diff options
| author | Eelco Dolstra <edolstra@gmail.com> | 2018-09-26T10·03+0200 |
|---|---|---|
| committer | Eelco Dolstra <edolstra@gmail.com> | 2018-09-26T10·03+0200 |
| commit | 44e86304b611a955f4e934fc160f3f4a0a2b1c92 (patch) | |
| tree | 4c8388c67886b406bf8b9b07de90b6a3b97167a8 /src | |
| parent | 7ccdcc7fed154b6621397417354df4e2fd913215 (diff) | |
Make NAR header check more robust
Changes std::bad_alloc into bad archive: input doesn't look like a Nix archive
Diffstat (limited to 'src')
| -rw-r--r-- | src/libutil/archive.cc | 2 | ||||
| -rw-r--r-- | src/libutil/serialise.cc | 5 | ||||
| -rw-r--r-- | src/libutil/serialise.hh | 2 |
3 files changed, 5 insertions, 4 deletions
diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc index 1be8934a2eba..bb68e82886d0 100644 --- a/src/libutil/archive.cc +++ b/src/libutil/archive.cc @@ -283,7 +283,7 @@ void parseDump(ParseSink & sink, Source & source) { string version; try { - version = readString(source); + version = readString(source, narVersionMagic1.size()); } catch (SerialisationError & e) { /* This generally means the integer at the start couldn't be decoded. Ignore and throw the exception below. */ diff --git a/src/libutil/serialise.cc b/src/libutil/serialise.cc index 17448f70efb6..31df6fdfde86 100644 --- a/src/libutil/serialise.cc +++ b/src/libutil/serialise.cc @@ -268,16 +268,17 @@ void readPadding(size_t len, Source & source) size_t readString(unsigned char * buf, size_t max, Source & source) { auto len = readNum<size_t>(source); - if (len > max) throw Error("string is too long"); + if (len > max) throw SerialisationError("string is too long"); source(buf, len); readPadding(len, source); return len; } -string readString(Source & source) +string readString(Source & source, size_t max) { auto len = readNum<size_t>(source); + if (len > max) throw SerialisationError("string is too long"); std::string res(len, 0); source((unsigned char*) res.data(), len); readPadding(len, source); diff --git a/src/libutil/serialise.hh b/src/libutil/serialise.hh index 4b6ad5da5b9c..969e4dff383d 100644 --- a/src/libutil/serialise.hh +++ b/src/libutil/serialise.hh @@ -284,7 +284,7 @@ inline uint64_t readLongLong(Source & source) void readPadding(size_t len, Source & source); size_t readString(unsigned char * buf, size_t max, Source & source); -string readString(Source & source); +string readString(Source & source, size_t max = std::numeric_limits<size_t>::max()); template<class T> T readStrings(Source & source); Source & operator >> (Source & in, string & s); |