diff options
author | Tom Bereknyei <tomberek@gmail.com> | 2022-04-21 16:41:37 -0400 |
---|---|---|
committer | Tom Bereknyei <tomberek@gmail.com> | 2022-04-21 16:41:37 -0400 |
commit | f25112d3832b93a2bc8abe7936e6355dae9a25d5 (patch) | |
tree | 186d85f2f087bab22612dd2c6014146014140b49 /src | |
parent | 9345b4e9ca1b14071b471851508b37edfc2d1248 (diff) |
fix: builtins.toFile adds path to allowedPaths
The produced path is then allowed be imported or utilized elsewhere:
```
assert (43 == import (builtins.toFile "source" "43")); "good"
```
This will still fail on write-only stores.
Diffstat (limited to 'src')
-rw-r--r-- | src/libexpr/primops.cc | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc index 73817dbdd..a93ac8a30 100644 --- a/src/libexpr/primops.cc +++ b/src/libexpr/primops.cc @@ -1798,15 +1798,16 @@ static void prim_toFile(EvalState & state, const Pos & pos, Value * * args, Valu refs.insert(state.store->parseStorePath(path)); } - auto storePath = state.store->printStorePath(settings.readOnlyMode + auto storePath = settings.readOnlyMode ? state.store->computeStorePathForText(name, contents, refs) - : state.store->addTextToStore(name, contents, refs, state.repair)); + : state.store->addTextToStore(name, contents, refs, state.repair); /* Note: we don't need to add `context' to the context of the result, since `storePath' itself has references to the paths used in args[1]. */ - v.mkString(storePath, {storePath}); + /* Add the output of this to the allowed paths. */ + state.allowAndSetStorePathString(storePath, v); } static RegisterPrimOp primop_toFile({ |