- What I did

I was using kaniko to build images, which erroneously produced a tarball with a manifest containing null. Surprisingly, docker accepted the manifest but... didn't do anything.

This is not outlined in the docker spec, but I believe null manifests should be rejected ([] is okay!). It would have saved me a bunch of time, and I can't imagine anyone intentionally importing null as an image (even [] is questionable).

This change rejects null manifests. For a quick brief on how go JSON decodes null and [], see:
https://play.golang.org/p/kGuoI0x1xyc

- How I did it

I just added a check for a nil manifest

- How to verify it

I followed the guide to get a dev env running, then:

$ printf 'null' > manifest.json
$ tar -czf invalid.tar manifest.json
$ root@31d06c589959:/go/src/github.com/docker/docker# docker load -i invalid.tar 
invalid manifest, manifest cannot be null (but can be [])

- Description for the changelog
reject tarballs with null manifests on import

- A picture of a cute animal (not mandatory but encouraged)