github/skopeo
1
0
Fork 0
mirror of https://github.com/containers/skopeo.git synced 2025-04-29 19:53:50 +00:00
Code Issues Projects Releases Wiki Activity

Fix handling the unexpected return value combination from IsRunningImageAllowed

Browse Source 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This commit is contained in:
Miloslav Trmač 2023-07-18 20:27:27 +02:00
parent c40f1485b0
commit f236b5efdc
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/skopeo/proxy.go
View File

@ -279,11 +279,11 @@ func (h *proxyHandler) openImageImpl(args []any, allowNotFound bool) (retReplyBu
unparsedTopLevel := image.UnparsedInstance(imgsrc, nil) unparsedTopLevel := image.UnparsedInstance(imgsrc, nil)
allowed, err := policyContext.IsRunningImageAllowed(context.Background(), unparsedTopLevel) allowed, err := policyContext.IsRunningImageAllowed(context.Background(), unparsedTopLevel)
if !allowed || err != nil { if err != nil {
return ret, err return ret, err
} }
if !allowed && err == nil { if !allowed {
return ret, fmt.Errorf("policy verification failed unexpectedly") return ret, fmt.Errorf("internal inconsistency: policy verification failed without returning an error")
} }
// Note that we never return zero as an imageid; this code doesn't yet // Note that we never return zero as an imageid; this code doesn't yet