From e5f22818566b4cc49ce9b089c59921f5a054c48c Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Sat, 23 Sep 2023 12:38:35 +0300
Subject: feat(tvix/cli/derivation): reject derivations with empty names

As shown in the previous CLs, we can very well have store paths starting
with periods, but we can't have derivations with an empty name:

```
nix-build -E 'derivation { name = ""; builder = "/bin/sh"; system = "x86_64-linux"; }'
error: store path 'nr7i5pf18hw2zg487vkdyrbasdqylfcj-' has an empty name
```

I'm currently using ErrorKind::Abort here, because we don't have a
Derivation- related error in tvix-eval (and probably don't want to).

Change-Id: I0e9743cee98dbfa69e9caa2a58352176270f15bd
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9448
Autosubmit: flokli <flokli@flokli.de>
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
---
 tvix/cli/src/derivation.rs | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/tvix/cli/src/derivation.rs b/tvix/cli/src/derivation.rs
index e2184c4a67..de6d58a13d 100644
--- a/tvix/cli/src/derivation.rs
+++ b/tvix/cli/src/derivation.rs
@@ -229,6 +229,10 @@ mod derivation_builtins {
             .to_str()
             .context("determining derivation name")?;
 
+        if name.is_empty() {
+            return Err(ErrorKind::Abort("derivation has empty name".to_string()));
+        }
+
         // Check whether attributes should be passed as a JSON file.
         // TODO: the JSON serialisation has to happen here.
         if let Some(sa) = input.select(STRUCTURED_ATTRS) {
@@ -461,6 +465,29 @@ mod tests {
         );
     }
 
+    #[test]
+    fn derivation_empty_name() {
+        let mut eval = tvix_eval::Evaluation::new_impure(
+            r#"(derivation { name = ""; builder = "/bin/sh"; system = "x86_64-linux";}).outPath"#,
+            None,
+        );
+
+        let known_paths: Rc<RefCell<KnownPaths>> = Default::default();
+
+        eval.builtins
+            .extend(crate::derivation::derivation_builtins(known_paths));
+
+        // Add the actual `builtins.derivation` from compiled Nix code
+        // TODO: properly compose this
+        eval.src_builtins
+            .push(("derivation", include_str!("derivation.nix")));
+
+        assert!(
+            !eval.evaluate().errors.is_empty(),
+            "expect evaluation to fail"
+        );
+    }
+
     // TODO: These tests are commented out because we do not have
     // scaffolding to drive generators during testing at the moment.
 
-- 
cgit 1.4.1