From 12ddbad45893f125e2ab46c5e26d7c8396b31bdb Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Mon, 30 May 2016 13:44:09 +0200
Subject: LocalStore::addToStore: Verify hash of the imported path

---
 src/libstore/local-store.cc | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'src')

diff --git a/src/libstore/local-store.cc b/src/libstore/local-store.cc
index acd02eb48adc..8608b39ec5bd 100644
--- a/src/libstore/local-store.cc
+++ b/src/libstore/local-store.cc
@@ -904,6 +904,11 @@ void LocalStore::invalidatePath(State & state, const Path & path)
 
 void LocalStore::addToStore(const ValidPathInfo & info, const std::string & nar, bool repair)
 {
+    Hash h = hashString(htSHA256, nar);
+    if (h != info.narHash)
+        throw Error(format("hash mismatch importing path ‘%s’; expected hash ‘%s’, got ‘%s’") %
+            info.path % info.narHash.to_string() % h.to_string());
+
     addTempRoot(info.path);
 
     if (repair || !isValidPath(info.path)) {
-- 
cgit 1.4.1