maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

LocalStore::addToStore: Verify hash of the imported path

Browse source
This commit is contained in:
Eelco Dolstra 2016-05-30 13:44:09 +02:00
parent e222484401
commit 12ddbad458
2 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/libstore/local-store.cc
View file

@ -904,6 +904,11 @@ void LocalStore::invalidatePath(State & state, const Path & path)
void LocalStore::addToStore(const ValidPathInfo & info, const std::string & nar, bool repair) void LocalStore::addToStore(const ValidPathInfo & info, const std::string & nar, bool repair)
{ {
Hash h = hashString(htSHA256, nar);
if (h != info.narHash)
throw Error(format("hash mismatch importing path %s; expected hash %s, got %s") %
info.path % info.narHash.to_string() % h.to_string());
addTempRoot(info.path); addTempRoot(info.path);
if (repair || !isValidPath(info.path)) { if (repair || !isValidPath(info.path)) {

2
tests/binary-cache.sh
View file

@ -48,7 +48,7 @@ mkdir -p $TEST_ROOT/empty
nix-store --dump $TEST_ROOT/empty | xz > $nar nix-store --dump $TEST_ROOT/empty | xz > $nar
nix-build --option binary-caches "file://$cacheDir" dependencies.nix -o $TEST_ROOT/result 2>&1 | tee $TEST_ROOT/log nix-build --option binary-caches "file://$cacheDir" dependencies.nix -o $TEST_ROOT/result 2>&1 | tee $TEST_ROOT/log
grep -q "hash mismatch in downloaded path" $TEST_ROOT/log grep -q "hash mismatch" $TEST_ROOT/log
mv $nar.good $nar mv $nar.good $nar