mirror of
https://github.com/containers/podman
synced 2024-10-22 10:13:33 +00:00
Add space trimming check in ValidateSysctls
This is to catch invalid sysctl configs with extra spacing. See https://github.com/containers/common/issues/723#issuecomment-897395506 Signed-off-by: xatier <xatierlike@gmail.com>
This commit is contained in:
parent
94886d4aba
commit
d997564342
|
@ -618,6 +618,12 @@ func ValidateSysctls(strSlice []string) (map[string]string, error) {
|
|||
if len(arr) < 2 {
|
||||
return nil, errors.Errorf("%s is invalid, sysctl values must be in the form of KEY=VALUE", val)
|
||||
}
|
||||
|
||||
trimmed := fmt.Sprintf("%s=%s", strings.TrimSpace(arr[0]), strings.TrimSpace(arr[1]))
|
||||
if trimmed != val {
|
||||
return nil, errors.Errorf("'%s' is invalid, extra spaces found", val)
|
||||
}
|
||||
|
||||
if validSysctlMap[arr[0]] {
|
||||
sysctl[arr[0]] = arr[1]
|
||||
continue
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package util
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
|
@ -259,6 +260,28 @@ func TestValidateSysctlBadSysctl(t *testing.T) {
|
|||
assert.Error(t, err)
|
||||
}
|
||||
|
||||
func TestValidateSysctlBadSysctlWithExtraSpaces(t *testing.T) {
|
||||
expectedError := "'%s' is invalid, extra spaces found"
|
||||
|
||||
// should fail fast on first sysctl
|
||||
strSlice1 := []string{
|
||||
"net.ipv4.ping_group_range = 0 0",
|
||||
"net.ipv4.ping_group_range=0 0 ",
|
||||
}
|
||||
_, err := ValidateSysctls(strSlice1)
|
||||
assert.Error(t, err)
|
||||
assert.Equal(t, err.Error(), fmt.Sprintf(expectedError, strSlice1[0]))
|
||||
|
||||
// should fail on second sysctl
|
||||
strSlice2 := []string{
|
||||
"net.ipv4.ping_group_range=0 0",
|
||||
"net.ipv4.ping_group_range=0 0 ",
|
||||
}
|
||||
_, err = ValidateSysctls(strSlice2)
|
||||
assert.Error(t, err)
|
||||
assert.Equal(t, err.Error(), fmt.Sprintf(expectedError, strSlice2[1]))
|
||||
}
|
||||
|
||||
func TestCoresToPeriodAndQuota(t *testing.T) {
|
||||
cores := 1.0
|
||||
expectedPeriod := DefaultCPUPeriod
|
||||
|
|
Loading…
Reference in a new issue