Bug 1801874

Summary: Podman segmentation error when a Dockerfile specifies an image by its digest
Product: Red Hat Enterprise Linux 8 Reporter: Matt Prahl <mprahl>
Component: podmanAssignee: Matthew Heon <mheon>
Status: CLOSED ERRATA QA Contact: atomic-bugs <atomic-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 8.1CC: bbaude, dornelas, dwalsh, jligon, jnovy, lsm5, lucarval, mheon, tsweeney, ypu
Target Milestone: rc   
Target Release: 8.4   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 03:05:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Proposed patch for 8.2.0 by Valentin Rothberg none

Description Matt Prahl 2020-02-11 19:30:08 UTC 
Description of problem:

Podman segfaults when a Dockerfile specifies an image by its digest. For example, if a Dockerfile has `FROM centos@sha256:fe8d824220415eed5477b63addf40fb06c3b049404242b31982106ac204f6700` line, it will fail with `panic: runtime error: invalid memory address or nil pointer dereference`.

If I manually install podman-1.7.0-3.fc30.x86_64, the issue is resolved.


Version-Release number of selected component (if applicable):

podman-1.6.4-2.module_el8.1.0+272+3e64ee36.x86_64

How reproducible:

Every time

Steps to Reproduce:

I setup a repo with reproducer Dockerfiles and instructions on how to reproduce the issue:
https://github.com/mprahl/podman-reproducer
Comment 1 Tom Sweeney 2020-02-12 15:20:47 UTC 
I remember this being fixed in later versions of Buildah/Podman.  Will have to talk to Matt about best ways to backport.
Comment 6 Jindrich Novy 2020-07-29 14:53:31 UTC 
Created attachment 1702831 [details]
Proposed patch for 8.2.0 by Valentin Rothberg
Comment 12 Joy Pu 2020-08-17 13:32:50 UTC 
Test with podman-2.0.4-2.module+el8.3.0+7640+fae4eedb.x86_64 and it works as expect. So set this to verified. Details:
# podman build -t test .
STEP 1: FROM centos@sha256:fe8d824220415eed5477b63addf40fb06c3b049404242b31982106ac204f6700
Getting image source signatures
Copying blob 8a29a15cefae done  
Copying config 470671670c done  
Writing manifest to image destination
Storing signatures
STEP 2: RUN ls
bin  dev  etc  home  lib  lib64  lost+found  media  mnt  opt  proc  root  run  sbin  srv  sys  tmp  usr  var
STEP 3: COMMIT test
--> c29b44a6399
c29b44a6399de4db632298d3a7b0edc7542982536f83937ec7eba8f4133ca635
Comment 15 errata-xmlrpc 2020-11-04 03:05:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: container-tools:rhel8 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:4694