a513a8b8e0
As reported in #11294, the Docker daemon will execute contains it shouldn't run in the event that a requested tag is present in an image's ID. This leads to the wrong image being started up silently. This change reduces the risk of such a collision by using the short ID iff the actual revOrTag looks like a short ID (not that it necessarily is). Signed-off-by: Richard Burnison <rburnison@ebay.com>
46 lines
1.2 KiB
Go
46 lines
1.2 KiB
Go
package stringid
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"encoding/hex"
|
|
"io"
|
|
"regexp"
|
|
"strconv"
|
|
)
|
|
|
|
const shortLen = 12
|
|
|
|
// Determine if an arbitrary string *looks like* a short ID.
|
|
func IsShortID(id string) bool {
|
|
return regexp.MustCompile("^[a-z0-9]{12}$").MatchString(id)
|
|
}
|
|
|
|
// TruncateID returns a shorthand version of a string identifier for convenience.
|
|
// A collision with other shorthands is very unlikely, but possible.
|
|
// In case of a collision a lookup with TruncIndex.Get() will fail, and the caller
|
|
// will need to use a langer prefix, or the full-length Id.
|
|
func TruncateID(id string) string {
|
|
trimTo := shortLen
|
|
if len(id) < shortLen {
|
|
trimTo = len(id)
|
|
}
|
|
return id[:trimTo]
|
|
}
|
|
|
|
// GenerateRandomID returns an unique id
|
|
func GenerateRandomID() string {
|
|
for {
|
|
id := make([]byte, 32)
|
|
if _, err := io.ReadFull(rand.Reader, id); err != nil {
|
|
panic(err) // This shouldn't happen
|
|
}
|
|
value := hex.EncodeToString(id)
|
|
// if we try to parse the truncated for as an int and we don't have
|
|
// an error then the value is all numberic and causes issues when
|
|
// used as a hostname. ref #3869
|
|
if _, err := strconv.ParseInt(TruncateID(value), 10, 64); err == nil {
|
|
continue
|
|
}
|
|
return value
|
|
}
|
|
}
|