From 36f2b69de59ddd9f64c1f37c9ef1422661643245 Mon Sep 17 00:00:00 2001 From: edef Date: Fri, 27 Oct 2023 11:25:14 +0000 Subject: [PATCH] fix(tvix/nix-compat): validate store path name length Change-Id: I89ac0ad147a1872c021ab4235ca46ef3f51d0446 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9854 Tested-by: BuildkiteCI Reviewed-by: flokli --- tvix/nix-compat/src/store_path/mod.rs | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/tvix/nix-compat/src/store_path/mod.rs b/tvix/nix-compat/src/store_path/mod.rs index e75d900ce..c1df442ad 100644 --- a/tvix/nix-compat/src/store_path/mod.rs +++ b/tvix/nix-compat/src/store_path/mod.rs @@ -164,8 +164,8 @@ impl StorePath { /// Checks a given &[u8] to match the restrictions for [StorePath::name], and /// returns the name as string if successful. pub(crate) fn validate_name(s: &[u8]) -> Result { - // Empty names are not allowed. - if s.is_empty() { + // Empty or excessively long names are not allowed. + if s.is_empty() || s.len() > 211 { return Err(Error::InvalidLength()); } @@ -246,6 +246,17 @@ mod tests { .expect_err("must fail"); } + #[test] + fn empty_name() { + StorePath::from_bytes(b"00bgd045z0d4icpbc2yy-").expect_err("must fail"); + } + + #[test] + fn excessive_length() { + StorePath::from_bytes(b"00bgd045z0d4icpbc2yy-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") + .expect_err("must fail"); + } + #[test] fn invalid_hash_length() { StorePath::from_bytes(b"00bgd045z0d4icpbc2yy-net-tools-1.60_p20170221182432")