mirror of
https://github.com/spring-projects/spring-boot.git
synced 2024-07-15 01:07:30 +08:00
Prevent long parse times for images with illegal char in tag
Update the regular expression used to parse Docker images references to prevent catastrophic backtracking when images names are long and the tag contains an illegal character. See gh-39617
This commit is contained in:
parent
27200f39d5
commit
c892544741
@ -50,7 +50,7 @@ final class Regex implements CharSequence {
|
|||||||
private static final Regex PATH_COMPONENT;
|
private static final Regex PATH_COMPONENT;
|
||||||
static {
|
static {
|
||||||
Regex segment = Regex.of("[a-z0-9]+");
|
Regex segment = Regex.of("[a-z0-9]+");
|
||||||
Regex separator = Regex.group("[._]|__|[-]*");
|
Regex separator = Regex.group("[._-]{1,2}");
|
||||||
Regex separatedSegment = Regex.group(separator, segment).oneOrMoreTimes();
|
Regex separatedSegment = Regex.group(separator, segment).oneOrMoreTimes();
|
||||||
PATH_COMPONENT = Regex.of(segment, Regex.group(separatedSegment).zeroOrOnce());
|
PATH_COMPONENT = Regex.of(segment, Regex.group(separatedSegment).zeroOrOnce());
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2012-2023 the original author or authors.
|
* Copyright 2012-2024 the original author or authors.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
@ -17,9 +17,12 @@
|
|||||||
package org.springframework.boot.docker.compose.core;
|
package org.springframework.boot.docker.compose.core;
|
||||||
|
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.junit.jupiter.api.Timeout;
|
||||||
|
import org.junit.jupiter.api.Timeout.ThreadMode;
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||||
|
import static org.assertj.core.api.Assertions.fail;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for {@link ImageReference}.
|
* Tests for {@link ImageReference}.
|
||||||
@ -165,4 +168,26 @@ class ImageReferenceTests {
|
|||||||
assertThat(r1).isEqualTo(r1).isEqualTo(r2).isNotEqualTo(r3);
|
assertThat(r1).isEqualTo(r1).isEqualTo(r2).isNotEqualTo(r3);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void ofSimpleNameWithSingleCharacterSuffix() {
|
||||||
|
ImageReference reference = ImageReference.of("ubuntu-a");
|
||||||
|
assertThat(reference.getDomain()).isEqualTo("docker.io");
|
||||||
|
assertThat(reference.getName()).isEqualTo("library/ubuntu-a");
|
||||||
|
assertThat(reference.getTag()).isNull();
|
||||||
|
assertThat(reference.getDigest()).isNull();
|
||||||
|
assertThat(reference).hasToString("docker.io/library/ubuntu-a");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Timeout(value = 1, threadMode = ThreadMode.SEPARATE_THREAD)
|
||||||
|
void ofWhenImageNameIsVeryLongAndHasIllegalCharacter() {
|
||||||
|
try {
|
||||||
|
ImageReference
|
||||||
|
.of("docker.io/library/this-image-has-a-long-name-with-an-invalid-tag-which-is-at-danger-of-catastrophic-backtracking:1.0.0+1234");
|
||||||
|
fail("Image Reference contains an illegal character and should have thrown an IllegalArgumentException");
|
||||||
|
}
|
||||||
|
catch (IllegalArgumentException ignored) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2012-2023 the original author or authors.
|
* Copyright 2012-2024 the original author or authors.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
@ -50,7 +50,7 @@ final class Regex implements CharSequence {
|
|||||||
private static final Regex PATH_COMPONENT;
|
private static final Regex PATH_COMPONENT;
|
||||||
static {
|
static {
|
||||||
Regex segment = Regex.of("[a-z0-9]+");
|
Regex segment = Regex.of("[a-z0-9]+");
|
||||||
Regex separator = Regex.group("[._]|__|[-]*");
|
Regex separator = Regex.group("[._-]{1,2}");
|
||||||
Regex separatedSegment = Regex.group(separator, segment).oneOrMoreTimes();
|
Regex separatedSegment = Regex.group(separator, segment).oneOrMoreTimes();
|
||||||
PATH_COMPONENT = Regex.of(segment, Regex.group(separatedSegment).zeroOrOnce());
|
PATH_COMPONENT = Regex.of(segment, Regex.group(separatedSegment).zeroOrOnce());
|
||||||
}
|
}
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright 2012-2023 the original author or authors.
|
* Copyright 2012-2024 the original author or authors.
|
||||||
*
|
*
|
||||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
* you may not use this file except in compliance with the License.
|
* you may not use this file except in compliance with the License.
|
||||||
@ -19,10 +19,13 @@ package org.springframework.boot.buildpack.platform.docker.type;
|
|||||||
import java.io.File;
|
import java.io.File;
|
||||||
|
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.junit.jupiter.api.Timeout;
|
||||||
|
import org.junit.jupiter.api.Timeout.ThreadMode;
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||||
import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
|
import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
|
||||||
|
import static org.assertj.core.api.Assertions.fail;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for {@link ImageReference}.
|
* Tests for {@link ImageReference}.
|
||||||
@ -306,4 +309,26 @@ class ImageReferenceTests {
|
|||||||
assertThat(updated).hasToString("docker.io/library/ubuntu");
|
assertThat(updated).hasToString("docker.io/library/ubuntu");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
void ofSimpleNameWithSingleCharacterSuffix() {
|
||||||
|
ImageReference reference = ImageReference.of("ubuntu-a");
|
||||||
|
assertThat(reference.getDomain()).isEqualTo("docker.io");
|
||||||
|
assertThat(reference.getName()).isEqualTo("library/ubuntu-a");
|
||||||
|
assertThat(reference.getTag()).isNull();
|
||||||
|
assertThat(reference.getDigest()).isNull();
|
||||||
|
assertThat(reference).hasToString("docker.io/library/ubuntu-a");
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Timeout(value = 1, threadMode = ThreadMode.SEPARATE_THREAD)
|
||||||
|
void ofWhenIsVeryLongAndHasIllegalCharacter() {
|
||||||
|
try {
|
||||||
|
ImageReference
|
||||||
|
.of("docker.io/library/this-image-has-a-long-name-with-an-invalid-tag-which-is-at-danger-of-catastrophic-backtracking:1.0.0+1234");
|
||||||
|
fail("Contains an illegal character and should have thrown an IllegalArgumentException");
|
||||||
|
}
|
||||||
|
catch (IllegalArgumentException ignored) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user