diff options
author | 2016-07-18 15:34:50 +0000 | |
---|---|---|
committer | 2016-07-18 18:09:29 +0000 | |
commit | c760f133604877e7b6d8ac3f2bcb9b13b0983f4e (patch) | |
tree | 46345b7e2b98b5bf02c27b0b1f6ddb5152b74461 /src/main/java/com/google | |
parent | e3bc67adc0c73ce93ffcf08fbeb2ab3fb53f6550 (diff) |
Check maven_jar sha1s for validity
Fixes #1125.
--
MOS_MIGRATED_REVID=127719941
Diffstat (limited to 'src/main/java/com/google')
-rw-r--r-- | src/main/java/com/google/devtools/build/lib/bazel/repository/MavenJarFunction.java | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/src/main/java/com/google/devtools/build/lib/bazel/repository/MavenJarFunction.java b/src/main/java/com/google/devtools/build/lib/bazel/repository/MavenJarFunction.java index c8a826f0cc..8e2693b4ad 100644 --- a/src/main/java/com/google/devtools/build/lib/bazel/repository/MavenJarFunction.java +++ b/src/main/java/com/google/devtools/build/lib/bazel/repository/MavenJarFunction.java @@ -114,12 +114,18 @@ public class MavenJarFunction extends HttpArchiveFunction { if (env.valuesMissing()) { return null; } - MavenDownloader downloader = createMavenDownloader(directories, mapper, serverValue); + MavenDownloader downloader; + try { + downloader = createMavenDownloader(directories, mapper, serverValue); + } catch (IOException e) { + throw new RepositoryFunctionException(e, Transience.PERSISTENT); + } return createOutputTree(downloader); } private MavenDownloader createMavenDownloader( - BlazeDirectories directories, AttributeMap mapper, MavenServerValue serverValue) { + BlazeDirectories directories, AttributeMap mapper, MavenServerValue serverValue) + throws IOException { String name = mapper.getName(); Path outputDirectory = getExternalRepositoryDirectory(directories).getRelative(name); return new MavenDownloader(name, mapper, outputDirectory, serverValue); @@ -168,12 +174,16 @@ public class MavenJarFunction extends HttpArchiveFunction { private final Server server; public MavenDownloader( - String name, AttributeMap mapper, Path outputDirectory, MavenServerValue serverValue) { + String name, AttributeMap mapper, Path outputDirectory, MavenServerValue serverValue) + throws IOException { this.name = name; this.outputDirectory = outputDirectory; this.artifact = mapper.get("artifact", Type.STRING); this.sha1 = (mapper.has("sha1", Type.STRING)) ? mapper.get("sha1", Type.STRING) : null; + if (!sha1.matches("\\p{XDigit}{40}")) { + throw new IOException("Invalid SHA-1 for maven_jar " + name + ": '" + sha1 + "'"); + } this.url = serverValue.getUrl(); this.server = serverValue.getServer(); } |