From d96416a23c0686e64768240a0d81d66def734299 Mon Sep 17 00:00:00 2001 From: Sascha Grunert Date: Mon, 9 Oct 2023 11:06:42 +0200 Subject: [PATCH] Validate sandbox and container metadata We pre-validate the container metadata before creation the sandbox/container. Fixes https://github.com/kubernetes-sigs/cri-tools/issues/1273 Signed-off-by: Sascha Grunert --- cmd/crictl/util.go | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/cmd/crictl/util.go b/cmd/crictl/util.go index bf57a94907..6a1e685771 100644 --- a/cmd/crictl/util.go +++ b/cmd/crictl/util.go @@ -152,6 +152,13 @@ func loadContainerConfig(path string) (*pb.ContainerConfig, error) { if err := utilyaml.NewYAMLOrJSONDecoder(f, 4096).Decode(&config); err != nil { return nil, err } + + if config.Metadata == nil { + return nil, errors.New("metadata is not set") + } else if config.Metadata.Name == "" { + return nil, fmt.Errorf("name is not in metadata %q", config.Metadata) + } + return &config, nil } @@ -166,6 +173,13 @@ func loadPodSandboxConfig(path string) (*pb.PodSandboxConfig, error) { if err := utilyaml.NewYAMLOrJSONDecoder(f, 4096).Decode(&config); err != nil { return nil, err } + + if config.Metadata == nil { + return nil, errors.New("metadata is not set") + } else if config.Metadata.Name == "" || config.Metadata.Namespace == "" || config.Metadata.Uid == "" { + return nil, fmt.Errorf("name, namespace or uid is not in metadata %q", config.Metadata) + } + return &config, nil }