Check maven_jar sha1s for validity

Fixes #1125. -- MOS_MIGRATED_REVID=127719941
author: Kristina Chodorow <kchodorow@google.com> 2016-07-18 15:34:50 +0000
committer: John Cater <jcater@google.com> 2016-07-18 18:09:29 +0000
commit: c760f133604877e7b6d8ac3f2bcb9b13b0983f4e (patch)
tree: 46345b7e2b98b5bf02c27b0b1f6ddb5152b74461 /src/main/java/com/google
parent: e3bc67adc0c73ce93ffcf08fbeb2ab3fb53f6550 (diff)
1 files changed, 13 insertions, 3 deletions
diff --git a/src/main/java/com/google/devtools/build/lib/bazel/repository/MavenJarFunction.java b/src/main/java/com/google/devtools/build/lib/bazel/repository/MavenJarFunction.java
index c8a826f0cc..8e2693b4ad 100644
--- a/src/main/java/com/google/devtools/build/lib/bazel/repository/MavenJarFunction.java
+++ b/src/main/java/com/google/devtools/build/lib/bazel/repository/MavenJarFunction.java
@@ -114,12 +114,18 @@ public class MavenJarFunction extends HttpArchiveFunction {
     if (env.valuesMissing()) {
       return null;
     }
-    MavenDownloader downloader = createMavenDownloader(directories, mapper, serverValue);
+    MavenDownloader downloader;
+    try {
+      downloader = createMavenDownloader(directories, mapper, serverValue);
+    } catch (IOException e) {
+      throw new RepositoryFunctionException(e, Transience.PERSISTENT);
+    }
     return createOutputTree(downloader);
   }
 
   private MavenDownloader createMavenDownloader(
-      BlazeDirectories directories, AttributeMap mapper, MavenServerValue serverValue) {
+      BlazeDirectories directories, AttributeMap mapper, MavenServerValue serverValue)
+      throws IOException {
     String name = mapper.getName();
     Path outputDirectory = getExternalRepositoryDirectory(directories).getRelative(name);
     return new MavenDownloader(name, mapper, outputDirectory, serverValue);
@@ -168,12 +174,16 @@ public class MavenJarFunction extends HttpArchiveFunction {
     private final Server server;
 
     public MavenDownloader(
-        String name, AttributeMap mapper, Path outputDirectory, MavenServerValue serverValue) {
+        String name, AttributeMap mapper, Path outputDirectory, MavenServerValue serverValue)
+        throws IOException {
       this.name = name;
       this.outputDirectory = outputDirectory;
 
       this.artifact = mapper.get("artifact", Type.STRING);
       this.sha1 = (mapper.has("sha1", Type.STRING)) ? mapper.get("sha1", Type.STRING) : null;
+      if (!sha1.matches("\\p{XDigit}{40}")) {
+        throw new IOException("Invalid SHA-1 for maven_jar " + name + ": '" + sha1 + "'");
+      }
       this.url = serverValue.getUrl();
       this.server = serverValue.getServer();
     }
author	Kristina Chodorow <kchodorow@google.com>	2016-07-18 15:34:50 +0000
committer	John Cater <jcater@google.com>	2016-07-18 18:09:29 +0000
commit	c760f133604877e7b6d8ac3f2bcb9b13b0983f4e (patch)
tree	46345b7e2b98b5bf02c27b0b1f6ddb5152b74461 /src/main/java/com/google
parent	e3bc67adc0c73ce93ffcf08fbeb2ab3fb53f6550 (diff)