diff options
author | Florian Klink <flokli@flokli.de> | 2024-04-20T13·03+0300 |
---|---|---|
committer | clbot <clbot@tvl.fyi> | 2024-04-20T14·14+0000 |
commit | f34e0fa34281f89f673337ce73f21b2957b41a6f (patch) | |
tree | 3cf0cc2bbcc1cac9d24923efdaccf9df8349cc2e /tvix/castore/src | |
parent | e9db0449e700154baee1470f914c3f09089442d0 (diff) |
feat(tvix/castore/import): only allow normal components in entry paths r/7982
Explicitly document and add a debug assertion for that. It's up to callers to ensure this doesn't happen. Change-Id: Ib5d154809c2ad2920258e239993d0b790d846dc8 Reviewed-on: https://cl.tvl.fyi/c/depot/+/11487 Reviewed-by: Connor Brewster <cbrewster@hey.com> Autosubmit: flokli <flokli@flokli.de> Tested-by: BuildkiteCI
Diffstat (limited to 'tvix/castore/src')
-rw-r--r-- | tvix/castore/src/import/mod.rs | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/tvix/castore/src/import/mod.rs b/tvix/castore/src/import/mod.rs index d2b1ee9ff70f..ff27c0fcfd2b 100644 --- a/tvix/castore/src/import/mod.rs +++ b/tvix/castore/src/import/mod.rs @@ -40,7 +40,8 @@ pub mod fs; /// The stream must have the following invariants: /// - All children entries must come before their parents. /// - The last entry must be the root node which must have a single path component. -/// - Every entry should have a unique path. +/// - Every entry should have a unique path, and only consist of normal components. +/// This means, no windows path prefixes, absolute paths, `.` or `..`. /// /// Internally we maintain a [HashMap] of [PathBuf] to partially populated [Directory] at that /// path. Once we receive an [IngestionEntry] for the directory itself, we remove it from the @@ -65,6 +66,14 @@ where // we break the loop manually. .expect("Tvix bug: unexpected end of stream")?; + debug_assert!( + entry + .path() + .components() + .all(|x| matches!(x, std::path::Component::Normal(_))), + "path may only contain normal components" + ); + let name = entry .path() .file_name() |