projects / docker.io.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 44d54d7) | patch
[PATCH] pull: Validate layer digest format
authorBrian Goff <cpuguy83@gmail.com>
Mon, 12 Oct 2020 18:08:28 +0000 (18:08 +0000)
committerFelix Geyer <fgeyer@debian.org>
Sun, 21 Feb 2021 17:18:35 +0000 (17:18 +0000)
commita84d20778d287d7a85f2ce1d2e6fdd4604126033
tree1d32e182b6663897b9be6eec0462dd14fde42091tree | snapshot
parent44d54d7d6067ec64b6e14b3b631e8a4e7b8a4e35commit | diff
[PATCH] pull: Validate layer digest format

Otherwise a malformed or empty digest may cause a panic.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit a7d4af84bd2f189b921c3ec60796aa825e3a0f2a)
Signed-off-by: Tibor Vass <tibor@docker.com>
Gbp-Pq: Name cve-2021-21285.patch
engine/builder/builder-next/adapters/containerimage/pull.go diff | blob | history
engine/distribution/pull_v2.go diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.