diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2014-07-16 16:30:50 +0200 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2014-07-16 16:30:50 +0200 |
commit | 985f1595fe9f61095c7bc94b49be1179811ec630 (patch) | |
tree | f77e47abbe34c66209bb170354c9f881d2e85598 | |
parent | 276a40b31f631c188d6dcbdf603a738e1380ff74 (diff) | |
download | guix-985f1595fe9f61095c7bc94b49be1179811ec630.tar.gz |
Be more strict about file names in NARs
-rw-r--r-- | src/libutil/archive.cc | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc index dfe9653d17..9dc2ebeeb9 100644 --- a/src/libutil/archive.cc +++ b/src/libutil/archive.cc @@ -231,7 +231,7 @@ static void parse(ParseSink & sink, Source & source, const Path & path) } else if (s == "entry" && type == tpDirectory) { - string name; + string name, prevName; s = readString(source); if (s != "(") throw badArchive("expected open tag"); @@ -245,6 +245,11 @@ static void parse(ParseSink & sink, Source & source, const Path & path) break; } else if (s == "name") { name = readString(source); + if (name.empty() || name == "." || name == ".." || name.find('/') != string::npos || name.find((char) 0) != string::npos) + throw Error(format("NAR contains invalid file name `%1%'") % name); + if (name <= prevName) + throw Error("NAR directory is not sorted"); + prevName = name; if (useCaseHack) { auto i = names.find(name); if (i != names.end()) { |