
+}
+
 // SetXdgDirs ensures the XDG_RUNTIME_DIR env and XDG_CONFIG_HOME variables are set.
 // containers/image uses XDG_RUNTIME_DIR to locate the auth file, XDG_CONFIG_HOME is
 // use for the containers.conf configuration file.

diff --git a/libpod/runtime_test.go b/libpod/runtime_test.go
@@ -0,0 +1,28 @@
+package libpod
+
+import (
+	"math/rand"
+	"os"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_generateName(t *testing.T) {
+	state, path, _, err := getEmptyBoltState()
+	assert.NoError(t, err)
+	defer os.RemoveAll(path)
+	defer state.Close()
+
+	r := &Runtime{
+		state: state,
+	}
+
+	// Test that (*Runtime).generateName returns different names
+	// if called twice, even if the global RNG has the default
+	// seed.
+	n1, _ := r.generateName()
+	rand.Seed(1)
+	n2, _ := r.generateName()
+	assert.NotEqual(t, n1, n2)
+}