From c5e26f8e40f3bc51ee7cdfce8eb4207105e4c4ba Mon Sep 17 00:00:00 2001 From: Mrigank Krishan Date: Fri, 4 Oct 2019 02:00:29 +0530 Subject: podman network create: validate user input Disallow invalid/confusing names such as '../bar' or 'foo ' Closes #4184 Signed-off-by: Mrigank Krishan --- cmd/podman/network_create.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'cmd/podman/network_create.go') diff --git a/cmd/podman/network_create.go b/cmd/podman/network_create.go index 378a92568..11f13faad 100644 --- a/cmd/podman/network_create.go +++ b/cmd/podman/network_create.go @@ -4,11 +4,12 @@ package main import ( "fmt" - "github.com/containers/libpod/pkg/network" "net" "github.com/containers/libpod/cmd/podman/cliconfig" + "github.com/containers/libpod/libpod" "github.com/containers/libpod/pkg/adapter" + "github.com/containers/libpod/pkg/network" "github.com/containers/libpod/pkg/rootless" "github.com/pkg/errors" "github.com/spf13/cobra" @@ -58,6 +59,9 @@ func networkcreateCmd(c *cliconfig.NetworkCreateValues) error { if len(c.InputArgs) > 1 { return errors.Errorf("only one network can be created at a time") } + if len(c.InputArgs) > 0 && !libpod.NameRegex.MatchString(c.InputArgs[0]) { + return libpod.RegexError + } runtime, err := adapter.GetRuntimeNoStore(getContext(), &c.PodmanCommand) if err != nil { return err -- cgit v1.2.3-54-g00ecf