mirror of
https://github.com/containers/skopeo.git
synced 2025-07-23 18:57:18 +00:00
Fix CVE in tar-split
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
parent
bb5584bc4c
commit
a1b48be22e
@ -13,7 +13,7 @@ golang.org/x/crypto master
|
|||||||
# docker deps from https://github.com/docker/docker/blob/v1.11.2/hack/vendor.sh
|
# docker deps from https://github.com/docker/docker/blob/v1.11.2/hack/vendor.sh
|
||||||
github.com/docker/docker 30eb4d8cdc422b023d5f11f29a82ecb73554183b
|
github.com/docker/docker 30eb4d8cdc422b023d5f11f29a82ecb73554183b
|
||||||
github.com/docker/go-connections 3ede32e2033de7505e6500d6c868c2b9ed9f169d
|
github.com/docker/go-connections 3ede32e2033de7505e6500d6c868c2b9ed9f169d
|
||||||
github.com/vbatts/tar-split v0.10.1
|
github.com/vbatts/tar-split v0.10.2
|
||||||
github.com/gorilla/context 14f550f51a
|
github.com/gorilla/context 14f550f51a
|
||||||
github.com/gorilla/mux e444e69cbd
|
github.com/gorilla/mux e444e69cbd
|
||||||
github.com/docker/go-units 8a7beacffa3009a9ac66bad506b18ffdd110cf97
|
github.com/docker/go-units 8a7beacffa3009a9ac66bad506b18ffdd110cf97
|
||||||
|
29
vendor/github.com/containers/image/docker/daemon/client.go
generated
vendored
29
vendor/github.com/containers/image/docker/daemon/client.go
generated
vendored
@ -1,11 +1,12 @@
|
|||||||
package daemon
|
package daemon
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"net/http"
|
||||||
|
"path/filepath"
|
||||||
|
|
||||||
"github.com/containers/image/types"
|
"github.com/containers/image/types"
|
||||||
dockerclient "github.com/docker/docker/client"
|
dockerclient "github.com/docker/docker/client"
|
||||||
"github.com/docker/go-connections/tlsconfig"
|
"github.com/docker/go-connections/tlsconfig"
|
||||||
"net/http"
|
|
||||||
"path/filepath"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -15,16 +16,30 @@ const (
|
|||||||
|
|
||||||
// NewDockerClient initializes a new API client based on the passed SystemContext.
|
// NewDockerClient initializes a new API client based on the passed SystemContext.
|
||||||
func newDockerClient(ctx *types.SystemContext) (*dockerclient.Client, error) {
|
func newDockerClient(ctx *types.SystemContext) (*dockerclient.Client, error) {
|
||||||
httpClient, err := tlsConfig(ctx)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
host := dockerclient.DefaultDockerHost
|
host := dockerclient.DefaultDockerHost
|
||||||
if ctx != nil && ctx.DockerDaemonHost != "" {
|
if ctx != nil && ctx.DockerDaemonHost != "" {
|
||||||
host = ctx.DockerDaemonHost
|
host = ctx.DockerDaemonHost
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Sadly, unix:// sockets don't work transparently with dockerclient.NewClient.
|
||||||
|
// They work fine with a nil httpClient; with a non-nil httpClient, the transport’s
|
||||||
|
// TLSClientConfig must be nil (or the client will try using HTTPS over the PF_UNIX socket
|
||||||
|
// regardless of the values in the *tls.Config), and we would have to call sockets.ConfigureTransport.
|
||||||
|
//
|
||||||
|
// We don't really want to configure anything for unix:// sockets, so just pass a nil *http.Client.
|
||||||
|
proto, _, _, err := dockerclient.ParseHost(host)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
var httpClient *http.Client
|
||||||
|
if proto != "unix" {
|
||||||
|
hc, err := tlsConfig(ctx)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
httpClient = hc
|
||||||
|
}
|
||||||
|
|
||||||
return dockerclient.NewClient(host, defaultAPIVersion, httpClient, nil)
|
return dockerclient.NewClient(host, defaultAPIVersion, httpClient, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
6
vendor/github.com/containers/image/signature/policy_config.go
generated
vendored
6
vendor/github.com/containers/image/signature/policy_config.go
generated
vendored
@ -70,7 +70,11 @@ func NewPolicyFromFile(fileName string) (*Policy, error) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return NewPolicyFromBytes(contents)
|
policy, err := NewPolicyFromBytes(contents)
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.Wrapf(err, "invalid policy in %q", fileName)
|
||||||
|
}
|
||||||
|
return policy, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewPolicyFromBytes returns a policy parsed from the specified blob.
|
// NewPolicyFromBytes returns a policy parsed from the specified blob.
|
||||||
|
2
vendor/github.com/containers/image/vendor.conf
generated
vendored
2
vendor/github.com/containers/image/vendor.conf
generated
vendored
@ -22,7 +22,7 @@ github.com/pborman/uuid 1b00554d822231195d1babd97ff4a781231955c9
|
|||||||
github.com/pkg/errors 248dadf4e9068a0b3e79f02ed0a610d935de5302
|
github.com/pkg/errors 248dadf4e9068a0b3e79f02ed0a610d935de5302
|
||||||
github.com/pmezard/go-difflib 792786c7400a136282c1664665ae0a8db921c6c2
|
github.com/pmezard/go-difflib 792786c7400a136282c1664665ae0a8db921c6c2
|
||||||
github.com/stretchr/testify 4d4bfba8f1d1027c4fdbe371823030df51419987
|
github.com/stretchr/testify 4d4bfba8f1d1027c4fdbe371823030df51419987
|
||||||
github.com/vbatts/tar-split bd4c5d64c3e9297f410025a3b1bd0c58f659e721
|
github.com/vbatts/tar-split v0.10.2
|
||||||
golang.org/x/crypto 453249f01cfeb54c3d549ddb75ff152ca243f9d8
|
golang.org/x/crypto 453249f01cfeb54c3d549ddb75ff152ca243f9d8
|
||||||
golang.org/x/net 6b27048ae5e6ad1ef927e72e437531493de612fe
|
golang.org/x/net 6b27048ae5e6ad1ef927e72e437531493de612fe
|
||||||
golang.org/x/sys 43e60d72a8e2bd92ee98319ba9a384a0e9837c08
|
golang.org/x/sys 43e60d72a8e2bd92ee98319ba9a384a0e9837c08
|
||||||
|
60
vendor/github.com/docker/docker/hack/README.md
generated
vendored
60
vendor/github.com/docker/docker/hack/README.md
generated
vendored
@ -1,60 +0,0 @@
|
|||||||
## About
|
|
||||||
|
|
||||||
This directory contains a collection of scripts used to build and manage this
|
|
||||||
repository. If there are any issues regarding the intention of a particular
|
|
||||||
script (or even part of a certain script), please reach out to us.
|
|
||||||
It may help us either refine our current scripts, or add on new ones
|
|
||||||
that are appropriate for a given use case.
|
|
||||||
|
|
||||||
## DinD (dind.sh)
|
|
||||||
|
|
||||||
DinD is a wrapper script which allows Docker to be run inside a Docker
|
|
||||||
container. DinD requires the container to
|
|
||||||
be run with privileged mode enabled.
|
|
||||||
|
|
||||||
## Generate Authors (generate-authors.sh)
|
|
||||||
|
|
||||||
Generates AUTHORS; a file with all the names and corresponding emails of
|
|
||||||
individual contributors. AUTHORS can be found in the home directory of
|
|
||||||
this repository.
|
|
||||||
|
|
||||||
## Make
|
|
||||||
|
|
||||||
There are two make files, each with different extensions. Neither are supposed
|
|
||||||
to be called directly; only invoke `make`. Both scripts run inside a Docker
|
|
||||||
container.
|
|
||||||
|
|
||||||
### make.ps1
|
|
||||||
|
|
||||||
- The Windows native build script that uses PowerShell semantics; it is limited
|
|
||||||
unlike `hack\make.sh` since it does not provide support for the full set of
|
|
||||||
operations provided by the Linux counterpart, `make.sh`. However, `make.ps1`
|
|
||||||
does provide support for local Windows development and Windows to Windows CI.
|
|
||||||
More information is found within `make.ps1` by the author, @jhowardmsft
|
|
||||||
|
|
||||||
### make.sh
|
|
||||||
|
|
||||||
- Referenced via `make test` when running tests on a local machine,
|
|
||||||
or directly referenced when running tests inside a Docker development container.
|
|
||||||
- When running on a local machine, `make test` to run all tests found in
|
|
||||||
`test`, `test-unit`, `test-integration`, and `test-docker-py` on
|
|
||||||
your local machine. The default timeout is set in `make.sh` to 60 minutes
|
|
||||||
(`${TIMEOUT:=60m}`), since it currently takes up to an hour to run
|
|
||||||
all of the tests.
|
|
||||||
- When running inside a Docker development container, `hack/make.sh` does
|
|
||||||
not have a single target that runs all the tests. You need to provide a
|
|
||||||
single command line with multiple targets that performs the same thing.
|
|
||||||
An example referenced from [Run targets inside a development container](https://docs.docker.com/opensource/project/test-and-docs/#run-targets-inside-a-development-container): `root@5f8630b873fe:/go/src/github.com/moby/moby# hack/make.sh dynbinary binary cross test-unit test-integration test-docker-py`
|
|
||||||
- For more information related to testing outside the scope of this README,
|
|
||||||
refer to
|
|
||||||
[Run tests and test documentation](https://docs.docker.com/opensource/project/test-and-docs/)
|
|
||||||
|
|
||||||
## Release (release.sh)
|
|
||||||
|
|
||||||
Releases any bundles built by `make` on a public AWS S3 bucket.
|
|
||||||
For information regarding configuration, please view `release.sh`.
|
|
||||||
|
|
||||||
## Vendor (vendor.sh)
|
|
||||||
|
|
||||||
A shell script that is a wrapper around Vndr. For information on how to use
|
|
||||||
this, please refer to [vndr's README](https://github.com/LK4D4/vndr/blob/master/README.md)
|
|
69
vendor/github.com/docker/docker/hack/integration-cli-on-swarm/README.md
generated
vendored
69
vendor/github.com/docker/docker/hack/integration-cli-on-swarm/README.md
generated
vendored
@ -1,69 +0,0 @@
|
|||||||
# Integration Testing on Swarm
|
|
||||||
|
|
||||||
IT on Swarm allows you to execute integration test in parallel across a Docker Swarm cluster
|
|
||||||
|
|
||||||
## Architecture
|
|
||||||
|
|
||||||
### Master service
|
|
||||||
|
|
||||||
- Works as a funker caller
|
|
||||||
- Calls a worker funker (`-worker-service`) with a chunk of `-check.f` filter strings (passed as a file via `-input` flag, typically `/mnt/input`)
|
|
||||||
|
|
||||||
### Worker service
|
|
||||||
|
|
||||||
- Works as a funker callee
|
|
||||||
- Executes an equivalent of `TESTFLAGS=-check.f TestFoo|TestBar|TestBaz ... make test-integration-cli` using the bind-mounted API socket (`docker.sock`)
|
|
||||||
|
|
||||||
### Client
|
|
||||||
|
|
||||||
- Controls master and workers via `docker stack`
|
|
||||||
- No need to have a local daemon
|
|
||||||
|
|
||||||
Typically, the master and workers are supposed to be running on a cloud environment,
|
|
||||||
while the client is supposed to be running on a laptop, e.g. Docker for Mac/Windows.
|
|
||||||
|
|
||||||
## Requirement
|
|
||||||
|
|
||||||
- Docker daemon 1.13 or later
|
|
||||||
- Private registry for distributed execution with multiple nodes
|
|
||||||
|
|
||||||
## Usage
|
|
||||||
|
|
||||||
### Step 1: Prepare images
|
|
||||||
|
|
||||||
$ make build-integration-cli-on-swarm
|
|
||||||
|
|
||||||
Following environment variables are known to work in this step:
|
|
||||||
|
|
||||||
- `BUILDFLAGS`
|
|
||||||
- `DOCKER_INCREMENTAL_BINARY`
|
|
||||||
|
|
||||||
Note: during the transition into Moby Project, you might need to create a symbolic link `$GOPATH/src/github.com/docker/docker` to `$GOPATH/src/github.com/moby/moby`.
|
|
||||||
|
|
||||||
### Step 2: Execute tests
|
|
||||||
|
|
||||||
$ ./hack/integration-cli-on-swarm/integration-cli-on-swarm -replicas 40 -push-worker-image YOUR_REGISTRY.EXAMPLE.COM/integration-cli-worker:latest
|
|
||||||
|
|
||||||
Following environment variables are known to work in this step:
|
|
||||||
|
|
||||||
- `DOCKER_GRAPHDRIVER`
|
|
||||||
- `DOCKER_EXPERIMENTAL`
|
|
||||||
|
|
||||||
#### Flags
|
|
||||||
|
|
||||||
Basic flags:
|
|
||||||
|
|
||||||
- `-replicas N`: the number of worker service replicas. i.e. degree of parallelism.
|
|
||||||
- `-chunks N`: the number of chunks. By default, `chunks` == `replicas`.
|
|
||||||
- `-push-worker-image REGISTRY/IMAGE:TAG`: push the worker image to the registry. Note that if you have only single node and hence you do not need a private registry, you do not need to specify `-push-worker-image`.
|
|
||||||
|
|
||||||
Experimental flags for mitigating makespan nonuniformity:
|
|
||||||
|
|
||||||
- `-shuffle`: Shuffle the test filter strings
|
|
||||||
|
|
||||||
Flags for debugging IT on Swarm itself:
|
|
||||||
|
|
||||||
- `-rand-seed N`: the random seed. This flag is useful for deterministic replaying. By default(0), the timestamp is used.
|
|
||||||
- `-filters-file FILE`: the file contains `-check.f` strings. By default, the file is automatically generated.
|
|
||||||
- `-dry-run`: skip the actual workload
|
|
||||||
- `keep-executor`: do not auto-remove executor containers, which is used for running privileged programs on Swarm
|
|
2
vendor/github.com/docker/docker/hack/integration-cli-on-swarm/agent/vendor.conf
generated
vendored
2
vendor/github.com/docker/docker/hack/integration-cli-on-swarm/agent/vendor.conf
generated
vendored
@ -1,2 +0,0 @@
|
|||||||
# dependencies specific to worker (i.e. github.com/docker/docker/...) are not vendored here
|
|
||||||
github.com/bfirsh/funker-go eaa0a2e06f30e72c9a0b7f858951e581e26ef773
|
|
3
vendor/github.com/vbatts/tar-split/README.md
generated
vendored
3
vendor/github.com/vbatts/tar-split/README.md
generated
vendored
@ -1,6 +1,7 @@
|
|||||||
# tar-split
|
# tar-split
|
||||||
|
|
||||||
[](https://travis-ci.org/vbatts/tar-split)
|
[](https://travis-ci.org/vbatts/tar-split)
|
||||||
|
[](https://goreportcard.com/report/github.com/vbatts/tar-split)
|
||||||
|
|
||||||
Pristinely disassembling a tar archive, and stashing needed raw bytes and offsets to reassemble a validating original archive.
|
Pristinely disassembling a tar archive, and stashing needed raw bytes and offsets to reassemble a validating original archive.
|
||||||
|
|
||||||
@ -50,7 +51,7 @@ For example stored sparse files that have "holes" in them, will be read as a
|
|||||||
contiguous file, though the archive contents may be recorded in sparse format.
|
contiguous file, though the archive contents may be recorded in sparse format.
|
||||||
Therefore when adding the file payload to a reassembled tar, to achieve
|
Therefore when adding the file payload to a reassembled tar, to achieve
|
||||||
identical output, the file payload would need be precisely re-sparsified. This
|
identical output, the file payload would need be precisely re-sparsified. This
|
||||||
is not something I seek to fix imediately, but would rather have an alert that
|
is not something I seek to fix immediately, but would rather have an alert that
|
||||||
precise reassembly is not possible.
|
precise reassembly is not possible.
|
||||||
(see more http://www.gnu.org/software/tar/manual/html_node/Sparse-Formats.html)
|
(see more http://www.gnu.org/software/tar/manual/html_node/Sparse-Formats.html)
|
||||||
|
|
||||||
|
43
vendor/github.com/vbatts/tar-split/tar/asm/disassemble.go
generated
vendored
43
vendor/github.com/vbatts/tar-split/tar/asm/disassemble.go
generated
vendored
@ -2,7 +2,6 @@ package asm
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
|
||||||
|
|
||||||
"github.com/vbatts/tar-split/archive/tar"
|
"github.com/vbatts/tar-split/archive/tar"
|
||||||
"github.com/vbatts/tar-split/tar/storage"
|
"github.com/vbatts/tar-split/tar/storage"
|
||||||
@ -119,20 +118,34 @@ func NewInputTarStream(r io.Reader, p storage.Packer, fp storage.FilePutter) (io
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// it is allowable, and not uncommon that there is further padding on the
|
// It is allowable, and not uncommon that there is further padding on
|
||||||
// end of an archive, apart from the expected 1024 null bytes.
|
// the end of an archive, apart from the expected 1024 null bytes. We
|
||||||
remainder, err := ioutil.ReadAll(outputRdr)
|
// do this in chunks rather than in one go to avoid cases where a
|
||||||
if err != nil && err != io.EOF {
|
// maliciously crafted tar file tries to trick us into reading many GBs
|
||||||
pW.CloseWithError(err)
|
// into memory.
|
||||||
return
|
const paddingChunkSize = 1024 * 1024
|
||||||
}
|
var paddingChunk [paddingChunkSize]byte
|
||||||
_, err = p.AddEntry(storage.Entry{
|
for {
|
||||||
Type: storage.SegmentType,
|
var isEOF bool
|
||||||
Payload: remainder,
|
n, err := outputRdr.Read(paddingChunk[:])
|
||||||
})
|
if err != nil {
|
||||||
if err != nil {
|
if err != io.EOF {
|
||||||
pW.CloseWithError(err)
|
pW.CloseWithError(err)
|
||||||
return
|
return
|
||||||
|
}
|
||||||
|
isEOF = true
|
||||||
|
}
|
||||||
|
_, err = p.AddEntry(storage.Entry{
|
||||||
|
Type: storage.SegmentType,
|
||||||
|
Payload: paddingChunk[:n],
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
pW.CloseWithError(err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if isEOF {
|
||||||
|
break
|
||||||
|
}
|
||||||
}
|
}
|
||||||
pW.Close()
|
pW.Close()
|
||||||
}()
|
}()
|
||||||
|
Loading…
Reference in New Issue
Block a user