Browse code
validate extraHosts in daemon side
Signed-off-by: allencloud <allen.sun@daocloud.io>
allencloud authored on 2017/02/27 22:21:10Showing 2 changed files
| ... | ... |
@@ -256,6 +256,12 @@ func (daemon *Daemon) verifyContainerSettings(hostConfig *containertypes.HostCon |
| 256 | 256 |
return nil, fmt.Errorf("can't create 'AutoRemove' container with restart policy")
|
| 257 | 257 |
} |
| 258 | 258 |
|
| 259 |
+ for _, extraHost := range hostConfig.ExtraHosts {
|
|
| 260 |
+ if _, err := opts.ValidateExtraHost(extraHost); err != nil {
|
|
| 261 |
+ return nil, err |
|
| 262 |
+ } |
|
| 263 |
+ } |
|
| 264 |
+ |
|
| 259 | 265 |
for port := range hostConfig.PortBindings {
|
| 260 | 266 |
_, portStr := nat.SplitProtoPort(string(port)) |
| 261 | 267 |
if _, err := nat.ParsePort(portStr); err != nil {
|
| ... | ... |
@@ -16,6 +16,7 @@ import ( |
| 16 | 16 |
networktypes "github.com/docker/docker/api/types/network" |
| 17 | 17 |
"github.com/docker/docker/container" |
| 18 | 18 |
"github.com/docker/docker/daemon/network" |
| 19 |
+ "github.com/docker/docker/opts" |
|
| 19 | 20 |
"github.com/docker/docker/pkg/stringid" |
| 20 | 21 |
"github.com/docker/docker/runconfig" |
| 21 | 22 |
"github.com/docker/go-connections/nat" |
| ... | ... |
@@ -117,6 +118,9 @@ func (daemon *Daemon) buildSandboxOptions(container *container.Container) ([]lib |
| 117 | 117 |
|
| 118 | 118 |
for _, extraHost := range container.HostConfig.ExtraHosts {
|
| 119 | 119 |
// allow IPv6 addresses in extra hosts; only split on first ":" |
| 120 |
+ if _, err := opts.ValidateExtraHost(extraHost); err != nil {
|
|
| 121 |
+ return nil, err |
|
| 122 |
+ } |
|
| 120 | 123 |
parts := strings.SplitN(extraHost, ":", 2) |
| 121 | 124 |
sboxOptions = append(sboxOptions, libnetwork.OptionExtraHost(parts[0], parts[1])) |
| 122 | 125 |
} |