libstore: guard against empty archive in unpack paths#15242
libstore: guard against empty archive in unpack paths#15242xokdvium merged 1 commit intoNixOS:masterfrom
Conversation
`DirectoryIterator` is dereferenced without an end check, which segfaults when unpacking an empty or zero-sized archive. This commit adds an emptiness check before the dereference in both `prefetchFile` and `builtinUnpackChannel`, throwing a descriptive error instead. Fixes NixOS#15116.
github-actions
bot
added
new-cli
|
@xokdvium should we have some sort of |
The current situation is fine. It's not a range, but an iterator, so it's all good. Think |
| if (entries == DirectoryIterator{}) | ||
| throw Error("archive '%s' is empty", url.to_string()); |
There was a problem hiding this comment.
Note that old versions (like 2.18) created an empty file. Not sure what's the best way to address this is.
There was a problem hiding this comment.
Not sure at all, though I guess it was a bug/unintended side effect that there were empty archives created before.
There was a problem hiding this comment.
Probably, can we discuss the intended behaviour in the linked issue?
xokdvium
left a comment
xokdvium
left a comment
There was a problem hiding this comment.
The builtin builder change is good regardless. I think it's fine to stick with error out in all code paths too.
3 participants
Motivation
DirectoryIteratoris dereferenced without an end check, which segfaults when unpacking an empty or zero-sized archive. This commit adds an emptiness check before the dereference in bothprefetchFileandbuiltinUnpackChannel, throwing a descriptive error instead.Context
Add 👍 to pull requests you find important.
The Nix maintainer team uses a GitHub project board to schedule and track reviews.