Bug 1584555

Summary: oc cp gets panic when pod-side path has too many ../
Product: OpenShift Container Platform Reporter: Xingxing Xia <xxia>
Component: ocAssignee: Maciej Szulik <maszulik>
Status: CLOSED ERRATA QA Contact: Xingxing Xia <xxia>
Severity: low Docs Contact:
Priority: medium    
Version: 3.10.0CC: aos-bugs, hasha, jokerman, mifiedle, mmccomas, xtian
Target Milestone: ---   
Target Release: 4.1.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-04 10:40:21 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Xingxing Xia 2018-05-31 08:03:59 UTC
Description of problem:
oc cp gets panic when pod-side path has too many ../

Version-Release number of selected component (if applicable):
oc v3.10.0-0.54.0

How reproducible:
Always

Steps to Reproduce:
1. Normal case
$ oc cp ruby-ex-1-gkzbd:/home/../etc/hosts ./

2. When pod-side path has too many ../
$ oc cp ruby-ex-1-gkzbd:/home/../../etc/hosts ./
tar: Removing leading `/home/../../' from member names
panic: runtime error: slice bounds out of range

goroutine 1 [running]:
github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd.untarAll(0x4463860, 0xc42000fa40, 0x7ffe5aa7547c, 0x2, 0xc42040a1c0, 0xc, 0x0, 0x0)
	/builddir/build/BUILD/atomic-openshift-git-0.00a8b84/_output/local/go/src/github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/cp.go:336 +0x7e5
github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd.copyFromPod(0x44a7c40, 0xc420e176e0, 0xc420b70000, 0x44645e0, 0xc42000e020, 0x0, 0x0, 0x7ffe5aa75456, 0xf, 0x7ffe5aa75466, ...)
	/builddir/build/BUILD/atomic-openshift-git-0.00a8b84/_output/local/go/src/github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/cp.go:238 +0x364
github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd.runCopy(0x44a7c40, 0xc420e176e0, 0xc420b70000, 0x44645e0, 0xc42000e018, 0x44645e0, 0xc42000e020, 0xc420388c20, 0x2, 0x2, ...)
	/builddir/build/BUILD/atomic-openshift-git-0.00a8b84/_output/local/go/src/github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/cp.go:135 +0x35b
github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd.NewCmdCp.func1(0xc420b70000, 0xc420388c20, 0x2, 0x2)
	/builddir/build/BUILD/atomic-openshift-git-0.00a8b84/_output/local/go/src/github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/cp.go:73 +0x89
github.com/openshift/origin/vendor/github.com/spf13/cobra.(*Command).execute(0xc420b70000, 0xc420388b80, 0x2, 0x2, 0xc420b70000, 0xc420388b80)
	/builddir/build/BUILD/atomic-openshift-git-0.00a8b84/_output/local/go/src/github.com/openshift/origin/vendor/github.com/spf13/cobra/command.go:757 +0x2c1
github.com/openshift/origin/vendor/github.com/spf13/cobra.(*Command).ExecuteC(0xc4205ed900, 0xc42000e020, 0xc4205ed900, 0xc4202014a0)
	/builddir/build/BUILD/atomic-openshift-git-0.00a8b84/_output/local/go/src/github.com/openshift/origin/vendor/github.com/spf13/cobra/command.go:843 +0x334
github.com/openshift/origin/vendor/github.com/spf13/cobra.(*Command).Execute(0xc4205ed900, 0x2, 0xc4205ed900)
	/builddir/build/BUILD/atomic-openshift-git-0.00a8b84/_output/local/go/src/github.com/openshift/origin/vendor/github.com/spf13/cobra/command.go:791 +0x2b

Actual results:
2. Panic

Expected results:
2. No panic

Additional info:

Comment 1 Juan Vallejo 2018-05-31 20:26:20 UTC
Upstream PR: https://github.com/kubernetes/kubernetes/pull/64573

Comment 2 Juan Vallejo 2018-05-31 20:32:49 UTC
Origin PR: https://github.com/openshift/origin/pull/19898

Comment 4 shahan 2018-06-06 05:38:30 UTC
[hasha@mypc ose]$ git log --pretty="%h %an %cd - %s"  v3.10.0-0.60.0 |   grep   '19898'
9f866cb92a OpenShift Merge Robot Tue Jun 5 04:10:05 2018 -0700 - Merge pull request #19898 from juanvallejo/jvallejo/pick-upstream-64573

The fix has included in v3.10.0-0.60.0, but still occurs panic.

[hasha@mypc ~]$ oc cp ruby-ex-1-4q5ch:/home/../../etc/hosts ./
tar: Removing leading `/home/../../' from member names
panic: runtime error: slice bounds out of range

goroutine 1 [running]:
github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd.untarAll(0x446b860, 0xc420212da0, 0x7fff2383eec0, 0x2, 0xc4202628a0, 0xc, 0x0, 0x0)
	/builddir/build/BUILD/atomic-openshift-git-0.0e11ff5/_output/local/go/src/github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/cp.go:349 +0x7e5
github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd.copyFromPod(0x44afd40, 0xc4209ee5d0, 0xc420b4f400, 0x446c5e0, 0xc42000e020, 0x0, 0x0, 0x7fff2383ee9a, 0xf, 0x7fff2383eeaa, ...)
	/builddir/build/BUILD/atomic-openshift-git-0.0e11ff5/_output/local/go/src/github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/cp.go:241 +0x37c
github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd.runCopy(0x44afd40, 0xc4209ee5d0, 0xc420b4f400, 0x446c5e0, 0xc42000e018, 0x446c5e0, 0xc42000e020, 0xc420461e40, 0x2, 0x2, ...)
	/builddir/build/BUILD/atomic-openshift-git-0.0e11ff5/_output/local/go/src/github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/cp.go:135 +0x35b
github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd.NewCmdCp.func1(0xc420b4f400, 0xc420461e40, 0x2, 0x2)
	/builddir/build/BUILD/atomic-openshift-git-0.0e11ff5/_output/local/go/src/github.com/openshift/origin/vendor/k8s.io/kubernetes/pkg/kubectl/cmd/cp.go:73 +0x89
github.com/openshift/origin/vendor/github.com/spf13/cobra.(*Command).execute(0xc420b4f400, 0xc420461da0, 0x2, 0x2, 0xc420b4f400, 0xc420461da0)
	/builddir/build/BUILD/atomic-openshift-git-0.0e11ff5/_output/local/go/src/github.com/openshift/origin/vendor/github.com/spf13/cobra/command.go:757 +0x2c1
github.com/openshift/origin/vendor/github.com/spf13/cobra.(*Command).ExecuteC(0xc4205c0f00, 0xc42000e020, 0xc4205c0f00, 0xc42028eed0)
	/builddir/build/BUILD/atomic-openshift-git-0.0e11ff5/_output/local/go/src/github.com/openshift/origin/vendor/github.com/spf13/cobra/command.go:843 +0x334
github.com/openshift/origin/vendor/github.com/spf13/cobra.(*Command).Execute(0xc4205c0f00, 0x2, 0xc4205c0f00)
	/builddir/build/BUILD/atomic-openshift-git-0.0e11ff5/_output/local/go/src/github.com/openshift/origin/vendor/github.com/spf13/cobra/command.go:791 +0x2b
main.main()
	/builddir/build/BUILD/atomic-openshift-git-0.0e11ff5/_output/local/go/src/github.com/openshift/origin/cmd/oc/oc.go:42 +0x334
[hasha@mypc ~]$ oc version
oc v3.10.0-0.60.0
kubernetes v1.10.0+b81c8f8
features: Basic-Auth GSSAPI Kerberos SPNEGO

Server https://host:8443
openshift v3.10.0-0.60.0
kubernetes v1.10.0+b81c8f8

Comment 6 Xingxing Xia 2018-06-20 02:10:09 UTC
*** Bug 1592324 has been marked as a duplicate of this bug. ***

Comment 7 Xingxing Xia 2018-06-20 09:26:05 UTC
No OCP puddle includes the code yet. Will verify when new puddle built

Comment 8 Xingxing Xia 2018-06-21 02:16:09 UTC
New puddle v3.10.2 still does not include the fix. Please include it if it is missed

Comment 9 Mike Fiedler 2018-06-21 18:12:14 UTC
Moving back to assigned based on https://github.com/kubernetes/kubernetes/pull/65189#issuecomment-399178949

Comment 10 Juan Vallejo 2018-10-19 20:10:53 UTC
Upstream PR [1] has merged.
Picked into Origin in https://github.com/openshift/origin/pull/21315

1. https://github.com/kubernetes/kubernetes/pull/65189

Comment 12 Maciej Szulik 2019-04-24 11:46:31 UTC
We should have this fix with k8s 1.13 rebase in place, moving to qa.

Comment 13 Xingxing Xia 2019-04-25 04:35:37 UTC
Verified in:
$ oc version
Client Version: version.Info{Major:"4", Minor:"1+", GitVersion:"v4.1.0", GitCommit:"8730f3882", GitTreeState:"", BuildDate:"2019-04-23T22:49:40Z", GoVersion:"", Compiler:"", Platform:""}
Server Version: version.Info{Major:"1", Minor:"13+", GitVersion:"v1.13.4+d0e1a21", GitCommit:"d0e1a21", GitTreeState:"clean", BuildDate:"2019-04-24T23:10:59Z", GoVersion:"go1.11.5", Compiler:"gc", Platform:"linux/amd64"}

Comment 15 errata-xmlrpc 2019-06-04 10:40:21 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0758