aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEelco Dolstra <edolstra@gmail.com>2018-09-26 12:03:58 +0200
committerEelco Dolstra <edolstra@gmail.com>2018-09-26 12:03:58 +0200
commit44e86304b611a955f4e934fc160f3f4a0a2b1c92 (patch)
tree4c8388c67886b406bf8b9b07de90b6a3b97167a8
parent7ccdcc7fed154b6621397417354df4e2fd913215 (diff)
Make NAR header check more robust
Changes std::bad_alloc into bad archive: input doesn't look like a Nix archive
-rw-r--r--src/libutil/archive.cc2
-rw-r--r--src/libutil/serialise.cc5
-rw-r--r--src/libutil/serialise.hh2
3 files changed, 5 insertions, 4 deletions
diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc
index 1be8934a2..bb68e8288 100644
--- a/src/libutil/archive.cc
+++ b/src/libutil/archive.cc
@@ -283,7 +283,7 @@ void parseDump(ParseSink & sink, Source & source)
{
string version;
try {
- version = readString(source);
+ version = readString(source, narVersionMagic1.size());
} catch (SerialisationError & e) {
/* This generally means the integer at the start couldn't be
decoded. Ignore and throw the exception below. */
diff --git a/src/libutil/serialise.cc b/src/libutil/serialise.cc
index 17448f70e..31df6fdfd 100644
--- a/src/libutil/serialise.cc
+++ b/src/libutil/serialise.cc
@@ -268,16 +268,17 @@ void readPadding(size_t len, Source & source)
size_t readString(unsigned char * buf, size_t max, Source & source)
{
auto len = readNum<size_t>(source);
- if (len > max) throw Error("string is too long");
+ if (len > max) throw SerialisationError("string is too long");
source(buf, len);
readPadding(len, source);
return len;
}
-string readString(Source & source)
+string readString(Source & source, size_t max)
{
auto len = readNum<size_t>(source);
+ if (len > max) throw SerialisationError("string is too long");
std::string res(len, 0);
source((unsigned char*) res.data(), len);
readPadding(len, source);
diff --git a/src/libutil/serialise.hh b/src/libutil/serialise.hh
index 4b6ad5da5..969e4dff3 100644
--- a/src/libutil/serialise.hh
+++ b/src/libutil/serialise.hh
@@ -284,7 +284,7 @@ inline uint64_t readLongLong(Source & source)
void readPadding(size_t len, Source & source);
size_t readString(unsigned char * buf, size_t max, Source & source);
-string readString(Source & source);
+string readString(Source & source, size_t max = std::numeric_limits<size_t>::max());
template<class T> T readStrings(Source & source);
Source & operator >> (Source & in, string & s);