root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions 15 Packages Projects Releases Wiki Activity

Merge pull request #45290 from nosan 

* pr/45290:
  Trim "\x00" from a decoded Docker Registry password

Closes gh-45290
This commit is contained in:
Moritz Halbritter 2025-04-28 14:29:30 +02:00
parent 4531d9ee4f e69de966b7
commit 2b6af84ae8
3 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/main/java/org/springframework/boot/buildpack/platform/docker/configuration/DockerConfigurationMetadata.java
View File

@ -219,11 +219,11 @@ final class DockerConfigurationMetadata {
Auth(JsonNode node) {
super(node, MethodHandles.lookup());
String auth = valueAt("/auth", String.class);
if (StringUtils.hasText(auth)) {
if (StringUtils.hasLength(auth)) {
String[] parts = new String(Base64.getDecoder().decode(auth)).split(":", 2);
Assert.state(parts.length == 2, "Malformed auth in docker configuration metadata");
this.username = parts[0];
this.password = parts[1];
this.password = trim(parts[1], Character.MIN_VALUE);
}
else {
this.username = valueAt("/username", String.class);
@ -244,6 +244,11 @@ final class DockerConfigurationMetadata {
return this.email;
}
private static String trim(String source, char character) {
source = StringUtils.trimLeadingCharacter(source, character);
return StringUtils.trimTrailingCharacter(source, character);
}
}
static final class DockerContext extends MappedObject {

2
spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/test/java/org/springframework/boot/buildpack/platform/docker/configuration/DockerConfigurationMetadataTests.java
View File

@ -125,7 +125,7 @@ class DockerConfigurationMetadataTests extends AbstractJsonTests {
.containsEntry("gcr.io", "gcr");
assertThat(configuration.getAuths()).hasSize(3).hasEntrySatisfying("https://index.docker.io/v1/", (auth) -> {
assertThat(auth.getUsername()).isEqualTo("username");
assertThat(auth.getPassword()).isEqualTo("password");
assertThat(auth.getPassword()).isEqualTo("pass\u0000word");
assertThat(auth.getEmail()).isEqualTo("test@gmail.com");
}).hasEntrySatisfying("custom-registry.example.com", (auth) -> {
assertThat(auth.getUsername()).isEqualTo("customUser");

2
spring-boot-project/spring-boot-tools/spring-boot-buildpack-platform/src/test/resources/org/springframework/boot/buildpack/platform/docker/configuration/with-auth/config.json
View File

@ -1,7 +1,7 @@
{
"auths": {
"https://index.docker.io/v1/": {
"auth": "dXNlcm5hbWU6cGFzc3dvcmQ=",
"auth": "dXNlcm5hbWU6AABwYXNzAHdvcmQAAA==",
"email": "test@gmail.com"
},
"custom-registry.example.com": {