From 9161e35d20b96c09167581543ca1bf1456477ce4 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Mon, 1 Jun 2015 16:56:19 -0400 Subject: [PATCH] pull: Validate delta checksums more strongly We need to check that it's 'ay'. Also reuse the existing validation function to check it's 32 bytes rather than potentially crashing with assertion. Just noticed this during a code review. --- src/libostree/ostree-repo-pull.c | 30 ++++++++++++++++++++++++------ 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/src/libostree/ostree-repo-pull.c b/src/libostree/ostree-repo-pull.c index c6d4c45b..608a7b4f 100644 --- a/src/libostree/ostree-repo-pull.c +++ b/src/libostree/ostree-repo-pull.c @@ -1557,6 +1557,28 @@ process_one_static_delta (OtPullData *pull_data, return ret; } +static gboolean +validate_variant_is_csum (GVariant *csum, + GError **error) +{ + gboolean ret = FALSE; + + if (!g_variant_is_of_type (csum, G_VARIANT_TYPE ("ay"))) + { + g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED, + "Invalid checksum variant of type '%s', expected 'ay'", + g_variant_get_type_string (csum)); + goto out; + } + + if (!ostree_validate_structureof_csum_v (csum, error)) + goto out; + + ret = TRUE; + out: + return ret; +} + /* documented in ostree-repo.c */ gboolean ostree_repo_pull (OstreeRepo *self, @@ -1962,7 +1984,6 @@ ostree_repo_pull_with_options (OstreeRepo *self, n = deltas ? g_variant_n_children (deltas) : 0; for (i = 0; i < n; i++) { - gsize size; const char *delta; GVariant *csum_v = NULL; guchar *csum_data = g_malloc (32); @@ -1971,11 +1992,8 @@ ostree_repo_pull_with_options (OstreeRepo *self, g_variant_get_child (ref, 0, "&s", &delta); g_variant_get_child (ref, 1, "v", &csum_v); - size = g_variant_get_size (csum_v); - - g_assert_cmpint (size, ==, 32); - if (size != 32) - continue; + if (!validate_variant_is_csum (csum_v, error)) + goto out; memcpy (csum_data, ostree_checksum_bytes_peek (csum_v), 32); g_hash_table_insert (pull_data->summary_deltas_checksums,