fix panic when login to docker.io

and fix some memory leak
Signed-off-by: NWangFengTu <wangfengtu@huawei.com>

CI/test_cases/basic_cases/registry.bash

@@ -32,9 +32,35 @@ function isula_pull()
     fn_check_eq "$?" "0" "isula inspect busybox"
 }
 
+function isula_login()
+{
+    isula login -u test -p test hub-mirror.c.163.com
+    fn_check_eq "$?" "0" "isula login -u test -p test hub-mirror.c.163.com"
+
+    # double login for memory leak check
+    isula login -u test -p test hub-mirror.c.163.com
+    fn_check_eq "$?" "0" "isula login -u test -p test hub-mirror.c.163.com"
+
+    # use username/password to pull busybox for memmory leak check
+    isula pull busybox
+    fn_check_eq "$?" "0" "isula pull busybox"
+}
+
+function isula_logout()
+{
+    isula logout hub-mirror.c.163.com
+    fn_check_eq "$?" "0" "isula logout hub-mirror.c.163.com"
+
+    # double logout for memory leak check
+    isula logout hub-mirror.c.163.com
+    fn_check_eq "$?" "0" "isula logout hub-mirror.c.163.com"
+}
+
 function do_test_t()
 {
     isula_pull
+    isula_login
+    isula_logout
 
     return $TC_RET_T
 }
@@ -47,4 +73,4 @@ if [ $? -ne 0 ];then
     let "ret=$ret + 1"
 fi
 
-show_result $ret "basic pull"
+show_result $ret "basic registry"

src/http/parser.c

@@ -79,6 +79,10 @@ static int parser_cb_header_field(http_parser *parser, const char *buf,
     struct parsed_http_message *m = parser->data;
 
     if (m->last_header_element != FIELD) {
+        if (m->num_headers + 1 >= MAX_HEADERS) {
+            ERROR("too many headers exceeded maxium number %d", MAX_HEADERS);
+            return -1;
+        }
         m->num_headers++;
     }
 

src/http/parser.h

@@ -47,7 +47,7 @@
 #undef FALSE
 #define FALSE 0
 
-#define MAX_HEADERS 13
+#define MAX_HEADERS 30
 #define MAX_ELEMENT_SIZE 2048
 #define MAX_CHUNKS 16
 

src/image/oci/registry/auths.c

@@ -100,6 +100,8 @@ static int decode_auth(char *encoded, char **username, char **password)
     (void)memset(auth_parts[1], 0, strlen(auth_parts[1]));
 
 out:
+    free_sensitive_string((char *)auth);
+    auth = NULL;
     free_sensitive_string((char *)decoded);
     decoded = NULL;
     util_free_array(auth_parts);
@@ -345,6 +347,8 @@ static int write_auth_file(char *content)
     }
 
 out:
+    free(auths_dir);
+    auths_dir = NULL;
 
     return ret;
 }
@@ -411,6 +415,8 @@ int auths_save(char *host, char *username, char *password)
     }
 
 out:
+    free(json);
+    json = NULL;
     free_registry_auths(auths);
     auths = NULL;
     free_defs_map_string_object_auths(element);
@@ -502,6 +508,8 @@ int auths_delete(char *host)
     }
 
 out:
+    free(json);
+    json = NULL;
     free_registry_auths(auths);
     auths = NULL;
     free(err);

src/image/oci/registry/registry.c

@@ -132,6 +132,8 @@ static int parse_manifest_schema1(pull_descriptor *desc)
     desc->layers_len = manifest->fs_layers_len;
 
 out:
+    free_image_manifest_v1_compatibility(v1config);
+    v1config = NULL;
     free_registry_manifest_schema1(manifest);
     manifest = NULL;
     free(err);
@@ -185,10 +187,8 @@ static int parse_manifest_schema2(pull_descriptor *desc)
     desc->layers_len = manifest->layers_len;
 
 out:
-    if (manifest != NULL) {
-        free_registry_manifest_schema2(manifest);
-        manifest = NULL;
-    }
+    free_registry_manifest_schema2(manifest);
+    manifest = NULL;
     free(err);
     err = NULL;
 
@@ -239,10 +239,8 @@ static int parse_manifest_ociv1(pull_descriptor *desc)
     desc->layers_len = manifest->layers_len;
 
 out:
-    if (manifest != NULL) {
-        free_oci_image_manifest(manifest);
-        manifest = NULL;
-    }
+    free_oci_image_manifest(manifest);
+    manifest = NULL;
     free(err);
     err = NULL;
 
@@ -941,10 +939,8 @@ static int parse_docker_config(pull_descriptor *desc)
 
 out:
 
-    if (config != NULL) {
-        free_docker_image_config_v2(config);
-        config = NULL;
-    }
+    free_docker_image_config_v2(config);
+    config = NULL;
     free(err);
     err = NULL;
 
@@ -993,10 +989,8 @@ static int parse_oci_config(pull_descriptor *desc)
     desc->config.create_time = created_to_timestamp(config->created);
 
 out:
-    if (config != NULL) {
-        free_oci_image_spec(config);
-        config = NULL;
-    }
+    free_oci_image_spec(config);
+    config = NULL;
     free(err);
     err = NULL;
 
@@ -1452,6 +1446,9 @@ static int add_rootfs_and_history(pull_descriptor *desc, docker_image_config_v2
         config->history[i] = history;
         config->history_len++;
 
+        free_docker_image_history(history);
+        history = NULL;
+
         free_image_manifest_v1_compatibility(v1config);
         v1config = NULL;
         history_index--;
@@ -1471,6 +1468,8 @@ static int add_rootfs_and_history(pull_descriptor *desc, docker_image_config_v2
 out:
     free(err);
     err = NULL;
+    free_docker_image_history(history);
+    history = NULL;
     free_image_manifest_v1_compatibility(v1config);
     v1config = NULL;
 
@@ -1624,6 +1623,23 @@ out:
     return ret;
 }
 
+static void update_host(pull_descriptor *desc)
+{
+    if (desc == NULL) {
+        ERROR("Invalid NULL param");
+        return;
+    }
+
+    // registry-1.docker.io is the real docker.io's registry. index.docker.io is V1 registry, we do not support
+    // V1 registry, try use registry-1.docker.io.
+    if (!strcmp(desc->host, DOCKER_HOSTNAME) || !strcmp(desc->host, DOCKER_V1HOSTNAME)) {
+        free(desc->host);
+        desc->host = util_strdup_s(DOCKER_REGISTRY);
+    }
+
+    return;
+}
+
 static int prepare_pull_desc(pull_descriptor *desc, registry_pull_options *options)
 {
     int ret = 0;
@@ -1660,12 +1676,7 @@ static int prepare_pull_desc(pull_descriptor *desc, registry_pull_options *optio
         goto out;
     }
 
-    // registry-1.docker.io is the real docker.io's registry. index.docker.io is V1 registry, we do not support
-    // V1 registry, try use registry-1.docker.io.
-    if (!strcmp(desc->host, DOCKER_HOSTNAME) || !strcmp(desc->host, DOCKER_V1HOSTNAME)) {
-        free(desc->host);
-        desc->host = util_strdup_s(DOCKER_REGISTRY);
-    }
+    update_host(desc);
 
     if (mkdtemp(blobpath) == NULL) {
         ERROR("make temporary direcory failed: %s", strerror(errno));
@@ -1850,6 +1861,7 @@ int registry_login(registry_login_options *options)
     }
 
     desc->host = util_strdup_s(options->host);
+    update_host(desc);
     desc->use_decrypted_key = conf_get_use_decrypted_key_flag();
     desc->skip_tls_verify = options->skip_tls_verify;
     desc->username = util_strdup_s(options->auth.username);

src/image/oci/registry/registry_apiv2.c

@@ -255,7 +255,7 @@ static int parse_ping_header(pull_descriptor *desc, char *http_head)
     // {"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":null}]}
     message = get_parsed_message(http_head);
     if (message == NULL) {
-        ERROR("out of memory");
+        ERROR("Get parsed message failed. http response size %zu, response:%s", strlen(http_head), http_head);
         ret = -1;
         goto out;
     }
@@ -765,6 +765,8 @@ static int normalized_host_os_arch(char **host_os, char **host_arch, char **host
                 *host_variant = util_strdup_s("v7");
             } else if (!strcmp(tmp_variant, "8")) {
                 *host_variant = util_strdup_s("v8");
+            } else {
+                *host_variant = util_strdup_s(tmp_variant);
             }
             free(tmp_variant);
             tmp_variant = NULL;