Validate digest length on parsing

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2015-12-02 15:57:47 -08:00 · 2015-12-02 15:57:47 -08:00 · 1f5f9bad39
commit 1f5f9bad39
parent c0d094a72a
3 changed files with 26 additions and 26 deletions
--- a/docs/storage/cache/cachecheck/suite.go
+++ b/docs/storage/cache/cachecheck/suite.go
@ -20,7 +20,7 @@ func CheckBlobDescriptorCache(t *testing.T, provider cache.BlobDescriptorCachePr
 }
 func checkBlobDescriptorCacheEmptyRepository(t *testing.T, ctx context.Context, provider cache.BlobDescriptorCacheProvider) {
-	if _, err := provider.Stat(ctx, "sha384:abc"); err != distribution.ErrBlobUnknown {
+	if _, err := provider.Stat(ctx, "sha384:abc111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111"); err != distribution.ErrBlobUnknown {
 		t.Fatalf("expected unknown blob error with empty store: %v", err)
 	}
@ -41,7 +41,7 @@ func checkBlobDescriptorCacheEmptyRepository(t *testing.T, ctx context.Context,
 		t.Fatalf("expected error with invalid digest: %v", err)
 	}
-	if err := cache.SetDescriptor(ctx, "sha384:abc", distribution.Descriptor{
+	if err := cache.SetDescriptor(ctx, "sha384:abc111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", distribution.Descriptor{
 		Digest:    "",
 		Size:      10,
 		MediaType: "application/octet-stream"}); err == nil {
@ -52,15 +52,15 @@ func checkBlobDescriptorCacheEmptyRepository(t *testing.T, ctx context.Context,
 		t.Fatalf("expected error checking for cache item with empty digest: %v", err)
 	}
-	if _, err := cache.Stat(ctx, "sha384:abc"); err != distribution.ErrBlobUnknown {
+	if _, err := cache.Stat(ctx, "sha384:abc111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111"); err != distribution.ErrBlobUnknown {
 		t.Fatalf("expected unknown blob error with empty repo: %v", err)
 	}
 }
 func checkBlobDescriptorCacheSetAndRead(t *testing.T, ctx context.Context, provider cache.BlobDescriptorCacheProvider) {
-	localDigest := digest.Digest("sha384:abc")
+	localDigest := digest.Digest("sha384:abc111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111")
 	expected := distribution.Descriptor{
-		Digest:    "sha256:abc",
+		Digest:    "sha256:abc1111111111111111111111111111111111111111111111111111111111111",
 		Size:      10,
 		MediaType: "application/octet-stream"}
--- a/docs/storage/manifeststore_test.go
+++ b/docs/storage/manifeststore_test.go
@ -385,15 +385,15 @@ func TestLinkPathFuncs(t *testing.T) {
 	}{
 		{
 			repo:       "foo/bar",
-			digest:     "sha256:deadbeaf",
+			digest:     "sha256:deadbeaf98fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
 			linkPathFn: blobLinkPath,
-			expected:   "/docker/registry/v2/repositories/foo/bar/_layers/sha256/deadbeaf/link",
+			expected:   "/docker/registry/v2/repositories/foo/bar/_layers/sha256/deadbeaf98fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/link",
 		},
 		{
 			repo:       "foo/bar",
-			digest:     "sha256:deadbeaf",
+			digest:     "sha256:deadbeaf98fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
 			linkPathFn: manifestRevisionLinkPath,
-			expected:   "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/deadbeaf/link",
+			expected:   "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/deadbeaf98fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/link",
 		},
 	} {
 		p, err := testcase.linkPathFn(testcase.repo, testcase.digest)
--- a/docs/storage/paths_test.go
+++ b/docs/storage/paths_test.go
@ -15,31 +15,31 @@ func TestPathMapper(t *testing.T) {
 		{
 			spec: manifestRevisionPathSpec{
 				name:     "foo/bar",
-				revision: "sha256:abcdef0123456789",
+				revision: "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
 			},
-			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/abcdef0123456789",
+			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
 		},
 		{
 			spec: manifestRevisionLinkPathSpec{
 				name:     "foo/bar",
-				revision: "sha256:abcdef0123456789",
+				revision: "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
 			},
-			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/abcdef0123456789/link",
+			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789/link",
 		},
 		{
 			spec: manifestSignatureLinkPathSpec{
 				name:      "foo/bar",
-				revision:  "sha256:abcdef0123456789",
+				revision:  "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
-				signature: "sha256:abcdef0123456789",
+				signature: "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
 			},
-			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/abcdef0123456789/signatures/sha256/abcdef0123456789/link",
+			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789/signatures/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789/link",
 		},
 		{
 			spec: manifestSignaturesPathSpec{
 				name:     "foo/bar",
-				revision: "sha256:abcdef0123456789",
+				revision: "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
 			},
-			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/abcdef0123456789/signatures",
+			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789/signatures",
 		},
 		{
 			spec: manifestTagsPathSpec{
@ -72,17 +72,17 @@ func TestPathMapper(t *testing.T) {
 			spec: manifestTagIndexEntryPathSpec{
 				name:     "foo/bar",
 				tag:      "thetag",
-				revision: "sha256:abcdef0123456789",
+				revision: "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
 			},
-			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/tags/thetag/index/sha256/abcdef0123456789",
+			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/tags/thetag/index/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
 		},
 		{
 			spec: manifestTagIndexEntryLinkPathSpec{
 				name:     "foo/bar",
 				tag:      "thetag",
-				revision: "sha256:abcdef0123456789",
+				revision: "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
 			},
-			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/tags/thetag/index/sha256/abcdef0123456789/link",
+			expected: "/docker/registry/v2/repositories/foo/bar/_manifests/tags/thetag/index/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789/link",
 		},
 		{
 			spec: layerLinkPathSpec{
@ -93,15 +93,15 @@ func TestPathMapper(t *testing.T) {
 		},
 		{
 			spec: blobDataPathSpec{
-				digest: digest.Digest("tarsum.dev+sha512:abcdefabcdefabcdef908909909"),
+				digest: digest.Digest("tarsum.dev+sha512:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789"),
 			},
-			expected: "/docker/registry/v2/blobs/tarsum/dev/sha512/ab/abcdefabcdefabcdef908909909/data",
+			expected: "/docker/registry/v2/blobs/tarsum/dev/sha512/ab/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789/data",
 		},
 		{
 			spec: blobDataPathSpec{
-				digest: digest.Digest("tarsum.v1+sha256:abcdefabcdefabcdef908909909"),
+				digest: digest.Digest("tarsum.v1+sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789"),
 			},
-			expected: "/docker/registry/v2/blobs/tarsum/v1/sha256/ab/abcdefabcdefabcdef908909909/data",
+			expected: "/docker/registry/v2/blobs/tarsum/v1/sha256/ab/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789/data",
 		},
 		{