summaryrefslogtreecommitdiffhomepage
path: root/runsc/boot
diff options
context:
space:
mode:
authorFabricio Voznika <fvoznika@google.com>2021-01-11 16:23:44 -0800
committergVisor bot <gvisor-bot@google.com>2021-01-11 16:25:50 -0800
commit7e462a1c7f56b9b8439ad1ac92906bd8dd376ab7 (patch)
treee1975a4970f1a173344bb211debede3ac91a8787 /runsc/boot
parent4c4de66443174f2ed7f4fa533a1d09c709be9427 (diff)
OCI spec may contain duplicate environment variables
Closes #5226 PiperOrigin-RevId: 351259576
Diffstat (limited to 'runsc/boot')
-rw-r--r--runsc/boot/loader.go11
1 files changed, 10 insertions, 1 deletions
diff --git a/runsc/boot/loader.go b/runsc/boot/loader.go
index f41d6c665..d7afd3dc1 100644
--- a/runsc/boot/loader.go
+++ b/runsc/boot/loader.go
@@ -440,6 +440,10 @@ func createProcessArgs(id string, spec *specs.Spec, creds *auth.Credentials, k *
if err != nil {
return kernel.CreateProcessArgs{}, fmt.Errorf("creating limits: %v", err)
}
+ env, err := specutils.ResolveEnvs(spec.Process.Env)
+ if err != nil {
+ return kernel.CreateProcessArgs{}, fmt.Errorf("resolving env: %w", err)
+ }
wd := spec.Process.Cwd
if wd == "" {
@@ -449,7 +453,7 @@ func createProcessArgs(id string, spec *specs.Spec, creds *auth.Credentials, k *
// Create the process arguments.
procArgs := kernel.CreateProcessArgs{
Argv: spec.Process.Args,
- Envv: spec.Process.Env,
+ Envv: env,
WorkingDirectory: wd,
Credentials: creds,
Umask: 0022,
@@ -933,6 +937,11 @@ func (l *Loader) executeAsync(args *control.ExecArgs) (kernel.ThreadID, error) {
}
}
+ args.Envv, err = specutils.ResolveEnvs(args.Envv)
+ if err != nil {
+ return 0, fmt.Errorf("resolving env: %w", err)
+ }
+
// Add the HOME environment variable if it is not already set.
if kernel.VFS2Enabled {
root := args.MountNamespaceVFS2.Root()