LocalStore::addToStore: Verify hash of the imported path
This commit is contained in:
parent
e222484401
commit
12ddbad458
2 changed files with 6 additions and 1 deletions
|
@ -904,6 +904,11 @@ void LocalStore::invalidatePath(State & state, const Path & path)
|
||||||
|
|
||||||
void LocalStore::addToStore(const ValidPathInfo & info, const std::string & nar, bool repair)
|
void LocalStore::addToStore(const ValidPathInfo & info, const std::string & nar, bool repair)
|
||||||
{
|
{
|
||||||
|
Hash h = hashString(htSHA256, nar);
|
||||||
|
if (h != info.narHash)
|
||||||
|
throw Error(format("hash mismatch importing path ‘%s’; expected hash ‘%s’, got ‘%s’") %
|
||||||
|
info.path % info.narHash.to_string() % h.to_string());
|
||||||
|
|
||||||
addTempRoot(info.path);
|
addTempRoot(info.path);
|
||||||
|
|
||||||
if (repair || !isValidPath(info.path)) {
|
if (repair || !isValidPath(info.path)) {
|
||||||
|
|
|
@ -48,7 +48,7 @@ mkdir -p $TEST_ROOT/empty
|
||||||
nix-store --dump $TEST_ROOT/empty | xz > $nar
|
nix-store --dump $TEST_ROOT/empty | xz > $nar
|
||||||
|
|
||||||
nix-build --option binary-caches "file://$cacheDir" dependencies.nix -o $TEST_ROOT/result 2>&1 | tee $TEST_ROOT/log
|
nix-build --option binary-caches "file://$cacheDir" dependencies.nix -o $TEST_ROOT/result 2>&1 | tee $TEST_ROOT/log
|
||||||
grep -q "hash mismatch in downloaded path" $TEST_ROOT/log
|
grep -q "hash mismatch" $TEST_ROOT/log
|
||||||
|
|
||||||
mv $nar.good $nar
|
mv $nar.good $nar
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue