From 8b87793d4878026d5d4f734409f33fe873160115 Mon Sep 17 00:00:00 2001
From: Jhon Honce <jhonce@redhat.com>
Date: Mon, 11 Oct 2021 09:11:32 -0700
Subject: [PATCH] Use SplitN(2) when copying env variables

Environment variables whose value contained an equal sign where
truncated

Fixes #11891

Signed-off-by: Jhon Honce <jhonce@redhat.com>

<MH: Fixed cherry-pick conflicts>

Signed-off-by: Matthew Heon <matthew.heon@pm.me>
---
 pkg/specgen/generate/kube/kube.go |  2 +-
 test/e2e/play_kube_test.go        | 41 +++++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go
index 27a1e5a722..7072a5821c 100644
--- a/pkg/specgen/generate/kube/kube.go
+++ b/pkg/specgen/generate/kube/kube.go
@@ -254,7 +254,7 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener
 	// Environment Variables
 	envs := map[string]string{}
 	for _, env := range imageData.Config.Env {
-		keyval := strings.Split(env, "=")
+		keyval := strings.SplitN(env, "=", 2)
 		envs[keyval[0]] = keyval[1]
 	}
 
diff --git a/test/e2e/play_kube_test.go b/test/e2e/play_kube_test.go
index 0d5b9d52c2..c31b89650f 100644
--- a/test/e2e/play_kube_test.go
+++ b/test/e2e/play_kube_test.go
@@ -18,6 +18,7 @@ import (
 	"github.com/containers/storage/pkg/stringid"
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
+	"github.com/onsi/gomega/format"
 	. "github.com/onsi/gomega/gexec"
 	"github.com/opencontainers/selinux/go-selinux"
 )
@@ -2722,4 +2723,44 @@ invalid kube kind
 		exists.WaitWithDefaultTimeout()
 		Expect(exists).To(Exit(0))
 	})
+
+	Describe("verify environment variables", func() {
+		var maxLength int
+		BeforeEach(func() {
+			maxLength = format.MaxLength
+			format.MaxLength = 0
+		})
+		AfterEach(func() {
+			format.MaxLength = maxLength
+		})
+
+		It("values containing equal sign", func() {
+			javaToolOptions := `-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal`
+			openj9JavaOptions := `-XX:+IgnoreUnrecognizedVMOptions -XX:+IdleTuningGcOnIdle -Xshareclasses:name=openj9_system_scc,cacheDir=/opt/java/.scc,readonly,nonFatal -Dosgi.checkConfiguration=false`
+
+			containerfile := fmt.Sprintf(`FROM %s
+ENV JAVA_TOOL_OPTIONS=%q
+ENV OPENJ9_JAVA_OPTIONS=%q
+`,
+				ALPINE, javaToolOptions, openj9JavaOptions)
+
+			image := "podman-kube-test:env"
+			podmanTest.BuildImage(containerfile, image, "false")
+			ctnr := getCtr(withImage(image))
+			pod := getPod(withCtr(ctnr))
+			Expect(generateKubeYaml("pod", pod, kubeYaml)).Should(Succeed())
+
+			play := podmanTest.Podman([]string{"play", "kube", "--start", kubeYaml})
+			play.WaitWithDefaultTimeout()
+			Expect(play).Should(Exit(0))
+
+			inspect := podmanTest.Podman([]string{"container", "inspect", "--format=json", getCtrNameInPod(pod)})
+			inspect.WaitWithDefaultTimeout()
+			Expect(inspect).Should(Exit(0))
+
+			contents := string(inspect.Out.Contents())
+			Expect(contents).To(ContainSubstring(javaToolOptions))
+			Expect(contents).To(ContainSubstring(openj9JavaOptions))
+		})
+	})
 })