diff options
| -rw-r--r-- | nix/libutil/hash.cc | 7 | ||||
| -rw-r--r-- | tests/derivations.scm | 12 |
2 files changed, 17 insertions, 2 deletions
diff --git a/nix/libutil/hash.cc b/nix/libutil/hash.cc index 9ba604eb85..9b83ffcdd9 100644 --- a/nix/libutil/hash.cc +++ b/nix/libutil/hash.cc @@ -76,8 +76,11 @@ string printHash(const Hash & hash) Hash parseHash(HashType ht, const string & s) { Hash hash(ht); - if (s.length() != hash.hashSize * 2) - throw Error(format("invalid hash `%1%'") % s); + if (s.length() != hash.hashSize * 2) { + string algo = gcry_md_algo_name(ht); + throw Error(format("invalid %1% hash '%2%' (%3% bytes but expected %4%)") + % algo % s % (s.length() / 2) % hash.hashSize); + } for (unsigned int i = 0; i < hash.hashSize; i++) { string s2(s, i * 2, 2); if (!isxdigit(s2[0]) || !isxdigit(s2[1])) diff --git a/tests/derivations.scm b/tests/derivations.scm index 3d25365b14..66c777cfe7 100644 --- a/tests/derivations.scm +++ b/tests/derivations.scm @@ -396,6 +396,18 @@ (call-with-input-file p get-bytevector-all)) (bytevector? (query-path-hash %store p))))))) +(test-assert "fixed-output derivation, invalid hash size" + (guard (c ((store-protocol-error? c) + (string-contains-ci (store-protocol-error-message c) + "invalid SHA512 hash"))) + (derivation %store "download-with-invalid-hash" + "builtin:download" '() + #:env-vars `(("url" + . ,(object->string "http://example.org"))) + #:hash-algo 'sha512 + #:hash #vu8(1 2 3)) + #f)) + (test-assert "derivation with a fixed-output input" ;; A derivation D using a fixed-output derivation F doesn't has the same ;; output path when passed F or F', as long as F and F' have the same output |