diff options
author | xatier <xatierlike@gmail.com> | 2021-08-13 02:49:57 -0500 |
---|---|---|
committer | xatier <xatierlike@gmail.com> | 2021-08-13 15:24:06 -0500 |
commit | d9975643428c63f5402c0ac253e8c324a14ba15e (patch) | |
tree | b979521502f690e2dc38741d06a818da955bb366 /pkg/util | |
parent | 94886d4abad7787cb920614ed26955ca36b13846 (diff) | |
download | podman-d9975643428c63f5402c0ac253e8c324a14ba15e.tar.gz podman-d9975643428c63f5402c0ac253e8c324a14ba15e.tar.bz2 podman-d9975643428c63f5402c0ac253e8c324a14ba15e.zip |
Add space trimming check in ValidateSysctls
This is to catch invalid sysctl configs with extra spacing.
See
https://github.com/containers/common/issues/723#issuecomment-897395506
Signed-off-by: xatier <xatierlike@gmail.com>
Diffstat (limited to 'pkg/util')
-rw-r--r-- | pkg/util/utils.go | 6 | ||||
-rw-r--r-- | pkg/util/utils_test.go | 23 |
2 files changed, 29 insertions, 0 deletions
diff --git a/pkg/util/utils.go b/pkg/util/utils.go index 774590f44..63fad0286 100644 --- a/pkg/util/utils.go +++ b/pkg/util/utils.go @@ -618,6 +618,12 @@ func ValidateSysctls(strSlice []string) (map[string]string, error) { if len(arr) < 2 { return nil, errors.Errorf("%s is invalid, sysctl values must be in the form of KEY=VALUE", val) } + + trimmed := fmt.Sprintf("%s=%s", strings.TrimSpace(arr[0]), strings.TrimSpace(arr[1])) + if trimmed != val { + return nil, errors.Errorf("'%s' is invalid, extra spaces found", val) + } + if validSysctlMap[arr[0]] { sysctl[arr[0]] = arr[1] continue diff --git a/pkg/util/utils_test.go b/pkg/util/utils_test.go index 027acbdab..62de7509f 100644 --- a/pkg/util/utils_test.go +++ b/pkg/util/utils_test.go @@ -1,6 +1,7 @@ package util import ( + "fmt" "testing" "time" @@ -259,6 +260,28 @@ func TestValidateSysctlBadSysctl(t *testing.T) { assert.Error(t, err) } +func TestValidateSysctlBadSysctlWithExtraSpaces(t *testing.T) { + expectedError := "'%s' is invalid, extra spaces found" + + // should fail fast on first sysctl + strSlice1 := []string{ + "net.ipv4.ping_group_range = 0 0", + "net.ipv4.ping_group_range=0 0 ", + } + _, err := ValidateSysctls(strSlice1) + assert.Error(t, err) + assert.Equal(t, err.Error(), fmt.Sprintf(expectedError, strSlice1[0])) + + // should fail on second sysctl + strSlice2 := []string{ + "net.ipv4.ping_group_range=0 0", + "net.ipv4.ping_group_range=0 0 ", + } + _, err = ValidateSysctls(strSlice2) + assert.Error(t, err) + assert.Equal(t, err.Error(), fmt.Sprintf(expectedError, strSlice2[1])) +} + func TestCoresToPeriodAndQuota(t *testing.T) { cores := 1.0 expectedPeriod := DefaultCPUPeriod |