diff options
author | Jelle van der Waa <jvanderwaa@redhat.com> | 2021-09-14 22:23:01 +0200 |
---|---|---|
committer | Matthew Heon <mheon@redhat.com> | 2021-09-16 11:00:05 -0400 |
commit | 507000a304b34850c358d75af3f6291ed444c8f6 (patch) | |
tree | 1b8ebfb4869a47dc06e3b167da9947184379a15c | |
parent | 702e524ff7fba48e7b4de5b6847cf0980be7bb60 (diff) | |
download | podman-507000a304b34850c358d75af3f6291ed444c8f6.tar.gz podman-507000a304b34850c358d75af3f6291ed444c8f6.tar.bz2 podman-507000a304b34850c358d75af3f6291ed444c8f6.zip |
api: handle nil pointer dereference in rest endpoints
When `?all=garbage` is passed to an API endpoint schema validation fails
and err is nil. Wrapf uses err to create an error message causing a nil
pointer dereference.
Signed-off-by: Jelle van der Waa <jvanderwaa@redhat.com>
-rw-r--r-- | pkg/api/handlers/compat/containers.go | 6 | ||||
-rw-r--r-- | pkg/api/handlers/libpod/containers.go | 7 | ||||
-rw-r--r-- | pkg/api/handlers/libpod/images.go | 8 | ||||
-rw-r--r-- | test/apiv2/10-images.at | 4 | ||||
-rw-r--r-- | test/apiv2/20-containers.at | 4 | ||||
-rwxr-xr-x | test/apiv2/test-apiv2 | 1 |
6 files changed, 27 insertions, 3 deletions
diff --git a/pkg/api/handlers/compat/containers.go b/pkg/api/handlers/compat/containers.go index 26e1bf00b..a15fdb553 100644 --- a/pkg/api/handlers/compat/containers.go +++ b/pkg/api/handlers/compat/containers.go @@ -104,8 +104,12 @@ func ListContainers(w http.ResponseWriter, r *http.Request) { } filterMap, err := util.PrepareFilters(r) + if err != nil { + utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrapf(err, "failed to decode filter parameters for %s", r.URL.String())) + return + } - if dErr := decoder.Decode(&query, r.URL.Query()); dErr != nil || err != nil { + if err := decoder.Decode(&query, r.URL.Query()); err != nil { utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return } diff --git a/pkg/api/handlers/libpod/containers.go b/pkg/api/handlers/libpod/containers.go index 4639093f2..343c0d0b3 100644 --- a/pkg/api/handlers/libpod/containers.go +++ b/pkg/api/handlers/libpod/containers.go @@ -73,8 +73,13 @@ func ListContainers(w http.ResponseWriter, r *http.Request) { } filterMap, err := util.PrepareFilters(r) + if err != nil { + utils.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError, + errors.Wrapf(err, "failed to decode filter parameters for %s", r.URL.String())) + return + } - if dErr := decoder.Decode(&query, r.URL.Query()); dErr != nil || err != nil { + if err := decoder.Decode(&query, r.URL.Query()); err != nil { utils.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError, errors.Wrapf(err, "failed to parse parameters for %s", r.URL.String())) return diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go index 72093c492..b4f08a746 100644 --- a/pkg/api/handlers/libpod/images.go +++ b/pkg/api/handlers/libpod/images.go @@ -156,8 +156,14 @@ func PruneImages(w http.ResponseWriter, r *http.Request) { } filterMap, err := util.PrepareFilters(r) + if err != nil { + utils.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError, + errors. + Wrapf(err, "failed to decode filter parameters for %s", r.URL.String())) + return + } - if dErr := decoder.Decode(&query, r.URL.Query()); dErr != nil || err != nil { + if err := decoder.Decode(&query, r.URL.Query()); err != nil { utils.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError, errors. Wrapf(err, "failed to parse parameters for %s", r.URL.String())) diff --git a/test/apiv2/10-images.at b/test/apiv2/10-images.at index abc8d44b7..d3fde9f9d 100644 --- a/test/apiv2/10-images.at +++ b/test/apiv2/10-images.at @@ -94,6 +94,10 @@ t GET libpod/images/json?filters='garb1age}' 500 \ t GET libpod/images/json?filters='{"label":["testl' 500 \ .cause="unexpected end of JSON input" +# Prune images - bad all input +t POST libpod/images/prune?all='garb1age' 500 \ + .cause="schema: error converting value for \"all\"" + # Prune images - bad filter input t POST images/prune?filters='garb1age}' 500 \ .cause="invalid character 'g' looking for beginning of value" diff --git a/test/apiv2/20-containers.at b/test/apiv2/20-containers.at index 8fdecb4bd..afff68c22 100644 --- a/test/apiv2/20-containers.at +++ b/test/apiv2/20-containers.at @@ -22,6 +22,10 @@ podman run $IMAGE true t GET libpod/containers/json 200 length=0 +# bad all input +t GET libpod/containers/json?all='garb1age' 500 \ + .cause="schema: error converting value for \"all\"" + t GET libpod/containers/json?all=true 200 \ length=1 \ .[0].Id~[0-9a-f]\\{64\\} \ diff --git a/test/apiv2/test-apiv2 b/test/apiv2/test-apiv2 index e1bf28bae..c644b9578 100755 --- a/test/apiv2/test-apiv2 +++ b/test/apiv2/test-apiv2 @@ -327,6 +327,7 @@ function start_service() { die "Cannot start service on non-localhost ($HOST)" fi + echo $WORKDIR $PODMAN_BIN --root $WORKDIR/server_root --syslog=true \ system service \ --time 15 \ |