Browse Source

Validate Port specifications on daemon side

Fixes #14230

Signed-off-by: Ankush Agarwal <ankushagarwal11@gmail.com>
Ankush Agarwal 10 years ago
parent
commit
477201a295
2 changed files with 31 additions and 0 deletions
  1. 7 0
      daemon/daemon_unix.go
  2. 24 0
      integration-cli/docker_api_containers_test.go

+ 7 - 0
daemon/daemon_unix.go

@@ -15,6 +15,7 @@ import (
 	"github.com/Sirupsen/logrus"
 	"github.com/docker/docker/autogen/dockerversion"
 	"github.com/docker/docker/daemon/graphdriver"
+	"github.com/docker/docker/nat"
 	"github.com/docker/docker/pkg/archive"
 	"github.com/docker/docker/pkg/fileutils"
 	"github.com/docker/docker/pkg/parsers"
@@ -129,6 +130,12 @@ func (daemon *Daemon) verifyContainerSettings(hostConfig *runconfig.HostConfig,
 		return warnings, nil
 	}
 
+	for port := range hostConfig.PortBindings {
+		_, portStr := nat.SplitProtoPort(string(port))
+		if _, err := nat.ParsePort(portStr); err != nil {
+			return warnings, fmt.Errorf("Invalid port specification: %s", portStr)
+		}
+	}
 	if hostConfig.LxcConf.Len() > 0 && !strings.Contains(daemon.ExecutionDriver().Name(), "lxc") {
 		return warnings, fmt.Errorf("Cannot use --lxc-conf with execdriver: %s", daemon.ExecutionDriver().Name())
 	}

+ 24 - 0
integration-cli/docker_api_containers_test.go

@@ -1134,6 +1134,30 @@ func (s *DockerSuite) TestContainerApiVerifyHeader(c *check.C) {
 	body.Close()
 }
 
+//Issue 14230. daemon should return 500 for invalid port syntax
+func (s *DockerSuite) TestContainerApiInvalidPortSyntax(c *check.C) {
+	config := `{
+				  "Image": "busybox",
+				  "HostConfig": {
+					"PortBindings": {
+					  "19039;1230": [
+						{}
+					  ]
+					}
+				  }
+				}`
+
+	res, body, err := sockRequestRaw("POST", "/containers/create", strings.NewReader(config), "application/json")
+	c.Assert(res.StatusCode, check.Equals, http.StatusInternalServerError)
+	c.Assert(err, check.IsNil)
+
+	b, err := readBody(body)
+	if err != nil {
+		c.Fatal(err)
+	}
+	c.Assert(strings.Contains(string(b[:]), "Invalid port"), check.Equals, true)
+}
+
 // Issue 7941 - test to make sure a "null" in JSON is just ignored.
 // W/o this fix a null in JSON would be parsed into a string var as "null"
 func (s *DockerSuite) TestContainerApiPostCreateNull(c *check.C) {