Use SplitN(2) when copying env variables

Environment variables whose value contained an equal sign where truncated Fixes containers#11891 Signed-off-by: Jhon Honce <[email protected]> <MH: Fixed cherry-pick conflicts> Signed-off-by: Matthew Heon <[email protected]>
mheon · Oct 19, 2021 · 8b87793 · 8b87793
1 parent d458bc3
commit 8b87793
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 1 deletion.
diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go
@@ -254,7 +254,7 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener
 	// Environment Variables
 	envs := map[string]string{}
 	for _, env := range imageData.Config.Env {
-		keyval := strings.Split(env, "=")
+		keyval := strings.SplitN(env, "=", 2)
 		envs[keyval[0]] = keyval[1]
 	}
 

diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go
@@ -18,6 +18,7 @@ import (
 	"github.com/containers/storage/pkg/stringid"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
+	"github.com/onsi/gomega/format"
 	. "github.com/onsi/gomega/gexec"
 	"github.com/opencontainers/selinux/go-selinux"
 )
@@ -2722,4 +2723,44 @@ invalid kube kind
 		exists.WaitWithDefaultTimeout()
 		Expect(exists).To(Exit(0))
 	})
+
+	Describe("verify environment variables", func() {
+		var maxLength int
+		BeforeEach(func() {
+			maxLength = format.MaxLength
+			format.MaxLength = 0
+		})
+		AfterEach(func() {
+			format.MaxLength = maxLength
+		})
+
+		It("values containing equal sign", func() {
+			javaToolOptions := `-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal`
+			openj9JavaOptions := `-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal -Dosgi.checkConfiguration=false`
+
+			containerfile := fmt.Sprintf(`FROM %s
+ENV JAVA_TOOL_OPTIONS=%q
+ENV OPENJ9_JAVA_OPTIONS=%q
+`,
+				ALPINE, javaToolOptions, openj9JavaOptions)
+
+			image := "podman-kube-test:env"
+			podmanTest.BuildImage(containerfile, image, "false")
+			ctnr := getCtr(withImage(image))
+			pod := getPod(withCtr(ctnr))
+			Expect(generateKubeYaml("pod", pod, kubeYaml)).Should(Succeed())
+
+			play := podmanTest.Podman([]string{"play", "kube", "--start", kubeYaml})
+			play.WaitWithDefaultTimeout()
+			Expect(play).Should(Exit(0))
+
+			inspect := podmanTest.Podman([]string{"container", "inspect", "--format=json", getCtrNameInPod(pod)})
+			inspect.WaitWithDefaultTimeout()
+			Expect(inspect).Should(Exit(0))
+
+			contents := string(inspect.Out.Contents())
+			Expect(contents).To(ContainSubstring(javaToolOptions))
+			Expect(contents).To(ContainSubstring(openj9JavaOptions))
+		})
+	})
 })