From ec573cd54fb3ea98f37a3c3612b00fb16e34578b Mon Sep 17 00:00:00 2001 From: Austin Clements Date: Mon, 25 Aug 2014 13:26:08 -0400 Subject: lib: Return an error from operations that require an upgrade Previously, there was no protection against a caller invoking an operation on an old database version that would effectively corrupt the database by treating it like a newer version. According to notmuch.h, any caller that opens the database in read/write mode is supposed to check if the database needs upgrading and perform an upgrade if it does. This would protect against this, but nobody (even the CLI) actually does this. However, with features, it's easy to protect against incompatible operations on a fine-grained basis. This lightweight change allows callers to safely operate on old database versions, while preventing specific operations that would corrupt the database with an informative error message. --- lib/message.cc | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'lib/message.cc') diff --git a/lib/message.cc b/lib/message.cc index ed8c59e9..68f7e68d 100644 --- a/lib/message.cc +++ b/lib/message.cc @@ -655,6 +655,10 @@ _notmuch_message_add_filename (notmuch_message_t *message, if (filename == NULL) INTERNAL_ERROR ("Message filename cannot be NULL."); + if (! (message->notmuch->features & NOTMUCH_FEATURE_FILE_TERMS) || + ! (message->notmuch->features & NOTMUCH_FEATURE_BOOL_FOLDER)) + return NOTMUCH_STATUS_UPGRADE_REQUIRED; + relative = _notmuch_database_relative_path (message->notmuch, filename); status = _notmuch_database_split_path (local, relative, &directory, NULL); @@ -699,6 +703,10 @@ _notmuch_message_remove_filename (notmuch_message_t *message, notmuch_private_status_t private_status; notmuch_status_t status; + if (! (message->notmuch->features & NOTMUCH_FEATURE_FILE_TERMS) || + ! (message->notmuch->features & NOTMUCH_FEATURE_BOOL_FOLDER)) + return NOTMUCH_STATUS_UPGRADE_REQUIRED; + status = _notmuch_database_filename_to_direntry ( local, message->notmuch, filename, NOTMUCH_FIND_LOOKUP, &direntry); if (status || !direntry) -- cgit v1.2.3