Validate digest length on parsing

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2015-12-02 15:57:47 -08:00 · 2015-12-02 15:57:47 -08:00 · f015982f0f
commit f015982f0f
parent 329c353411
9 changed files with 95 additions and 65 deletions
--- a/reference/reference.go
+++ b/reference/reference.go
@ -7,7 +7,7 @@
 //
 //	// repository.go
 //	repository			:= hostname ['/' component]+
-//	hostname 			:= hostcomponent [':' port-number]
+//	hostname			:= hostcomponent [':' port-number]
 //	component			:= subcomponent [separator subcomponent]*
 //	subcomponent			:= alpha-numeric ['-'* alpha-numeric]*
 //	hostcomponent                   := [hostpart '.']* hostpart
@ -24,7 +24,7 @@
 //	digest-algorithm                := digest-algorithm-component [ digest-algorithm-separator digest-algorithm-component ]
 //	digest-algorithm-separator      := /[+.-_]/
 //	digest-algorithm-component      := /[A-Za-z][A-Za-z0-9]*/
-//	digest-hex                      := /[0-9a-fA-F]{32,}/ ; Atleast 128 bit digest value
+//	digest-hex                      := /[0-9a-fA-F]{32,}/ ; At least 128 bit digest value
 package reference

 import (
--- a/reference/reference_test.go
+++ b/reference/reference_test.go
@ -87,6 +87,10 @@ func TestReferenceParse(t *testing.T) {
 			input: "@sha256:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
 			err:   ErrReferenceInvalidFormat,
 		},
+		{
+			input: "repo@sha256:ffffffffffffffffffffffffffffffffff",
+			err:   digest.ErrDigestInvalidLength,
+		},
 		{
 			input: "validname@invaliddigest:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
 			err:   digest.ErrDigestUnsupported,
@ -129,11 +133,11 @@ func TestReferenceParse(t *testing.T) {
 			tag:        "xn--n3h.com",
 		},
 		{
-			input:      "xn--7o8h.com/myimage:xn--7o8h.com@sha512:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", // 🐳.com in punycode
+			input:      "xn--7o8h.com/myimage:xn--7o8h.com@sha512:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", // 🐳.com in punycode
 			hostname:   "xn--7o8h.com",
 			repository: "xn--7o8h.com/myimage",
 			tag:        "xn--7o8h.com",
-			digest:     "sha512:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+			digest:     "sha512:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
 		},
 		{
 			input:      "foo_bar.com:8080",
@ -343,9 +347,9 @@ func TestSerialization(t *testing.T) {
 		},
 		{
 			description: "name with digest",
-			input:       "other.com/named@sha256:1234567890098765432112345667890098765",
+			input:       "other.com/named@sha256:1234567890098765432112345667890098765432112345667890098765432112",
 			name:        "other.com/named",
-			digest:      "sha256:1234567890098765432112345667890098765",
+			digest:      "sha256:1234567890098765432112345667890098765432112345667890098765432112",
 		},
 	}
 	for _, testcase := range testcases {