From 9749c5266a4ba51faaff13758eb083b656ac47aa Mon Sep 17 00:00:00 2001 From: Mitsuru Kariya Date: Thu, 11 Jul 2024 00:36:53 +0900 Subject: [PATCH] Check invalid environment replacement form like ${VAR:%} Environment replacement form like below are invalid, so they should cause error. - `${VAR:#pattern}` - `${VAR:##pattern}` - `${VAR:%pattern}` - `${VAR:%%pattern}` Signed-off-by: Mitsuru Kariya --- frontend/dockerfile/shell/lex.go | 3 +++ frontend/dockerfile/shell/lex_test.go | 20 ++++++++++++++++++++ 2 files changed, 23 insertions(+) diff --git a/frontend/dockerfile/shell/lex.go b/frontend/dockerfile/shell/lex.go index 0d74545d1ac6..18da29334950 100644 --- a/frontend/dockerfile/shell/lex.go +++ b/frontend/dockerfile/shell/lex.go @@ -378,6 +378,9 @@ func (sw *shellWord) processDollar() (string, error) { fallthrough case '+', '-', '?', '#', '%': rawEscapes := ch == '#' || ch == '%' + if nullIsUnset && rawEscapes { + return "", errors.Errorf("unsupported modifier (%s) in substitution", chs) + } word, _, err := sw.processStopOn('}', rawEscapes) if err != nil { if sw.scanner.Peek() == scanner.EOF { diff --git a/frontend/dockerfile/shell/lex_test.go b/frontend/dockerfile/shell/lex_test.go index 0eeb3a080fe5..cb8ffda4adfd 100644 --- a/frontend/dockerfile/shell/lex_test.go +++ b/frontend/dockerfile/shell/lex_test.go @@ -497,6 +497,26 @@ func TestProcessWithMatches(t *testing.T) { expected: "xxyy", matches: map[string]struct{}{"FOO": {}, "BAR": {}}, }, + { + input: "${FOO:#}", + envs: map[string]string{}, + expectedErr: true, + }, + { + input: "${FOO:##}", + envs: map[string]string{}, + expectedErr: true, + }, + { + input: "${FOO:%}", + envs: map[string]string{}, + expectedErr: true, + }, + { + input: "${FOO:%%}", + envs: map[string]string{}, + expectedErr: true, + }, { // test: wildcards input: "${FOO/$NEEDLE/.} - ${FOO//$NEEDLE/.}",