summaryrefslogtreecommitdiff
path: root/Backend
diff options
context:
space:
mode:
authorGravatar Joey Hess <joey@kitenet.net>2013-05-07 20:19:37 -0400
committerGravatar Joey Hess <joey@kitenet.net>2013-05-07 20:19:37 -0400
commit2578c950fc47d3edfd30375d91e0d415c4f32be0 (patch)
treebc6f83dde8156298ccb7ef93b00eaf21bcc1e2a9 /Backend
parente26dccc10ded226f057ec2a64bf069c79f3352c7 (diff)
SHA: Add a runtime sanity check that sha commands output something that appears to be a real sha.
This after fielding a bug where git-annex was built with a sha256 program whose output checked out, but was then run with one that output lines like: SHA256 (file) = <sha here> Which it then parsed as having a SHA256 of "SHA256"! Now the output of the command is required to be of the right length, and contain only the right characters.
Diffstat (limited to 'Backend')
-rw-r--r--Backend/SHA.hs24
1 files changed, 22 insertions, 2 deletions
diff --git a/Backend/SHA.hs b/Backend/SHA.hs
index 77bd2c124..258caafd1 100644
--- a/Backend/SHA.hs
+++ b/Backend/SHA.hs
@@ -57,8 +57,9 @@ shaN shasize file filesize = do
showAction "checksum"
case shaCommand shasize filesize of
Left sha -> liftIO $ sha <$> L.readFile file
- Right command -> liftIO $ parse command . lines <$>
- readsha command (toCommand [File file])
+ Right command -> liftIO $
+ sanitycheck command . parse command . lines <$>
+ readsha command (toCommand [File file])
where
parse command [] = bad command
parse command (l:_)
@@ -69,6 +70,7 @@ shaN shasize file filesize = do
where
sha = fst $ separate (== ' ') l
bad command = error $ command ++ " parse error"
+
{- sha commands output the filename, so need to set fileEncoding -}
readsha command args =
withHandle StdoutHandle createProcessSuccess p $ \h -> do
@@ -79,6 +81,24 @@ shaN shasize file filesize = do
where
p = (proc command args) { std_out = CreatePipe }
+ {- Check that we've correctly parsing the output of the command,
+ - by making sure the sha we read is of the expected length. -}
+ sanitycheck command sha
+ | length sha /= expectedlen =
+ error $ "Failed to parse the output of " ++ command
+ | any (`notElem` "0123456789abcdef") sha' =
+ error $ "Unexpected character in output of " ++ command ++ "\"" ++ sha ++ "\""
+ | otherwise = sha'
+ where
+ sha' = map toLower sha
+ expectedlen = case shasize of
+ 1 -> 40
+ 256 -> 64
+ 512 -> 128
+ 224 -> 56
+ 384 -> 96
+ _ -> 0
+
shaCommand :: SHASize -> Integer -> Either (L.ByteString -> String) String
shaCommand shasize filesize
| shasize == 1 = use SysConfig.sha1 sha1