about summary refs log tree commit diff
diff options
context:
space:
mode:
authorEelco Dolstra <edolstra@gmail.com>2018-10-08T10·03+0200
committerGitHub <noreply@github.com>2018-10-08T10·03+0200
commit01bd66bf8309a914edf63de7b25ee482f752c669 (patch)
treebecb2116a0fd126574c7ee36fa3ed2b51b692f08
parent0fda9b22c7cc0f0191a51d168c4b03d6c4e98d71 (diff)
parentb7091ce41e0073b147678f05b9a620b9bb2903c1 (diff)
Merge pull request #2452 from ElvishJerricco/verify-sigs-overflow
Fix overflow when verifying signatures of content addressable paths
-rw-r--r--src/nix/verify.cc2
-rw-r--r--tests/signing.sh4
2 files changed, 5 insertions, 1 deletions
diff --git a/src/nix/verify.cc b/src/nix/verify.cc
index 6540208a8a2c..7ef571561a0e 100644
--- a/src/nix/verify.cc
+++ b/src/nix/verify.cc
@@ -120,7 +120,7 @@ struct CmdVerify : StorePathsCommand
                             for (auto sig : sigs) {
                                 if (sigsSeen.count(sig)) continue;
                                 sigsSeen.insert(sig);
-                                if (info->checkSignature(publicKeys, sig))
+                                if (validSigs < ValidPathInfo::maxSigs && info->checkSignature(publicKeys, sig))
                                     validSigs++;
                             }
                         };
diff --git a/tests/signing.sh b/tests/signing.sh
index 46929639199d..9e29e3fbf063 100644
--- a/tests/signing.sh
+++ b/tests/signing.sh
@@ -62,6 +62,10 @@ outPathCA=$(IMPURE_VAR1=foo IMPURE_VAR2=bar nix-build ./fixed.nix -A good.0 --no
 nix verify $outPathCA
 nix verify $outPathCA --sigs-needed 1000
 
+# Check that signing a content-addressed path doesn't overflow validSigs
+nix sign-paths --key-file $TEST_ROOT/sk1 $outPathCA
+nix verify -r $outPathCA --sigs-needed 1000 --trusted-public-keys $pk1
+
 # Copy to a binary cache.
 nix copy --to file://$cacheDir $outPath2