From 7e462a1c7f56b9b8439ad1ac92906bd8dd376ab7 Mon Sep 17 00:00:00 2001 From: Fabricio Voznika Date: Mon, 11 Jan 2021 16:23:44 -0800 Subject: OCI spec may contain duplicate environment variables Closes #5226 PiperOrigin-RevId: 351259576 --- runsc/cmd/exec.go | 29 ++--------------------------- 1 file changed, 2 insertions(+), 27 deletions(-) (limited to 'runsc/cmd') diff --git a/runsc/cmd/exec.go b/runsc/cmd/exec.go index 8558d34ae..e9726401a 100644 --- a/runsc/cmd/exec.go +++ b/runsc/cmd/exec.go @@ -118,14 +118,14 @@ func (ex *Exec) Execute(_ context.Context, f *flag.FlagSet, args ...interface{}) } log.Debugf("Exec arguments: %+v", e) - log.Debugf("Exec capablities: %+v", e.Capabilities) + log.Debugf("Exec capabilities: %+v", e.Capabilities) // Replace empty settings with defaults from container. if e.WorkingDirectory == "" { e.WorkingDirectory = c.Spec.Process.Cwd } if e.Envv == nil { - e.Envv, err = resolveEnvs(c.Spec.Process.Env, ex.env) + e.Envv, err = specutils.ResolveEnvs(c.Spec.Process.Env, ex.env) if err != nil { Fatalf("getting environment variables: %v", err) } @@ -382,31 +382,6 @@ func argsFromProcess(p *specs.Process, enableRaw bool) (*control.ExecArgs, error }, nil } -// resolveEnvs transforms lists of environment variables into a single list of -// environment variables. If a variable is defined multiple times, the last -// value is used. -func resolveEnvs(envs ...[]string) ([]string, error) { - // First create a map of variable names to values. This removes any - // duplicates. - envMap := make(map[string]string) - for _, env := range envs { - for _, str := range env { - parts := strings.SplitN(str, "=", 2) - if len(parts) != 2 { - return nil, fmt.Errorf("invalid variable: %s", str) - } - envMap[parts[0]] = parts[1] - } - } - // Reassemble envMap into a list of environment variables of the form - // NAME=VALUE. - env := make([]string, 0, len(envMap)) - for k, v := range envMap { - env = append(env, fmt.Sprintf("%s=%s", k, v)) - } - return env, nil -} - // capabilities takes a list of capabilities as strings and returns an // auth.TaskCapabilities struct with those capabilities in every capability set. // This mimics runc's behavior. -- cgit v1.2.3