about summary refs log tree commit diff
diff options
context:
space:
mode:
authoredef <edef@edef.eu>2023-10-27T11·25+0000
committeredef <edef@edef.eu>2023-10-27T13·56+0000
commit36f2b69de59ddd9f64c1f37c9ef1422661643245 (patch)
tree612d60fe7ccf98964986b03483fe20cde9de18fe
parent99a61def17edbd77795efd2fda9e557b2cfef571 (diff)
fix(tvix/nix-compat): validate store path name length r/6887
Change-Id: I89ac0ad147a1872c021ab4235ca46ef3f51d0446
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9854
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
-rw-r--r--tvix/nix-compat/src/store_path/mod.rs15
1 files changed, 13 insertions, 2 deletions
diff --git a/tvix/nix-compat/src/store_path/mod.rs b/tvix/nix-compat/src/store_path/mod.rs
index e75d900ce006..c1df442adc89 100644
--- a/tvix/nix-compat/src/store_path/mod.rs
+++ b/tvix/nix-compat/src/store_path/mod.rs
@@ -164,8 +164,8 @@ impl StorePath {
 /// Checks a given &[u8] to match the restrictions for [StorePath::name], and
 /// returns the name as string if successful.
 pub(crate) fn validate_name(s: &[u8]) -> Result<String, Error> {
-    // Empty names are not allowed.
-    if s.is_empty() {
+    // Empty or excessively long names are not allowed.
+    if s.is_empty() || s.len() > 211 {
         return Err(Error::InvalidLength());
     }
 
@@ -247,6 +247,17 @@ mod tests {
     }
 
     #[test]
+    fn empty_name() {
+        StorePath::from_bytes(b"00bgd045z0d4icpbc2yy-").expect_err("must fail");
+    }
+
+    #[test]
+    fn excessive_length() {
+        StorePath::from_bytes(b"00bgd045z0d4icpbc2yy-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")
+            .expect_err("must fail");
+    }
+
+    #[test]
     fn invalid_hash_length() {
         StorePath::from_bytes(b"00bgd045z0d4icpbc2yy-net-tools-1.60_p20170221182432")
             .expect_err("must fail");