summary refs log tree commit diff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2023-01-09 16:48:01 +0100
committerLudovic Courtès <ludo@gnu.org>2023-01-09 17:40:54 +0100
commit407175a1d0e29f45639e7f28a531b3981cd20085 (patch)
tree4b29a28466d8128a4b89b208735dfdf181d88364
parent5d24e57a611b43ff68700379338b899f62d198cc (diff)
downloadguix-407175a1d0e29f45639e7f28a531b3981cd20085.tar.gz
daemon: Improve error message for wrong hash sizes.
* nix/libutil/hash.cc (parseHash): Show the hash algorithm name and
expected size in the error message.
* tests/derivations.scm ("fixed-output derivation, invalid hash size"):
New test.
-rw-r--r--nix/libutil/hash.cc7
-rw-r--r--tests/derivations.scm12
2 files changed, 17 insertions, 2 deletions
diff --git a/nix/libutil/hash.cc b/nix/libutil/hash.cc
index 9ba604eb85..9b83ffcdd9 100644
--- a/nix/libutil/hash.cc
+++ b/nix/libutil/hash.cc
@@ -76,8 +76,11 @@ string printHash(const Hash & hash)
 Hash parseHash(HashType ht, const string & s)
 {
     Hash hash(ht);
-    if (s.length() != hash.hashSize * 2)
-        throw Error(format("invalid hash `%1%'") % s);
+    if (s.length() != hash.hashSize * 2) {
+	string algo = gcry_md_algo_name(ht);
+        throw Error(format("invalid %1% hash '%2%' (%3% bytes but expected %4%)")
+		    % algo % s % (s.length() / 2) % hash.hashSize);
+    }
     for (unsigned int i = 0; i < hash.hashSize; i++) {
         string s2(s, i * 2, 2);
         if (!isxdigit(s2[0]) || !isxdigit(s2[1]))
diff --git a/tests/derivations.scm b/tests/derivations.scm
index 3d25365b14..66c777cfe7 100644
--- a/tests/derivations.scm
+++ b/tests/derivations.scm
@@ -396,6 +396,18 @@
                         (call-with-input-file p get-bytevector-all))
                 (bytevector? (query-path-hash %store p)))))))
 
+(test-assert "fixed-output derivation, invalid hash size"
+  (guard (c ((store-protocol-error? c)
+             (string-contains-ci (store-protocol-error-message c)
+                                 "invalid SHA512 hash")))
+    (derivation %store "download-with-invalid-hash"
+                "builtin:download" '()
+                #:env-vars `(("url"
+                              . ,(object->string "http://example.org")))
+                #:hash-algo 'sha512
+                #:hash #vu8(1 2 3))
+    #f))
+
 (test-assert "derivation with a fixed-output input"
   ;; A derivation D using a fixed-output derivation F doesn't has the same
   ;; output path when passed F or F', as long as F and F' have the same output