From fdd7817aad18346197a521593bdafdae4045aeb6 Mon Sep 17 00:00:00 2001
From: Florian Klink <flokli@flokli.de>
Date: Sun, 31 Dec 2023 18:54:44 +0200
Subject: feat(nix-compat/store_path): build_ca_path may fail

Change-Id: Ia74ee870f38b7966501458bace541092256c3213
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10509
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Autosubmit: flokli <flokli@flokli.de>
Tested-by: BuildkiteCI
---
 tvix/glue/src/tvix_store_io.rs          |  7 ++++++-
 tvix/nix-compat/src/store_path/utils.rs |  6 +++---
 tvix/store/src/bin/tvix-store.rs        | 10 +++++++++-
 3 files changed, 18 insertions(+), 5 deletions(-)

(limited to 'tvix')

diff --git a/tvix/glue/src/tvix_store_io.rs b/tvix/glue/src/tvix_store_io.rs
index 41cae97ebf52..5c255d5a30c3 100644
--- a/tvix/glue/src/tvix_store_io.rs
+++ b/tvix/glue/src/tvix_store_io.rs
@@ -326,7 +326,12 @@ async fn import_path_with_pathinfo(
         .to_str()
         .expect("path must be valid unicode");
 
-    let output_path = store_path::build_nar_based_store_path(&nar_sha256, name);
+    let output_path = store_path::build_nar_based_store_path(&nar_sha256, name).map_err(|_| {
+        std::io::Error::new(
+            std::io::ErrorKind::InvalidData,
+            format!("invalid name: {}", name),
+        )
+    })?;
 
     // assemble a new root_node with a name that is derived from the nar hash.
     let root_node = root_node.rename(output_path.to_string().into_bytes().into());
diff --git a/tvix/nix-compat/src/store_path/utils.rs b/tvix/nix-compat/src/store_path/utils.rs
index af593d27affd..0b75ef50647c 100644
--- a/tvix/nix-compat/src/store_path/utils.rs
+++ b/tvix/nix-compat/src/store_path/utils.rs
@@ -115,14 +115,14 @@ pub fn build_ca_path<'a, S: AsRef<str>, I: IntoIterator<Item = S>>(
 }
 
 /// For given NAR sha256 digest and name, return the new [StorePathRef] this
-/// would have.
+/// would have, or an error, in case the name is invalid.
 pub fn build_nar_based_store_path<'a>(
     nar_sha256_digest: &[u8; 32],
     name: &'a str,
-) -> StorePathRef<'a> {
+) -> Result<StorePathRef<'a>, BuildStorePathError> {
     let nar_hash_with_mode = CAHash::Nar(NixHash::Sha256(nar_sha256_digest.to_owned()));
 
-    build_ca_path(name, &nar_hash_with_mode, Vec::<String>::new(), false).unwrap()
+    build_ca_path(name, &nar_hash_with_mode, Vec::<String>::new(), false)
 }
 
 /// This builds an input-addressed store path.
diff --git a/tvix/store/src/bin/tvix-store.rs b/tvix/store/src/bin/tvix-store.rs
index ab80415cf2e5..ef66d6b7bab1 100644
--- a/tvix/store/src/bin/tvix-store.rs
+++ b/tvix/store/src/bin/tvix-store.rs
@@ -283,8 +283,16 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
                             let (nar_size, nar_sha256) =
                                 path_info_service.calculate_nar(&root_node).await?;
 
+                            // Calculate the output path. This might still fail, as some names are illegal.
                             let output_path =
-                                store_path::build_nar_based_store_path(&nar_sha256, name);
+                                store_path::build_nar_based_store_path(&nar_sha256, name).map_err(
+                                    |_| {
+                                        std::io::Error::new(
+                                            std::io::ErrorKind::InvalidData,
+                                            format!("invalid name: {}", name),
+                                        )
+                                    },
+                                )?;
 
                             // assemble a new root_node with a name that is derived from the nar hash.
                             let root_node =
-- 
cgit 1.4.1