Merge pull request #1177 from crazy-max/build-display-builder
build: print instance being usedpull/1644/head
						commit
						62fbef22d0
					
				| @ -0,0 +1,93 @@ | ||||
| # go-fuzz-headers | ||||
| This repository contains various helper functions for go fuzzing. It is mostly used in combination with [go-fuzz](https://github.com/dvyukov/go-fuzz), but compatibility with fuzzing in the standard library will also be supported. Any coverage guided fuzzing engine that provides an array or slice of bytes can be used with go-fuzz-headers. | ||||
| 
 | ||||
| 
 | ||||
| ## Usage | ||||
| Using go-fuzz-headers is easy. First create a new consumer with the bytes provided by the fuzzing engine: | ||||
| 
 | ||||
| ```go | ||||
| import ( | ||||
| 	fuzz "github.com/AdaLogics/go-fuzz-headers" | ||||
| ) | ||||
| data := []byte{'R', 'a', 'n', 'd', 'o', 'm'} | ||||
| f := fuzz.NewConsumer(data) | ||||
| 
 | ||||
| ``` | ||||
| 
 | ||||
| This creates a `Consumer` that consumes the bytes of the input as it uses them to fuzz different types. | ||||
| 
 | ||||
| After that, `f` can be used to easily create fuzzed instances of different types. Below are some examples: | ||||
| 
 | ||||
| ### Structs | ||||
| One of the most useful features of go-fuzz-headers is its ability to fill structs with the data provided by the fuzzing engine. This is done with a single line: | ||||
| ```go | ||||
| type Person struct { | ||||
|     Name string | ||||
|     Age  int | ||||
| } | ||||
| p := Person{} | ||||
| // Fill p with values based on the data provided by the fuzzing engine: | ||||
| err := f.GenerateStruct(&p) | ||||
| ``` | ||||
| 
 | ||||
| This includes nested structs too. In this example, the fuzz Consumer will also insert values in `p.BestFriend`: | ||||
| ```go | ||||
| type PersonI struct { | ||||
|     Name       string | ||||
|     Age        int | ||||
|     BestFriend PersonII | ||||
| } | ||||
| type PersonII struct { | ||||
|     Name string | ||||
|     Age  int | ||||
| } | ||||
| p := PersonI{} | ||||
| err := f.GenerateStruct(&p) | ||||
| ``` | ||||
| 
 | ||||
| If the consumer should insert values for unexported fields as well as exported, this can be enabled with: | ||||
| 
 | ||||
| ```go | ||||
| f.AllowUnexportedFields() | ||||
| ``` | ||||
| 
 | ||||
| ...and disabled with: | ||||
| 
 | ||||
| ```go | ||||
| f.DisallowUnexportedFields() | ||||
| ``` | ||||
| 
 | ||||
| ### Other types: | ||||
| 
 | ||||
| Other useful APIs: | ||||
| 
 | ||||
| ```go | ||||
| createdString, err := f.GetString() // Gets a string | ||||
| createdInt, err := f.GetInt() // Gets an integer | ||||
| createdByte, err := f.GetByte() // Gets a byte | ||||
| createdBytes, err := f.GetBytes() // Gets a byte slice | ||||
| createdBool, err := f.GetBool() // Gets a boolean | ||||
| err := f.FuzzMap(target_map) // Fills a map | ||||
| createdTarBytes, err := f.TarBytes() // Gets bytes of a valid tar archive | ||||
| err := f.CreateFiles(inThisDir) // Fills inThisDir with files | ||||
| createdString, err := f.GetStringFrom("anyCharInThisString", ofThisLength) // Gets a string that consists of chars from "anyCharInThisString" and has the exact length "ofThisLength" | ||||
| ``` | ||||
| 
 | ||||
| Most APIs are added as they are needed. | ||||
| 
 | ||||
| ## Projects that use go-fuzz-headers | ||||
| - [runC](https://github.com/opencontainers/runc) | ||||
| - [Istio](https://github.com/istio/istio) | ||||
| - [Vitess](https://github.com/vitessio/vitess) | ||||
| - [Containerd](https://github.com/containerd/containerd) | ||||
| 
 | ||||
| Feel free to add your own project to the list, if you use go-fuzz-headers to fuzz it. | ||||
| 
 | ||||
| 
 | ||||
|   | ||||
| 
 | ||||
| ## Status | ||||
| The project is under development and will be updated regularly. | ||||
| 
 | ||||
| ## References | ||||
| go-fuzz-headers' approach to fuzzing structs is strongly inspired by [gofuzz](https://github.com/google/gofuzz). | ||||
| @ -0,0 +1,899 @@ | ||||
| // Copyright 2023 The go-fuzz-headers Authors.
 | ||||
| //
 | ||||
| // Licensed under the Apache License, Version 2.0 (the "License");
 | ||||
| // you may not use this file except in compliance with the License.
 | ||||
| // You may obtain a copy of the License at
 | ||||
| //
 | ||||
| //     http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| //
 | ||||
| // Unless required by applicable law or agreed to in writing, software
 | ||||
| // distributed under the License is distributed on an "AS IS" BASIS,
 | ||||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | ||||
| // See the License for the specific language governing permissions and
 | ||||
| // limitations under the License.
 | ||||
| 
 | ||||
| package gofuzzheaders | ||||
| 
 | ||||
| import ( | ||||
| 	"archive/tar" | ||||
| 	"bytes" | ||||
| 	"encoding/binary" | ||||
| 	"errors" | ||||
| 	"fmt" | ||||
| 	"io" | ||||
| 	"math" | ||||
| 	"os" | ||||
| 	"path/filepath" | ||||
| 	"reflect" | ||||
| 	"strings" | ||||
| 	"time" | ||||
| 	"unsafe" | ||||
| 
 | ||||
| 	securejoin "github.com/cyphar/filepath-securejoin" | ||||
| ) | ||||
| 
 | ||||
| var ( | ||||
| 	MaxTotalLen uint32 = 2000000 | ||||
| 	maxDepth           = 100 | ||||
| ) | ||||
| 
 | ||||
| func SetMaxTotalLen(newLen uint32) { | ||||
| 	MaxTotalLen = newLen | ||||
| } | ||||
| 
 | ||||
| type ConsumeFuzzer struct { | ||||
| 	data                 []byte | ||||
| 	dataTotal            uint32 | ||||
| 	CommandPart          []byte | ||||
| 	RestOfArray          []byte | ||||
| 	NumberOfCalls        int | ||||
| 	position             uint32 | ||||
| 	fuzzUnexportedFields bool | ||||
| 	curDepth             int | ||||
| 	Funcs                map[reflect.Type]reflect.Value | ||||
| } | ||||
| 
 | ||||
| func IsDivisibleBy(n int, divisibleby int) bool { | ||||
| 	return (n % divisibleby) == 0 | ||||
| } | ||||
| 
 | ||||
| func NewConsumer(fuzzData []byte) *ConsumeFuzzer { | ||||
| 	return &ConsumeFuzzer{ | ||||
| 		data:      fuzzData, | ||||
| 		dataTotal: uint32(len(fuzzData)), | ||||
| 		Funcs:     make(map[reflect.Type]reflect.Value), | ||||
| 		curDepth:  0, | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) Split(minCalls, maxCalls int) error { | ||||
| 	if f.dataTotal == 0 { | ||||
| 		return errors.New("could not split") | ||||
| 	} | ||||
| 	numberOfCalls := int(f.data[0]) | ||||
| 	if numberOfCalls < minCalls || numberOfCalls > maxCalls { | ||||
| 		return errors.New("bad number of calls") | ||||
| 	} | ||||
| 	if int(f.dataTotal) < numberOfCalls+numberOfCalls+1 { | ||||
| 		return errors.New("length of data does not match required parameters") | ||||
| 	} | ||||
| 
 | ||||
| 	// Define part 2 and 3 of the data array
 | ||||
| 	commandPart := f.data[1 : numberOfCalls+1] | ||||
| 	restOfArray := f.data[numberOfCalls+1:] | ||||
| 
 | ||||
| 	// Just a small check. It is necessary
 | ||||
| 	if len(commandPart) != numberOfCalls { | ||||
| 		return errors.New("length of commandPart does not match number of calls") | ||||
| 	} | ||||
| 
 | ||||
| 	// Check if restOfArray is divisible by numberOfCalls
 | ||||
| 	if !IsDivisibleBy(len(restOfArray), numberOfCalls) { | ||||
| 		return errors.New("length of commandPart does not match number of calls") | ||||
| 	} | ||||
| 	f.CommandPart = commandPart | ||||
| 	f.RestOfArray = restOfArray | ||||
| 	f.NumberOfCalls = numberOfCalls | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) AllowUnexportedFields() { | ||||
| 	f.fuzzUnexportedFields = true | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) DisallowUnexportedFields() { | ||||
| 	f.fuzzUnexportedFields = false | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GenerateStruct(targetStruct interface{}) error { | ||||
| 	e := reflect.ValueOf(targetStruct).Elem() | ||||
| 	return f.fuzzStruct(e, false) | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) setCustom(v reflect.Value) error { | ||||
| 	// First: see if we have a fuzz function for it.
 | ||||
| 	doCustom, ok := f.Funcs[v.Type()] | ||||
| 	if !ok { | ||||
| 		return fmt.Errorf("could not find a custom function") | ||||
| 	} | ||||
| 
 | ||||
| 	switch v.Kind() { | ||||
| 	case reflect.Ptr: | ||||
| 		if v.IsNil() { | ||||
| 			if !v.CanSet() { | ||||
| 				return fmt.Errorf("could not use a custom function") | ||||
| 			} | ||||
| 			v.Set(reflect.New(v.Type().Elem())) | ||||
| 		} | ||||
| 	case reflect.Map: | ||||
| 		if v.IsNil() { | ||||
| 			if !v.CanSet() { | ||||
| 				return fmt.Errorf("could not use a custom function") | ||||
| 			} | ||||
| 			v.Set(reflect.MakeMap(v.Type())) | ||||
| 		} | ||||
| 	default: | ||||
| 		return fmt.Errorf("could not use a custom function") | ||||
| 	} | ||||
| 
 | ||||
| 	verr := doCustom.Call([]reflect.Value{v, reflect.ValueOf(Continue{ | ||||
| 		F: f, | ||||
| 	})}) | ||||
| 
 | ||||
| 	// check if we return an error
 | ||||
| 	if verr[0].IsNil() { | ||||
| 		return nil | ||||
| 	} | ||||
| 	return fmt.Errorf("could not use a custom function") | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) fuzzStruct(e reflect.Value, customFunctions bool) error { | ||||
| 	if f.curDepth >= maxDepth { | ||||
| 		// return err or nil here?
 | ||||
| 		return nil | ||||
| 	} | ||||
| 	f.curDepth++ | ||||
| 	defer func() { f.curDepth-- }() | ||||
| 
 | ||||
| 	// We check if we should check for custom functions
 | ||||
| 	if customFunctions && e.IsValid() && e.CanAddr() { | ||||
| 		err := f.setCustom(e.Addr()) | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	switch e.Kind() { | ||||
| 	case reflect.Struct: | ||||
| 		for i := 0; i < e.NumField(); i++ { | ||||
| 			var v reflect.Value | ||||
| 			if !e.Field(i).CanSet() { | ||||
| 				if f.fuzzUnexportedFields { | ||||
| 					v = reflect.NewAt(e.Field(i).Type(), unsafe.Pointer(e.Field(i).UnsafeAddr())).Elem() | ||||
| 				} | ||||
| 				if err := f.fuzzStruct(v, customFunctions); err != nil { | ||||
| 					return err | ||||
| 				} | ||||
| 			} else { | ||||
| 				v = e.Field(i) | ||||
| 				if err := f.fuzzStruct(v, customFunctions); err != nil { | ||||
| 					return err | ||||
| 				} | ||||
| 			} | ||||
| 		} | ||||
| 	case reflect.String: | ||||
| 		str, err := f.GetString() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		if e.CanSet() { | ||||
| 			e.SetString(str) | ||||
| 		} | ||||
| 	case reflect.Slice: | ||||
| 		var maxElements uint32 | ||||
| 		// Byte slices should not be restricted
 | ||||
| 		if e.Type().String() == "[]uint8" { | ||||
| 			maxElements = 10000000 | ||||
| 		} else { | ||||
| 			maxElements = 50 | ||||
| 		} | ||||
| 
 | ||||
| 		randQty, err := f.GetUint32() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		numOfElements := randQty % maxElements | ||||
| 		if (f.dataTotal - f.position) < numOfElements { | ||||
| 			numOfElements = f.dataTotal - f.position | ||||
| 		} | ||||
| 
 | ||||
| 		uu := reflect.MakeSlice(e.Type(), int(numOfElements), int(numOfElements)) | ||||
| 
 | ||||
| 		for i := 0; i < int(numOfElements); i++ { | ||||
| 			// If we have more than 10, then we can proceed with that.
 | ||||
| 			if err := f.fuzzStruct(uu.Index(i), customFunctions); err != nil { | ||||
| 				if i >= 10 { | ||||
| 					if e.CanSet() { | ||||
| 						e.Set(uu) | ||||
| 					} | ||||
| 					return nil | ||||
| 				} else { | ||||
| 					return err | ||||
| 				} | ||||
| 			} | ||||
| 		} | ||||
| 		if e.CanSet() { | ||||
| 			e.Set(uu) | ||||
| 		} | ||||
| 	case reflect.Uint16: | ||||
| 		newInt, err := f.GetUint16() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		if e.CanSet() { | ||||
| 			e.SetUint(uint64(newInt)) | ||||
| 		} | ||||
| 	case reflect.Uint32: | ||||
| 		newInt, err := f.GetUint32() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		if e.CanSet() { | ||||
| 			e.SetUint(uint64(newInt)) | ||||
| 		} | ||||
| 	case reflect.Uint64: | ||||
| 		newInt, err := f.GetInt() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		if e.CanSet() { | ||||
| 			e.SetUint(uint64(newInt)) | ||||
| 		} | ||||
| 	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: | ||||
| 		newInt, err := f.GetInt() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		if e.CanSet() { | ||||
| 			e.SetInt(int64(newInt)) | ||||
| 		} | ||||
| 	case reflect.Float32: | ||||
| 		newFloat, err := f.GetFloat32() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		if e.CanSet() { | ||||
| 			e.SetFloat(float64(newFloat)) | ||||
| 		} | ||||
| 	case reflect.Float64: | ||||
| 		newFloat, err := f.GetFloat64() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		if e.CanSet() { | ||||
| 			e.SetFloat(float64(newFloat)) | ||||
| 		} | ||||
| 	case reflect.Map: | ||||
| 		if e.CanSet() { | ||||
| 			e.Set(reflect.MakeMap(e.Type())) | ||||
| 			const maxElements = 50 | ||||
| 			randQty, err := f.GetInt() | ||||
| 			if err != nil { | ||||
| 				return err | ||||
| 			} | ||||
| 			numOfElements := randQty % maxElements | ||||
| 			for i := 0; i < numOfElements; i++ { | ||||
| 				key := reflect.New(e.Type().Key()).Elem() | ||||
| 				if err := f.fuzzStruct(key, customFunctions); err != nil { | ||||
| 					return err | ||||
| 				} | ||||
| 				val := reflect.New(e.Type().Elem()).Elem() | ||||
| 				if err = f.fuzzStruct(val, customFunctions); err != nil { | ||||
| 					return err | ||||
| 				} | ||||
| 				e.SetMapIndex(key, val) | ||||
| 			} | ||||
| 		} | ||||
| 	case reflect.Ptr: | ||||
| 		if e.CanSet() { | ||||
| 			e.Set(reflect.New(e.Type().Elem())) | ||||
| 			if err := f.fuzzStruct(e.Elem(), customFunctions); err != nil { | ||||
| 				return err | ||||
| 			} | ||||
| 			return nil | ||||
| 		} | ||||
| 	case reflect.Uint8: | ||||
| 		b, err := f.GetByte() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		if e.CanSet() { | ||||
| 			e.SetUint(uint64(b)) | ||||
| 		} | ||||
| 	} | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetStringArray() (reflect.Value, error) { | ||||
| 	// The max size of the array:
 | ||||
| 	const max uint32 = 20 | ||||
| 
 | ||||
| 	arraySize := f.position | ||||
| 	if arraySize > max { | ||||
| 		arraySize = max | ||||
| 	} | ||||
| 	stringArray := reflect.MakeSlice(reflect.SliceOf(reflect.TypeOf("string")), int(arraySize), int(arraySize)) | ||||
| 	if f.position+arraySize >= f.dataTotal { | ||||
| 		return stringArray, errors.New("could not make string array") | ||||
| 	} | ||||
| 
 | ||||
| 	for i := 0; i < int(arraySize); i++ { | ||||
| 		stringSize := uint32(f.data[f.position]) | ||||
| 		if f.position+stringSize >= f.dataTotal { | ||||
| 			return stringArray, nil | ||||
| 		} | ||||
| 		stringToAppend := string(f.data[f.position : f.position+stringSize]) | ||||
| 		strVal := reflect.ValueOf(stringToAppend) | ||||
| 		stringArray = reflect.Append(stringArray, strVal) | ||||
| 		f.position += stringSize | ||||
| 	} | ||||
| 	return stringArray, nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetInt() (int, error) { | ||||
| 	if f.position >= f.dataTotal { | ||||
| 		return 0, errors.New("not enough bytes to create int") | ||||
| 	} | ||||
| 	returnInt := int(f.data[f.position]) | ||||
| 	f.position++ | ||||
| 	return returnInt, nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetByte() (byte, error) { | ||||
| 	if f.position >= f.dataTotal { | ||||
| 		return 0x00, errors.New("not enough bytes to get byte") | ||||
| 	} | ||||
| 	returnByte := f.data[f.position] | ||||
| 	f.position++ | ||||
| 	return returnByte, nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetNBytes(numberOfBytes int) ([]byte, error) { | ||||
| 	if f.position >= f.dataTotal { | ||||
| 		return nil, errors.New("not enough bytes to get byte") | ||||
| 	} | ||||
| 	returnBytes := make([]byte, 0, numberOfBytes) | ||||
| 	for i := 0; i < numberOfBytes; i++ { | ||||
| 		newByte, err := f.GetByte() | ||||
| 		if err != nil { | ||||
| 			return nil, err | ||||
| 		} | ||||
| 		returnBytes = append(returnBytes, newByte) | ||||
| 	} | ||||
| 	return returnBytes, nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetUint16() (uint16, error) { | ||||
| 	u16, err := f.GetNBytes(2) | ||||
| 	if err != nil { | ||||
| 		return 0, err | ||||
| 	} | ||||
| 	littleEndian, err := f.GetBool() | ||||
| 	if err != nil { | ||||
| 		return 0, err | ||||
| 	} | ||||
| 	if littleEndian { | ||||
| 		return binary.LittleEndian.Uint16(u16), nil | ||||
| 	} | ||||
| 	return binary.BigEndian.Uint16(u16), nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetUint32() (uint32, error) { | ||||
| 	i, err := f.GetInt() | ||||
| 	if err != nil { | ||||
| 		return uint32(0), err | ||||
| 	} | ||||
| 	return uint32(i), nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetUint64() (uint64, error) { | ||||
| 	u64, err := f.GetNBytes(8) | ||||
| 	if err != nil { | ||||
| 		return 0, err | ||||
| 	} | ||||
| 	littleEndian, err := f.GetBool() | ||||
| 	if err != nil { | ||||
| 		return 0, err | ||||
| 	} | ||||
| 	if littleEndian { | ||||
| 		return binary.LittleEndian.Uint64(u64), nil | ||||
| 	} | ||||
| 	return binary.BigEndian.Uint64(u64), nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetBytes() ([]byte, error) { | ||||
| 	if f.position >= f.dataTotal { | ||||
| 		return nil, errors.New("not enough bytes to create byte array") | ||||
| 	} | ||||
| 	length, err := f.GetUint32() | ||||
| 	if err != nil { | ||||
| 		return nil, errors.New("not enough bytes to create byte array") | ||||
| 	} | ||||
| 	if f.position+length > MaxTotalLen { | ||||
| 		return nil, errors.New("created too large a string") | ||||
| 	} | ||||
| 	byteBegin := f.position - 1 | ||||
| 	if byteBegin >= f.dataTotal { | ||||
| 		return nil, errors.New("not enough bytes to create byte array") | ||||
| 	} | ||||
| 	if length == 0 { | ||||
| 		return nil, errors.New("zero-length is not supported") | ||||
| 	} | ||||
| 	if byteBegin+length >= f.dataTotal { | ||||
| 		return nil, errors.New("not enough bytes to create byte array") | ||||
| 	} | ||||
| 	if byteBegin+length < byteBegin { | ||||
| 		return nil, errors.New("numbers overflow") | ||||
| 	} | ||||
| 	f.position = byteBegin + length | ||||
| 	return f.data[byteBegin:f.position], nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetString() (string, error) { | ||||
| 	if f.position >= f.dataTotal { | ||||
| 		return "nil", errors.New("not enough bytes to create string") | ||||
| 	} | ||||
| 	length, err := f.GetUint32() | ||||
| 	if err != nil { | ||||
| 		return "nil", errors.New("not enough bytes to create string") | ||||
| 	} | ||||
| 	if f.position > MaxTotalLen { | ||||
| 		return "nil", errors.New("created too large a string") | ||||
| 	} | ||||
| 	byteBegin := f.position | ||||
| 	if byteBegin >= f.dataTotal { | ||||
| 		return "nil", errors.New("not enough bytes to create string") | ||||
| 	} | ||||
| 	if byteBegin+length > f.dataTotal { | ||||
| 		return "nil", errors.New("not enough bytes to create string") | ||||
| 	} | ||||
| 	if byteBegin > byteBegin+length { | ||||
| 		return "nil", errors.New("numbers overflow") | ||||
| 	} | ||||
| 	f.position = byteBegin + length | ||||
| 	return string(f.data[byteBegin:f.position]), nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetBool() (bool, error) { | ||||
| 	if f.position >= f.dataTotal { | ||||
| 		return false, errors.New("not enough bytes to create bool") | ||||
| 	} | ||||
| 	if IsDivisibleBy(int(f.data[f.position]), 2) { | ||||
| 		f.position++ | ||||
| 		return true, nil | ||||
| 	} else { | ||||
| 		f.position++ | ||||
| 		return false, nil | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) FuzzMap(m interface{}) error { | ||||
| 	return f.GenerateStruct(m) | ||||
| } | ||||
| 
 | ||||
| func returnTarBytes(buf []byte) ([]byte, error) { | ||||
| 	// Count files
 | ||||
| 	var fileCounter int | ||||
| 	tr := tar.NewReader(bytes.NewReader(buf)) | ||||
| 	for { | ||||
| 		_, err := tr.Next() | ||||
| 		if err == io.EOF { | ||||
| 			break | ||||
| 		} | ||||
| 		if err != nil { | ||||
| 			return nil, err | ||||
| 		} | ||||
| 		fileCounter++ | ||||
| 	} | ||||
| 	if fileCounter >= 1 { | ||||
| 		return buf, nil | ||||
| 	} | ||||
| 	return nil, fmt.Errorf("not enough files were created\n") | ||||
| } | ||||
| 
 | ||||
| func setTarHeaderFormat(hdr *tar.Header, f *ConsumeFuzzer) error { | ||||
| 	ind, err := f.GetInt() | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 	switch ind % 4 { | ||||
| 	case 0: | ||||
| 		hdr.Format = tar.FormatUnknown | ||||
| 	case 1: | ||||
| 		hdr.Format = tar.FormatUSTAR | ||||
| 	case 2: | ||||
| 		hdr.Format = tar.FormatPAX | ||||
| 	case 3: | ||||
| 		hdr.Format = tar.FormatGNU | ||||
| 	} | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
| func setTarHeaderTypeflag(hdr *tar.Header, f *ConsumeFuzzer) error { | ||||
| 	ind, err := f.GetInt() | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 	switch ind % 13 { | ||||
| 	case 0: | ||||
| 		hdr.Typeflag = tar.TypeReg | ||||
| 	case 1: | ||||
| 		hdr.Typeflag = tar.TypeLink | ||||
| 		linkname, err := f.GetString() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		hdr.Linkname = linkname | ||||
| 	case 2: | ||||
| 		hdr.Typeflag = tar.TypeSymlink | ||||
| 		linkname, err := f.GetString() | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 		hdr.Linkname = linkname | ||||
| 	case 3: | ||||
| 		hdr.Typeflag = tar.TypeChar | ||||
| 	case 4: | ||||
| 		hdr.Typeflag = tar.TypeBlock | ||||
| 	case 5: | ||||
| 		hdr.Typeflag = tar.TypeDir | ||||
| 	case 6: | ||||
| 		hdr.Typeflag = tar.TypeFifo | ||||
| 	case 7: | ||||
| 		hdr.Typeflag = tar.TypeCont | ||||
| 	case 8: | ||||
| 		hdr.Typeflag = tar.TypeXHeader | ||||
| 	case 9: | ||||
| 		hdr.Typeflag = tar.TypeXGlobalHeader | ||||
| 	case 10: | ||||
| 		hdr.Typeflag = tar.TypeGNUSparse | ||||
| 	case 11: | ||||
| 		hdr.Typeflag = tar.TypeGNULongName | ||||
| 	case 12: | ||||
| 		hdr.Typeflag = tar.TypeGNULongLink | ||||
| 	} | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
| func tooSmallFileBody(length uint32) bool { | ||||
| 	if length < 2 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 4 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 10 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 100 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 500 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 1000 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 2000 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 4000 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 8000 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 16000 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 32000 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 64000 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 128000 { | ||||
| 		return true | ||||
| 	} | ||||
| 	if length < 264000 { | ||||
| 		return true | ||||
| 	} | ||||
| 	return false | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) createTarFileBody() ([]byte, error) { | ||||
| 	length, err := f.GetUint32() | ||||
| 	if err != nil { | ||||
| 		return nil, errors.New("not enough bytes to create byte array") | ||||
| 	} | ||||
| 
 | ||||
| 	shouldUseLargeFileBody, err := f.GetBool() | ||||
| 	if err != nil { | ||||
| 		return nil, errors.New("not enough bytes to check long file body") | ||||
| 	} | ||||
| 
 | ||||
| 	if shouldUseLargeFileBody && tooSmallFileBody(length) { | ||||
| 		return nil, errors.New("File body was too small") | ||||
| 	} | ||||
| 
 | ||||
| 	// A bit of optimization to attempt to create a file body
 | ||||
| 	// when we don't have as many bytes left as "length"
 | ||||
| 	remainingBytes := f.dataTotal - f.position | ||||
| 	if remainingBytes == 0 { | ||||
| 		return nil, errors.New("created too large a string") | ||||
| 	} | ||||
| 	if f.position+length > MaxTotalLen { | ||||
| 		return nil, errors.New("created too large a string") | ||||
| 	} | ||||
| 	byteBegin := f.position | ||||
| 	if byteBegin >= f.dataTotal { | ||||
| 		return nil, errors.New("not enough bytes to create byte array") | ||||
| 	} | ||||
| 	if length == 0 { | ||||
| 		return nil, errors.New("zero-length is not supported") | ||||
| 	} | ||||
| 	if byteBegin+length >= f.dataTotal { | ||||
| 		return nil, errors.New("not enough bytes to create byte array") | ||||
| 	} | ||||
| 	if byteBegin+length < byteBegin { | ||||
| 		return nil, errors.New("numbers overflow") | ||||
| 	} | ||||
| 	f.position = byteBegin + length | ||||
| 	return f.data[byteBegin:f.position], nil | ||||
| } | ||||
| 
 | ||||
| // getTarFileName is similar to GetString(), but creates string based
 | ||||
| // on the length of f.data to reduce the likelihood of overflowing
 | ||||
| // f.data.
 | ||||
| func (f *ConsumeFuzzer) getTarFilename() (string, error) { | ||||
| 	length, err := f.GetUint32() | ||||
| 	if err != nil { | ||||
| 		return "nil", errors.New("not enough bytes to create string") | ||||
| 	} | ||||
| 
 | ||||
| 	// A bit of optimization to attempt to create a file name
 | ||||
| 	// when we don't have as many bytes left as "length"
 | ||||
| 	remainingBytes := f.dataTotal - f.position | ||||
| 	if remainingBytes == 0 { | ||||
| 		return "nil", errors.New("created too large a string") | ||||
| 	} | ||||
| 	if remainingBytes < 50 { | ||||
| 		length = length % remainingBytes | ||||
| 	} else if f.dataTotal < 500 { | ||||
| 		length = length % f.dataTotal | ||||
| 	} | ||||
| 	if f.position > MaxTotalLen { | ||||
| 		return "nil", errors.New("created too large a string") | ||||
| 	} | ||||
| 	byteBegin := f.position | ||||
| 	if byteBegin >= f.dataTotal { | ||||
| 		return "nil", errors.New("not enough bytes to create string") | ||||
| 	} | ||||
| 	if byteBegin+length > f.dataTotal { | ||||
| 		return "nil", errors.New("not enough bytes to create string") | ||||
| 	} | ||||
| 	if byteBegin > byteBegin+length { | ||||
| 		return "nil", errors.New("numbers overflow") | ||||
| 	} | ||||
| 	f.position = byteBegin + length | ||||
| 	return string(f.data[byteBegin:f.position]), nil | ||||
| } | ||||
| 
 | ||||
| // TarBytes returns valid bytes for a tar archive
 | ||||
| func (f *ConsumeFuzzer) TarBytes() ([]byte, error) { | ||||
| 	numberOfFiles, err := f.GetInt() | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 
 | ||||
| 	var buf bytes.Buffer | ||||
| 	tw := tar.NewWriter(&buf) | ||||
| 	defer tw.Close() | ||||
| 
 | ||||
| 	const maxNoOfFiles = 1000 | ||||
| 	for i := 0; i < numberOfFiles%maxNoOfFiles; i++ { | ||||
| 		filename, err := f.getTarFilename() | ||||
| 		if err != nil { | ||||
| 			return returnTarBytes(buf.Bytes()) | ||||
| 		} | ||||
| 		filebody, err := f.createTarFileBody() | ||||
| 		if err != nil { | ||||
| 			return returnTarBytes(buf.Bytes()) | ||||
| 		} | ||||
| 		sec, err := f.GetInt() | ||||
| 		if err != nil { | ||||
| 			return returnTarBytes(buf.Bytes()) | ||||
| 		} | ||||
| 		nsec, err := f.GetInt() | ||||
| 		if err != nil { | ||||
| 			return returnTarBytes(buf.Bytes()) | ||||
| 		} | ||||
| 
 | ||||
| 		hdr := &tar.Header{ | ||||
| 			Name:    filename, | ||||
| 			Size:    int64(len(filebody)), | ||||
| 			Mode:    0o600, | ||||
| 			ModTime: time.Unix(int64(sec), int64(nsec)), | ||||
| 		} | ||||
| 		if err := setTarHeaderTypeflag(hdr, f); err != nil { | ||||
| 			return returnTarBytes(buf.Bytes()) | ||||
| 		} | ||||
| 		if err := setTarHeaderFormat(hdr, f); err != nil { | ||||
| 			return returnTarBytes(buf.Bytes()) | ||||
| 		} | ||||
| 		if err := tw.WriteHeader(hdr); err != nil { | ||||
| 			return returnTarBytes(buf.Bytes()) | ||||
| 		} | ||||
| 		if _, err := tw.Write(filebody); err != nil { | ||||
| 			return returnTarBytes(buf.Bytes()) | ||||
| 		} | ||||
| 	} | ||||
| 	return buf.Bytes(), nil | ||||
| } | ||||
| 
 | ||||
| // CreateFiles creates pseudo-random files in rootDir.
 | ||||
| // It creates subdirs and places the files there.
 | ||||
| // It is the callers responsibility to ensure that
 | ||||
| // rootDir exists.
 | ||||
| func (f *ConsumeFuzzer) CreateFiles(rootDir string) error { | ||||
| 	numberOfFiles, err := f.GetInt() | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 	maxNumberOfFiles := numberOfFiles % 4000 // This is completely arbitrary
 | ||||
| 	if maxNumberOfFiles == 0 { | ||||
| 		return errors.New("maxNumberOfFiles is nil") | ||||
| 	} | ||||
| 
 | ||||
| 	var noOfCreatedFiles int | ||||
| 	for i := 0; i < maxNumberOfFiles; i++ { | ||||
| 		// The file to create:
 | ||||
| 		fileName, err := f.GetString() | ||||
| 		if err != nil { | ||||
| 			if noOfCreatedFiles > 0 { | ||||
| 				// If files have been created, we don't return an error.
 | ||||
| 				break | ||||
| 			} else { | ||||
| 				return errors.New("could not get fileName") | ||||
| 			} | ||||
| 		} | ||||
| 		fullFilePath, err := securejoin.SecureJoin(rootDir, fileName) | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
| 
 | ||||
| 		// Find the subdirectory of the file
 | ||||
| 		if subDir := filepath.Dir(fileName); subDir != "" && subDir != "." { | ||||
| 			// create the dir first; avoid going outside the root dir
 | ||||
| 			if strings.Contains(subDir, "../") || (len(subDir) > 0 && subDir[0] == 47) || strings.Contains(subDir, "\\") { | ||||
| 				continue | ||||
| 			} | ||||
| 			dirPath, err := securejoin.SecureJoin(rootDir, subDir) | ||||
| 			if err != nil { | ||||
| 				continue | ||||
| 			} | ||||
| 			if _, err := os.Stat(dirPath); os.IsNotExist(err) { | ||||
| 				err2 := os.MkdirAll(dirPath, 0o777) | ||||
| 				if err2 != nil { | ||||
| 					continue | ||||
| 				} | ||||
| 			} | ||||
| 			fullFilePath, err = securejoin.SecureJoin(dirPath, fileName) | ||||
| 			if err != nil { | ||||
| 				continue | ||||
| 			} | ||||
| 		} else { | ||||
| 			// Create symlink
 | ||||
| 			createSymlink, err := f.GetBool() | ||||
| 			if err != nil { | ||||
| 				if noOfCreatedFiles > 0 { | ||||
| 					break | ||||
| 				} else { | ||||
| 					return errors.New("could not create the symlink") | ||||
| 				} | ||||
| 			} | ||||
| 			if createSymlink { | ||||
| 				symlinkTarget, err := f.GetString() | ||||
| 				if err != nil { | ||||
| 					return err | ||||
| 				} | ||||
| 				err = os.Symlink(symlinkTarget, fullFilePath) | ||||
| 				if err != nil { | ||||
| 					return err | ||||
| 				} | ||||
| 				// stop loop here, since a symlink needs no further action
 | ||||
| 				noOfCreatedFiles++ | ||||
| 				continue | ||||
| 			} | ||||
| 			// We create a normal file
 | ||||
| 			fileContents, err := f.GetBytes() | ||||
| 			if err != nil { | ||||
| 				if noOfCreatedFiles > 0 { | ||||
| 					break | ||||
| 				} else { | ||||
| 					return errors.New("could not create the file") | ||||
| 				} | ||||
| 			} | ||||
| 			err = os.WriteFile(fullFilePath, fileContents, 0o666) | ||||
| 			if err != nil { | ||||
| 				continue | ||||
| 			} | ||||
| 			noOfCreatedFiles++ | ||||
| 		} | ||||
| 	} | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
| // GetStringFrom returns a string that can only consist of characters
 | ||||
| // included in possibleChars. It returns an error if the created string
 | ||||
| // does not have the specified length.
 | ||||
| func (f *ConsumeFuzzer) GetStringFrom(possibleChars string, length int) (string, error) { | ||||
| 	if (f.dataTotal - f.position) < uint32(length) { | ||||
| 		return "", errors.New("not enough bytes to create a string") | ||||
| 	} | ||||
| 	output := make([]byte, 0, length) | ||||
| 	for i := 0; i < length; i++ { | ||||
| 		charIndex, err := f.GetInt() | ||||
| 		if err != nil { | ||||
| 			return string(output), err | ||||
| 		} | ||||
| 		output = append(output, possibleChars[charIndex%len(possibleChars)]) | ||||
| 	} | ||||
| 	return string(output), nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetRune() ([]rune, error) { | ||||
| 	stringToConvert, err := f.GetString() | ||||
| 	if err != nil { | ||||
| 		return []rune("nil"), err | ||||
| 	} | ||||
| 	return []rune(stringToConvert), nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetFloat32() (float32, error) { | ||||
| 	u32, err := f.GetNBytes(4) | ||||
| 	if err != nil { | ||||
| 		return 0, err | ||||
| 	} | ||||
| 	littleEndian, err := f.GetBool() | ||||
| 	if err != nil { | ||||
| 		return 0, err | ||||
| 	} | ||||
| 	if littleEndian { | ||||
| 		u32LE := binary.LittleEndian.Uint32(u32) | ||||
| 		return math.Float32frombits(u32LE), nil | ||||
| 	} | ||||
| 	u32BE := binary.BigEndian.Uint32(u32) | ||||
| 	return math.Float32frombits(u32BE), nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GetFloat64() (float64, error) { | ||||
| 	u64, err := f.GetNBytes(8) | ||||
| 	if err != nil { | ||||
| 		return 0, err | ||||
| 	} | ||||
| 	littleEndian, err := f.GetBool() | ||||
| 	if err != nil { | ||||
| 		return 0, err | ||||
| 	} | ||||
| 	if littleEndian { | ||||
| 		u64LE := binary.LittleEndian.Uint64(u64) | ||||
| 		return math.Float64frombits(u64LE), nil | ||||
| 	} | ||||
| 	u64BE := binary.BigEndian.Uint64(u64) | ||||
| 	return math.Float64frombits(u64BE), nil | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) CreateSlice(targetSlice interface{}) error { | ||||
| 	return f.GenerateStruct(targetSlice) | ||||
| } | ||||
| @ -0,0 +1,62 @@ | ||||
| // Copyright 2023 The go-fuzz-headers Authors.
 | ||||
| //
 | ||||
| // Licensed under the Apache License, Version 2.0 (the "License");
 | ||||
| // you may not use this file except in compliance with the License.
 | ||||
| // You may obtain a copy of the License at
 | ||||
| //
 | ||||
| //     http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| //
 | ||||
| // Unless required by applicable law or agreed to in writing, software
 | ||||
| // distributed under the License is distributed on an "AS IS" BASIS,
 | ||||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | ||||
| // See the License for the specific language governing permissions and
 | ||||
| // limitations under the License.
 | ||||
| 
 | ||||
| package gofuzzheaders | ||||
| 
 | ||||
| import ( | ||||
| 	"fmt" | ||||
| 	"reflect" | ||||
| ) | ||||
| 
 | ||||
| type Continue struct { | ||||
| 	F *ConsumeFuzzer | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) AddFuncs(fuzzFuncs []interface{}) { | ||||
| 	for i := range fuzzFuncs { | ||||
| 		v := reflect.ValueOf(fuzzFuncs[i]) | ||||
| 		if v.Kind() != reflect.Func { | ||||
| 			panic("Need only funcs!") | ||||
| 		} | ||||
| 		t := v.Type() | ||||
| 		if t.NumIn() != 2 || t.NumOut() != 1 { | ||||
| 			fmt.Println(t.NumIn(), t.NumOut()) | ||||
| 
 | ||||
| 			panic("Need 2 in and 1 out params. In must be the type. Out must be an error") | ||||
| 		} | ||||
| 		argT := t.In(0) | ||||
| 		switch argT.Kind() { | ||||
| 		case reflect.Ptr, reflect.Map: | ||||
| 		default: | ||||
| 			panic("fuzzFunc must take pointer or map type") | ||||
| 		} | ||||
| 		if t.In(1) != reflect.TypeOf(Continue{}) { | ||||
| 			panic("fuzzFunc's second parameter must be type Continue") | ||||
| 		} | ||||
| 		f.Funcs[argT] = v | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| func (f *ConsumeFuzzer) GenerateWithCustom(targetStruct interface{}) error { | ||||
| 	e := reflect.ValueOf(targetStruct).Elem() | ||||
| 	return f.fuzzStruct(e, true) | ||||
| } | ||||
| 
 | ||||
| func (c Continue) GenerateStruct(targetStruct interface{}) error { | ||||
| 	return c.F.GenerateStruct(targetStruct) | ||||
| } | ||||
| 
 | ||||
| func (c Continue) GenerateStructWithCustom(targetStruct interface{}) error { | ||||
| 	return c.F.GenerateWithCustom(targetStruct) | ||||
| } | ||||
| @ -0,0 +1,556 @@ | ||||
| // Copyright 2023 The go-fuzz-headers Authors.
 | ||||
| //
 | ||||
| // Licensed under the Apache License, Version 2.0 (the "License");
 | ||||
| // you may not use this file except in compliance with the License.
 | ||||
| // You may obtain a copy of the License at
 | ||||
| //
 | ||||
| //     http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| //
 | ||||
| // Unless required by applicable law or agreed to in writing, software
 | ||||
| // distributed under the License is distributed on an "AS IS" BASIS,
 | ||||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | ||||
| // See the License for the specific language governing permissions and
 | ||||
| // limitations under the License.
 | ||||
| 
 | ||||
| package gofuzzheaders | ||||
| 
 | ||||
| import ( | ||||
| 	"fmt" | ||||
| 	"strings" | ||||
| ) | ||||
| 
 | ||||
| // returns a keyword by index
 | ||||
| func getKeyword(f *ConsumeFuzzer) (string, error) { | ||||
| 	index, err := f.GetInt() | ||||
| 	if err != nil { | ||||
| 		return keywords[0], err | ||||
| 	} | ||||
| 	for i, k := range keywords { | ||||
| 		if i == index { | ||||
| 			return k, nil | ||||
| 		} | ||||
| 	} | ||||
| 	return keywords[0], fmt.Errorf("could not get a kw") | ||||
| } | ||||
| 
 | ||||
| // Simple utility function to check if a string
 | ||||
| // slice contains a string.
 | ||||
| func containsString(s []string, e string) bool { | ||||
| 	for _, a := range s { | ||||
| 		if a == e { | ||||
| 			return true | ||||
| 		} | ||||
| 	} | ||||
| 	return false | ||||
| } | ||||
| 
 | ||||
| // These keywords are used specifically for fuzzing Vitess
 | ||||
| var keywords = []string{ | ||||
| 	"accessible", "action", "add", "after", "against", "algorithm", | ||||
| 	"all", "alter", "always", "analyze", "and", "as", "asc", "asensitive", | ||||
| 	"auto_increment", "avg_row_length", "before", "begin", "between", | ||||
| 	"bigint", "binary", "_binary", "_utf8mb4", "_utf8", "_latin1", "bit", | ||||
| 	"blob", "bool", "boolean", "both", "by", "call", "cancel", "cascade", | ||||
| 	"cascaded", "case", "cast", "channel", "change", "char", "character", | ||||
| 	"charset", "check", "checksum", "coalesce", "code", "collate", "collation", | ||||
| 	"column", "columns", "comment", "committed", "commit", "compact", "complete", | ||||
| 	"compressed", "compression", "condition", "connection", "constraint", "continue", | ||||
| 	"convert", "copy", "cume_dist", "substr", "substring", "create", "cross", | ||||
| 	"csv", "current_date", "current_time", "current_timestamp", "current_user", | ||||
| 	"cursor", "data", "database", "databases", "day", "day_hour", "day_microsecond", | ||||
| 	"day_minute", "day_second", "date", "datetime", "dec", "decimal", "declare", | ||||
| 	"default", "definer", "delay_key_write", "delayed", "delete", "dense_rank", | ||||
| 	"desc", "describe", "deterministic", "directory", "disable", "discard", | ||||
| 	"disk", "distinct", "distinctrow", "div", "double", "do", "drop", "dumpfile", | ||||
| 	"duplicate", "dynamic", "each", "else", "elseif", "empty", "enable", | ||||
| 	"enclosed", "encryption", "end", "enforced", "engine", "engines", "enum", | ||||
| 	"error", "escape", "escaped", "event", "exchange", "exclusive", "exists", | ||||
| 	"exit", "explain", "expansion", "export", "extended", "extract", "false", | ||||
| 	"fetch", "fields", "first", "first_value", "fixed", "float", "float4", | ||||
| 	"float8", "flush", "for", "force", "foreign", "format", "from", "full", | ||||
| 	"fulltext", "function", "general", "generated", "geometry", "geometrycollection", | ||||
| 	"get", "global", "gtid_executed", "grant", "group", "grouping", "groups", | ||||
| 	"group_concat", "having", "header", "high_priority", "hosts", "hour", "hour_microsecond", | ||||
| 	"hour_minute", "hour_second", "if", "ignore", "import", "in", "index", "indexes", | ||||
| 	"infile", "inout", "inner", "inplace", "insensitive", "insert", "insert_method", | ||||
| 	"int", "int1", "int2", "int3", "int4", "int8", "integer", "interval", | ||||
| 	"into", "io_after_gtids", "is", "isolation", "iterate", "invoker", "join", | ||||
| 	"json", "json_table", "key", "keys", "keyspaces", "key_block_size", "kill", "lag", | ||||
| 	"language", "last", "last_value", "last_insert_id", "lateral", "lead", "leading", | ||||
| 	"leave", "left", "less", "level", "like", "limit", "linear", "lines", | ||||
| 	"linestring", "load", "local", "localtime", "localtimestamp", "lock", "logs", | ||||
| 	"long", "longblob", "longtext", "loop", "low_priority", "manifest", | ||||
| 	"master_bind", "match", "max_rows", "maxvalue", "mediumblob", "mediumint", | ||||
| 	"mediumtext", "memory", "merge", "microsecond", "middleint", "min_rows", "minute", | ||||
| 	"minute_microsecond", "minute_second", "mod", "mode", "modify", "modifies", | ||||
| 	"multilinestring", "multipoint", "multipolygon", "month", "name", | ||||
| 	"names", "natural", "nchar", "next", "no", "none", "not", "no_write_to_binlog", | ||||
| 	"nth_value", "ntile", "null", "numeric", "of", "off", "offset", "on", | ||||
| 	"only", "open", "optimize", "optimizer_costs", "option", "optionally", | ||||
| 	"or", "order", "out", "outer", "outfile", "over", "overwrite", "pack_keys", | ||||
| 	"parser", "partition", "partitioning", "password", "percent_rank", "plugins", | ||||
| 	"point", "polygon", "precision", "primary", "privileges", "processlist", | ||||
| 	"procedure", "query", "quarter", "range", "rank", "read", "reads", "read_write", | ||||
| 	"real", "rebuild", "recursive", "redundant", "references", "regexp", "relay", | ||||
| 	"release", "remove", "rename", "reorganize", "repair", "repeat", "repeatable", | ||||
| 	"replace", "require", "resignal", "restrict", "return", "retry", "revert", | ||||
| 	"revoke", "right", "rlike", "rollback", "row", "row_format", "row_number", | ||||
| 	"rows", "s3", "savepoint", "schema", "schemas", "second", "second_microsecond", | ||||
| 	"security", "select", "sensitive", "separator", "sequence", "serializable", | ||||
| 	"session", "set", "share", "shared", "show", "signal", "signed", "slow", | ||||
| 	"smallint", "spatial", "specific", "sql", "sqlexception", "sqlstate", | ||||
| 	"sqlwarning", "sql_big_result", "sql_cache", "sql_calc_found_rows", | ||||
| 	"sql_no_cache", "sql_small_result", "ssl", "start", "starting", | ||||
| 	"stats_auto_recalc", "stats_persistent", "stats_sample_pages", "status", | ||||
| 	"storage", "stored", "straight_join", "stream", "system", "vstream", | ||||
| 	"table", "tables", "tablespace", "temporary", "temptable", "terminated", | ||||
| 	"text", "than", "then", "time", "timestamp", "timestampadd", "timestampdiff", | ||||
| 	"tinyblob", "tinyint", "tinytext", "to", "trailing", "transaction", "tree", | ||||
| 	"traditional", "trigger", "triggers", "true", "truncate", "uncommitted", | ||||
| 	"undefined", "undo", "union", "unique", "unlock", "unsigned", "update", | ||||
| 	"upgrade", "usage", "use", "user", "user_resources", "using", "utc_date", | ||||
| 	"utc_time", "utc_timestamp", "validation", "values", "variables", "varbinary", | ||||
| 	"varchar", "varcharacter", "varying", "vgtid_executed", "virtual", "vindex", | ||||
| 	"vindexes", "view", "vitess", "vitess_keyspaces", "vitess_metadata", | ||||
| 	"vitess_migration", "vitess_migrations", "vitess_replication_status", | ||||
| 	"vitess_shards", "vitess_tablets", "vschema", "warnings", "when", | ||||
| 	"where", "while", "window", "with", "without", "work", "write", "xor", | ||||
| 	"year", "year_month", "zerofill", | ||||
| } | ||||
| 
 | ||||
| // Keywords that could get an additional keyword
 | ||||
| var needCustomString = []string{ | ||||
| 	"DISTINCTROW", "FROM", // Select keywords:
 | ||||
| 	"GROUP BY", "HAVING", "WINDOW", | ||||
| 	"FOR", | ||||
| 	"ORDER BY", "LIMIT", | ||||
| 	"INTO", "PARTITION", "AS", // Insert Keywords:
 | ||||
| 	"ON DUPLICATE KEY UPDATE", | ||||
| 	"WHERE", "LIMIT", // Delete keywords
 | ||||
| 	"INFILE", "INTO TABLE", "CHARACTER SET", // Load keywords
 | ||||
| 	"TERMINATED BY", "ENCLOSED BY", | ||||
| 	"ESCAPED BY", "STARTING BY", | ||||
| 	"TERMINATED BY", "STARTING BY", | ||||
| 	"IGNORE", | ||||
| 	"VALUE", "VALUES", // Replace tokens
 | ||||
| 	"SET",                                   // Update tokens
 | ||||
| 	"ENGINE =",                              // Drop tokens
 | ||||
| 	"DEFINER =", "ON SCHEDULE", "RENAME TO", // Alter tokens
 | ||||
| 	"COMMENT", "DO", "INITIAL_SIZE = ", "OPTIONS", | ||||
| } | ||||
| 
 | ||||
| var alterTableTokens = [][]string{ | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| 	{"CUSTOM_ALTTER_TABLE_OPTIONS"}, | ||||
| 	{"PARTITION_OPTIONS_FOR_ALTER_TABLE"}, | ||||
| } | ||||
| 
 | ||||
| var alterTokens = [][]string{ | ||||
| 	{ | ||||
| 		"DATABASE", "SCHEMA", "DEFINER = ", "EVENT", "FUNCTION", "INSTANCE", | ||||
| 		"LOGFILE GROUP", "PROCEDURE", "SERVER", | ||||
| 	}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| 	{ | ||||
| 		"ON SCHEDULE", "ON COMPLETION PRESERVE", "ON COMPLETION NOT PRESERVE", | ||||
| 		"ADD UNDOFILE", "OPTIONS", | ||||
| 	}, | ||||
| 	{"RENAME TO", "INITIAL_SIZE = "}, | ||||
| 	{"ENABLE", "DISABLE", "DISABLE ON SLAVE", "ENGINE"}, | ||||
| 	{"COMMENT"}, | ||||
| 	{"DO"}, | ||||
| } | ||||
| 
 | ||||
| var setTokens = [][]string{ | ||||
| 	{"CHARACTER SET", "CHARSET", "CUSTOM_FUZZ_STRING", "NAMES"}, | ||||
| 	{"CUSTOM_FUZZ_STRING", "DEFAULT", "="}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| } | ||||
| 
 | ||||
| var dropTokens = [][]string{ | ||||
| 	{"TEMPORARY", "UNDO"}, | ||||
| 	{ | ||||
| 		"DATABASE", "SCHEMA", "EVENT", "INDEX", "LOGFILE GROUP", | ||||
| 		"PROCEDURE", "FUNCTION", "SERVER", "SPATIAL REFERENCE SYSTEM", | ||||
| 		"TABLE", "TABLESPACE", "TRIGGER", "VIEW", | ||||
| 	}, | ||||
| 	{"IF EXISTS"}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| 	{"ON", "ENGINE = ", "RESTRICT", "CASCADE"}, | ||||
| } | ||||
| 
 | ||||
| var renameTokens = [][]string{ | ||||
| 	{"TABLE"}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| 	{"TO"}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| } | ||||
| 
 | ||||
| var truncateTokens = [][]string{ | ||||
| 	{"TABLE"}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| } | ||||
| 
 | ||||
| var createTokens = [][]string{ | ||||
| 	{"OR REPLACE", "TEMPORARY", "UNDO"}, // For create spatial reference system
 | ||||
| 	{ | ||||
| 		"UNIQUE", "FULLTEXT", "SPATIAL", "ALGORITHM = UNDEFINED", "ALGORITHM = MERGE", | ||||
| 		"ALGORITHM = TEMPTABLE", | ||||
| 	}, | ||||
| 	{ | ||||
| 		"DATABASE", "SCHEMA", "EVENT", "FUNCTION", "INDEX", "LOGFILE GROUP", | ||||
| 		"PROCEDURE", "SERVER", "SPATIAL REFERENCE SYSTEM", "TABLE", "TABLESPACE", | ||||
| 		"TRIGGER", "VIEW", | ||||
| 	}, | ||||
| 	{"IF NOT EXISTS"}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| } | ||||
| 
 | ||||
| /* | ||||
| // For future use.
 | ||||
| var updateTokens = [][]string{ | ||||
| 	{"LOW_PRIORITY"}, | ||||
| 	{"IGNORE"}, | ||||
| 	{"SET"}, | ||||
| 	{"WHERE"}, | ||||
| 	{"ORDER BY"}, | ||||
| 	{"LIMIT"}, | ||||
| } | ||||
| */ | ||||
| 
 | ||||
| var replaceTokens = [][]string{ | ||||
| 	{"LOW_PRIORITY", "DELAYED"}, | ||||
| 	{"INTO"}, | ||||
| 	{"PARTITION"}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| 	{"VALUES", "VALUE"}, | ||||
| } | ||||
| 
 | ||||
| var loadTokens = [][]string{ | ||||
| 	{"DATA"}, | ||||
| 	{"LOW_PRIORITY", "CONCURRENT", "LOCAL"}, | ||||
| 	{"INFILE"}, | ||||
| 	{"REPLACE", "IGNORE"}, | ||||
| 	{"INTO TABLE"}, | ||||
| 	{"PARTITION"}, | ||||
| 	{"CHARACTER SET"}, | ||||
| 	{"FIELDS", "COLUMNS"}, | ||||
| 	{"TERMINATED BY"}, | ||||
| 	{"OPTIONALLY"}, | ||||
| 	{"ENCLOSED BY"}, | ||||
| 	{"ESCAPED BY"}, | ||||
| 	{"LINES"}, | ||||
| 	{"STARTING BY"}, | ||||
| 	{"TERMINATED BY"}, | ||||
| 	{"IGNORE"}, | ||||
| 	{"LINES", "ROWS"}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| } | ||||
| 
 | ||||
| // These Are everything that comes after "INSERT"
 | ||||
| var insertTokens = [][]string{ | ||||
| 	{"LOW_PRIORITY", "DELAYED", "HIGH_PRIORITY", "IGNORE"}, | ||||
| 	{"INTO"}, | ||||
| 	{"PARTITION"}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| 	{"AS"}, | ||||
| 	{"ON DUPLICATE KEY UPDATE"}, | ||||
| } | ||||
| 
 | ||||
| // These are everything that comes after "SELECT"
 | ||||
| var selectTokens = [][]string{ | ||||
| 	{"*", "CUSTOM_FUZZ_STRING", "DISTINCTROW"}, | ||||
| 	{"HIGH_PRIORITY"}, | ||||
| 	{"STRAIGHT_JOIN"}, | ||||
| 	{"SQL_SMALL_RESULT", "SQL_BIG_RESULT", "SQL_BUFFER_RESULT"}, | ||||
| 	{"SQL_NO_CACHE", "SQL_CALC_FOUND_ROWS"}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| 	{"FROM"}, | ||||
| 	{"WHERE"}, | ||||
| 	{"GROUP BY"}, | ||||
| 	{"HAVING"}, | ||||
| 	{"WINDOW"}, | ||||
| 	{"ORDER BY"}, | ||||
| 	{"LIMIT"}, | ||||
| 	{"CUSTOM_FUZZ_STRING"}, | ||||
| 	{"FOR"}, | ||||
| } | ||||
| 
 | ||||
| // These are everything that comes after "DELETE"
 | ||||
| var deleteTokens = [][]string{ | ||||
| 	{"LOW_PRIORITY", "QUICK", "IGNORE", "FROM", "AS"}, | ||||
| 	{"PARTITION"}, | ||||
| 	{"WHERE"}, | ||||
| 	{"ORDER BY"}, | ||||
| 	{"LIMIT"}, | ||||
| } | ||||
| 
 | ||||
| var alter_table_options = []string{ | ||||
| 	"ADD", "COLUMN", "FIRST", "AFTER", "INDEX", "KEY", "FULLTEXT", "SPATIAL", | ||||
| 	"CONSTRAINT", "UNIQUE", "FOREIGN KEY", "CHECK", "ENFORCED", "DROP", "ALTER", | ||||
| 	"NOT", "INPLACE", "COPY", "SET", "VISIBLE", "INVISIBLE", "DEFAULT", "CHANGE", | ||||
| 	"CHARACTER SET", "COLLATE", "DISABLE", "ENABLE", "KEYS", "TABLESPACE", "LOCK", | ||||
| 	"FORCE", "MODIFY", "SHARED", "EXCLUSIVE", "NONE", "ORDER BY", "RENAME COLUMN", | ||||
| 	"AS", "=", "ASC", "DESC", "WITH", "WITHOUT", "VALIDATION", "ADD PARTITION", | ||||
| 	"DROP PARTITION", "DISCARD PARTITION", "IMPORT PARTITION", "TRUNCATE PARTITION", | ||||
| 	"COALESCE PARTITION", "REORGANIZE PARTITION", "EXCHANGE PARTITION", | ||||
| 	"ANALYZE PARTITION", "CHECK PARTITION", "OPTIMIZE PARTITION", "REBUILD PARTITION", | ||||
| 	"REPAIR PARTITION", "REMOVE PARTITIONING", "USING", "BTREE", "HASH", "COMMENT", | ||||
| 	"KEY_BLOCK_SIZE", "WITH PARSER", "AUTOEXTEND_SIZE", "AUTO_INCREMENT", "AVG_ROW_LENGTH", | ||||
| 	"CHECKSUM", "INSERT_METHOD", "ROW_FORMAT", "DYNAMIC", "FIXED", "COMPRESSED", "REDUNDANT", | ||||
| 	"COMPACT", "SECONDARY_ENGINE_ATTRIBUTE", "STATS_AUTO_RECALC", "STATS_PERSISTENT", | ||||
| 	"STATS_SAMPLE_PAGES", "ZLIB", "LZ4", "ENGINE_ATTRIBUTE", "KEY_BLOCK_SIZE", "MAX_ROWS", | ||||
| 	"MIN_ROWS", "PACK_KEYS", "PASSWORD", "COMPRESSION", "CONNECTION", "DIRECTORY", | ||||
| 	"DELAY_KEY_WRITE", "ENCRYPTION", "STORAGE", "DISK", "MEMORY", "UNION", | ||||
| } | ||||
| 
 | ||||
| // Creates an 'alter table' statement. 'alter table' is an exception
 | ||||
| // in that it has its own function. The majority of statements
 | ||||
| // are created by 'createStmt()'.
 | ||||
| func createAlterTableStmt(f *ConsumeFuzzer) (string, error) { | ||||
| 	maxArgs, err := f.GetInt() | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 	maxArgs = maxArgs % 30 | ||||
| 	if maxArgs == 0 { | ||||
| 		return "", fmt.Errorf("could not create alter table stmt") | ||||
| 	} | ||||
| 
 | ||||
| 	var stmt strings.Builder | ||||
| 	stmt.WriteString("ALTER TABLE ") | ||||
| 	for i := 0; i < maxArgs; i++ { | ||||
| 		// Calculate if we get existing token or custom string
 | ||||
| 		tokenType, err := f.GetInt() | ||||
| 		if err != nil { | ||||
| 			return "", err | ||||
| 		} | ||||
| 		if tokenType%4 == 1 { | ||||
| 			customString, err := f.GetString() | ||||
| 			if err != nil { | ||||
| 				return "", err | ||||
| 			} | ||||
| 			stmt.WriteString(" " + customString) | ||||
| 		} else { | ||||
| 			tokenIndex, err := f.GetInt() | ||||
| 			if err != nil { | ||||
| 				return "", err | ||||
| 			} | ||||
| 			stmt.WriteString(" " + alter_table_options[tokenIndex%len(alter_table_options)]) | ||||
| 		} | ||||
| 	} | ||||
| 	return stmt.String(), nil | ||||
| } | ||||
| 
 | ||||
| func chooseToken(tokens []string, f *ConsumeFuzzer) (string, error) { | ||||
| 	index, err := f.GetInt() | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 	var token strings.Builder | ||||
| 	token.WriteString(tokens[index%len(tokens)]) | ||||
| 	if token.String() == "CUSTOM_FUZZ_STRING" { | ||||
| 		customFuzzString, err := f.GetString() | ||||
| 		if err != nil { | ||||
| 			return "", err | ||||
| 		} | ||||
| 		return customFuzzString, nil | ||||
| 	} | ||||
| 
 | ||||
| 	// Check if token requires an argument
 | ||||
| 	if containsString(needCustomString, token.String()) { | ||||
| 		customFuzzString, err := f.GetString() | ||||
| 		if err != nil { | ||||
| 			return "", err | ||||
| 		} | ||||
| 		token.WriteString(" " + customFuzzString) | ||||
| 	} | ||||
| 	return token.String(), nil | ||||
| } | ||||
| 
 | ||||
| var stmtTypes = map[string][][]string{ | ||||
| 	"DELETE":      deleteTokens, | ||||
| 	"INSERT":      insertTokens, | ||||
| 	"SELECT":      selectTokens, | ||||
| 	"LOAD":        loadTokens, | ||||
| 	"REPLACE":     replaceTokens, | ||||
| 	"CREATE":      createTokens, | ||||
| 	"DROP":        dropTokens, | ||||
| 	"RENAME":      renameTokens, | ||||
| 	"TRUNCATE":    truncateTokens, | ||||
| 	"SET":         setTokens, | ||||
| 	"ALTER":       alterTokens, | ||||
| 	"ALTER TABLE": alterTableTokens, // ALTER TABLE has its own set of tokens
 | ||||
| } | ||||
| 
 | ||||
| var stmtTypeEnum = map[int]string{ | ||||
| 	0:  "DELETE", | ||||
| 	1:  "INSERT", | ||||
| 	2:  "SELECT", | ||||
| 	3:  "LOAD", | ||||
| 	4:  "REPLACE", | ||||
| 	5:  "CREATE", | ||||
| 	6:  "DROP", | ||||
| 	7:  "RENAME", | ||||
| 	8:  "TRUNCATE", | ||||
| 	9:  "SET", | ||||
| 	10: "ALTER", | ||||
| 	11: "ALTER TABLE", | ||||
| } | ||||
| 
 | ||||
| func createStmt(f *ConsumeFuzzer) (string, error) { | ||||
| 	stmtIndex, err := f.GetInt() | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 	stmtIndex = stmtIndex % len(stmtTypes) | ||||
| 
 | ||||
| 	queryType := stmtTypeEnum[stmtIndex] | ||||
| 	tokens := stmtTypes[queryType] | ||||
| 
 | ||||
| 	// We have custom creator for ALTER TABLE
 | ||||
| 	if queryType == "ALTER TABLE" { | ||||
| 		query, err := createAlterTableStmt(f) | ||||
| 		if err != nil { | ||||
| 			return "", err | ||||
| 		} | ||||
| 		return query, nil | ||||
| 	} | ||||
| 
 | ||||
| 	// Here we are creating a query that is not
 | ||||
| 	// an 'alter table' query. For available
 | ||||
| 	// queries, see "stmtTypes"
 | ||||
| 
 | ||||
| 	// First specify the first query keyword:
 | ||||
| 	var query strings.Builder | ||||
| 	query.WriteString(queryType) | ||||
| 
 | ||||
| 	// Next create the args for the
 | ||||
| 	queryArgs, err := createStmtArgs(tokens, f) | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 	query.WriteString(" " + queryArgs) | ||||
| 	return query.String(), nil | ||||
| } | ||||
| 
 | ||||
| // Creates the arguments of a statements. In a select statement
 | ||||
| // that would be everything after "select".
 | ||||
| func createStmtArgs(tokenslice [][]string, f *ConsumeFuzzer) (string, error) { | ||||
| 	var query, token strings.Builder | ||||
| 
 | ||||
| 	// We go through the tokens in the tokenslice,
 | ||||
| 	// create the respective token and add it to
 | ||||
| 	// "query"
 | ||||
| 	for _, tokens := range tokenslice { | ||||
| 		// For extra randomization, the fuzzer can
 | ||||
| 		// choose to not include this token.
 | ||||
| 		includeThisToken, err := f.GetBool() | ||||
| 		if err != nil { | ||||
| 			return "", err | ||||
| 		} | ||||
| 		if !includeThisToken { | ||||
| 			continue | ||||
| 		} | ||||
| 
 | ||||
| 		// There may be several tokens to choose from:
 | ||||
| 		if len(tokens) > 1 { | ||||
| 			chosenToken, err := chooseToken(tokens, f) | ||||
| 			if err != nil { | ||||
| 				return "", err | ||||
| 			} | ||||
| 			query.WriteString(" " + chosenToken) | ||||
| 		} else { | ||||
| 			token.WriteString(tokens[0]) | ||||
| 
 | ||||
| 			// In case the token is "CUSTOM_FUZZ_STRING"
 | ||||
| 			// we will then create a non-structured string
 | ||||
| 			if token.String() == "CUSTOM_FUZZ_STRING" { | ||||
| 				customFuzzString, err := f.GetString() | ||||
| 				if err != nil { | ||||
| 					return "", err | ||||
| 				} | ||||
| 				query.WriteString(" " + customFuzzString) | ||||
| 				continue | ||||
| 			} | ||||
| 
 | ||||
| 			// Check if token requires an argument.
 | ||||
| 			// Tokens that take an argument can be found
 | ||||
| 			// in 'needCustomString'. If so, we add a
 | ||||
| 			// non-structured string to the token.
 | ||||
| 			if containsString(needCustomString, token.String()) { | ||||
| 				customFuzzString, err := f.GetString() | ||||
| 				if err != nil { | ||||
| 					return "", err | ||||
| 				} | ||||
| 				token.WriteString(fmt.Sprintf(" %s", customFuzzString)) | ||||
| 			} | ||||
| 			query.WriteString(fmt.Sprintf(" %s", token.String())) | ||||
| 		} | ||||
| 	} | ||||
| 	return query.String(), nil | ||||
| } | ||||
| 
 | ||||
| // Creates a semi-structured query. It creates a string
 | ||||
| // that is a combination of the keywords and random strings.
 | ||||
| func createQuery(f *ConsumeFuzzer) (string, error) { | ||||
| 	queryLen, err := f.GetInt() | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 	maxLen := queryLen % 60 | ||||
| 	if maxLen == 0 { | ||||
| 		return "", fmt.Errorf("could not create a query") | ||||
| 	} | ||||
| 	var query strings.Builder | ||||
| 	for i := 0; i < maxLen; i++ { | ||||
| 		// Get a new token:
 | ||||
| 		useKeyword, err := f.GetBool() | ||||
| 		if err != nil { | ||||
| 			return "", err | ||||
| 		} | ||||
| 		if useKeyword { | ||||
| 			keyword, err := getKeyword(f) | ||||
| 			if err != nil { | ||||
| 				return "", err | ||||
| 			} | ||||
| 			query.WriteString(" " + keyword) | ||||
| 		} else { | ||||
| 			customString, err := f.GetString() | ||||
| 			if err != nil { | ||||
| 				return "", err | ||||
| 			} | ||||
| 			query.WriteString(" " + customString) | ||||
| 		} | ||||
| 	} | ||||
| 	if query.String() == "" { | ||||
| 		return "", fmt.Errorf("could not create a query") | ||||
| 	} | ||||
| 	return query.String(), nil | ||||
| } | ||||
| 
 | ||||
| // GetSQLString is the API that users interact with.
 | ||||
| //
 | ||||
| // Usage:
 | ||||
| //
 | ||||
| //	f := NewConsumer(data)
 | ||||
| //	sqlString, err := f.GetSQLString()
 | ||||
| func (f *ConsumeFuzzer) GetSQLString() (string, error) { | ||||
| 	var query string | ||||
| 	veryStructured, err := f.GetBool() | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 	if veryStructured { | ||||
| 		query, err = createStmt(f) | ||||
| 		if err != nil { | ||||
| 			return "", err | ||||
| 		} | ||||
| 	} else { | ||||
| 		query, err = createQuery(f) | ||||
| 		if err != nil { | ||||
| 			return "", err | ||||
| 		} | ||||
| 	} | ||||
| 	return query, nil | ||||
| } | ||||
| @ -0,0 +1 @@ | ||||
| * text=auto eol=lf | ||||
| @ -1 +1,10 @@ | ||||
| .vscode/ | ||||
| 
 | ||||
| *.exe | ||||
| 
 | ||||
| # testing | ||||
| testdata | ||||
| 
 | ||||
| # go workspaces | ||||
| go.work | ||||
| go.work.sum | ||||
|  | ||||
| @ -0,0 +1,144 @@ | ||||
| run: | ||||
|   skip-dirs: | ||||
|     - pkg/etw/sample | ||||
| 
 | ||||
| linters: | ||||
|   enable: | ||||
|     # style | ||||
|     - containedctx # struct contains a context | ||||
|     - dupl # duplicate code | ||||
|     - errname # erorrs are named correctly | ||||
|     - goconst # strings that should be constants | ||||
|     - godot # comments end in a period | ||||
|     - misspell | ||||
|     - nolintlint # "//nolint" directives are properly explained | ||||
|     - revive # golint replacement | ||||
|     - stylecheck # golint replacement, less configurable than revive | ||||
|     - unconvert # unnecessary conversions | ||||
|     - wastedassign | ||||
| 
 | ||||
|     # bugs, performance, unused, etc ... | ||||
|     - contextcheck # function uses a non-inherited context | ||||
|     - errorlint # errors not wrapped for 1.13 | ||||
|     - exhaustive # check exhaustiveness of enum switch statements | ||||
|     - gofmt # files are gofmt'ed | ||||
|     - gosec # security | ||||
|     - nestif # deeply nested ifs | ||||
|     - nilerr # returns nil even with non-nil error | ||||
|     - prealloc # slices that can be pre-allocated | ||||
|     - structcheck # unused struct fields | ||||
|     - unparam # unused function params | ||||
| 
 | ||||
| issues: | ||||
|   exclude-rules: | ||||
|     # err is very often shadowed in nested scopes | ||||
|     - linters: | ||||
|         - govet | ||||
|       text: '^shadow: declaration of "err" shadows declaration' | ||||
| 
 | ||||
|     # ignore long lines for skip autogen directives | ||||
|     - linters: | ||||
|         - revive | ||||
|       text: "^line-length-limit: " | ||||
|       source: "^//(go:generate|sys) " | ||||
| 
 | ||||
|     # allow unjustified ignores of error checks in defer statements | ||||
|     - linters: | ||||
|         - nolintlint | ||||
|       text: "^directive `//nolint:errcheck` should provide explanation" | ||||
|       source: '^\s*defer ' | ||||
| 
 | ||||
|     # allow unjustified ignores of error lints for io.EOF | ||||
|     - linters: | ||||
|         - nolintlint | ||||
|       text: "^directive `//nolint:errorlint` should provide explanation" | ||||
|       source: '[=|!]= io.EOF' | ||||
| 
 | ||||
| 
 | ||||
| linters-settings: | ||||
|   govet: | ||||
|     enable-all: true | ||||
|     disable: | ||||
|       # struct order is often for Win32 compat | ||||
|       # also, ignore pointer bytes/GC issues for now until performance becomes an issue | ||||
|       - fieldalignment | ||||
|     check-shadowing: true | ||||
|   nolintlint: | ||||
|     allow-leading-space: false | ||||
|     require-explanation: true | ||||
|     require-specific: true | ||||
|   revive: | ||||
|     # revive is more configurable than static check, so likely the preferred alternative to static-check | ||||
|     # (once the perf issue is solved: https://github.com/golangci/golangci-lint/issues/2997) | ||||
|     enable-all-rules: | ||||
|       true | ||||
|       # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md | ||||
|     rules: | ||||
|       # rules with required arguments | ||||
|       - name: argument-limit | ||||
|         disabled: true | ||||
|       - name: banned-characters | ||||
|         disabled: true | ||||
|       - name: cognitive-complexity | ||||
|         disabled: true | ||||
|       - name: cyclomatic | ||||
|         disabled: true | ||||
|       - name: file-header | ||||
|         disabled: true | ||||
|       - name: function-length | ||||
|         disabled: true | ||||
|       - name: function-result-limit | ||||
|         disabled: true | ||||
|       - name: max-public-structs | ||||
|         disabled: true | ||||
|       # geneally annoying rules | ||||
|       - name: add-constant # complains about any and all strings and integers | ||||
|         disabled: true | ||||
|       - name: confusing-naming # we frequently use "Foo()" and "foo()" together | ||||
|         disabled: true | ||||
|       - name: flag-parameter # excessive, and a common idiom we use | ||||
|         disabled: true | ||||
|       # general config | ||||
|       - name: line-length-limit | ||||
|         arguments: | ||||
|           - 140 | ||||
|       - name: var-naming | ||||
|         arguments: | ||||
|           - [] | ||||
|           - - CID | ||||
|             - CRI | ||||
|             - CTRD | ||||
|             - DACL | ||||
|             - DLL | ||||
|             - DOS | ||||
|             - ETW | ||||
|             - FSCTL | ||||
|             - GCS | ||||
|             - GMSA | ||||
|             - HCS | ||||
|             - HV | ||||
|             - IO | ||||
|             - LCOW | ||||
|             - LDAP | ||||
|             - LPAC | ||||
|             - LTSC | ||||
|             - MMIO | ||||
|             - NT | ||||
|             - OCI | ||||
|             - PMEM | ||||
|             - PWSH | ||||
|             - RX | ||||
|             - SACl | ||||
|             - SID | ||||
|             - SMB | ||||
|             - TX | ||||
|             - VHD | ||||
|             - VHDX | ||||
|             - VMID | ||||
|             - VPCI | ||||
|             - WCOW | ||||
|             - WIM | ||||
|   stylecheck: | ||||
|     checks: | ||||
|       - "all" | ||||
|       - "-ST1003" # use revive's var naming | ||||
| @ -0,0 +1,41 @@ | ||||
| <!-- BEGIN MICROSOFT SECURITY.MD V0.0.7 BLOCK --> | ||||
| 
 | ||||
| ## Security | ||||
| 
 | ||||
| Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/). | ||||
| 
 | ||||
| If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/opensource/security/definition), please report it to us as described below. | ||||
| 
 | ||||
| ## Reporting Security Issues | ||||
| 
 | ||||
| **Please do not report security vulnerabilities through public GitHub issues.** | ||||
| 
 | ||||
| Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/opensource/security/create-report). | ||||
| 
 | ||||
| If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey). | ||||
| 
 | ||||
| You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc).  | ||||
| 
 | ||||
| Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue: | ||||
| 
 | ||||
|   * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.) | ||||
|   * Full paths of source file(s) related to the manifestation of the issue | ||||
|   * The location of the affected source code (tag/branch/commit or direct URL) | ||||
|   * Any special configuration required to reproduce the issue | ||||
|   * Step-by-step instructions to reproduce the issue | ||||
|   * Proof-of-concept or exploit code (if possible) | ||||
|   * Impact of the issue, including how an attacker might exploit the issue | ||||
| 
 | ||||
| This information will help us triage your report more quickly. | ||||
| 
 | ||||
| If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/opensource/security/bounty) page for more details about our active programs. | ||||
| 
 | ||||
| ## Preferred Languages | ||||
| 
 | ||||
| We prefer all communications to be in English. | ||||
| 
 | ||||
| ## Policy | ||||
| 
 | ||||
| Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/opensource/security/cvd). | ||||
| 
 | ||||
| <!-- END MICROSOFT SECURITY.MD BLOCK --> | ||||
| @ -0,0 +1,22 @@ | ||||
| // This package provides utilities for efficiently performing Win32 IO operations in Go.
 | ||||
| // Currently, this package is provides support for genreal IO and management of
 | ||||
| //   - named pipes
 | ||||
| //   - files
 | ||||
| //   - [Hyper-V sockets]
 | ||||
| //
 | ||||
| // This code is similar to Go's [net] package, and uses IO completion ports to avoid
 | ||||
| // blocking IO on system threads, allowing Go to reuse the thread to schedule other goroutines.
 | ||||
| //
 | ||||
| // This limits support to Windows Vista and newer operating systems.
 | ||||
| //
 | ||||
| // Additionally, this package provides support for:
 | ||||
| //   - creating and managing GUIDs
 | ||||
| //   - writing to [ETW]
 | ||||
| //   - opening and manageing VHDs
 | ||||
| //   - parsing [Windows Image files]
 | ||||
| //   - auto-generating Win32 API code
 | ||||
| //
 | ||||
| // [Hyper-V sockets]: https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/make-integration-service
 | ||||
| // [ETW]: https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/event-tracing-for-windows--etw-
 | ||||
| // [Windows Image files]: https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/work-with-windows-images
 | ||||
| package winio | ||||
| @ -0,0 +1,20 @@ | ||||
| package socket | ||||
| 
 | ||||
| import ( | ||||
| 	"unsafe" | ||||
| ) | ||||
| 
 | ||||
| // RawSockaddr allows structs to be used with [Bind] and [ConnectEx]. The
 | ||||
| // struct must meet the Win32 sockaddr requirements specified here:
 | ||||
| // https://docs.microsoft.com/en-us/windows/win32/winsock/sockaddr-2
 | ||||
| //
 | ||||
| // Specifically, the struct size must be least larger than an int16 (unsigned short)
 | ||||
| // for the address family.
 | ||||
| type RawSockaddr interface { | ||||
| 	// Sockaddr returns a pointer to the RawSockaddr and its struct size, allowing
 | ||||
| 	// for the RawSockaddr's data to be overwritten by syscalls (if necessary).
 | ||||
| 	//
 | ||||
| 	// It is the callers responsibility to validate that the values are valid; invalid
 | ||||
| 	// pointers or size can cause a panic.
 | ||||
| 	Sockaddr() (unsafe.Pointer, int32, error) | ||||
| } | ||||
| @ -0,0 +1,179 @@ | ||||
| //go:build windows
 | ||||
| 
 | ||||
| package socket | ||||
| 
 | ||||
| import ( | ||||
| 	"errors" | ||||
| 	"fmt" | ||||
| 	"net" | ||||
| 	"sync" | ||||
| 	"syscall" | ||||
| 	"unsafe" | ||||
| 
 | ||||
| 	"github.com/Microsoft/go-winio/pkg/guid" | ||||
| 	"golang.org/x/sys/windows" | ||||
| ) | ||||
| 
 | ||||
| //go:generate go run github.com/Microsoft/go-winio/tools/mkwinsyscall -output zsyscall_windows.go socket.go
 | ||||
| 
 | ||||
| //sys getsockname(s windows.Handle, name unsafe.Pointer, namelen *int32) (err error) [failretval==socketError] = ws2_32.getsockname
 | ||||
| //sys getpeername(s windows.Handle, name unsafe.Pointer, namelen *int32) (err error) [failretval==socketError] = ws2_32.getpeername
 | ||||
| //sys bind(s windows.Handle, name unsafe.Pointer, namelen int32) (err error) [failretval==socketError] = ws2_32.bind
 | ||||
| 
 | ||||
| const socketError = uintptr(^uint32(0)) | ||||
| 
 | ||||
| var ( | ||||
| 	// todo(helsaawy): create custom error types to store the desired vs actual size and addr family?
 | ||||
| 
 | ||||
| 	ErrBufferSize     = errors.New("buffer size") | ||||
| 	ErrAddrFamily     = errors.New("address family") | ||||
| 	ErrInvalidPointer = errors.New("invalid pointer") | ||||
| 	ErrSocketClosed   = fmt.Errorf("socket closed: %w", net.ErrClosed) | ||||
| ) | ||||
| 
 | ||||
| // todo(helsaawy): replace these with generics, ie: GetSockName[S RawSockaddr](s windows.Handle) (S, error)
 | ||||
| 
 | ||||
| // GetSockName writes the local address of socket s to the [RawSockaddr] rsa.
 | ||||
| // If rsa is not large enough, the [windows.WSAEFAULT] is returned.
 | ||||
| func GetSockName(s windows.Handle, rsa RawSockaddr) error { | ||||
| 	ptr, l, err := rsa.Sockaddr() | ||||
| 	if err != nil { | ||||
| 		return fmt.Errorf("could not retrieve socket pointer and size: %w", err) | ||||
| 	} | ||||
| 
 | ||||
| 	// although getsockname returns WSAEFAULT if the buffer is too small, it does not set
 | ||||
| 	// &l to the correct size, so--apart from doubling the buffer repeatedly--there is no remedy
 | ||||
| 	return getsockname(s, ptr, &l) | ||||
| } | ||||
| 
 | ||||
| // GetPeerName returns the remote address the socket is connected to.
 | ||||
| //
 | ||||
| // See [GetSockName] for more information.
 | ||||
| func GetPeerName(s windows.Handle, rsa RawSockaddr) error { | ||||
| 	ptr, l, err := rsa.Sockaddr() | ||||
| 	if err != nil { | ||||
| 		return fmt.Errorf("could not retrieve socket pointer and size: %w", err) | ||||
| 	} | ||||
| 
 | ||||
| 	return getpeername(s, ptr, &l) | ||||
| } | ||||
| 
 | ||||
| func Bind(s windows.Handle, rsa RawSockaddr) (err error) { | ||||
| 	ptr, l, err := rsa.Sockaddr() | ||||
| 	if err != nil { | ||||
| 		return fmt.Errorf("could not retrieve socket pointer and size: %w", err) | ||||
| 	} | ||||
| 
 | ||||
| 	return bind(s, ptr, l) | ||||
| } | ||||
| 
 | ||||
| // "golang.org/x/sys/windows".ConnectEx and .Bind only accept internal implementations of the
 | ||||
| // their sockaddr interface, so they cannot be used with HvsockAddr
 | ||||
| // Replicate functionality here from
 | ||||
| // https://cs.opensource.google/go/x/sys/+/master:windows/syscall_windows.go
 | ||||
| 
 | ||||
| // The function pointers to `AcceptEx`, `ConnectEx` and `GetAcceptExSockaddrs` must be loaded at
 | ||||
| // runtime via a WSAIoctl call:
 | ||||
| // https://docs.microsoft.com/en-us/windows/win32/api/Mswsock/nc-mswsock-lpfn_connectex#remarks
 | ||||
| 
 | ||||
| type runtimeFunc struct { | ||||
| 	id   guid.GUID | ||||
| 	once sync.Once | ||||
| 	addr uintptr | ||||
| 	err  error | ||||
| } | ||||
| 
 | ||||
| func (f *runtimeFunc) Load() error { | ||||
| 	f.once.Do(func() { | ||||
| 		var s windows.Handle | ||||
| 		s, f.err = windows.Socket(windows.AF_INET, windows.SOCK_STREAM, windows.IPPROTO_TCP) | ||||
| 		if f.err != nil { | ||||
| 			return | ||||
| 		} | ||||
| 		defer windows.CloseHandle(s) //nolint:errcheck
 | ||||
| 
 | ||||
| 		var n uint32 | ||||
| 		f.err = windows.WSAIoctl(s, | ||||
| 			windows.SIO_GET_EXTENSION_FUNCTION_POINTER, | ||||
| 			(*byte)(unsafe.Pointer(&f.id)), | ||||
| 			uint32(unsafe.Sizeof(f.id)), | ||||
| 			(*byte)(unsafe.Pointer(&f.addr)), | ||||
| 			uint32(unsafe.Sizeof(f.addr)), | ||||
| 			&n, | ||||
| 			nil, //overlapped
 | ||||
| 			0,   //completionRoutine
 | ||||
| 		) | ||||
| 	}) | ||||
| 	return f.err | ||||
| } | ||||
| 
 | ||||
| var ( | ||||
| 	// todo: add `AcceptEx` and `GetAcceptExSockaddrs`
 | ||||
| 	WSAID_CONNECTEX = guid.GUID{ //revive:disable-line:var-naming ALL_CAPS
 | ||||
| 		Data1: 0x25a207b9, | ||||
| 		Data2: 0xddf3, | ||||
| 		Data3: 0x4660, | ||||
| 		Data4: [8]byte{0x8e, 0xe9, 0x76, 0xe5, 0x8c, 0x74, 0x06, 0x3e}, | ||||
| 	} | ||||
| 
 | ||||
| 	connectExFunc = runtimeFunc{id: WSAID_CONNECTEX} | ||||
| ) | ||||
| 
 | ||||
| func ConnectEx( | ||||
| 	fd windows.Handle, | ||||
| 	rsa RawSockaddr, | ||||
| 	sendBuf *byte, | ||||
| 	sendDataLen uint32, | ||||
| 	bytesSent *uint32, | ||||
| 	overlapped *windows.Overlapped, | ||||
| ) error { | ||||
| 	if err := connectExFunc.Load(); err != nil { | ||||
| 		return fmt.Errorf("failed to load ConnectEx function pointer: %w", err) | ||||
| 	} | ||||
| 	ptr, n, err := rsa.Sockaddr() | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 	return connectEx(fd, ptr, n, sendBuf, sendDataLen, bytesSent, overlapped) | ||||
| } | ||||
| 
 | ||||
| // BOOL LpfnConnectex(
 | ||||
| //   [in]           SOCKET s,
 | ||||
| //   [in]           const sockaddr *name,
 | ||||
| //   [in]           int namelen,
 | ||||
| //   [in, optional] PVOID lpSendBuffer,
 | ||||
| //   [in]           DWORD dwSendDataLength,
 | ||||
| //   [out]          LPDWORD lpdwBytesSent,
 | ||||
| //   [in]           LPOVERLAPPED lpOverlapped
 | ||||
| // )
 | ||||
| 
 | ||||
| func connectEx( | ||||
| 	s windows.Handle, | ||||
| 	name unsafe.Pointer, | ||||
| 	namelen int32, | ||||
| 	sendBuf *byte, | ||||
| 	sendDataLen uint32, | ||||
| 	bytesSent *uint32, | ||||
| 	overlapped *windows.Overlapped, | ||||
| ) (err error) { | ||||
| 	// todo: after upgrading to 1.18, switch from syscall.Syscall9 to syscall.SyscallN
 | ||||
| 	r1, _, e1 := syscall.Syscall9(connectExFunc.addr, | ||||
| 		7, | ||||
| 		uintptr(s), | ||||
| 		uintptr(name), | ||||
| 		uintptr(namelen), | ||||
| 		uintptr(unsafe.Pointer(sendBuf)), | ||||
| 		uintptr(sendDataLen), | ||||
| 		uintptr(unsafe.Pointer(bytesSent)), | ||||
| 		uintptr(unsafe.Pointer(overlapped)), | ||||
| 		0, | ||||
| 		0) | ||||
| 	if r1 == 0 { | ||||
| 		if e1 != 0 { | ||||
| 			err = error(e1) | ||||
| 		} else { | ||||
| 			err = syscall.EINVAL | ||||
| 		} | ||||
| 	} | ||||
| 	return err | ||||
| } | ||||
| @ -0,0 +1,72 @@ | ||||
| //go:build windows
 | ||||
| 
 | ||||
| // Code generated by 'go generate' using "github.com/Microsoft/go-winio/tools/mkwinsyscall"; DO NOT EDIT.
 | ||||
| 
 | ||||
| package socket | ||||
| 
 | ||||
| import ( | ||||
| 	"syscall" | ||||
| 	"unsafe" | ||||
| 
 | ||||
| 	"golang.org/x/sys/windows" | ||||
| ) | ||||
| 
 | ||||
| var _ unsafe.Pointer | ||||
| 
 | ||||
| // Do the interface allocations only once for common
 | ||||
| // Errno values.
 | ||||
| const ( | ||||
| 	errnoERROR_IO_PENDING = 997 | ||||
| ) | ||||
| 
 | ||||
| var ( | ||||
| 	errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) | ||||
| 	errERROR_EINVAL     error = syscall.EINVAL | ||||
| ) | ||||
| 
 | ||||
| // errnoErr returns common boxed Errno values, to prevent
 | ||||
| // allocations at runtime.
 | ||||
| func errnoErr(e syscall.Errno) error { | ||||
| 	switch e { | ||||
| 	case 0: | ||||
| 		return errERROR_EINVAL | ||||
| 	case errnoERROR_IO_PENDING: | ||||
| 		return errERROR_IO_PENDING | ||||
| 	} | ||||
| 	// TODO: add more here, after collecting data on the common
 | ||||
| 	// error values see on Windows. (perhaps when running
 | ||||
| 	// all.bat?)
 | ||||
| 	return e | ||||
| } | ||||
| 
 | ||||
| var ( | ||||
| 	modws2_32 = windows.NewLazySystemDLL("ws2_32.dll") | ||||
| 
 | ||||
| 	procbind        = modws2_32.NewProc("bind") | ||||
| 	procgetpeername = modws2_32.NewProc("getpeername") | ||||
| 	procgetsockname = modws2_32.NewProc("getsockname") | ||||
| ) | ||||
| 
 | ||||
| func bind(s windows.Handle, name unsafe.Pointer, namelen int32) (err error) { | ||||
| 	r1, _, e1 := syscall.Syscall(procbind.Addr(), 3, uintptr(s), uintptr(name), uintptr(namelen)) | ||||
| 	if r1 == socketError { | ||||
| 		err = errnoErr(e1) | ||||
| 	} | ||||
| 	return | ||||
| } | ||||
| 
 | ||||
| func getpeername(s windows.Handle, name unsafe.Pointer, namelen *int32) (err error) { | ||||
| 	r1, _, e1 := syscall.Syscall(procgetpeername.Addr(), 3, uintptr(s), uintptr(name), uintptr(unsafe.Pointer(namelen))) | ||||
| 	if r1 == socketError { | ||||
| 		err = errnoErr(e1) | ||||
| 	} | ||||
| 	return | ||||
| } | ||||
| 
 | ||||
| func getsockname(s windows.Handle, name unsafe.Pointer, namelen *int32) (err error) { | ||||
| 	r1, _, e1 := syscall.Syscall(procgetsockname.Addr(), 3, uintptr(s), uintptr(name), uintptr(unsafe.Pointer(namelen))) | ||||
| 	if r1 == socketError { | ||||
| 		err = errnoErr(e1) | ||||
| 	} | ||||
| 	return | ||||
| } | ||||
| @ -0,0 +1,27 @@ | ||||
| // Code generated by "stringer -type=Variant -trimprefix=Variant -linecomment"; DO NOT EDIT.
 | ||||
| 
 | ||||
| package guid | ||||
| 
 | ||||
| import "strconv" | ||||
| 
 | ||||
| func _() { | ||||
| 	// An "invalid array index" compiler error signifies that the constant values have changed.
 | ||||
| 	// Re-run the stringer command to generate them again.
 | ||||
| 	var x [1]struct{} | ||||
| 	_ = x[VariantUnknown-0] | ||||
| 	_ = x[VariantNCS-1] | ||||
| 	_ = x[VariantRFC4122-2] | ||||
| 	_ = x[VariantMicrosoft-3] | ||||
| 	_ = x[VariantFuture-4] | ||||
| } | ||||
| 
 | ||||
| const _Variant_name = "UnknownNCSRFC 4122MicrosoftFuture" | ||||
| 
 | ||||
| var _Variant_index = [...]uint8{0, 7, 10, 18, 27, 33} | ||||
| 
 | ||||
| func (i Variant) String() string { | ||||
| 	if i >= Variant(len(_Variant_index)-1) { | ||||
| 		return "Variant(" + strconv.FormatInt(int64(i), 10) + ")" | ||||
| 	} | ||||
| 	return _Variant_name[_Variant_index[i]:_Variant_index[i+1]] | ||||
| } | ||||
| @ -1,3 +1,5 @@ | ||||
| //go:build windows
 | ||||
| 
 | ||||
| package winio | ||||
| 
 | ||||
| //go:generate go run golang.org/x/sys/windows/mkwinsyscall -output zsyscall_windows.go file.go pipe.go sd.go fileinfo.go privilege.go backup.go hvsock.go
 | ||||
| //go:generate go run github.com/Microsoft/go-winio/tools/mkwinsyscall -output zsyscall_windows.go ./*.go
 | ||||
|  | ||||
| @ -0,0 +1,5 @@ | ||||
| //go:build tools
 | ||||
| 
 | ||||
| package winio | ||||
| 
 | ||||
| import _ "golang.org/x/tools/cmd/stringer" | ||||
| @ -1,10 +0,0 @@ | ||||
| language: go | ||||
| go: | ||||
|   - 1.13 | ||||
|   - 1.x | ||||
|   - tip | ||||
| before_install: | ||||
|   - go get github.com/mattn/goveralls | ||||
|   - go get golang.org/x/tools/cmd/cover | ||||
| script: | ||||
|   - $HOME/gopath/bin/goveralls -service=travis-ci | ||||
								
									
										
											
										
									
									
										
											6319
										
									
									vendor/github.com/containerd/containerd/api/services/content/v1/content.pb.go
									
										generated
									
									
										vendored
									
								
								
							
							
										
											6319
										
									
									vendor/github.com/containerd/containerd/api/services/content/v1/content.pb.go
									
										generated
									
									
										vendored
									
								
											
												
													File diff suppressed because it is too large
													Load Diff
												
											
										
									
								
								
									
										
											
										
									
									
										
											569
										
									
									vendor/github.com/containerd/containerd/api/services/content/v1/content_grpc.pb.go
									
										generated
									
									
										vendored
									
								
								
							
							
										
											569
										
									
									vendor/github.com/containerd/containerd/api/services/content/v1/content_grpc.pb.go
									
										generated
									
									
										vendored
									
								| @ -0,0 +1,569 @@ | ||||
| // Code generated by protoc-gen-go-grpc. DO NOT EDIT.
 | ||||
| // versions:
 | ||||
| // - protoc-gen-go-grpc v1.2.0
 | ||||
| // - protoc             v3.20.1
 | ||||
| // source: github.com/containerd/containerd/api/services/content/v1/content.proto
 | ||||
| 
 | ||||
| package content | ||||
| 
 | ||||
| import ( | ||||
| 	context "context" | ||||
| 	grpc "google.golang.org/grpc" | ||||
| 	codes "google.golang.org/grpc/codes" | ||||
| 	status "google.golang.org/grpc/status" | ||||
| 	emptypb "google.golang.org/protobuf/types/known/emptypb" | ||||
| ) | ||||
| 
 | ||||
| // This is a compile-time assertion to ensure that this generated file
 | ||||
| // is compatible with the grpc package it is being compiled against.
 | ||||
| // Requires gRPC-Go v1.32.0 or later.
 | ||||
| const _ = grpc.SupportPackageIsVersion7 | ||||
| 
 | ||||
| // ContentClient is the client API for Content service.
 | ||||
| //
 | ||||
| // For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
 | ||||
| type ContentClient interface { | ||||
| 	// Info returns information about a committed object.
 | ||||
| 	//
 | ||||
| 	// This call can be used for getting the size of content and checking for
 | ||||
| 	// existence.
 | ||||
| 	Info(ctx context.Context, in *InfoRequest, opts ...grpc.CallOption) (*InfoResponse, error) | ||||
| 	// Update updates content metadata.
 | ||||
| 	//
 | ||||
| 	// This call can be used to manage the mutable content labels. The
 | ||||
| 	// immutable metadata such as digest, size, and committed at cannot
 | ||||
| 	// be updated.
 | ||||
| 	Update(ctx context.Context, in *UpdateRequest, opts ...grpc.CallOption) (*UpdateResponse, error) | ||||
| 	// List streams the entire set of content as Info objects and closes the
 | ||||
| 	// stream.
 | ||||
| 	//
 | ||||
| 	// Typically, this will yield a large response, chunked into messages.
 | ||||
| 	// Clients should make provisions to ensure they can handle the entire data
 | ||||
| 	// set.
 | ||||
| 	List(ctx context.Context, in *ListContentRequest, opts ...grpc.CallOption) (Content_ListClient, error) | ||||
| 	// Delete will delete the referenced object.
 | ||||
| 	Delete(ctx context.Context, in *DeleteContentRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) | ||||
| 	// Read allows one to read an object based on the offset into the content.
 | ||||
| 	//
 | ||||
| 	// The requested data may be returned in one or more messages.
 | ||||
| 	Read(ctx context.Context, in *ReadContentRequest, opts ...grpc.CallOption) (Content_ReadClient, error) | ||||
| 	// Status returns the status for a single reference.
 | ||||
| 	Status(ctx context.Context, in *StatusRequest, opts ...grpc.CallOption) (*StatusResponse, error) | ||||
| 	// ListStatuses returns the status of ongoing object ingestions, started via
 | ||||
| 	// Write.
 | ||||
| 	//
 | ||||
| 	// Only those matching the regular expression will be provided in the
 | ||||
| 	// response. If the provided regular expression is empty, all ingestions
 | ||||
| 	// will be provided.
 | ||||
| 	ListStatuses(ctx context.Context, in *ListStatusesRequest, opts ...grpc.CallOption) (*ListStatusesResponse, error) | ||||
| 	// Write begins or resumes writes to a resource identified by a unique ref.
 | ||||
| 	// Only one active stream may exist at a time for each ref.
 | ||||
| 	//
 | ||||
| 	// Once a write stream has started, it may only write to a single ref, thus
 | ||||
| 	// once a stream is started, the ref may be omitted on subsequent writes.
 | ||||
| 	//
 | ||||
| 	// For any write transaction represented by a ref, only a single write may
 | ||||
| 	// be made to a given offset. If overlapping writes occur, it is an error.
 | ||||
| 	// Writes should be sequential and implementations may throw an error if
 | ||||
| 	// this is required.
 | ||||
| 	//
 | ||||
| 	// If expected_digest is set and already part of the content store, the
 | ||||
| 	// write will fail.
 | ||||
| 	//
 | ||||
| 	// When completed, the commit flag should be set to true. If expected size
 | ||||
| 	// or digest is set, the content will be validated against those values.
 | ||||
| 	Write(ctx context.Context, opts ...grpc.CallOption) (Content_WriteClient, error) | ||||
| 	// Abort cancels the ongoing write named in the request. Any resources
 | ||||
| 	// associated with the write will be collected.
 | ||||
| 	Abort(ctx context.Context, in *AbortRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) | ||||
| } | ||||
| 
 | ||||
| type contentClient struct { | ||||
| 	cc grpc.ClientConnInterface | ||||
| } | ||||
| 
 | ||||
| func NewContentClient(cc grpc.ClientConnInterface) ContentClient { | ||||
| 	return &contentClient{cc} | ||||
| } | ||||
| 
 | ||||
| func (c *contentClient) Info(ctx context.Context, in *InfoRequest, opts ...grpc.CallOption) (*InfoResponse, error) { | ||||
| 	out := new(InfoResponse) | ||||
| 	err := c.cc.Invoke(ctx, "/containerd.services.content.v1.Content/Info", in, out, opts...) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return out, nil | ||||
| } | ||||
| 
 | ||||
| func (c *contentClient) Update(ctx context.Context, in *UpdateRequest, opts ...grpc.CallOption) (*UpdateResponse, error) { | ||||
| 	out := new(UpdateResponse) | ||||
| 	err := c.cc.Invoke(ctx, "/containerd.services.content.v1.Content/Update", in, out, opts...) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return out, nil | ||||
| } | ||||
| 
 | ||||
| func (c *contentClient) List(ctx context.Context, in *ListContentRequest, opts ...grpc.CallOption) (Content_ListClient, error) { | ||||
| 	stream, err := c.cc.NewStream(ctx, &Content_ServiceDesc.Streams[0], "/containerd.services.content.v1.Content/List", opts...) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	x := &contentListClient{stream} | ||||
| 	if err := x.ClientStream.SendMsg(in); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	if err := x.ClientStream.CloseSend(); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return x, nil | ||||
| } | ||||
| 
 | ||||
| type Content_ListClient interface { | ||||
| 	Recv() (*ListContentResponse, error) | ||||
| 	grpc.ClientStream | ||||
| } | ||||
| 
 | ||||
| type contentListClient struct { | ||||
| 	grpc.ClientStream | ||||
| } | ||||
| 
 | ||||
| func (x *contentListClient) Recv() (*ListContentResponse, error) { | ||||
| 	m := new(ListContentResponse) | ||||
| 	if err := x.ClientStream.RecvMsg(m); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return m, nil | ||||
| } | ||||
| 
 | ||||
| func (c *contentClient) Delete(ctx context.Context, in *DeleteContentRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) { | ||||
| 	out := new(emptypb.Empty) | ||||
| 	err := c.cc.Invoke(ctx, "/containerd.services.content.v1.Content/Delete", in, out, opts...) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return out, nil | ||||
| } | ||||
| 
 | ||||
| func (c *contentClient) Read(ctx context.Context, in *ReadContentRequest, opts ...grpc.CallOption) (Content_ReadClient, error) { | ||||
| 	stream, err := c.cc.NewStream(ctx, &Content_ServiceDesc.Streams[1], "/containerd.services.content.v1.Content/Read", opts...) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	x := &contentReadClient{stream} | ||||
| 	if err := x.ClientStream.SendMsg(in); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	if err := x.ClientStream.CloseSend(); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return x, nil | ||||
| } | ||||
| 
 | ||||
| type Content_ReadClient interface { | ||||
| 	Recv() (*ReadContentResponse, error) | ||||
| 	grpc.ClientStream | ||||
| } | ||||
| 
 | ||||
| type contentReadClient struct { | ||||
| 	grpc.ClientStream | ||||
| } | ||||
| 
 | ||||
| func (x *contentReadClient) Recv() (*ReadContentResponse, error) { | ||||
| 	m := new(ReadContentResponse) | ||||
| 	if err := x.ClientStream.RecvMsg(m); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return m, nil | ||||
| } | ||||
| 
 | ||||
| func (c *contentClient) Status(ctx context.Context, in *StatusRequest, opts ...grpc.CallOption) (*StatusResponse, error) { | ||||
| 	out := new(StatusResponse) | ||||
| 	err := c.cc.Invoke(ctx, "/containerd.services.content.v1.Content/Status", in, out, opts...) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return out, nil | ||||
| } | ||||
| 
 | ||||
| func (c *contentClient) ListStatuses(ctx context.Context, in *ListStatusesRequest, opts ...grpc.CallOption) (*ListStatusesResponse, error) { | ||||
| 	out := new(ListStatusesResponse) | ||||
| 	err := c.cc.Invoke(ctx, "/containerd.services.content.v1.Content/ListStatuses", in, out, opts...) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return out, nil | ||||
| } | ||||
| 
 | ||||
| func (c *contentClient) Write(ctx context.Context, opts ...grpc.CallOption) (Content_WriteClient, error) { | ||||
| 	stream, err := c.cc.NewStream(ctx, &Content_ServiceDesc.Streams[2], "/containerd.services.content.v1.Content/Write", opts...) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	x := &contentWriteClient{stream} | ||||
| 	return x, nil | ||||
| } | ||||
| 
 | ||||
| type Content_WriteClient interface { | ||||
| 	Send(*WriteContentRequest) error | ||||
| 	Recv() (*WriteContentResponse, error) | ||||
| 	grpc.ClientStream | ||||
| } | ||||
| 
 | ||||
| type contentWriteClient struct { | ||||
| 	grpc.ClientStream | ||||
| } | ||||
| 
 | ||||
| func (x *contentWriteClient) Send(m *WriteContentRequest) error { | ||||
| 	return x.ClientStream.SendMsg(m) | ||||
| } | ||||
| 
 | ||||
| func (x *contentWriteClient) Recv() (*WriteContentResponse, error) { | ||||
| 	m := new(WriteContentResponse) | ||||
| 	if err := x.ClientStream.RecvMsg(m); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return m, nil | ||||
| } | ||||
| 
 | ||||
| func (c *contentClient) Abort(ctx context.Context, in *AbortRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) { | ||||
| 	out := new(emptypb.Empty) | ||||
| 	err := c.cc.Invoke(ctx, "/containerd.services.content.v1.Content/Abort", in, out, opts...) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return out, nil | ||||
| } | ||||
| 
 | ||||
| // ContentServer is the server API for Content service.
 | ||||
| // All implementations must embed UnimplementedContentServer
 | ||||
| // for forward compatibility
 | ||||
| type ContentServer interface { | ||||
| 	// Info returns information about a committed object.
 | ||||
| 	//
 | ||||
| 	// This call can be used for getting the size of content and checking for
 | ||||
| 	// existence.
 | ||||
| 	Info(context.Context, *InfoRequest) (*InfoResponse, error) | ||||
| 	// Update updates content metadata.
 | ||||
| 	//
 | ||||
| 	// This call can be used to manage the mutable content labels. The
 | ||||
| 	// immutable metadata such as digest, size, and committed at cannot
 | ||||
| 	// be updated.
 | ||||
| 	Update(context.Context, *UpdateRequest) (*UpdateResponse, error) | ||||
| 	// List streams the entire set of content as Info objects and closes the
 | ||||
| 	// stream.
 | ||||
| 	//
 | ||||
| 	// Typically, this will yield a large response, chunked into messages.
 | ||||
| 	// Clients should make provisions to ensure they can handle the entire data
 | ||||
| 	// set.
 | ||||
| 	List(*ListContentRequest, Content_ListServer) error | ||||
| 	// Delete will delete the referenced object.
 | ||||
| 	Delete(context.Context, *DeleteContentRequest) (*emptypb.Empty, error) | ||||
| 	// Read allows one to read an object based on the offset into the content.
 | ||||
| 	//
 | ||||
| 	// The requested data may be returned in one or more messages.
 | ||||
| 	Read(*ReadContentRequest, Content_ReadServer) error | ||||
| 	// Status returns the status for a single reference.
 | ||||
| 	Status(context.Context, *StatusRequest) (*StatusResponse, error) | ||||
| 	// ListStatuses returns the status of ongoing object ingestions, started via
 | ||||
| 	// Write.
 | ||||
| 	//
 | ||||
| 	// Only those matching the regular expression will be provided in the
 | ||||
| 	// response. If the provided regular expression is empty, all ingestions
 | ||||
| 	// will be provided.
 | ||||
| 	ListStatuses(context.Context, *ListStatusesRequest) (*ListStatusesResponse, error) | ||||
| 	// Write begins or resumes writes to a resource identified by a unique ref.
 | ||||
| 	// Only one active stream may exist at a time for each ref.
 | ||||
| 	//
 | ||||
| 	// Once a write stream has started, it may only write to a single ref, thus
 | ||||
| 	// once a stream is started, the ref may be omitted on subsequent writes.
 | ||||
| 	//
 | ||||
| 	// For any write transaction represented by a ref, only a single write may
 | ||||
| 	// be made to a given offset. If overlapping writes occur, it is an error.
 | ||||
| 	// Writes should be sequential and implementations may throw an error if
 | ||||
| 	// this is required.
 | ||||
| 	//
 | ||||
| 	// If expected_digest is set and already part of the content store, the
 | ||||
| 	// write will fail.
 | ||||
| 	//
 | ||||
| 	// When completed, the commit flag should be set to true. If expected size
 | ||||
| 	// or digest is set, the content will be validated against those values.
 | ||||
| 	Write(Content_WriteServer) error | ||||
| 	// Abort cancels the ongoing write named in the request. Any resources
 | ||||
| 	// associated with the write will be collected.
 | ||||
| 	Abort(context.Context, *AbortRequest) (*emptypb.Empty, error) | ||||
| 	mustEmbedUnimplementedContentServer() | ||||
| } | ||||
| 
 | ||||
| // UnimplementedContentServer must be embedded to have forward compatible implementations.
 | ||||
| type UnimplementedContentServer struct { | ||||
| } | ||||
| 
 | ||||
| func (UnimplementedContentServer) Info(context.Context, *InfoRequest) (*InfoResponse, error) { | ||||
| 	return nil, status.Errorf(codes.Unimplemented, "method Info not implemented") | ||||
| } | ||||
| func (UnimplementedContentServer) Update(context.Context, *UpdateRequest) (*UpdateResponse, error) { | ||||
| 	return nil, status.Errorf(codes.Unimplemented, "method Update not implemented") | ||||
| } | ||||
| func (UnimplementedContentServer) List(*ListContentRequest, Content_ListServer) error { | ||||
| 	return status.Errorf(codes.Unimplemented, "method List not implemented") | ||||
| } | ||||
| func (UnimplementedContentServer) Delete(context.Context, *DeleteContentRequest) (*emptypb.Empty, error) { | ||||
| 	return nil, status.Errorf(codes.Unimplemented, "method Delete not implemented") | ||||
| } | ||||
| func (UnimplementedContentServer) Read(*ReadContentRequest, Content_ReadServer) error { | ||||
| 	return status.Errorf(codes.Unimplemented, "method Read not implemented") | ||||
| } | ||||
| func (UnimplementedContentServer) Status(context.Context, *StatusRequest) (*StatusResponse, error) { | ||||
| 	return nil, status.Errorf(codes.Unimplemented, "method Status not implemented") | ||||
| } | ||||
| func (UnimplementedContentServer) ListStatuses(context.Context, *ListStatusesRequest) (*ListStatusesResponse, error) { | ||||
| 	return nil, status.Errorf(codes.Unimplemented, "method ListStatuses not implemented") | ||||
| } | ||||
| func (UnimplementedContentServer) Write(Content_WriteServer) error { | ||||
| 	return status.Errorf(codes.Unimplemented, "method Write not implemented") | ||||
| } | ||||
| func (UnimplementedContentServer) Abort(context.Context, *AbortRequest) (*emptypb.Empty, error) { | ||||
| 	return nil, status.Errorf(codes.Unimplemented, "method Abort not implemented") | ||||
| } | ||||
| func (UnimplementedContentServer) mustEmbedUnimplementedContentServer() {} | ||||
| 
 | ||||
| // UnsafeContentServer may be embedded to opt out of forward compatibility for this service.
 | ||||
| // Use of this interface is not recommended, as added methods to ContentServer will
 | ||||
| // result in compilation errors.
 | ||||
| type UnsafeContentServer interface { | ||||
| 	mustEmbedUnimplementedContentServer() | ||||
| } | ||||
| 
 | ||||
| func RegisterContentServer(s grpc.ServiceRegistrar, srv ContentServer) { | ||||
| 	s.RegisterService(&Content_ServiceDesc, srv) | ||||
| } | ||||
| 
 | ||||
| func _Content_Info_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { | ||||
| 	in := new(InfoRequest) | ||||
| 	if err := dec(in); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	if interceptor == nil { | ||||
| 		return srv.(ContentServer).Info(ctx, in) | ||||
| 	} | ||||
| 	info := &grpc.UnaryServerInfo{ | ||||
| 		Server:     srv, | ||||
| 		FullMethod: "/containerd.services.content.v1.Content/Info", | ||||
| 	} | ||||
| 	handler := func(ctx context.Context, req interface{}) (interface{}, error) { | ||||
| 		return srv.(ContentServer).Info(ctx, req.(*InfoRequest)) | ||||
| 	} | ||||
| 	return interceptor(ctx, in, info, handler) | ||||
| } | ||||
| 
 | ||||
| func _Content_Update_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { | ||||
| 	in := new(UpdateRequest) | ||||
| 	if err := dec(in); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	if interceptor == nil { | ||||
| 		return srv.(ContentServer).Update(ctx, in) | ||||
| 	} | ||||
| 	info := &grpc.UnaryServerInfo{ | ||||
| 		Server:     srv, | ||||
| 		FullMethod: "/containerd.services.content.v1.Content/Update", | ||||
| 	} | ||||
| 	handler := func(ctx context.Context, req interface{}) (interface{}, error) { | ||||
| 		return srv.(ContentServer).Update(ctx, req.(*UpdateRequest)) | ||||
| 	} | ||||
| 	return interceptor(ctx, in, info, handler) | ||||
| } | ||||
| 
 | ||||
| func _Content_List_Handler(srv interface{}, stream grpc.ServerStream) error { | ||||
| 	m := new(ListContentRequest) | ||||
| 	if err := stream.RecvMsg(m); err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 	return srv.(ContentServer).List(m, &contentListServer{stream}) | ||||
| } | ||||
| 
 | ||||
| type Content_ListServer interface { | ||||
| 	Send(*ListContentResponse) error | ||||
| 	grpc.ServerStream | ||||
| } | ||||
| 
 | ||||
| type contentListServer struct { | ||||
| 	grpc.ServerStream | ||||
| } | ||||
| 
 | ||||
| func (x *contentListServer) Send(m *ListContentResponse) error { | ||||
| 	return x.ServerStream.SendMsg(m) | ||||
| } | ||||
| 
 | ||||
| func _Content_Delete_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { | ||||
| 	in := new(DeleteContentRequest) | ||||
| 	if err := dec(in); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	if interceptor == nil { | ||||
| 		return srv.(ContentServer).Delete(ctx, in) | ||||
| 	} | ||||
| 	info := &grpc.UnaryServerInfo{ | ||||
| 		Server:     srv, | ||||
| 		FullMethod: "/containerd.services.content.v1.Content/Delete", | ||||
| 	} | ||||
| 	handler := func(ctx context.Context, req interface{}) (interface{}, error) { | ||||
| 		return srv.(ContentServer).Delete(ctx, req.(*DeleteContentRequest)) | ||||
| 	} | ||||
| 	return interceptor(ctx, in, info, handler) | ||||
| } | ||||
| 
 | ||||
| func _Content_Read_Handler(srv interface{}, stream grpc.ServerStream) error { | ||||
| 	m := new(ReadContentRequest) | ||||
| 	if err := stream.RecvMsg(m); err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 	return srv.(ContentServer).Read(m, &contentReadServer{stream}) | ||||
| } | ||||
| 
 | ||||
| type Content_ReadServer interface { | ||||
| 	Send(*ReadContentResponse) error | ||||
| 	grpc.ServerStream | ||||
| } | ||||
| 
 | ||||
| type contentReadServer struct { | ||||
| 	grpc.ServerStream | ||||
| } | ||||
| 
 | ||||
| func (x *contentReadServer) Send(m *ReadContentResponse) error { | ||||
| 	return x.ServerStream.SendMsg(m) | ||||
| } | ||||
| 
 | ||||
| func _Content_Status_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { | ||||
| 	in := new(StatusRequest) | ||||
| 	if err := dec(in); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	if interceptor == nil { | ||||
| 		return srv.(ContentServer).Status(ctx, in) | ||||
| 	} | ||||
| 	info := &grpc.UnaryServerInfo{ | ||||
| 		Server:     srv, | ||||
| 		FullMethod: "/containerd.services.content.v1.Content/Status", | ||||
| 	} | ||||
| 	handler := func(ctx context.Context, req interface{}) (interface{}, error) { | ||||
| 		return srv.(ContentServer).Status(ctx, req.(*StatusRequest)) | ||||
| 	} | ||||
| 	return interceptor(ctx, in, info, handler) | ||||
| } | ||||
| 
 | ||||
| func _Content_ListStatuses_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { | ||||
| 	in := new(ListStatusesRequest) | ||||
| 	if err := dec(in); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	if interceptor == nil { | ||||
| 		return srv.(ContentServer).ListStatuses(ctx, in) | ||||
| 	} | ||||
| 	info := &grpc.UnaryServerInfo{ | ||||
| 		Server:     srv, | ||||
| 		FullMethod: "/containerd.services.content.v1.Content/ListStatuses", | ||||
| 	} | ||||
| 	handler := func(ctx context.Context, req interface{}) (interface{}, error) { | ||||
| 		return srv.(ContentServer).ListStatuses(ctx, req.(*ListStatusesRequest)) | ||||
| 	} | ||||
| 	return interceptor(ctx, in, info, handler) | ||||
| } | ||||
| 
 | ||||
| func _Content_Write_Handler(srv interface{}, stream grpc.ServerStream) error { | ||||
| 	return srv.(ContentServer).Write(&contentWriteServer{stream}) | ||||
| } | ||||
| 
 | ||||
| type Content_WriteServer interface { | ||||
| 	Send(*WriteContentResponse) error | ||||
| 	Recv() (*WriteContentRequest, error) | ||||
| 	grpc.ServerStream | ||||
| } | ||||
| 
 | ||||
| type contentWriteServer struct { | ||||
| 	grpc.ServerStream | ||||
| } | ||||
| 
 | ||||
| func (x *contentWriteServer) Send(m *WriteContentResponse) error { | ||||
| 	return x.ServerStream.SendMsg(m) | ||||
| } | ||||
| 
 | ||||
| func (x *contentWriteServer) Recv() (*WriteContentRequest, error) { | ||||
| 	m := new(WriteContentRequest) | ||||
| 	if err := x.ServerStream.RecvMsg(m); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return m, nil | ||||
| } | ||||
| 
 | ||||
| func _Content_Abort_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { | ||||
| 	in := new(AbortRequest) | ||||
| 	if err := dec(in); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	if interceptor == nil { | ||||
| 		return srv.(ContentServer).Abort(ctx, in) | ||||
| 	} | ||||
| 	info := &grpc.UnaryServerInfo{ | ||||
| 		Server:     srv, | ||||
| 		FullMethod: "/containerd.services.content.v1.Content/Abort", | ||||
| 	} | ||||
| 	handler := func(ctx context.Context, req interface{}) (interface{}, error) { | ||||
| 		return srv.(ContentServer).Abort(ctx, req.(*AbortRequest)) | ||||
| 	} | ||||
| 	return interceptor(ctx, in, info, handler) | ||||
| } | ||||
| 
 | ||||
| // Content_ServiceDesc is the grpc.ServiceDesc for Content service.
 | ||||
| // It's only intended for direct use with grpc.RegisterService,
 | ||||
| // and not to be introspected or modified (even as a copy)
 | ||||
| var Content_ServiceDesc = grpc.ServiceDesc{ | ||||
| 	ServiceName: "containerd.services.content.v1.Content", | ||||
| 	HandlerType: (*ContentServer)(nil), | ||||
| 	Methods: []grpc.MethodDesc{ | ||||
| 		{ | ||||
| 			MethodName: "Info", | ||||
| 			Handler:    _Content_Info_Handler, | ||||
| 		}, | ||||
| 		{ | ||||
| 			MethodName: "Update", | ||||
| 			Handler:    _Content_Update_Handler, | ||||
| 		}, | ||||
| 		{ | ||||
| 			MethodName: "Delete", | ||||
| 			Handler:    _Content_Delete_Handler, | ||||
| 		}, | ||||
| 		{ | ||||
| 			MethodName: "Status", | ||||
| 			Handler:    _Content_Status_Handler, | ||||
| 		}, | ||||
| 		{ | ||||
| 			MethodName: "ListStatuses", | ||||
| 			Handler:    _Content_ListStatuses_Handler, | ||||
| 		}, | ||||
| 		{ | ||||
| 			MethodName: "Abort", | ||||
| 			Handler:    _Content_Abort_Handler, | ||||
| 		}, | ||||
| 	}, | ||||
| 	Streams: []grpc.StreamDesc{ | ||||
| 		{ | ||||
| 			StreamName:    "List", | ||||
| 			Handler:       _Content_List_Handler, | ||||
| 			ServerStreams: true, | ||||
| 		}, | ||||
| 		{ | ||||
| 			StreamName:    "Read", | ||||
| 			Handler:       _Content_Read_Handler, | ||||
| 			ServerStreams: true, | ||||
| 		}, | ||||
| 		{ | ||||
| 			StreamName:    "Write", | ||||
| 			Handler:       _Content_Write_Handler, | ||||
| 			ServerStreams: true, | ||||
| 			ClientStreams: true, | ||||
| 		}, | ||||
| 	}, | ||||
| 	Metadata: "github.com/containerd/containerd/api/services/content/v1/content.proto", | ||||
| } | ||||
								
									
										
											
										
									
									
										
											28
										
									
									vendor/github.com/containerd/containerd/archive/compression/compression_fuzzer.go
									
										generated
									
									
										vendored
									
								
								
							
							
										
											28
										
									
									vendor/github.com/containerd/containerd/archive/compression/compression_fuzzer.go
									
										generated
									
									
										vendored
									
								| @ -0,0 +1,28 @@ | ||||
| //go:build gofuzz
 | ||||
| 
 | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package compression | ||||
| 
 | ||||
| import ( | ||||
| 	"bytes" | ||||
| ) | ||||
| 
 | ||||
| func FuzzDecompressStream(data []byte) int { | ||||
| 	_, _ = DecompressStream(bytes.NewReader(data)) | ||||
| 	return 1 | ||||
| } | ||||
| @ -0,0 +1,76 @@ | ||||
| //go:build gofuzz
 | ||||
| 
 | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package local | ||||
| 
 | ||||
| import ( | ||||
| 	"bufio" | ||||
| 	"bytes" | ||||
| 	"context" | ||||
| 	_ "crypto/sha256" | ||||
| 	"io" | ||||
| 	"testing" | ||||
| 
 | ||||
| 	"github.com/opencontainers/go-digest" | ||||
| 
 | ||||
| 	"github.com/containerd/containerd/content" | ||||
| ) | ||||
| 
 | ||||
| func FuzzContentStoreWriter(data []byte) int { | ||||
| 	t := &testing.T{} | ||||
| 	ctx := context.Background() | ||||
| 	ctx, _, cs, cleanup := contentStoreEnv(t) | ||||
| 	defer cleanup() | ||||
| 
 | ||||
| 	cw, err := cs.Writer(ctx, content.WithRef("myref")) | ||||
| 	if err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 	if err := cw.Close(); err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 
 | ||||
| 	// reopen, so we can test things
 | ||||
| 	cw, err = cs.Writer(ctx, content.WithRef("myref")) | ||||
| 	if err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 
 | ||||
| 	err = checkCopyFuzz(int64(len(data)), cw, bufio.NewReader(io.NopCloser(bytes.NewReader(data)))) | ||||
| 	if err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 	expected := digest.FromBytes(data) | ||||
| 
 | ||||
| 	if err = cw.Commit(ctx, int64(len(data)), expected); err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 	return 1 | ||||
| } | ||||
| 
 | ||||
| func checkCopyFuzz(size int64, dst io.Writer, src io.Reader) error { | ||||
| 	nn, err := io.Copy(dst, src) | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 
 | ||||
| 	if nn != size { | ||||
| 		return err | ||||
| 	} | ||||
| 	return nil | ||||
| } | ||||
| @ -0,0 +1,38 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package local | ||||
| 
 | ||||
| import ( | ||||
| 	"context" | ||||
| 	"testing" | ||||
| 
 | ||||
| 	"github.com/containerd/containerd/content" | ||||
| ) | ||||
| 
 | ||||
| func contentStoreEnv(t testing.TB) (context.Context, string, content.Store, func()) { | ||||
| 	tmpdir := t.TempDir() | ||||
| 
 | ||||
| 	cs, err := NewStore(tmpdir) | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
| 
 | ||||
| 	ctx, cancel := context.WithCancel(context.Background()) | ||||
| 	return ctx, tmpdir, cs, func() { | ||||
| 		cancel() | ||||
| 	} | ||||
| } | ||||
| @ -0,0 +1,161 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package platforms | ||||
| 
 | ||||
| import ( | ||||
| 	"bufio" | ||||
| 	"bytes" | ||||
| 	"fmt" | ||||
| 	"os" | ||||
| 	"runtime" | ||||
| 	"strings" | ||||
| 
 | ||||
| 	"github.com/containerd/containerd/errdefs" | ||||
| 	"golang.org/x/sys/unix" | ||||
| ) | ||||
| 
 | ||||
| // getMachineArch retrieves the machine architecture through system call
 | ||||
| func getMachineArch() (string, error) { | ||||
| 	var uname unix.Utsname | ||||
| 	err := unix.Uname(&uname) | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 
 | ||||
| 	arch := string(uname.Machine[:bytes.IndexByte(uname.Machine[:], 0)]) | ||||
| 
 | ||||
| 	return arch, nil | ||||
| } | ||||
| 
 | ||||
| // For Linux, the kernel has already detected the ABI, ISA and Features.
 | ||||
| // So we don't need to access the ARM registers to detect platform information
 | ||||
| // by ourselves. We can just parse these information from /proc/cpuinfo
 | ||||
| func getCPUInfo(pattern string) (info string, err error) { | ||||
| 
 | ||||
| 	cpuinfo, err := os.Open("/proc/cpuinfo") | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 	defer cpuinfo.Close() | ||||
| 
 | ||||
| 	// Start to Parse the Cpuinfo line by line. For SMP SoC, we parse
 | ||||
| 	// the first core is enough.
 | ||||
| 	scanner := bufio.NewScanner(cpuinfo) | ||||
| 	for scanner.Scan() { | ||||
| 		newline := scanner.Text() | ||||
| 		list := strings.Split(newline, ":") | ||||
| 
 | ||||
| 		if len(list) > 1 && strings.EqualFold(strings.TrimSpace(list[0]), pattern) { | ||||
| 			return strings.TrimSpace(list[1]), nil | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	// Check whether the scanner encountered errors
 | ||||
| 	err = scanner.Err() | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 
 | ||||
| 	return "", fmt.Errorf("getCPUInfo for pattern %s: %w", pattern, errdefs.ErrNotFound) | ||||
| } | ||||
| 
 | ||||
| // getCPUVariantFromArch get CPU variant from arch through a system call
 | ||||
| func getCPUVariantFromArch(arch string) (string, error) { | ||||
| 
 | ||||
| 	var variant string | ||||
| 
 | ||||
| 	arch = strings.ToLower(arch) | ||||
| 
 | ||||
| 	if arch == "aarch64" { | ||||
| 		variant = "8" | ||||
| 	} else if arch[0:4] == "armv" && len(arch) >= 5 { | ||||
| 		//Valid arch format is in form of armvXx
 | ||||
| 		switch arch[3:5] { | ||||
| 		case "v8": | ||||
| 			variant = "8" | ||||
| 		case "v7": | ||||
| 			variant = "7" | ||||
| 		case "v6": | ||||
| 			variant = "6" | ||||
| 		case "v5": | ||||
| 			variant = "5" | ||||
| 		case "v4": | ||||
| 			variant = "4" | ||||
| 		case "v3": | ||||
| 			variant = "3" | ||||
| 		default: | ||||
| 			variant = "unknown" | ||||
| 		} | ||||
| 	} else { | ||||
| 		return "", fmt.Errorf("getCPUVariantFromArch invalid arch: %s, %w", arch, errdefs.ErrInvalidArgument) | ||||
| 	} | ||||
| 	return variant, nil | ||||
| } | ||||
| 
 | ||||
| // getCPUVariant returns cpu variant for ARM
 | ||||
| // We first try reading "Cpu architecture" field from /proc/cpuinfo
 | ||||
| // If we can't find it, then fall back using a system call
 | ||||
| // This is to cover running ARM in emulated environment on x86 host as this field in /proc/cpuinfo
 | ||||
| // was not present.
 | ||||
| func getCPUVariant() (string, error) { | ||||
| 
 | ||||
| 	variant, err := getCPUInfo("Cpu architecture") | ||||
| 	if err != nil { | ||||
| 		if errdefs.IsNotFound(err) { | ||||
| 			//Let's try getting CPU variant from machine architecture
 | ||||
| 			arch, err := getMachineArch() | ||||
| 			if err != nil { | ||||
| 				return "", fmt.Errorf("failure getting machine architecture: %v", err) | ||||
| 			} | ||||
| 
 | ||||
| 			variant, err = getCPUVariantFromArch(arch) | ||||
| 			if err != nil { | ||||
| 				return "", fmt.Errorf("failure getting CPU variant from machine architecture: %v", err) | ||||
| 			} | ||||
| 		} else { | ||||
| 			return "", fmt.Errorf("failure getting CPU variant: %v", err) | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	// handle edge case for Raspberry Pi ARMv6 devices (which due to a kernel quirk, report "CPU architecture: 7")
 | ||||
| 	// https://www.raspberrypi.org/forums/viewtopic.php?t=12614
 | ||||
| 	if runtime.GOARCH == "arm" && variant == "7" { | ||||
| 		model, err := getCPUInfo("model name") | ||||
| 		if err == nil && strings.HasPrefix(strings.ToLower(model), "armv6-compatible") { | ||||
| 			variant = "6" | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	switch strings.ToLower(variant) { | ||||
| 	case "8", "aarch64": | ||||
| 		variant = "v8" | ||||
| 	case "7", "7m", "?(12)", "?(13)", "?(14)", "?(15)", "?(16)", "?(17)": | ||||
| 		variant = "v7" | ||||
| 	case "6", "6tej": | ||||
| 		variant = "v6" | ||||
| 	case "5", "5t", "5te", "5tej": | ||||
| 		variant = "v5" | ||||
| 	case "4", "4t": | ||||
| 		variant = "v4" | ||||
| 	case "3": | ||||
| 		variant = "v3" | ||||
| 	default: | ||||
| 		variant = "unknown" | ||||
| 	} | ||||
| 
 | ||||
| 	return variant, nil | ||||
| } | ||||
| @ -0,0 +1,59 @@ | ||||
| //go:build !linux
 | ||||
| 
 | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package platforms | ||||
| 
 | ||||
| import ( | ||||
| 	"fmt" | ||||
| 	"runtime" | ||||
| 
 | ||||
| 	"github.com/containerd/containerd/errdefs" | ||||
| ) | ||||
| 
 | ||||
| func getCPUVariant() (string, error) { | ||||
| 
 | ||||
| 	var variant string | ||||
| 
 | ||||
| 	if runtime.GOOS == "windows" || runtime.GOOS == "darwin" { | ||||
| 		// Windows/Darwin only supports v7 for ARM32 and v8 for ARM64 and so we can use
 | ||||
| 		// runtime.GOARCH to determine the variants
 | ||||
| 		switch runtime.GOARCH { | ||||
| 		case "arm64": | ||||
| 			variant = "v8" | ||||
| 		case "arm": | ||||
| 			variant = "v7" | ||||
| 		default: | ||||
| 			variant = "unknown" | ||||
| 		} | ||||
| 	} else if runtime.GOOS == "freebsd" { | ||||
| 		// FreeBSD supports ARMv6 and ARMv7 as well as ARMv4 and ARMv5 (though deprecated)
 | ||||
| 		// detecting those variants is currently unimplemented
 | ||||
| 		switch runtime.GOARCH { | ||||
| 		case "arm64": | ||||
| 			variant = "v8" | ||||
| 		default: | ||||
| 			variant = "unknown" | ||||
| 		} | ||||
| 
 | ||||
| 	} else { | ||||
| 		return "", fmt.Errorf("getCPUVariant for OS %s: %v", runtime.GOOS, errdefs.ErrNotImplemented) | ||||
| 
 | ||||
| 	} | ||||
| 
 | ||||
| 	return variant, nil | ||||
| } | ||||
| @ -0,0 +1,43 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package platforms | ||||
| 
 | ||||
| import ( | ||||
| 	"runtime" | ||||
| 
 | ||||
| 	specs "github.com/opencontainers/image-spec/specs-go/v1" | ||||
| ) | ||||
| 
 | ||||
| // DefaultSpec returns the current platform's default platform specification.
 | ||||
| func DefaultSpec() specs.Platform { | ||||
| 	return specs.Platform{ | ||||
| 		OS:           runtime.GOOS, | ||||
| 		Architecture: runtime.GOARCH, | ||||
| 		// The Variant field will be empty if arch != ARM.
 | ||||
| 		Variant: cpuVariant(), | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| // Default returns the default matcher for the platform.
 | ||||
| func Default() MatchComparer { | ||||
| 	return Ordered(DefaultSpec(), specs.Platform{ | ||||
| 		OS:           "linux", | ||||
| 		Architecture: runtime.GOARCH, | ||||
| 		// The Variant field will be empty if arch != ARM.
 | ||||
| 		Variant: cpuVariant(), | ||||
| 	}) | ||||
| } | ||||
| @ -0,0 +1,30 @@ | ||||
| //go:build !windows
 | ||||
| 
 | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package platforms | ||||
| 
 | ||||
| import ( | ||||
| 	specs "github.com/opencontainers/image-spec/specs-go/v1" | ||||
| ) | ||||
| 
 | ||||
| // NewMatcher returns the default Matcher for containerd
 | ||||
| func newDefaultMatcher(platform specs.Platform) Matcher { | ||||
| 	return &matcher{ | ||||
| 		Platform: Normalize(platform), | ||||
| 	} | ||||
| } | ||||
| @ -0,0 +1,34 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package platforms | ||||
| 
 | ||||
| import ( | ||||
| 	specs "github.com/opencontainers/image-spec/specs-go/v1" | ||||
| ) | ||||
| 
 | ||||
| // NewMatcher returns a Windows matcher that will match on osVersionPrefix if
 | ||||
| // the platform is Windows otherwise use the default matcher
 | ||||
| func newDefaultMatcher(platform specs.Platform) Matcher { | ||||
| 	prefix := prefix(platform.OSVersion) | ||||
| 	return windowsmatcher{ | ||||
| 		Platform:        platform, | ||||
| 		osVersionPrefix: prefix, | ||||
| 		defaultMatcher: &matcher{ | ||||
| 			Platform: Normalize(platform), | ||||
| 		}, | ||||
| 	} | ||||
| } | ||||
| @ -0,0 +1,47 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package protobuf | ||||
| 
 | ||||
| import ( | ||||
| 	"github.com/containerd/typeurl" | ||||
| 	"google.golang.org/protobuf/types/known/anypb" | ||||
| ) | ||||
| 
 | ||||
| // FromAny converts typeurl.Any to github.com/containerd/containerd/protobuf/types.Any.
 | ||||
| func FromAny(from typeurl.Any) *anypb.Any { | ||||
| 	if from == nil { | ||||
| 		return nil | ||||
| 	} | ||||
| 
 | ||||
| 	if pbany, ok := from.(*anypb.Any); ok { | ||||
| 		return pbany | ||||
| 	} | ||||
| 
 | ||||
| 	return &anypb.Any{ | ||||
| 		TypeUrl: from.GetTypeUrl(), | ||||
| 		Value:   from.GetValue(), | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| // FromAny converts an arbitrary interface to github.com/containerd/containerd/protobuf/types.Any.
 | ||||
| func MarshalAnyToProto(from interface{}) (*anypb.Any, error) { | ||||
| 	any, err := typeurl.MarshalAny(from) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	return FromAny(any), nil | ||||
| } | ||||
| @ -0,0 +1,41 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package protobuf | ||||
| 
 | ||||
| import ( | ||||
| 	"github.com/google/go-cmp/cmp" | ||||
| 	"google.golang.org/protobuf/proto" | ||||
| ) | ||||
| 
 | ||||
| var Compare = cmp.FilterValues( | ||||
| 	func(x, y interface{}) bool { | ||||
| 		_, xok := x.(proto.Message) | ||||
| 		_, yok := y.(proto.Message) | ||||
| 		return xok && yok | ||||
| 	}, | ||||
| 	cmp.Comparer(func(x, y interface{}) bool { | ||||
| 		vx, ok := x.(proto.Message) | ||||
| 		if !ok { | ||||
| 			return false | ||||
| 		} | ||||
| 		vy, ok := y.(proto.Message) | ||||
| 		if !ok { | ||||
| 			return false | ||||
| 		} | ||||
| 		return proto.Equal(vx, vy) | ||||
| 	}), | ||||
| ) | ||||
| @ -0,0 +1,36 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package protobuf | ||||
| 
 | ||||
| import ( | ||||
| 	"time" | ||||
| 
 | ||||
| 	"google.golang.org/protobuf/types/known/timestamppb" | ||||
| ) | ||||
| 
 | ||||
| // Once we migrate off from gogo/protobuf, we can use the function below, which don't return any errors.
 | ||||
| // https://github.com/protocolbuffers/protobuf-go/blob/v1.28.0/types/known/timestamppb/timestamp.pb.go#L200-L208
 | ||||
| 
 | ||||
| // ToTimestamp creates protobuf's Timestamp from time.Time.
 | ||||
| func ToTimestamp(from time.Time) *timestamppb.Timestamp { | ||||
| 	return timestamppb.New(from) | ||||
| } | ||||
| 
 | ||||
| // FromTimestamp creates time.Time from protobuf's Timestamp.
 | ||||
| func FromTimestamp(from *timestamppb.Timestamp) time.Time { | ||||
| 	return from.AsTime() | ||||
| } | ||||
| @ -0,0 +1,28 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| // Package types provides convinient aliases that make google.golang.org/protobuf migration easier.
 | ||||
| package types | ||||
| 
 | ||||
| import ( | ||||
| 	"google.golang.org/genproto/protobuf/field_mask" | ||||
| 	"google.golang.org/protobuf/types/known/anypb" | ||||
| 	"google.golang.org/protobuf/types/known/emptypb" | ||||
| ) | ||||
| 
 | ||||
| type Empty = emptypb.Empty | ||||
| type Any = anypb.Any | ||||
| type FieldMask = field_mask.FieldMask | ||||
| @ -0,0 +1,58 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package docker | ||||
| 
 | ||||
| import "path" | ||||
| 
 | ||||
| // IsNameOnly returns true if reference only contains a repo name.
 | ||||
| func IsNameOnly(ref Named) bool { | ||||
| 	if _, ok := ref.(NamedTagged); ok { | ||||
| 		return false | ||||
| 	} | ||||
| 	if _, ok := ref.(Canonical); ok { | ||||
| 		return false | ||||
| 	} | ||||
| 	return true | ||||
| } | ||||
| 
 | ||||
| // FamiliarName returns the familiar name string
 | ||||
| // for the given named, familiarizing if needed.
 | ||||
| func FamiliarName(ref Named) string { | ||||
| 	if nn, ok := ref.(normalizedNamed); ok { | ||||
| 		return nn.Familiar().Name() | ||||
| 	} | ||||
| 	return ref.Name() | ||||
| } | ||||
| 
 | ||||
| // FamiliarString returns the familiar string representation
 | ||||
| // for the given reference, familiarizing if needed.
 | ||||
| func FamiliarString(ref Reference) string { | ||||
| 	if nn, ok := ref.(normalizedNamed); ok { | ||||
| 		return nn.Familiar().String() | ||||
| 	} | ||||
| 	return ref.String() | ||||
| } | ||||
| 
 | ||||
| // FamiliarMatch reports whether ref matches the specified pattern.
 | ||||
| // See https://godoc.org/path#Match for supported patterns.
 | ||||
| func FamiliarMatch(pattern string, ref Reference) (bool, error) { | ||||
| 	matched, err := path.Match(pattern, FamiliarString(ref)) | ||||
| 	if namedRef, isNamed := ref.(Named); isNamed && !matched { | ||||
| 		matched, _ = path.Match(pattern, FamiliarName(namedRef)) | ||||
| 	} | ||||
| 	return matched, err | ||||
| } | ||||
| @ -0,0 +1,196 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package docker | ||||
| 
 | ||||
| import ( | ||||
| 	"fmt" | ||||
| 	"strings" | ||||
| 
 | ||||
| 	"github.com/opencontainers/go-digest" | ||||
| ) | ||||
| 
 | ||||
| var ( | ||||
| 	legacyDefaultDomain = "index.docker.io" | ||||
| 	defaultDomain       = "docker.io" | ||||
| 	officialRepoName    = "library" | ||||
| 	defaultTag          = "latest" | ||||
| ) | ||||
| 
 | ||||
| // normalizedNamed represents a name which has been
 | ||||
| // normalized and has a familiar form. A familiar name
 | ||||
| // is what is used in Docker UI. An example normalized
 | ||||
| // name is "docker.io/library/ubuntu" and corresponding
 | ||||
| // familiar name of "ubuntu".
 | ||||
| type normalizedNamed interface { | ||||
| 	Named | ||||
| 	Familiar() Named | ||||
| } | ||||
| 
 | ||||
| // ParseNormalizedNamed parses a string into a named reference
 | ||||
| // transforming a familiar name from Docker UI to a fully
 | ||||
| // qualified reference. If the value may be an identifier
 | ||||
| // use ParseAnyReference.
 | ||||
| func ParseNormalizedNamed(s string) (Named, error) { | ||||
| 	if ok := anchoredIdentifierRegexp.MatchString(s); ok { | ||||
| 		return nil, fmt.Errorf("invalid repository name (%s), cannot specify 64-byte hexadecimal strings", s) | ||||
| 	} | ||||
| 	domain, remainder := splitDockerDomain(s) | ||||
| 	var remoteName string | ||||
| 	if tagSep := strings.IndexRune(remainder, ':'); tagSep > -1 { | ||||
| 		remoteName = remainder[:tagSep] | ||||
| 	} else { | ||||
| 		remoteName = remainder | ||||
| 	} | ||||
| 	if strings.ToLower(remoteName) != remoteName { | ||||
| 		return nil, fmt.Errorf("invalid reference format: repository name (%s) must be lowercase", remoteName) | ||||
| 	} | ||||
| 
 | ||||
| 	ref, err := Parse(domain + "/" + remainder) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	named, isNamed := ref.(Named) | ||||
| 	if !isNamed { | ||||
| 		return nil, fmt.Errorf("reference %s has no name", ref.String()) | ||||
| 	} | ||||
| 	return named, nil | ||||
| } | ||||
| 
 | ||||
| // ParseDockerRef normalizes the image reference following the docker convention. This is added
 | ||||
| // mainly for backward compatibility.
 | ||||
| // The reference returned can only be either tagged or digested. For reference contains both tag
 | ||||
| // and digest, the function returns digested reference, e.g. docker.io/library/busybox:latest@
 | ||||
| // sha256:7cc4b5aefd1d0cadf8d97d4350462ba51c694ebca145b08d7d41b41acc8db5aa will be returned as
 | ||||
| // docker.io/library/busybox@sha256:7cc4b5aefd1d0cadf8d97d4350462ba51c694ebca145b08d7d41b41acc8db5aa.
 | ||||
| func ParseDockerRef(ref string) (Named, error) { | ||||
| 	named, err := ParseNormalizedNamed(ref) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	if _, ok := named.(NamedTagged); ok { | ||||
| 		if canonical, ok := named.(Canonical); ok { | ||||
| 			// The reference is both tagged and digested, only
 | ||||
| 			// return digested.
 | ||||
| 			newNamed, err := WithName(canonical.Name()) | ||||
| 			if err != nil { | ||||
| 				return nil, err | ||||
| 			} | ||||
| 			newCanonical, err := WithDigest(newNamed, canonical.Digest()) | ||||
| 			if err != nil { | ||||
| 				return nil, err | ||||
| 			} | ||||
| 			return newCanonical, nil | ||||
| 		} | ||||
| 	} | ||||
| 	return TagNameOnly(named), nil | ||||
| } | ||||
| 
 | ||||
| // splitDockerDomain splits a repository name to domain and remotename string.
 | ||||
| // If no valid domain is found, the default domain is used. Repository name
 | ||||
| // needs to be already validated before.
 | ||||
| func splitDockerDomain(name string) (domain, remainder string) { | ||||
| 	i := strings.IndexRune(name, '/') | ||||
| 	if i == -1 || (!strings.ContainsAny(name[:i], ".:") && name[:i] != "localhost" && strings.ToLower(name[:i]) == name[:i]) { | ||||
| 		domain, remainder = defaultDomain, name | ||||
| 	} else { | ||||
| 		domain, remainder = name[:i], name[i+1:] | ||||
| 	} | ||||
| 	if domain == legacyDefaultDomain { | ||||
| 		domain = defaultDomain | ||||
| 	} | ||||
| 	if domain == defaultDomain && !strings.ContainsRune(remainder, '/') { | ||||
| 		remainder = officialRepoName + "/" + remainder | ||||
| 	} | ||||
| 	return | ||||
| } | ||||
| 
 | ||||
| // familiarizeName returns a shortened version of the name familiar
 | ||||
| // to the Docker UI. Familiar names have the default domain
 | ||||
| // "docker.io" and "library/" repository prefix removed.
 | ||||
| // For example, "docker.io/library/redis" will have the familiar
 | ||||
| // name "redis" and "docker.io/dmcgowan/myapp" will be "dmcgowan/myapp".
 | ||||
| // Returns a familiarized named only reference.
 | ||||
| func familiarizeName(named namedRepository) repository { | ||||
| 	repo := repository{ | ||||
| 		domain: named.Domain(), | ||||
| 		path:   named.Path(), | ||||
| 	} | ||||
| 
 | ||||
| 	if repo.domain == defaultDomain { | ||||
| 		repo.domain = "" | ||||
| 		// Handle official repositories which have the pattern "library/<official repo name>"
 | ||||
| 		if split := strings.Split(repo.path, "/"); len(split) == 2 && split[0] == officialRepoName { | ||||
| 			repo.path = split[1] | ||||
| 		} | ||||
| 	} | ||||
| 	return repo | ||||
| } | ||||
| 
 | ||||
| func (r reference) Familiar() Named { | ||||
| 	return reference{ | ||||
| 		namedRepository: familiarizeName(r.namedRepository), | ||||
| 		tag:             r.tag, | ||||
| 		digest:          r.digest, | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| func (r repository) Familiar() Named { | ||||
| 	return familiarizeName(r) | ||||
| } | ||||
| 
 | ||||
| func (t taggedReference) Familiar() Named { | ||||
| 	return taggedReference{ | ||||
| 		namedRepository: familiarizeName(t.namedRepository), | ||||
| 		tag:             t.tag, | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| func (c canonicalReference) Familiar() Named { | ||||
| 	return canonicalReference{ | ||||
| 		namedRepository: familiarizeName(c.namedRepository), | ||||
| 		digest:          c.digest, | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| // TagNameOnly adds the default tag "latest" to a reference if it only has
 | ||||
| // a repo name.
 | ||||
| func TagNameOnly(ref Named) Named { | ||||
| 	if IsNameOnly(ref) { | ||||
| 		namedTagged, err := WithTag(ref, defaultTag) | ||||
| 		if err != nil { | ||||
| 			// Default tag must be valid, to create a NamedTagged
 | ||||
| 			// type with non-validated input the WithTag function
 | ||||
| 			// should be used instead
 | ||||
| 			panic(err) | ||||
| 		} | ||||
| 		return namedTagged | ||||
| 	} | ||||
| 	return ref | ||||
| } | ||||
| 
 | ||||
| // ParseAnyReference parses a reference string as a possible identifier,
 | ||||
| // full digest, or familiar name.
 | ||||
| func ParseAnyReference(ref string) (Reference, error) { | ||||
| 	if ok := anchoredIdentifierRegexp.MatchString(ref); ok { | ||||
| 		return digestReference("sha256:" + ref), nil | ||||
| 	} | ||||
| 	if dgst, err := digest.Parse(ref); err == nil { | ||||
| 		return digestReference(dgst), nil | ||||
| 	} | ||||
| 
 | ||||
| 	return ParseNormalizedNamed(ref) | ||||
| } | ||||
| @ -0,0 +1,453 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| // Package docker provides a general type to represent any way of referencing images within the registry.
 | ||||
| // Its main purpose is to abstract tags and digests (content-addressable hash).
 | ||||
| //
 | ||||
| // Grammar
 | ||||
| //
 | ||||
| //	reference                       := name [ ":" tag ] [ "@" digest ]
 | ||||
| //	name                            := [domain '/'] path-component ['/' path-component]*
 | ||||
| //	domain                          := host [':' port-number]
 | ||||
| //	host                            := domain-name | IPv4address | \[ IPv6address \]	; rfc3986 appendix-A
 | ||||
| //	domain-name                     := domain-component ['.' domain-component]*
 | ||||
| //	domain-component                := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/
 | ||||
| //	port-number                     := /[0-9]+/
 | ||||
| //	path-component                  := alpha-numeric [separator alpha-numeric]*
 | ||||
| //	alpha-numeric                   := /[a-z0-9]+/
 | ||||
| //	separator                       := /[_.]|__|[-]*/
 | ||||
| //
 | ||||
| //	tag                             := /[\w][\w.-]{0,127}/
 | ||||
| //
 | ||||
| //	digest                          := digest-algorithm ":" digest-hex
 | ||||
| //	digest-algorithm                := digest-algorithm-component [ digest-algorithm-separator digest-algorithm-component ]*
 | ||||
| //	digest-algorithm-separator      := /[+.-_]/
 | ||||
| //	digest-algorithm-component      := /[A-Za-z][A-Za-z0-9]*/
 | ||||
| //	digest-hex                      := /[0-9a-fA-F]{32,}/ ; At least 128 bit digest value
 | ||||
| //
 | ||||
| //	identifier                      := /[a-f0-9]{64}/
 | ||||
| //	short-identifier                := /[a-f0-9]{6,64}/
 | ||||
| package docker | ||||
| 
 | ||||
| import ( | ||||
| 	"errors" | ||||
| 	"fmt" | ||||
| 	"strings" | ||||
| 
 | ||||
| 	"github.com/opencontainers/go-digest" | ||||
| ) | ||||
| 
 | ||||
| const ( | ||||
| 	// NameTotalLengthMax is the maximum total number of characters in a repository name.
 | ||||
| 	NameTotalLengthMax = 255 | ||||
| ) | ||||
| 
 | ||||
| var ( | ||||
| 	// ErrReferenceInvalidFormat represents an error while trying to parse a string as a reference.
 | ||||
| 	ErrReferenceInvalidFormat = errors.New("invalid reference format") | ||||
| 
 | ||||
| 	// ErrTagInvalidFormat represents an error while trying to parse a string as a tag.
 | ||||
| 	ErrTagInvalidFormat = errors.New("invalid tag format") | ||||
| 
 | ||||
| 	// ErrDigestInvalidFormat represents an error while trying to parse a string as a tag.
 | ||||
| 	ErrDigestInvalidFormat = errors.New("invalid digest format") | ||||
| 
 | ||||
| 	// ErrNameContainsUppercase is returned for invalid repository names that contain uppercase characters.
 | ||||
| 	ErrNameContainsUppercase = errors.New("repository name must be lowercase") | ||||
| 
 | ||||
| 	// ErrNameEmpty is returned for empty, invalid repository names.
 | ||||
| 	ErrNameEmpty = errors.New("repository name must have at least one component") | ||||
| 
 | ||||
| 	// ErrNameTooLong is returned when a repository name is longer than NameTotalLengthMax.
 | ||||
| 	ErrNameTooLong = fmt.Errorf("repository name must not be more than %v characters", NameTotalLengthMax) | ||||
| 
 | ||||
| 	// ErrNameNotCanonical is returned when a name is not canonical.
 | ||||
| 	ErrNameNotCanonical = errors.New("repository name must be canonical") | ||||
| ) | ||||
| 
 | ||||
| // Reference is an opaque object reference identifier that may include
 | ||||
| // modifiers such as a hostname, name, tag, and digest.
 | ||||
| type Reference interface { | ||||
| 	// String returns the full reference
 | ||||
| 	String() string | ||||
| } | ||||
| 
 | ||||
| // Field provides a wrapper type for resolving correct reference types when
 | ||||
| // working with encoding.
 | ||||
| type Field struct { | ||||
| 	reference Reference | ||||
| } | ||||
| 
 | ||||
| // AsField wraps a reference in a Field for encoding.
 | ||||
| func AsField(reference Reference) Field { | ||||
| 	return Field{reference} | ||||
| } | ||||
| 
 | ||||
| // Reference unwraps the reference type from the field to
 | ||||
| // return the Reference object. This object should be
 | ||||
| // of the appropriate type to further check for different
 | ||||
| // reference types.
 | ||||
| func (f Field) Reference() Reference { | ||||
| 	return f.reference | ||||
| } | ||||
| 
 | ||||
| // MarshalText serializes the field to byte text which
 | ||||
| // is the string of the reference.
 | ||||
| func (f Field) MarshalText() (p []byte, err error) { | ||||
| 	return []byte(f.reference.String()), nil | ||||
| } | ||||
| 
 | ||||
| // UnmarshalText parses text bytes by invoking the
 | ||||
| // reference parser to ensure the appropriately
 | ||||
| // typed reference object is wrapped by field.
 | ||||
| func (f *Field) UnmarshalText(p []byte) error { | ||||
| 	r, err := Parse(string(p)) | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 
 | ||||
| 	f.reference = r | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
| // Named is an object with a full name
 | ||||
| type Named interface { | ||||
| 	Reference | ||||
| 	Name() string | ||||
| } | ||||
| 
 | ||||
| // Tagged is an object which has a tag
 | ||||
| type Tagged interface { | ||||
| 	Reference | ||||
| 	Tag() string | ||||
| } | ||||
| 
 | ||||
| // NamedTagged is an object including a name and tag.
 | ||||
| type NamedTagged interface { | ||||
| 	Named | ||||
| 	Tag() string | ||||
| } | ||||
| 
 | ||||
| // Digested is an object which has a digest
 | ||||
| // in which it can be referenced by
 | ||||
| type Digested interface { | ||||
| 	Reference | ||||
| 	Digest() digest.Digest | ||||
| } | ||||
| 
 | ||||
| // Canonical reference is an object with a fully unique
 | ||||
| // name including a name with domain and digest
 | ||||
| type Canonical interface { | ||||
| 	Named | ||||
| 	Digest() digest.Digest | ||||
| } | ||||
| 
 | ||||
| // namedRepository is a reference to a repository with a name.
 | ||||
| // A namedRepository has both domain and path components.
 | ||||
| type namedRepository interface { | ||||
| 	Named | ||||
| 	Domain() string | ||||
| 	Path() string | ||||
| } | ||||
| 
 | ||||
| // Domain returns the domain part of the Named reference
 | ||||
| func Domain(named Named) string { | ||||
| 	if r, ok := named.(namedRepository); ok { | ||||
| 		return r.Domain() | ||||
| 	} | ||||
| 	domain, _ := splitDomain(named.Name()) | ||||
| 	return domain | ||||
| } | ||||
| 
 | ||||
| // Path returns the name without the domain part of the Named reference
 | ||||
| func Path(named Named) (name string) { | ||||
| 	if r, ok := named.(namedRepository); ok { | ||||
| 		return r.Path() | ||||
| 	} | ||||
| 	_, path := splitDomain(named.Name()) | ||||
| 	return path | ||||
| } | ||||
| 
 | ||||
| func splitDomain(name string) (string, string) { | ||||
| 	match := anchoredNameRegexp.FindStringSubmatch(name) | ||||
| 	if len(match) != 3 { | ||||
| 		return "", name | ||||
| 	} | ||||
| 	return match[1], match[2] | ||||
| } | ||||
| 
 | ||||
| // SplitHostname splits a named reference into a
 | ||||
| // hostname and name string. If no valid hostname is
 | ||||
| // found, the hostname is empty and the full value
 | ||||
| // is returned as name
 | ||||
| // DEPRECATED: Use Domain or Path
 | ||||
| func SplitHostname(named Named) (string, string) { | ||||
| 	if r, ok := named.(namedRepository); ok { | ||||
| 		return r.Domain(), r.Path() | ||||
| 	} | ||||
| 	return splitDomain(named.Name()) | ||||
| } | ||||
| 
 | ||||
| // Parse parses s and returns a syntactically valid Reference.
 | ||||
| // If an error was encountered it is returned, along with a nil Reference.
 | ||||
| // NOTE: Parse will not handle short digests.
 | ||||
| func Parse(s string) (Reference, error) { | ||||
| 	matches := ReferenceRegexp.FindStringSubmatch(s) | ||||
| 	if matches == nil { | ||||
| 		if s == "" { | ||||
| 			return nil, ErrNameEmpty | ||||
| 		} | ||||
| 		if ReferenceRegexp.FindStringSubmatch(strings.ToLower(s)) != nil { | ||||
| 			return nil, ErrNameContainsUppercase | ||||
| 		} | ||||
| 		return nil, ErrReferenceInvalidFormat | ||||
| 	} | ||||
| 
 | ||||
| 	if len(matches[1]) > NameTotalLengthMax { | ||||
| 		return nil, ErrNameTooLong | ||||
| 	} | ||||
| 
 | ||||
| 	var repo repository | ||||
| 
 | ||||
| 	nameMatch := anchoredNameRegexp.FindStringSubmatch(matches[1]) | ||||
| 	if len(nameMatch) == 3 { | ||||
| 		repo.domain = nameMatch[1] | ||||
| 		repo.path = nameMatch[2] | ||||
| 	} else { | ||||
| 		repo.domain = "" | ||||
| 		repo.path = matches[1] | ||||
| 	} | ||||
| 
 | ||||
| 	ref := reference{ | ||||
| 		namedRepository: repo, | ||||
| 		tag:             matches[2], | ||||
| 	} | ||||
| 	if matches[3] != "" { | ||||
| 		var err error | ||||
| 		ref.digest, err = digest.Parse(matches[3]) | ||||
| 		if err != nil { | ||||
| 			return nil, err | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	r := getBestReferenceType(ref) | ||||
| 	if r == nil { | ||||
| 		return nil, ErrNameEmpty | ||||
| 	} | ||||
| 
 | ||||
| 	return r, nil | ||||
| } | ||||
| 
 | ||||
| // ParseNamed parses s and returns a syntactically valid reference implementing
 | ||||
| // the Named interface. The reference must have a name and be in the canonical
 | ||||
| // form, otherwise an error is returned.
 | ||||
| // If an error was encountered it is returned, along with a nil Reference.
 | ||||
| // NOTE: ParseNamed will not handle short digests.
 | ||||
| func ParseNamed(s string) (Named, error) { | ||||
| 	named, err := ParseNormalizedNamed(s) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	if named.String() != s { | ||||
| 		return nil, ErrNameNotCanonical | ||||
| 	} | ||||
| 	return named, nil | ||||
| } | ||||
| 
 | ||||
| // WithName returns a named object representing the given string. If the input
 | ||||
| // is invalid ErrReferenceInvalidFormat will be returned.
 | ||||
| func WithName(name string) (Named, error) { | ||||
| 	if len(name) > NameTotalLengthMax { | ||||
| 		return nil, ErrNameTooLong | ||||
| 	} | ||||
| 
 | ||||
| 	match := anchoredNameRegexp.FindStringSubmatch(name) | ||||
| 	if match == nil || len(match) != 3 { | ||||
| 		return nil, ErrReferenceInvalidFormat | ||||
| 	} | ||||
| 	return repository{ | ||||
| 		domain: match[1], | ||||
| 		path:   match[2], | ||||
| 	}, nil | ||||
| } | ||||
| 
 | ||||
| // WithTag combines the name from "name" and the tag from "tag" to form a
 | ||||
| // reference incorporating both the name and the tag.
 | ||||
| func WithTag(name Named, tag string) (NamedTagged, error) { | ||||
| 	if !anchoredTagRegexp.MatchString(tag) { | ||||
| 		return nil, ErrTagInvalidFormat | ||||
| 	} | ||||
| 	var repo repository | ||||
| 	if r, ok := name.(namedRepository); ok { | ||||
| 		repo.domain = r.Domain() | ||||
| 		repo.path = r.Path() | ||||
| 	} else { | ||||
| 		repo.path = name.Name() | ||||
| 	} | ||||
| 	if canonical, ok := name.(Canonical); ok { | ||||
| 		return reference{ | ||||
| 			namedRepository: repo, | ||||
| 			tag:             tag, | ||||
| 			digest:          canonical.Digest(), | ||||
| 		}, nil | ||||
| 	} | ||||
| 	return taggedReference{ | ||||
| 		namedRepository: repo, | ||||
| 		tag:             tag, | ||||
| 	}, nil | ||||
| } | ||||
| 
 | ||||
| // WithDigest combines the name from "name" and the digest from "digest" to form
 | ||||
| // a reference incorporating both the name and the digest.
 | ||||
| func WithDigest(name Named, digest digest.Digest) (Canonical, error) { | ||||
| 	if !anchoredDigestRegexp.MatchString(digest.String()) { | ||||
| 		return nil, ErrDigestInvalidFormat | ||||
| 	} | ||||
| 	var repo repository | ||||
| 	if r, ok := name.(namedRepository); ok { | ||||
| 		repo.domain = r.Domain() | ||||
| 		repo.path = r.Path() | ||||
| 	} else { | ||||
| 		repo.path = name.Name() | ||||
| 	} | ||||
| 	if tagged, ok := name.(Tagged); ok { | ||||
| 		return reference{ | ||||
| 			namedRepository: repo, | ||||
| 			tag:             tagged.Tag(), | ||||
| 			digest:          digest, | ||||
| 		}, nil | ||||
| 	} | ||||
| 	return canonicalReference{ | ||||
| 		namedRepository: repo, | ||||
| 		digest:          digest, | ||||
| 	}, nil | ||||
| } | ||||
| 
 | ||||
| // TrimNamed removes any tag or digest from the named reference.
 | ||||
| func TrimNamed(ref Named) Named { | ||||
| 	repo := repository{} | ||||
| 	if r, ok := ref.(namedRepository); ok { | ||||
| 		repo.domain, repo.path = r.Domain(), r.Path() | ||||
| 	} else { | ||||
| 		repo.domain, repo.path = splitDomain(ref.Name()) | ||||
| 	} | ||||
| 	return repo | ||||
| } | ||||
| 
 | ||||
| func getBestReferenceType(ref reference) Reference { | ||||
| 	if ref.Name() == "" { | ||||
| 		// Allow digest only references
 | ||||
| 		if ref.digest != "" { | ||||
| 			return digestReference(ref.digest) | ||||
| 		} | ||||
| 		return nil | ||||
| 	} | ||||
| 	if ref.tag == "" { | ||||
| 		if ref.digest != "" { | ||||
| 			return canonicalReference{ | ||||
| 				namedRepository: ref.namedRepository, | ||||
| 				digest:          ref.digest, | ||||
| 			} | ||||
| 		} | ||||
| 		return ref.namedRepository | ||||
| 	} | ||||
| 	if ref.digest == "" { | ||||
| 		return taggedReference{ | ||||
| 			namedRepository: ref.namedRepository, | ||||
| 			tag:             ref.tag, | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	return ref | ||||
| } | ||||
| 
 | ||||
| type reference struct { | ||||
| 	namedRepository | ||||
| 	tag    string | ||||
| 	digest digest.Digest | ||||
| } | ||||
| 
 | ||||
| func (r reference) String() string { | ||||
| 	return r.Name() + ":" + r.tag + "@" + r.digest.String() | ||||
| } | ||||
| 
 | ||||
| func (r reference) Tag() string { | ||||
| 	return r.tag | ||||
| } | ||||
| 
 | ||||
| func (r reference) Digest() digest.Digest { | ||||
| 	return r.digest | ||||
| } | ||||
| 
 | ||||
| type repository struct { | ||||
| 	domain string | ||||
| 	path   string | ||||
| } | ||||
| 
 | ||||
| func (r repository) String() string { | ||||
| 	return r.Name() | ||||
| } | ||||
| 
 | ||||
| func (r repository) Name() string { | ||||
| 	if r.domain == "" { | ||||
| 		return r.path | ||||
| 	} | ||||
| 	return r.domain + "/" + r.path | ||||
| } | ||||
| 
 | ||||
| func (r repository) Domain() string { | ||||
| 	return r.domain | ||||
| } | ||||
| 
 | ||||
| func (r repository) Path() string { | ||||
| 	return r.path | ||||
| } | ||||
| 
 | ||||
| type digestReference digest.Digest | ||||
| 
 | ||||
| func (d digestReference) String() string { | ||||
| 	return digest.Digest(d).String() | ||||
| } | ||||
| 
 | ||||
| func (d digestReference) Digest() digest.Digest { | ||||
| 	return digest.Digest(d) | ||||
| } | ||||
| 
 | ||||
| type taggedReference struct { | ||||
| 	namedRepository | ||||
| 	tag string | ||||
| } | ||||
| 
 | ||||
| func (t taggedReference) String() string { | ||||
| 	return t.Name() + ":" + t.tag | ||||
| } | ||||
| 
 | ||||
| func (t taggedReference) Tag() string { | ||||
| 	return t.tag | ||||
| } | ||||
| 
 | ||||
| type canonicalReference struct { | ||||
| 	namedRepository | ||||
| 	digest digest.Digest | ||||
| } | ||||
| 
 | ||||
| func (c canonicalReference) String() string { | ||||
| 	return c.Name() + "@" + c.digest.String() | ||||
| } | ||||
| 
 | ||||
| func (c canonicalReference) Digest() digest.Digest { | ||||
| 	return c.digest | ||||
| } | ||||
| @ -0,0 +1,191 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package docker | ||||
| 
 | ||||
| import "regexp" | ||||
| 
 | ||||
| var ( | ||||
| 	// alphaNumeric defines the alpha numeric atom, typically a
 | ||||
| 	// component of names. This only allows lower case characters and digits.
 | ||||
| 	alphaNumeric = `[a-z0-9]+` | ||||
| 
 | ||||
| 	// separator defines the separators allowed to be embedded in name
 | ||||
| 	// components. This allow one period, one or two underscore and multiple
 | ||||
| 	// dashes. Repeated dashes and underscores are intentionally treated
 | ||||
| 	// differently. In order to support valid hostnames as name components,
 | ||||
| 	// supporting repeated dash was added. Additionally double underscore is
 | ||||
| 	// now allowed as a separator to loosen the restriction for previously
 | ||||
| 	// supported names.
 | ||||
| 	separator = `(?:[._]|__|[-]*)` | ||||
| 
 | ||||
| 	// nameComponent restricts registry path component names to start
 | ||||
| 	// with at least one letter or number, with following parts able to be
 | ||||
| 	// separated by one period, one or two underscore and multiple dashes.
 | ||||
| 	nameComponent = expression( | ||||
| 		alphaNumeric, | ||||
| 		optional(repeated(separator, alphaNumeric))) | ||||
| 
 | ||||
| 	// domainNameComponent restricts the registry domain component of a
 | ||||
| 	// repository name to start with a component as defined by DomainRegexp.
 | ||||
| 	domainNameComponent = `(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])` | ||||
| 
 | ||||
| 	// ipv6address are enclosed between square brackets and may be represented
 | ||||
| 	// in many ways, see rfc5952. Only IPv6 in compressed or uncompressed format
 | ||||
| 	// are allowed, IPv6 zone identifiers (rfc6874) or Special addresses such as
 | ||||
| 	// IPv4-Mapped are deliberately excluded.
 | ||||
| 	ipv6address = expression( | ||||
| 		literal(`[`), `(?:[a-fA-F0-9:]+)`, literal(`]`), | ||||
| 	) | ||||
| 
 | ||||
| 	// domainName defines the structure of potential domain components
 | ||||
| 	// that may be part of image names. This is purposely a subset of what is
 | ||||
| 	// allowed by DNS to ensure backwards compatibility with Docker image
 | ||||
| 	// names. This includes IPv4 addresses on decimal format.
 | ||||
| 	domainName = expression( | ||||
| 		domainNameComponent, | ||||
| 		optional(repeated(literal(`.`), domainNameComponent)), | ||||
| 	) | ||||
| 
 | ||||
| 	// host defines the structure of potential domains based on the URI
 | ||||
| 	// Host subcomponent on rfc3986. It may be a subset of DNS domain name,
 | ||||
| 	// or an IPv4 address in decimal format, or an IPv6 address between square
 | ||||
| 	// brackets (excluding zone identifiers as defined by rfc6874 or special
 | ||||
| 	// addresses such as IPv4-Mapped).
 | ||||
| 	host = `(?:` + domainName + `|` + ipv6address + `)` | ||||
| 
 | ||||
| 	// allowed by the URI Host subcomponent on rfc3986 to ensure backwards
 | ||||
| 	// compatibility with Docker image names.
 | ||||
| 	domain = expression( | ||||
| 		host, | ||||
| 		optional(literal(`:`), `[0-9]+`)) | ||||
| 
 | ||||
| 	// DomainRegexp defines the structure of potential domain components
 | ||||
| 	// that may be part of image names. This is purposely a subset of what is
 | ||||
| 	// allowed by DNS to ensure backwards compatibility with Docker image
 | ||||
| 	// names.
 | ||||
| 	DomainRegexp = regexp.MustCompile(domain) | ||||
| 
 | ||||
| 	tag = `[\w][\w.-]{0,127}` | ||||
| 	// TagRegexp matches valid tag names. From docker/docker:graph/tags.go.
 | ||||
| 	TagRegexp = regexp.MustCompile(tag) | ||||
| 
 | ||||
| 	anchoredTag = anchored(tag) | ||||
| 	// anchoredTagRegexp matches valid tag names, anchored at the start and
 | ||||
| 	// end of the matched string.
 | ||||
| 	anchoredTagRegexp = regexp.MustCompile(anchoredTag) | ||||
| 
 | ||||
| 	digestPat = `[A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}` | ||||
| 	// DigestRegexp matches valid digests.
 | ||||
| 	DigestRegexp = regexp.MustCompile(digestPat) | ||||
| 
 | ||||
| 	anchoredDigest = anchored(digestPat) | ||||
| 	// anchoredDigestRegexp matches valid digests, anchored at the start and
 | ||||
| 	// end of the matched string.
 | ||||
| 	anchoredDigestRegexp = regexp.MustCompile(anchoredDigest) | ||||
| 
 | ||||
| 	namePat = expression( | ||||
| 		optional(domain, literal(`/`)), | ||||
| 		nameComponent, | ||||
| 		optional(repeated(literal(`/`), nameComponent))) | ||||
| 	// NameRegexp is the format for the name component of references. The
 | ||||
| 	// regexp has capturing groups for the domain and name part omitting
 | ||||
| 	// the separating forward slash from either.
 | ||||
| 	NameRegexp = regexp.MustCompile(namePat) | ||||
| 
 | ||||
| 	anchoredName = anchored( | ||||
| 		optional(capture(domain), literal(`/`)), | ||||
| 		capture(nameComponent, | ||||
| 			optional(repeated(literal(`/`), nameComponent)))) | ||||
| 	// anchoredNameRegexp is used to parse a name value, capturing the
 | ||||
| 	// domain and trailing components.
 | ||||
| 	anchoredNameRegexp = regexp.MustCompile(anchoredName) | ||||
| 
 | ||||
| 	referencePat = anchored(capture(namePat), | ||||
| 		optional(literal(":"), capture(tag)), | ||||
| 		optional(literal("@"), capture(digestPat))) | ||||
| 	// ReferenceRegexp is the full supported format of a reference. The regexp
 | ||||
| 	// is anchored and has capturing groups for name, tag, and digest
 | ||||
| 	// components.
 | ||||
| 	ReferenceRegexp = regexp.MustCompile(referencePat) | ||||
| 
 | ||||
| 	identifier = `([a-f0-9]{64})` | ||||
| 	// IdentifierRegexp is the format for string identifier used as a
 | ||||
| 	// content addressable identifier using sha256. These identifiers
 | ||||
| 	// are like digests without the algorithm, since sha256 is used.
 | ||||
| 	IdentifierRegexp = regexp.MustCompile(identifier) | ||||
| 
 | ||||
| 	shortIdentifier = `([a-f0-9]{6,64})` | ||||
| 	// ShortIdentifierRegexp is the format used to represent a prefix
 | ||||
| 	// of an identifier. A prefix may be used to match a sha256 identifier
 | ||||
| 	// within a list of trusted identifiers.
 | ||||
| 	ShortIdentifierRegexp = regexp.MustCompile(shortIdentifier) | ||||
| 
 | ||||
| 	anchoredIdentifier = anchored(identifier) | ||||
| 	// anchoredIdentifierRegexp is used to check or match an
 | ||||
| 	// identifier value, anchored at start and end of string.
 | ||||
| 	anchoredIdentifierRegexp = regexp.MustCompile(anchoredIdentifier) | ||||
| ) | ||||
| 
 | ||||
| // literal compiles s into a literal regular expression, escaping any regexp
 | ||||
| // reserved characters.
 | ||||
| func literal(s string) string { | ||||
| 	re := regexp.MustCompile(regexp.QuoteMeta(s)) | ||||
| 
 | ||||
| 	if _, complete := re.LiteralPrefix(); !complete { | ||||
| 		panic("must be a literal") | ||||
| 	} | ||||
| 
 | ||||
| 	return re.String() | ||||
| } | ||||
| 
 | ||||
| // expression defines a full expression, where each regular expression must
 | ||||
| // follow the previous.
 | ||||
| func expression(res ...string) string { | ||||
| 	var s string | ||||
| 	for _, re := range res { | ||||
| 		s += re | ||||
| 	} | ||||
| 
 | ||||
| 	return s | ||||
| } | ||||
| 
 | ||||
| // optional wraps the expression in a non-capturing group and makes the
 | ||||
| // production optional.
 | ||||
| func optional(res ...string) string { | ||||
| 	return group(expression(res...)) + `?` | ||||
| } | ||||
| 
 | ||||
| // repeated wraps the regexp in a non-capturing group to get one or more
 | ||||
| // matches.
 | ||||
| func repeated(res ...string) string { | ||||
| 	return group(expression(res...)) + `+` | ||||
| } | ||||
| 
 | ||||
| // group wraps the regexp in a non-capturing group.
 | ||||
| func group(res ...string) string { | ||||
| 	return `(?:` + expression(res...) + `)` | ||||
| } | ||||
| 
 | ||||
| // capture wraps the expression in a capturing group.
 | ||||
| func capture(res ...string) string { | ||||
| 	return `(` + expression(res...) + `)` | ||||
| } | ||||
| 
 | ||||
| // anchored anchors the regular expression by adding start and end delimiters.
 | ||||
| func anchored(res ...string) string { | ||||
| 	return `^` + expression(res...) + `$` | ||||
| } | ||||
| @ -0,0 +1,73 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package docker | ||||
| 
 | ||||
| import ( | ||||
| 	"sort" | ||||
| ) | ||||
| 
 | ||||
| // Sort sorts string references preferring higher information references
 | ||||
| // The precedence is as follows:
 | ||||
| // 1. Name + Tag + Digest
 | ||||
| // 2. Name + Tag
 | ||||
| // 3. Name + Digest
 | ||||
| // 4. Name
 | ||||
| // 5. Digest
 | ||||
| // 6. Parse error
 | ||||
| func Sort(references []string) []string { | ||||
| 	var prefs []Reference | ||||
| 	var bad []string | ||||
| 
 | ||||
| 	for _, ref := range references { | ||||
| 		pref, err := ParseAnyReference(ref) | ||||
| 		if err != nil { | ||||
| 			bad = append(bad, ref) | ||||
| 		} else { | ||||
| 			prefs = append(prefs, pref) | ||||
| 		} | ||||
| 	} | ||||
| 	sort.Slice(prefs, func(a, b int) bool { | ||||
| 		ar := refRank(prefs[a]) | ||||
| 		br := refRank(prefs[b]) | ||||
| 		if ar == br { | ||||
| 			return prefs[a].String() < prefs[b].String() | ||||
| 		} | ||||
| 		return ar < br | ||||
| 	}) | ||||
| 	sort.Strings(bad) | ||||
| 	var refs []string | ||||
| 	for _, pref := range prefs { | ||||
| 		refs = append(refs, pref.String()) | ||||
| 	} | ||||
| 	return append(refs, bad...) | ||||
| } | ||||
| 
 | ||||
| func refRank(ref Reference) uint8 { | ||||
| 	if _, ok := ref.(Named); ok { | ||||
| 		if _, ok = ref.(Tagged); ok { | ||||
| 			if _, ok = ref.(Digested); ok { | ||||
| 				return 1 | ||||
| 			} | ||||
| 			return 2 | ||||
| 		} | ||||
| 		if _, ok = ref.(Digested); ok { | ||||
| 			return 3 | ||||
| 		} | ||||
| 		return 4 | ||||
| 	} | ||||
| 	return 5 | ||||
| } | ||||
| @ -0,0 +1,55 @@ | ||||
| //go:build gofuzz
 | ||||
| 
 | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package docker | ||||
| 
 | ||||
| import ( | ||||
| 	"context" | ||||
| 	"os" | ||||
| 
 | ||||
| 	fuzz "github.com/AdaLogics/go-fuzz-headers" | ||||
| 	"github.com/containerd/containerd/content/local" | ||||
| 	"github.com/containerd/containerd/log" | ||||
| 	ocispec "github.com/opencontainers/image-spec/specs-go/v1" | ||||
| 	"github.com/sirupsen/logrus" | ||||
| ) | ||||
| 
 | ||||
| func FuzzConvertManifest(data []byte) int { | ||||
| 	ctx := context.Background() | ||||
| 
 | ||||
| 	// Do not log the message below
 | ||||
| 	// level=warning msg="do nothing for media type: ..."
 | ||||
| 	log.G(ctx).Logger.SetLevel(logrus.PanicLevel) | ||||
| 
 | ||||
| 	f := fuzz.NewConsumer(data) | ||||
| 	desc := ocispec.Descriptor{} | ||||
| 	err := f.GenerateStruct(&desc) | ||||
| 	if err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 	tmpdir, err := os.MkdirTemp("", "fuzzing-") | ||||
| 	if err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 	cs, err := local.NewStore(tmpdir) | ||||
| 	if err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 	_, _ = ConvertManifest(ctx, cs, desc) | ||||
| 	return 1 | ||||
| } | ||||
| @ -0,0 +1,81 @@ | ||||
| //go:build gofuzz
 | ||||
| 
 | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package docker | ||||
| 
 | ||||
| import ( | ||||
| 	"context" | ||||
| 	"fmt" | ||||
| 	"io" | ||||
| 	"net/http" | ||||
| 	"net/http/httptest" | ||||
| 	"net/url" | ||||
| 
 | ||||
| 	refDocker "github.com/containerd/containerd/reference/docker" | ||||
| ) | ||||
| 
 | ||||
| func FuzzFetcher(data []byte) int { | ||||
| 	dataLen := len(data) | ||||
| 	if dataLen == 0 { | ||||
| 		return -1 | ||||
| 	} | ||||
| 
 | ||||
| 	s := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { | ||||
| 		rw.Header().Set("content-range", fmt.Sprintf("bytes %d-%d/%d", 0, dataLen-1, dataLen)) | ||||
| 		rw.Header().Set("content-length", fmt.Sprintf("%d", dataLen)) | ||||
| 		rw.Write(data) | ||||
| 	})) | ||||
| 	defer s.Close() | ||||
| 
 | ||||
| 	u, err := url.Parse(s.URL) | ||||
| 	if err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 
 | ||||
| 	f := dockerFetcher{&dockerBase{ | ||||
| 		repository: "nonempty", | ||||
| 	}} | ||||
| 	host := RegistryHost{ | ||||
| 		Client: s.Client(), | ||||
| 		Host:   u.Host, | ||||
| 		Scheme: u.Scheme, | ||||
| 		Path:   u.Path, | ||||
| 	} | ||||
| 
 | ||||
| 	ctx := context.Background() | ||||
| 	req := f.request(host, http.MethodGet) | ||||
| 	rc, err := f.open(ctx, req, "", 0) | ||||
| 	if err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 	b, err := io.ReadAll(rc) | ||||
| 	if err != nil { | ||||
| 		return 0 | ||||
| 	} | ||||
| 
 | ||||
| 	expected := data | ||||
| 	if len(b) != len(expected) { | ||||
| 		panic("len of request is not equal to len of expected but should be") | ||||
| 	} | ||||
| 	return 1 | ||||
| } | ||||
| 
 | ||||
| func FuzzParseDockerRef(data []byte) int { | ||||
| 	_, _ = refDocker.ParseDockerRef(string(data)) | ||||
| 	return 1 | ||||
| } | ||||
								
									
										
											
										
									
									
										
											101
										
									
									vendor/github.com/containerd/containerd/services/content/contentserver/contentserver.go
									
										generated
									
									
										vendored
									
								
								
							
							
										
											101
										
									
									vendor/github.com/containerd/containerd/services/content/contentserver/contentserver.go
									
										generated
									
									
										vendored
									
								| @ -0,0 +1,94 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package tracing | ||||
| 
 | ||||
| import ( | ||||
| 	"encoding/json" | ||||
| 	"fmt" | ||||
| 	"strings" | ||||
| 
 | ||||
| 	"go.opentelemetry.io/otel/attribute" | ||||
| ) | ||||
| 
 | ||||
| const ( | ||||
| 	spanDelimiter = "." | ||||
| ) | ||||
| 
 | ||||
| func makeSpanName(names ...string) string { | ||||
| 	return strings.Join(names, spanDelimiter) | ||||
| } | ||||
| 
 | ||||
| func any(k string, v interface{}) attribute.KeyValue { | ||||
| 	if v == nil { | ||||
| 		return attribute.String(k, "<nil>") | ||||
| 	} | ||||
| 
 | ||||
| 	switch typed := v.(type) { | ||||
| 	case bool: | ||||
| 		return attribute.Bool(k, typed) | ||||
| 	case []bool: | ||||
| 		return attribute.BoolSlice(k, typed) | ||||
| 	case int: | ||||
| 		return attribute.Int(k, typed) | ||||
| 	case []int: | ||||
| 		return attribute.IntSlice(k, typed) | ||||
| 	case int8: | ||||
| 		return attribute.Int(k, int(typed)) | ||||
| 	case []int8: | ||||
| 		ls := make([]int, 0, len(typed)) | ||||
| 		for _, i := range typed { | ||||
| 			ls = append(ls, int(i)) | ||||
| 		} | ||||
| 		return attribute.IntSlice(k, ls) | ||||
| 	case int16: | ||||
| 		return attribute.Int(k, int(typed)) | ||||
| 	case []int16: | ||||
| 		ls := make([]int, 0, len(typed)) | ||||
| 		for _, i := range typed { | ||||
| 			ls = append(ls, int(i)) | ||||
| 		} | ||||
| 		return attribute.IntSlice(k, ls) | ||||
| 	case int32: | ||||
| 		return attribute.Int64(k, int64(typed)) | ||||
| 	case []int32: | ||||
| 		ls := make([]int64, 0, len(typed)) | ||||
| 		for _, i := range typed { | ||||
| 			ls = append(ls, int64(i)) | ||||
| 		} | ||||
| 		return attribute.Int64Slice(k, ls) | ||||
| 	case int64: | ||||
| 		return attribute.Int64(k, typed) | ||||
| 	case []int64: | ||||
| 		return attribute.Int64Slice(k, typed) | ||||
| 	case float64: | ||||
| 		return attribute.Float64(k, typed) | ||||
| 	case []float64: | ||||
| 		return attribute.Float64Slice(k, typed) | ||||
| 	case string: | ||||
| 		return attribute.String(k, typed) | ||||
| 	case []string: | ||||
| 		return attribute.StringSlice(k, typed) | ||||
| 	} | ||||
| 
 | ||||
| 	if stringer, ok := v.(fmt.Stringer); ok { | ||||
| 		return attribute.String(k, stringer.String()) | ||||
| 	} | ||||
| 	if b, err := json.Marshal(v); b != nil && err == nil { | ||||
| 		return attribute.String(k, string(b)) | ||||
| 	} | ||||
| 	return attribute.String(k, fmt.Sprintf("%v", v)) | ||||
| } | ||||
| @ -0,0 +1,66 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package tracing | ||||
| 
 | ||||
| import ( | ||||
| 	"github.com/sirupsen/logrus" | ||||
| 	"go.opentelemetry.io/otel/attribute" | ||||
| 	"go.opentelemetry.io/otel/trace" | ||||
| ) | ||||
| 
 | ||||
| // NewLogrusHook creates a new logrus hook
 | ||||
| func NewLogrusHook() *LogrusHook { | ||||
| 	return &LogrusHook{} | ||||
| } | ||||
| 
 | ||||
| // LogrusHook is a logrus hook which adds logrus events to active spans.
 | ||||
| // If the span is not recording or the span context is invalid, the hook is a no-op.
 | ||||
| type LogrusHook struct{} | ||||
| 
 | ||||
| // Levels returns the logrus levels that this hook is interested in.
 | ||||
| func (h *LogrusHook) Levels() []logrus.Level { | ||||
| 	return logrus.AllLevels | ||||
| } | ||||
| 
 | ||||
| // Fire is called when a log event occurs.
 | ||||
| func (h *LogrusHook) Fire(entry *logrus.Entry) error { | ||||
| 	span := trace.SpanFromContext(entry.Context) | ||||
| 	if span == nil { | ||||
| 		return nil | ||||
| 	} | ||||
| 
 | ||||
| 	if !span.SpanContext().IsValid() || !span.IsRecording() { | ||||
| 		return nil | ||||
| 	} | ||||
| 
 | ||||
| 	span.AddEvent( | ||||
| 		entry.Message, | ||||
| 		trace.WithAttributes(logrusDataToAttrs(entry.Data)...), | ||||
| 		trace.WithAttributes(attribute.String("level", entry.Level.String())), | ||||
| 		trace.WithTimestamp(entry.Time), | ||||
| 	) | ||||
| 
 | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
| func logrusDataToAttrs(data logrus.Fields) []attribute.KeyValue { | ||||
| 	attrs := make([]attribute.KeyValue, 0, len(data)) | ||||
| 	for k, v := range data { | ||||
| 		attrs = append(attrs, any(k, v)) | ||||
| 	} | ||||
| 	return attrs | ||||
| } | ||||
| @ -0,0 +1,116 @@ | ||||
| /* | ||||
|    Copyright The containerd Authors. | ||||
| 
 | ||||
|    Licensed under the Apache License, Version 2.0 (the "License"); | ||||
|    you may not use this file except in compliance with the License. | ||||
|    You may obtain a copy of the License at | ||||
| 
 | ||||
|        http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| 
 | ||||
|    Unless required by applicable law or agreed to in writing, software | ||||
|    distributed under the License is distributed on an "AS IS" BASIS, | ||||
|    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||||
|    See the License for the specific language governing permissions and | ||||
|    limitations under the License. | ||||
| */ | ||||
| 
 | ||||
| package tracing | ||||
| 
 | ||||
| import ( | ||||
| 	"context" | ||||
| 	"net/http" | ||||
| 
 | ||||
| 	"go.opentelemetry.io/otel" | ||||
| 	"go.opentelemetry.io/otel/attribute" | ||||
| 	"go.opentelemetry.io/otel/codes" | ||||
| 	semconv "go.opentelemetry.io/otel/semconv/v1.12.0" | ||||
| 	"go.opentelemetry.io/otel/trace" | ||||
| ) | ||||
| 
 | ||||
| // StartConfig defines configuration for a new span object.
 | ||||
| type StartConfig struct { | ||||
| 	spanOpts []trace.SpanStartOption | ||||
| } | ||||
| 
 | ||||
| type SpanOpt func(config *StartConfig) | ||||
| 
 | ||||
| // WithHTTPRequest marks span as a HTTP request operation from client to server.
 | ||||
| // It'll append attributes from the HTTP request object and mark it with `SpanKindClient` type.
 | ||||
| func WithHTTPRequest(request *http.Request) SpanOpt { | ||||
| 	return func(config *StartConfig) { | ||||
| 		config.spanOpts = append(config.spanOpts, | ||||
| 			trace.WithSpanKind(trace.SpanKindClient),                                      // A client making a request to a server
 | ||||
| 			trace.WithAttributes(semconv.HTTPClientAttributesFromHTTPRequest(request)...), // Add HTTP attributes
 | ||||
| 		) | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| // StartSpan starts child span in a context.
 | ||||
| func StartSpan(ctx context.Context, opName string, opts ...SpanOpt) (context.Context, *Span) { | ||||
| 	config := StartConfig{} | ||||
| 	for _, fn := range opts { | ||||
| 		fn(&config) | ||||
| 	} | ||||
| 	tracer := otel.Tracer("") | ||||
| 	if parent := trace.SpanFromContext(ctx); parent != nil && parent.SpanContext().IsValid() { | ||||
| 		tracer = parent.TracerProvider().Tracer("") | ||||
| 	} | ||||
| 	ctx, span := tracer.Start(ctx, opName, config.spanOpts...) | ||||
| 	return ctx, &Span{otelSpan: span} | ||||
| } | ||||
| 
 | ||||
| // SpanFromContext returns the current Span from the context.
 | ||||
| func SpanFromContext(ctx context.Context) *Span { | ||||
| 	return &Span{ | ||||
| 		otelSpan: trace.SpanFromContext(ctx), | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| // Span is wrapper around otel trace.Span.
 | ||||
| // Span is the individual component of a trace. It represents a
 | ||||
| // single named and timed operation of a workflow that is traced.
 | ||||
| type Span struct { | ||||
| 	otelSpan trace.Span | ||||
| } | ||||
| 
 | ||||
| // End completes the span.
 | ||||
| func (s *Span) End() { | ||||
| 	s.otelSpan.End() | ||||
| } | ||||
| 
 | ||||
| // AddEvent adds an event with provided name and options.
 | ||||
| func (s *Span) AddEvent(name string, options ...trace.EventOption) { | ||||
| 	s.otelSpan.AddEvent(name, options...) | ||||
| } | ||||
| 
 | ||||
| // SetStatus sets the status of the current span.
 | ||||
| // If an error is encountered, it records the error and sets span status to Error.
 | ||||
| func (s *Span) SetStatus(err error) { | ||||
| 	if err != nil { | ||||
| 		s.otelSpan.RecordError(err) | ||||
| 		s.otelSpan.SetStatus(codes.Error, err.Error()) | ||||
| 	} else { | ||||
| 		s.otelSpan.SetStatus(codes.Ok, "") | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| // SetAttributes sets kv as attributes of the span.
 | ||||
| func (s *Span) SetAttributes(kv ...attribute.KeyValue) { | ||||
| 	s.otelSpan.SetAttributes(kv...) | ||||
| } | ||||
| 
 | ||||
| // Name sets the span name by joining a list of strings in dot separated format.
 | ||||
| func Name(names ...string) string { | ||||
| 	return makeSpanName(names...) | ||||
| } | ||||
| 
 | ||||
| // Attribute takes a key value pair and returns attribute.KeyValue type.
 | ||||
| func Attribute(k string, v interface{}) attribute.KeyValue { | ||||
| 	return any(k, v) | ||||
| } | ||||
| 
 | ||||
| // HTTPStatusCodeAttributes generates attributes of the HTTP namespace as specified by the OpenTelemetry
 | ||||
| // specification for a span.
 | ||||
| func HTTPStatusCodeAttributes(code int) []attribute.KeyValue { | ||||
| 	return semconv.HTTPAttributesFromHTTPStatusCode(code) | ||||
| } | ||||
| @ -0,0 +1 @@ | ||||
| *.go text eol=lf | ||||
Some files were not shown because too many files have changed in this diff Show More
					Loading…
					
					
				
		Reference in New Issue
	
	 CrazyMax
						CrazyMax