пре 8 година · ab397c95e6
--- a/daemon/checkpoint.go
+++ b/daemon/checkpoint.go
@@ -8,6 +8,12 @@ import (
 
				 	"path/filepath"
			
 
				 
			
 
				 	"github.com/docker/docker/api/types"
			
 
				+	"github.com/docker/docker/utils"
			
 
				+)
			
 
				+
			
 
				+var (
			
 
				+	validCheckpointNameChars   = utils.RestrictedNameChars
			
 
				+	validCheckpointNamePattern = utils.RestrictedNamePattern
			
 
				 )
			
 
				 
			
 
				 // CheckpointCreate checkpoints the process running in a container with CRIU
			
@@ -28,6 +34,10 @@ func (daemon *Daemon) CheckpointCreate(name string, config types.CheckpointCreat
 
				 		checkpointDir = container.CheckpointDir()
			
 
				 	}
			
 
				 
			
 
				+	if !validCheckpointNamePattern.MatchString(config.CheckpointID) {
			
 
				+		return fmt.Errorf("Invalid checkpoint ID (%s), only %s are allowed", config.CheckpointID, validCheckpointNameChars)
			
 
				+	}
			
 
				+
			
 
				 	err = daemon.containerd.CreateCheckpoint(container.ID, config.CheckpointID, checkpointDir, config.Exit)
			
 
				 	if err != nil {
			
 
				 		return fmt.Errorf("Cannot checkpoint container %s: %s", name, err)
			
--- a/daemon/names.go
+++ b/daemon/names.go
@@ -2,6 +2,7 @@ package daemon
 
				 
			
 
				 import (
			
 
				 	"fmt"
			
 
				+	"strings"
			
 
				 
			
 
				 	"github.com/Sirupsen/logrus"
			
 
				 	"github.com/docker/docker/container"
			
@@ -58,7 +59,7 @@ func (daemon *Daemon) generateIDAndName(name string) (string, string, error) {
 
				 }
			
 
				 
			
 
				 func (daemon *Daemon) reserveName(id, name string) (string, error) {
			
 
				-	if !validContainerNamePattern.MatchString(name) {
			
 
				+	if !validContainerNamePattern.MatchString(strings.TrimPrefix(name, "/")) {
			
 
				 		return "", fmt.Errorf("Invalid container name (%s), only %s are allowed", name, validContainerNameChars)
			
 
				 	}
			
 
				 	if name[0] != '/' {
			
--- a/utils/names.go
+++ b/utils/names.go
@@ -6,7 +6,4 @@ import "regexp"
 
				 const RestrictedNameChars = `[a-zA-Z0-9][a-zA-Z0-9_.-]`
			
 
				 
			
 
				 // RestrictedNamePattern is a regular expression to validate names against the collection of restricted characters.
			
 
				-var RestrictedNamePattern = regexp.MustCompile(`^/?` + RestrictedNameChars + `+$`)
			
 
				-
			
 
				-// RestrictedVolumeNamePattern is a regular expression to validate volume names against the collection of restricted characters.
			
 
				-var RestrictedVolumeNamePattern = regexp.MustCompile(`^` + RestrictedNameChars + `+$`)
			
 
				+var RestrictedNamePattern = regexp.MustCompile(`^` + RestrictedNameChars + `+$`)
			
--- a/volume/local/local.go
+++ b/volume/local/local.go
@@ -36,7 +36,7 @@ var (
 
				 	// volumeNameRegex ensures the name assigned for the volume is valid.
			
 
				 	// This name is used to create the bind directory, so we need to avoid characters that
			
 
				 	// would make the path to escape the root directory.
			
 
				-	volumeNameRegex = utils.RestrictedVolumeNamePattern
			
 
				+	volumeNameRegex = utils.RestrictedNamePattern
			
 
				 )
			
 
				 
			
 
				 type validationError struct {