Merge pull request #88695 from gavinfish/unsafe-json

Fix unsafe json construction for scale.go and codec_check.go
2025-07-24 12:15:52 +00:00 · 2020-06-01 10:27:56 -07:00 · 2020-06-01 10:27:56 -07:00 · 5b3fe0564d
commit 5b3fe0564d
parent 3fc7831cd8 ef469a740a
3 changed files with 26 additions and 2 deletions
--- a/staging/src/k8s.io/apimachinery/pkg/runtime/codec_check.go
+++ b/staging/src/k8s.io/apimachinery/pkg/runtime/codec_check.go
@ -21,6 +21,7 @@ import (
 	"reflect"

 	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/json"
 )

 // CheckCodec makes sure that the codec can encode objects like internalType,
@ -32,7 +33,14 @@ func CheckCodec(c Codec, internalType Object, externalTypes ...schema.GroupVersi
 		return fmt.Errorf("Internal type not encodable: %v", err)
 	}
 	for _, et := range externalTypes {
-		exBytes := []byte(fmt.Sprintf(`{"kind":"%v","apiVersion":"%v"}`, et.Kind, et.GroupVersion().String()))
+		typeMeta := TypeMeta{
+			Kind:       et.Kind,
+			APIVersion: et.GroupVersion().String(),
+		}
+		exBytes, err := json.Marshal(&typeMeta)
+		if err != nil {
+			return err
+		}
 		obj, err := Decode(c, exBytes)
 		if err != nil {
 			return fmt.Errorf("external type %s not interpretable: %v", et, err)
--- a/staging/src/k8s.io/kubectl/pkg/scale/BUILD
+++ b/staging/src/k8s.io/kubectl/pkg/scale/BUILD
@ -12,6 +12,7 @@ go_library(
        "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
        "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
        "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/json:go_default_library",
        "//staging/src/k8s.io/apimachinery/pkg/util/wait:go_default_library",
        "//staging/src/k8s.io/client-go/scale:go_default_library",
    ],
--- a/staging/src/k8s.io/kubectl/pkg/scale/scale.go
+++ b/staging/src/k8s.io/kubectl/pkg/scale/scale.go
@ -27,6 +27,7 @@ import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/json"
 	"k8s.io/apimachinery/pkg/util/wait"
 	scaleclient "k8s.io/client-go/scale"
 )
@ -136,7 +137,21 @@ func (s *genericScaler) ScaleSimple(namespace, name string, preconditions *Scale
 		return updatedScale.ResourceVersion, nil
 	}

-	patch := []byte(fmt.Sprintf(`{"spec":{"replicas":%d}}`, newSize))
+	// objectForReplicas is used for encoding scale patch
+	type objectForReplicas struct {
+		Replicas uint `json:"replicas"`
+	}
+	// objectForSpec is used for encoding scale patch
+	type objectForSpec struct {
+		Spec objectForReplicas `json:"spec"`
+	}
+	spec := objectForSpec{
+		Spec: objectForReplicas{Replicas: newSize},
+	}
+	patch, err := json.Marshal(&spec)
+	if err != nil {
+		return "", err
+	}
 	patchOptions := metav1.PatchOptions{}
 	if dryRun {
 		patchOptions.DryRun = []string{metav1.DryRunAll}