Before allowing a schema1 manifest to be stored in the registry, ensure that it

contains equal length History and FSLayer arrays.

This is required to prevent malformed manifests being put to the registry and
failing external verification checks.

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
This commit is contained in:
Richard Scothern 2015-11-03 11:03:17 -08:00
parent 854fa0a4dd
commit 78b6d648fa
3 changed files with 34 additions and 1 deletions

View file

@ -804,6 +804,14 @@ func testManifestAPI(t *testing.T, env *testEnv, args manifestArgs) (*testEnv, m
BlobSum: "qwer", BlobSum: "qwer",
}, },
}, },
History: []schema1.History{
{
V1Compatibility: "",
},
{
V1Compatibility: "",
},
},
} }
resp = putManifest(t, "putting unsigned manifest", manifestURL, unsignedManifest) resp = putManifest(t, "putting unsigned manifest", manifestURL, unsignedManifest)
@ -999,6 +1007,19 @@ func testManifestAPI(t *testing.T, env *testEnv, args manifestArgs) (*testEnv, m
t.Fatalf("tag not as expected: %q != %q", tagsResponse.Tags[0], tag) t.Fatalf("tag not as expected: %q != %q", tagsResponse.Tags[0], tag)
} }
// Attempt to put a manifest with mismatching FSLayer and History array cardinalities
unsignedManifest.History = append(unsignedManifest.History, schema1.History{
V1Compatibility: "",
})
invalidSigned, err := schema1.Sign(unsignedManifest, env.pk)
if err != nil {
t.Fatalf("error signing manifest")
}
resp = putManifest(t, "putting invalid signed manifest", manifestDigestURL, invalidSigned)
checkResponse(t, "putting invalid signed manifest", resp, http.StatusBadRequest)
return env, args return env, args
} }
@ -1432,8 +1453,10 @@ func createRepository(env *testEnv, t *testing.T, imageName string, tag string)
{ {
BlobSum: "asdf", BlobSum: "asdf",
}, },
},
History: []schema1.History{
{ {
BlobSum: "qwer", V1Compatibility: "",
}, },
}, },
} }
@ -1499,6 +1522,7 @@ func TestRegistryAsCacheMutationAPIs(t *testing.T) {
Name: imageName, Name: imageName,
Tag: tag, Tag: tag,
FSLayers: []schema1.FSLayer{}, FSLayers: []schema1.FSLayer{},
History: []schema1.History{},
} }
sm, err := schema1.Sign(m, env.pk) sm, err := schema1.Sign(m, env.pk)

View file

@ -110,6 +110,11 @@ func (ms *manifestStore) verifyManifest(ctx context.Context, mnfst *schema1.Sign
errs = append(errs, fmt.Errorf("repository name does not match manifest name")) errs = append(errs, fmt.Errorf("repository name does not match manifest name"))
} }
if len(mnfst.History) != len(mnfst.FSLayers) {
errs = append(errs, fmt.Errorf("mismatched history and fslayer cardinality %d != %d",
len(mnfst.History), len(mnfst.FSLayers)))
}
if _, err := schema1.Verify(mnfst); err != nil { if _, err := schema1.Verify(mnfst); err != nil {
switch err { switch err {
case libtrust.ErrMissingSignatureKey, libtrust.ErrInvalidJSONContent, libtrust.ErrMissingSignatureKey: case libtrust.ErrMissingSignatureKey, libtrust.ErrInvalidJSONContent, libtrust.ErrMissingSignatureKey:

View file

@ -98,6 +98,10 @@ func TestManifestStorage(t *testing.T) {
m.FSLayers = append(m.FSLayers, schema1.FSLayer{ m.FSLayers = append(m.FSLayers, schema1.FSLayer{
BlobSum: dgst, BlobSum: dgst,
}) })
m.History = append(m.History, schema1.History{
V1Compatibility: "",
})
} }
pk, err := libtrust.GenerateECP256PrivateKey() pk, err := libtrust.GenerateECP256PrivateKey()