fetchClosure: Don't allow URL query parameters

Allowing this is a potential security hole, since it allows the user to specify parameters like 'local-nar-cache'.
author: Eelco Dolstra <edolstra@gmail.com> 2022-04-06 11:52:51 +0200
committer: Eelco Dolstra <edolstra@gmail.com> 2022-04-06 11:52:51 +0200
commit: 589f6f267b009bc2856597995db360f910e69a6f (patch)
tree: 836e40d1fec22154966d21f944344dfad35ba4f5 /src
parent: c0ad86f6817684efc2955dae904f548ea99ad6ee (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/src/libexpr/primops/fetchClosure.cc b/src/libexpr/primops/fetchClosure.cc
index efeb93daf..821eba698 100644
--- a/src/libexpr/primops/fetchClosure.cc
+++ b/src/libexpr/primops/fetchClosure.cc
@@ -61,6 +61,12 @@ static void prim_fetchClosure(EvalState & state, const Pos & pos, Value * * args
             .errPos = pos
         });
 
+    if (!parsedURL.query.empty())
+        throw Error({
+            .msg = hintfmt("'fetchClosure' does not support URL query parameters (in '%s')", *fromStoreUrl),
+            .errPos = pos
+        });
+
     auto fromStore = openStore(parsedURL.to_string());
 
     if (toCA) {
@@ -87,7 +93,8 @@ static void prim_fetchClosure(EvalState & state, const Pos & pos, Value * * args
                 });
         }
     } else {
-        copyClosure(*fromStore, *state.store, RealisedPath::Set { *fromPath });
+        if (!state.store->isValidPath(*fromPath))
+            copyClosure(*fromStore, *state.store, RealisedPath::Set { *fromPath });
         toPath = fromPath;
     }
author	Eelco Dolstra <edolstra@gmail.com>	2022-04-06 11:52:51 +0200
committer	Eelco Dolstra <edolstra@gmail.com>	2022-04-06 11:52:51 +0200
commit	589f6f267b009bc2856597995db360f910e69a6f (patch)
tree	836e40d1fec22154966d21f944344dfad35ba4f5 /src
parent	c0ad86f6817684efc2955dae904f548ea99ad6ee (diff)