about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--scripts/download-from-binary-cache.pl.in7
1 files changed, 5 insertions, 2 deletions
diff --git a/scripts/download-from-binary-cache.pl.in b/scripts/download-from-binary-cache.pl.in
index 6f4b55766de2..5fb0419f181a 100644
--- a/scripts/download-from-binary-cache.pl.in
+++ b/scripts/download-from-binary-cache.pl.in
@@ -213,6 +213,8 @@ sub processNARInfo {
         print STDERR "bad NAR info file ‘$request->{url}’\n";
         return undef;
     }
+
+    # FIXME: validate $url etc. for security.
     
     # Cache the result.
     $insertNAR->execute(
@@ -417,8 +419,9 @@ sub downloadBinary {
             print STDERR "unknown compression method ‘$info->{compression}’\n";
             next;
         }
-        print STDERR "\n*** Downloading ‘$info->{url}’ into ‘$storePath’...\n";
-        if (system("$Nix::Config::curl --fail --location $binaryCacheUrl/$info->{url} | $decompressor | $Nix::Config::binDir/nix-store --restore $storePath") != 0) {
+        my $url = "$binaryCacheUrl/$info->{url}"; # FIXME: handle non-relative URLs
+        print STDERR "\n*** Downloading ‘$url’ into ‘$storePath’...\n";
+        if (system("$Nix::Config::curl --fail --location '$url' | $decompressor | $Nix::Config::binDir/nix-store --restore $storePath") != 0) {
             die "download of `$info->{url}' failed" . ($! ? ": $!" : "") . "\n" unless $? == 0;
             next;
         }
generated by cgit-pink 1.4.1 (git 2.44.2) at 2024-07-29T15·11+0000