Infrastructure/zot
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2025-01-27 23:01:43 -05:00
Code Issues Activity

fix: add manifest validation checks (#1747)

Browse source 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
This commit is contained in:
Ramkumar Chinchani 2023-09-02 01:28:31 -07:00 committed by GitHub
parent c6b822f3dd
commit 8e36bfd4d1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
pkg/storage/common/common.go
View file

@ -95,7 +95,17 @@ func ValidateManifest(imgStore storageTypes.ImageStore, repo, reference, mediaTy
return "", zerr.ErrBadManifest
}
if manifest.Config.MediaType == ispec.MediaTypeImageConfig {
// validate blobs only for known media types
if manifest.Config.MediaType == ispec.MediaTypeImageConfig ||
manifest.Config.MediaType == ispec.MediaTypeEmptyJSON {
// validate config blob - a lightweight check if the blob is present
ok, _, _, err := imgStore.StatBlob(repo, manifest.Config.Digest)
if !ok || err != nil {
log.Error().Err(err).Str("digest", manifest.Config.Digest.String()).Msg("missing config blob")
return "", zerr.ErrBadManifest
}
// validate layers - a lightweight check if the blob is present
for _, layer := range manifest.Layers {
if IsNonDistributable(layer.MediaType) {