From 1937bc86244c0d420f7b40eeb38f14827e92d162 Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Tue, 16 Jun 2020 12:34:44 +0200
Subject: fix(3p/nix/libstore): use exception instead of assertion when
 storepath is malformed

Previously the nix-daemon would crash if a user fed it invalid store
paths for drv files. The crash was due to the changed assertion
triggering. Whenever that assertion would hit the nix-daemon process
along with all it's current childs (running builds from all users) would
be interrupted.

Before this patch:

 $ nix-store --realise /nix/store/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.drv
 don't know how to build these paths:
   /nix/store/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.drv
 error: unexpected end-of-file

 < nix-daemon terminates >

With this patch:

 $ nix-store --realise /nix/store/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.drv
 don't know how to build these paths:
   /nix/store/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.drv
 error: path '/nix/store/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.drv' is not a valid store path

 < nix-daemon does *NOT* terminate >

Change-Id: I01c5048c8a43a8b9154bdeb781d05b7744869ec0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/981
Tested-by: BuildkiteCI
Reviewed-by: glittershark <grfn@gws.fyi>
Reviewed-by: tazjin <mail@tazj.in>
---
 third_party/nix/src/libstore/store-api.cc | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

(limited to 'third_party')

diff --git a/third_party/nix/src/libstore/store-api.cc b/third_party/nix/src/libstore/store-api.cc
index 081cdea987..f28b13c83d 100644
--- a/third_party/nix/src/libstore/store-api.cc
+++ b/third_party/nix/src/libstore/store-api.cc
@@ -66,8 +66,17 @@ Path Store::followLinksToStorePath(const Path& path) const {
 
 std::string storePathToName(const Path& path) {
   auto base = baseNameOf(path);
-  assert(base.size() == storePathHashLen ||
-         (base.size() > storePathHashLen && base[storePathHashLen] == '-'));
+
+  // The base name of the store path must be `storePathHashLen` characters long,
+  // if it is not `storePathHashLen` long then the next character, following
+  // the hash part, MUST be a dash (`-`).
+  const bool hasLengthMismatch = base.size() != storePathHashLen;
+  const bool hasInvalidSuffix =
+      base.size() > storePathHashLen && base[storePathHashLen] != '-';
+  if (hasLengthMismatch && hasInvalidSuffix) {
+    throw Error(format("path '%1%' is not a valid store path") % path);
+  }
+
   return base.size() == storePathHashLen
              ? ""
              : std::string(base, storePathHashLen + 1);
-- 
cgit 1.4.1