Skip to content

Use an xz library instead of shelling out to xz for decompression#860

Merged
rhatdan merged 2 commits into
containers:masterfrom
nalind:native-xz
Mar 22, 2021
Merged

Use an xz library instead of shelling out to xz for decompression#860
rhatdan merged 2 commits into
containers:masterfrom
nalind:native-xz

Conversation

@nalind

@nalind nalind commented Mar 22, 2021

Copy link
Copy Markdown
Member

When decompressing layers compressed with xz, use a library (github.com/ulikunitz/xz, already used by the image library) rather than shelling out to the xz CLI.

@nalind

nalind commented Mar 22, 2021

Copy link
Copy Markdown
Member Author

/cc @mheon

@mheon

mheon commented Mar 22, 2021

Copy link
Copy Markdown
Member

Thanks! LGTM

@nalind nalind force-pushed the native-xz branch 2 times, most recently from f975338 to 1c30064 Compare March 22, 2021 15:55
When decompressing layers compressed with xz, use a library rather than
shelling out to the xz CLI.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
@nalind nalind force-pushed the native-xz branch 2 times, most recently from d83ec18 to f2e14b6 Compare March 22, 2021 18:08
The Go race detector will kill the test if it tries to have more than
8192 goroutines active at once, so start 8,000 instead of 100,000.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
@nalind

nalind commented Mar 22, 2021

Copy link
Copy Markdown
Member Author

/cc @haircommander

@rhatdan rhatdan left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@rhatdan rhatdan merged commit 35ebda8 into containers:master Mar 22, 2021
@nalind nalind deleted the native-xz branch March 23, 2021 13:36
@TomSweeneyRedHat

Copy link
Copy Markdown
Member

Addresses CVE-2021-20291

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants