shaba/ostree
1
0
Fork 0
mirror of https://github.com/ostreedev/ostree.git synced 2025-01-18 10:04:17 +03:00
Code Issues Projects Releases Wiki Activity

lib/commit: reject empty metadata keys

Browse Source 
This adds one more check to the metadata validation logic in order
to reject empty metadata keys.
This commit is contained in:
Luca BRUNO 2022-01-20 10:54:30 +00:00
parent 6230b3eeab
commit da72c245f4
No known key found for this signature in database
GPG Key ID: A9834A2252078E4E
3 changed files with 30 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/libostree/ostree-core.c
View File

@ -2197,6 +2197,19 @@ ostree_validate_structureof_commit (GVariant *commit,
if (!validate_variant (commit, OSTREE_COMMIT_GVARIANT_FORMAT, error)) if (!validate_variant (commit, OSTREE_COMMIT_GVARIANT_FORMAT, error))
return FALSE; return FALSE;
g_autoptr(GVariant) metadata = NULL;
g_variant_get_child (commit, 0, "@a{sv}", &metadata);
g_assert (metadata != NULL);
g_autoptr(GVariantIter) metadata_iter = g_variant_iter_new (metadata);
g_assert (metadata_iter != NULL);
g_autoptr(GVariant) metadata_entry = NULL;
const gchar *metadata_key = NULL;
while (g_variant_iter_loop (metadata_iter, "{sv}", &metadata_key, NULL))
{
if (metadata_key == NULL || strlen (metadata_key) == 0)
return glnx_throw (error, "Empty metadata key");
}
g_autoptr(GVariant) parent_csum_v = NULL; g_autoptr(GVariant) parent_csum_v = NULL;
g_variant_get_child (commit, 1, "@ay", &parent_csum_v); g_variant_get_child (commit, 1, "@ay", &parent_csum_v);
gsize n_elts; gsize n_elts;

9
src/ostree/ot-builtin-commit.c
View File

@ -335,17 +335,18 @@ parse_keyvalue_strings (GVariantBuilder *builder,
if (!eq) if (!eq)
return glnx_throw (error, "Missing '=' in KEY=VALUE metadata '%s'", s); return glnx_throw (error, "Missing '=' in KEY=VALUE metadata '%s'", s);
g_autofree char *key = g_strndup (s, eq - s); g_autofree char *key = g_strndup (s, eq - s);
const char *value = eq + 1;
if (is_gvariant_print) if (is_gvariant_print)
{ {
g_autoptr(GVariant) value = g_variant_parse (NULL, eq + 1, NULL, NULL, error); g_autoptr(GVariant) variant = g_variant_parse (NULL, value, NULL, NULL, error);
if (!value) if (!variant)
return glnx_prefix_error (error, "Parsing %s", s); return glnx_prefix_error (error, "Parsing %s", s);
g_variant_builder_add (builder, "{sv}", key, value); g_variant_builder_add (builder, "{sv}", key, variant);
} }
else else
g_variant_builder_add (builder, "{sv}", key, g_variant_builder_add (builder, "{sv}", key,
g_variant_new_string (eq + 1)); g_variant_new_string (value));
} }
return TRUE; return TRUE;

13
tests/test-basic-user-only.sh
View File

@ -23,7 +23,7 @@ set -euo pipefail
mode="bare-user-only" mode="bare-user-only"
setup_test_repository "$mode" setup_test_repository "$mode"
extra_basic_tests=6 extra_basic_tests=7
. $(dirname $0)/basic-test.sh . $(dirname $0)/basic-test.sh
$CMD_PREFIX ostree --version > version.yaml $CMD_PREFIX ostree --version > version.yaml
@ -54,6 +54,17 @@ fi
assert_file_has_content err.txt "Content object.*invalid mode.*with bits 040.*" assert_file_has_content err.txt "Content object.*invalid mode.*with bits 040.*"
echo "ok failed to commit suid" echo "ok failed to commit suid"
cd ${test_tmpdir}
rm repo-input -rf
ostree_repo_init repo-input init --mode=archive
rm files -rf && mkdir files
if $CMD_PREFIX ostree --repo=repo-input commit -b metadata --tree=dir=files --add-metadata-string='=FOO' 2>err.txt; then
assert_not_reached "committed an empty metadata key"
fi
assert_file_has_content err.txt "Empty metadata key"
$CMD_PREFIX ostree --repo=repo-input commit -b metadata --tree=dir=files --add-metadata-string='FOO='
echo "ok rejected invalid metadata"
cd ${test_tmpdir} cd ${test_tmpdir}
rm repo-input -rf rm repo-input -rf
ostree_repo_init repo-input init --mode=archive ostree_repo_init repo-input init --mode=archive