github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-31 15:25:57 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #40701 from sjenning/fix-nil-deref

Browse Source 
Automatic merge from submit-queue (batch tested with PRs 38443, 40145, 40701, 40682)

fix nil deref in exec admission

Fixes #40615 

@ncdc @jsravn @smarterclayton
This commit is contained in:
Kubernetes Submit Queue 2017-01-30 20:59:43 -08:00 committed by GitHub
commit a185fa7b34
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
plugin/pkg/admission/exec/admission.go
View File

@ -110,7 +110,7 @@ func (d *denyExec) Admit(a admission.Attributes) (err error) {
// isPrivileged will return true a pod has any privileged containers // isPrivileged will return true a pod has any privileged containers
func isPrivileged(pod *api.Pod) bool { func isPrivileged(pod *api.Pod) bool {
for _, c := range pod.Spec.InitContainers { for _, c := range pod.Spec.InitContainers {
if c.SecurityContext == nil { if c.SecurityContext == nil || c.SecurityContext.Privileged == nil {
continue continue
} }
if *c.SecurityContext.Privileged { if *c.SecurityContext.Privileged {
@ -118,7 +118,7 @@ func isPrivileged(pod *api.Pod) bool {
} }
} }
for _, c := range pod.Spec.Containers { for _, c := range pod.Spec.Containers {
if c.SecurityContext == nil { if c.SecurityContext == nil || c.SecurityContext.Privileged == nil {
continue continue
} }
if *c.SecurityContext.Privileged { if *c.SecurityContext.Privileged {