Skip to content

Non-security digest.Digest use cleanups#2410

Merged
giuseppe merged 7 commits intocontainers:mainfrom
mtrmac:digest-nonsecurity
May 14, 2024
Merged

Non-security digest.Digest use cleanups#2410
giuseppe merged 7 commits intocontainers:mainfrom
mtrmac:digest-nonsecurity

Conversation

@mtrmac
Copy link
Collaborator

@mtrmac mtrmac commented May 9, 2024

A set of cleanups around creating/validating digest.Digest values, in places where it should not be exploitable.

See individual commit messages for details.

A side effect of the code audit required by CVE-2024-3727 .

@rhatdan
Copy link
Member

rhatdan commented May 13, 2024

LGTM
@giuseppe @Luap99 @mheon @baude PTAL

mtrmac added 7 commits May 14, 2024 01:01
@mtrmac
Don't use the "decrypted digest" when decrypting layers
95cd137 
Should not actually change behavior, the value is never set.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac
Use digest.Parse() instead just a cast to digest.Digest
1f66d1a 
These cases should be safe because the data is either trusted
(ostree), or validated by an exact match later (signatures)

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac
Validate a DiffID value before we record it in expectedLayerDiffIDFlag .
ef9464e 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac
Split blobCacheSource.layerInfoForCopy from LayerInfosForCopy
6040eef 
... so that we can simplify the error handling paths.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac
Use early exits in layerInfoForCopy
1a7789c 
Should not change behavior.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac
Don't use the same "alternate" variable for two different kinds of paths
b7ef16c 
Should not change behavior.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac
Avoid digest.Digest() conversions
496e3af 
Use the ordinary digest.Parse() instead of separate digest.Validate() and conversions.

Should not change behavior.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac mtrmac force-pushed the digest-nonsecurity branch from 1944cce to 496e3af Compare May 13, 2024 23:02
giuseppe
giuseppe approved these changes May 14, 2024
View reviewed changes
Copy link
Member

@giuseppe giuseppe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@giuseppe giuseppe merged commit 5710389 into containers:main May 14, 2024
@mtrmac mtrmac deleted the digest-nonsecurity branch May 14, 2024 08:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@giuseppe giuseppe giuseppe approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mtrmac @rhatdan @giuseppe