picnoir/Nix
1
0
Fork 0
Code Issues Pull requests 1 Releases Wiki Activity

LocalStore::addToStore(): Check info.narSize

Browse source 
It allowed the client to specify bogus narSize values. In particular,
Downloader::downloadCached wasn't setting narSize at all.
This commit is contained in:
Eelco Dolstra 2017-05-11 13:26:03 +02:00
parent 1fd59447d5
commit 45d7b1a9e9
No known key found for this signature in database
GPG key ID: 8170B4726D7198DE
2 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
src/libstore/download.cc
View file

@ -652,6 +652,7 @@ Path Downloader::downloadCached(ref<Store> store, const string & url_, bool unpa
Hash hash = hashString(expectedHash ? expectedHash.type : htSHA256, *res.data);
info.path = store->makeFixedOutputPath(false, hash, name);
info.narHash = hashString(htSHA256, *sink.s);
info.narSize = sink.s->size();
info.ca = makeFixedOutputCA(false, hash);
store->addToStore(info, sink.s, false, true);
storePath = info.path;

8
src/libstore/local-store.cc
View file

@ -919,8 +919,12 @@ void LocalStore::addToStore(const ValidPathInfo & info, const ref<std::string> &
Hash h = hashString(htSHA256, *nar);
if (h != info.narHash)
throw Error(format("hash mismatch importing path %s; expected hash %s, got %s") %
info.path % info.narHash.to_string() % h.to_string());
throw Error("hash mismatch importing path %s; expected hash %s, got %s",
info.path, info.narHash.to_string(), h.to_string());
if (nar->size() != info.narSize)
throw Error("szie mismatch importing path %s; expected %s, got %s",
info.path, info.narSize, nar->size());
if (requireSigs && !dontCheckSigs && !info.checkSignatures(*this, publicKeys))
throw Error("cannot add path %s because it lacks a valid signature", info.path);