From 0043558082d619d0dc51ef27acda8ebb299c2f2c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Thu, 25 Feb 2016 11:48:17 +0100 Subject: [PATCH] publish: Do not publish nars for invalid store items. Before that, /nar requests could succeed if the requested store item exists but is invalid (although such requests were unlikely because the corresponding narinfo request would have failed.) * guix/scripts/publish.scm (render-nar): Add 'store' parameter. Use 'valid-path?' instead of 'file-exists?'. (make-request-handler): Adjust 'render-nar' call accordingly. * tests/publish.scm ("/nar/invalid"): New test. --- guix/scripts/publish.scm | 6 +++--- tests/publish.scm | 8 ++++++++ 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/guix/scripts/publish.scm b/guix/scripts/publish.scm index 3d197384d6..5306afcf07 100644 --- a/guix/scripts/publish.scm +++ b/guix/scripts/publish.scm @@ -208,13 +208,13 @@ (define (render-narinfo store request hash) (narinfo-string store store-path (force %private-key)) <>))))) -(define (render-nar request store-item) +(define (render-nar store request store-item) "Render archive of the store path corresponding to STORE-ITEM." (let ((store-path (string-append %store-directory "/" store-item))) ;; The ISO-8859-1 charset *must* be used otherwise HTTP clients will ;; interpret the byte stream as UTF-8 and arbitrarily change invalid byte ;; sequences. - (if (file-exists? store-path) + (if (valid-path? store store-path) (values '((content-type . (application/x-nix-archive (charset . "ISO-8859-1")))) ;; XXX: We're not returning the actual contents, deferring @@ -314,7 +314,7 @@ (define (make-request-handler store) (render-narinfo store request hash)) ;; /nar/ (("nar" store-item) - (render-nar request store-item)) + (render-nar store request store-item)) (_ (not-found request))) (not-found request)))) diff --git a/tests/publish.scm b/tests/publish.scm index 0b92390900..6c710fe0a7 100644 --- a/tests/publish.scm +++ b/tests/publish.scm @@ -112,6 +112,14 @@ (define (publish-uri route) (call-with-input-string nar (cut restore-file <> temp))) (call-with-input-file temp read-string)))) +(test-equal "/nar/invalid" + 404 + (begin + (call-with-output-file (string-append (%store-prefix) "/invalid") + (lambda (port) + (display "This file is not a valid store item." port))) + (response-code (http-get (publish-uri (string-append "/nar/invalid")))))) + (test-end "publish")