scottk/kubernetes
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/kubernetes.git synced 2025-11-01 18:58:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix unsafe JSON construction

Browse Source 
Signed-off-by: Zou Nengren <zouyee1989@gmail.com>
This commit is contained in:
zouyee
2019-10-10 09:44:54 +08:00
parent 088322687f
commit a864fd2100
4 changed files with 189 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
pkg/controller/history/controller_history.go
View File

@@ -18,6 +18,7 @@ package history
import (
"bytes"
"encoding/json"
"fmt"
"hash/fnv"
"sort"
@@ -290,17 +291,43 @@ func (rh *realHistory) DeleteControllerRevision(revision *apps.ControllerRevisio
return rh.client.AppsV1().ControllerRevisions(revision.Namespace).Delete(revision.Name, nil)
}
type objectForPatch struct {
Metadata objectMetaForPatch `json:"metadata"`
}
// objectMetaForPatch define object meta struct for patch operation
type objectMetaForPatch struct {
OwnerReferences []metav1.OwnerReference `json:"ownerReferences"`
UID types.UID `json:"uid"`
}
func (rh *realHistory) AdoptControllerRevision(parent metav1.Object, parentKind schema.GroupVersionKind, revision *apps.ControllerRevision) (*apps.ControllerRevision, error) {
blockOwnerDeletion := true
isController := true
// Return an error if the parent does not own the revision
if owner := metav1.GetControllerOfNoCopy(revision); owner != nil {
return nil, fmt.Errorf("attempt to adopt revision owned by %v", owner)
}
addControllerPatch := objectForPatch{
Metadata: objectMetaForPatch{
UID: revision.UID,
OwnerReferences: []metav1.OwnerReference{{
APIVersion: parentKind.GroupVersion().String(),
Kind: parentKind.Kind,
Name: parent.GetName(),
UID: parent.GetUID(),
Controller: &isController,
BlockOwnerDeletion: &blockOwnerDeletion,
}},
},
}
patchBytes, err := json.Marshal(&addControllerPatch)
if err != nil {
return nil, err
}
// Use strategic merge patch to add an owner reference indicating a controller ref
return rh.client.AppsV1().ControllerRevisions(parent.GetNamespace()).Patch(revision.GetName(),
types.StrategicMergePatchType, []byte(fmt.Sprintf(
`{"metadata":{"ownerReferences":[{"apiVersion":"%s","kind":"%s","name":"%s","uid":"%s","controller":true,"blockOwnerDeletion":true}],"uid":"%s"}}`,
parentKind.GroupVersion().String(), parentKind.Kind,
parent.GetName(), parent.GetUID(), revision.UID)))
types.StrategicMergePatchType, patchBytes)
}
func (rh *realHistory) ReleaseControllerRevision(parent metav1.Object, revision *apps.ControllerRevision) (*apps.ControllerRevision, error) {