aboutsummaryrefslogtreecommitdiff
path: root/src/libutil
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2014-07-16 16:30:50 +0200
committerEelco Dolstra <eelco.dolstra@logicblox.com>2014-07-16 16:30:50 +0200
commit985f1595fe9f61095c7bc94b49be1179811ec630 (patch)
treef77e47abbe34c66209bb170354c9f881d2e85598 /src/libutil
parent276a40b31f631c188d6dcbdf603a738e1380ff74 (diff)
Be more strict about file names in NARs
Diffstat (limited to 'src/libutil')
-rw-r--r--src/libutil/archive.cc7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/libutil/archive.cc b/src/libutil/archive.cc
index dfe9653d1..9dc2ebeeb 100644
--- a/src/libutil/archive.cc
+++ b/src/libutil/archive.cc
@@ -231,7 +231,7 @@ static void parse(ParseSink & sink, Source & source, const Path & path)
}
else if (s == "entry" && type == tpDirectory) {
- string name;
+ string name, prevName;
s = readString(source);
if (s != "(") throw badArchive("expected open tag");
@@ -245,6 +245,11 @@ static void parse(ParseSink & sink, Source & source, const Path & path)
break;
} else if (s == "name") {
name = readString(source);
+ if (name.empty() || name == "." || name == ".." || name.find('/') != string::npos || name.find((char) 0) != string::npos)
+ throw Error(format("NAR contains invalid file name `%1%'") % name);
+ if (name <= prevName)
+ throw Error("NAR directory is not sorted");
+ prevName = name;
if (useCaseHack) {
auto i = names.find(name);
if (i != names.end()) {