mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-25 20:53:33 +00:00
kubelet: Validate the length of the DNS search path
This commit is contained in:
parent
f7e62dc5bb
commit
819059f641
@ -27,6 +27,7 @@ import (
|
||||
|
||||
"k8s.io/api/core/v1"
|
||||
utilerrors "k8s.io/apimachinery/pkg/util/errors"
|
||||
utilvalidation "k8s.io/apimachinery/pkg/util/validation"
|
||||
"k8s.io/client-go/tools/record"
|
||||
runtimeapi "k8s.io/cri-api/pkg/apis/runtime/v1alpha2"
|
||||
"k8s.io/kubernetes/pkg/apis/core/validation"
|
||||
@ -104,6 +105,19 @@ func (c *Configurer) formDNSSearchFitsLimits(composedSearch []string, pod *v1.Po
|
||||
limitsExceeded = true
|
||||
}
|
||||
|
||||
// In some DNS resolvers(e.g. glibc 2.28), DNS resolving causes abort() if there is a
|
||||
// search path exceeding 255 characters. We have to filter them out.
|
||||
l := 0
|
||||
for _, search := range composedSearch {
|
||||
if len(search) > utilvalidation.DNS1123SubdomainMaxLength {
|
||||
limitsExceeded = true
|
||||
continue
|
||||
}
|
||||
composedSearch[l] = search
|
||||
l++
|
||||
}
|
||||
composedSearch = composedSearch[:l]
|
||||
|
||||
if resolvSearchLineStrLen := len(strings.Join(composedSearch, " ")); resolvSearchLineStrLen > validation.MaxDNSSearchListChars {
|
||||
cutDomainsNum := 0
|
||||
cutDomainsLen := 0
|
||||
|
Loading…
Reference in New Issue
Block a user