mirror of
https://github.com/moby/buildkit.git
synced 2026-06-24 08:47:57 +00:00
6e9d3d4bbc
Add executor.ValidContainerID and enforce it in runc/containerd Run paths. Only runc executor used the ID in filesystem operations. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> (cherry picked from commit 789df2422341960b7549d14ea475add43e73cd74)
19 lines
511 B
Go
19 lines
511 B
Go
package executor
|
|
|
|
import "github.com/pkg/errors"
|
|
|
|
// ValidContainerID validates that id is non-empty and contains only ASCII letters and digits.
|
|
func ValidContainerID(id string) error {
|
|
if id == "" {
|
|
return errors.New("container id must not be empty")
|
|
}
|
|
for i := range len(id) {
|
|
ch := id[i]
|
|
if (ch >= 'a' && ch <= 'z') || (ch >= 'A' && ch <= 'Z') || (ch >= '0' && ch <= '9') {
|
|
continue
|
|
}
|
|
return errors.Errorf("invalid container id %q: only letters and numbers are allowed", id)
|
|
}
|
|
return nil
|
|
}
|