shaba/ostree
1
0
Fork 0
mirror of https://github.com/ostreedev/ostree.git synced 2025-03-14 04:59:00 +03:00
Code Issues Projects Releases Wiki Activity

lib/refs: Add runtime error checking for collection ID validity

Browse Source 
Instead of treating it as a programming error — given that it’s user
input, that’s not really appropriate. This modifies write_ref() and
list_collection_refs() to implement validation.

Signed-off-by: Philip Withnall <withnall@endlessm.com>

Closes: #924
Approved by: cgwalters
This commit is contained in:
Philip Withnall 2017-06-23 15:55:19 +01:00 committed by Atomic Bot
parent 11ad3ec529
commit d0d5f54ce2
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/libostree/ostree-repo-refs.c
View File

@ -769,6 +769,13 @@ _ostree_repo_write_ref (OstreeRepo *self,
g_return_val_if_fail (remote == NULL || ref->collection_id == NULL, FALSE);
if (remote != NULL && !ostree_validate_remote_name (remote, error))
return FALSE;
if (ref->collection_id != NULL && !ostree_validate_collection_id (ref->collection_id, error))
return FALSE;
if (!ostree_validate_rev (ref->ref_name, error))
return FALSE;
if (remote == NULL &&
(ref->collection_id == NULL || g_strcmp0 (ref->collection_id, ostree_repo_get_collection_id (self)) == 0))
{
@ -928,11 +935,12 @@ ostree_repo_list_collection_refs (OstreeRepo *self,
GError **error)
{
g_return_val_if_fail (OSTREE_IS_REPO (self), FALSE);
g_return_val_if_fail (match_collection_id == NULL ||
ostree_validate_collection_id (match_collection_id, NULL), FALSE);
g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE);
g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
if (match_collection_id != NULL && !ostree_validate_collection_id (match_collection_id, error))
return FALSE;
g_autoptr(GHashTable) ret_all_refs = NULL;
ret_all_refs = g_hash_table_new_full (ostree_collection_ref_hash,