Radish alpha
H
HardenedBSD-pkg
rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9
HardenedBSD Package Manager
Radicle
Git
Commits 8f04c83
fetch_file: respect rfc8089
Baptiste Daroussin committed 1 year ago
commit 8f04c834a047d6760b0809d85775495f8897ef6c
parent 9192077
2 files changed +97 -3
modified libpkg/fetch_file.c
@@ -40,13 +40,29 @@ file_open(struct pkg_repo *repo, struct fetch_item *fi)
{

	struct stat st;

	const char *u = fi->url;
+ 
	size_t len = strlen(u);
- 
	if (strlen(u) > 5)
+ 
	if (len > 5)

		u += 5; /* file: */
- 
	if (*u != '/') {
+ 
	if (len < 8) {
+ 
		pkg_emit_error("Invalid url: %s'\n', "
+ 
		    "file://<absolutepath> expected", fi->url);
+ 
		return (EPKG_FATAL);
+ 
	}
+ 
	if (strncmp(u, "//", 2) != 0) {

		pkg_emit_error("invalid url: '%s'\n", fi->url);

		return (EPKG_FATAL);

	}
+ 
	u+=2;
+ 
	/* if we don't have a '/' it means we have a host we should ignore */
+ 
	if (*u != '/') {
+ 
		u = strchr(u+1, '/');
+ 
		if (u == NULL) {
+ 
			pkg_emit_error("Invalid url: %s'\n', "
+ 
					"file://<absolutepath> expected", fi->url);
+ 
			return (EPKG_FATAL);
+ 
		}
+ 
	}

	if (stat(u, &st) == -1) {

		if (!repo->silent)

			pkg_emit_error("%s: %s", fi->url,
modified tests/frontend/update.sh
@@ -3,7 +3,8 @@
. $(atf_get_srcdir)/test_environment.sh



tests_init \
- 
	update_error
+ 
	update_error \
+ 
	file_url \



update_error_body() {
@@ -21,3 +22,80 @@ EOF
		-s exit:1 \

		pkg -R repos update

}
+
+ 
file_url_body() {
+ 
	mkdir repos
+ 
	touch meta.conf
+ 
	here=$(pwd)
+
+ 
	cat > repos/test.conf << EOF
+ 
test: {
+ 
  url: "file:/empty/",
+ 
}
+ 
EOF
+
+ 
	atf_check \
+ 
		-o match:"Unable to update repository test" \
+ 
		-e match:"invalid url: 'file:/empty//meta.conf" \
+ 
		-s exit:1 \
+ 
		pkg -R repos update
+
+ 
	cat > repos/test.conf << EOF
+ 
test: {
+ 
  url: "file://here",
+ 
}
+ 
EOF
+ 
	atf_check \
+ 
		-o match:"Unable to update repository test" \
+ 
		-e match:"meta.*No such file or directory" \
+ 
		-s exit:1 \
+ 
		pkg -R repos update
+
+
+ 
	cat > repos/test.conf << EOF
+ 
test: {
+ 
  url: "file://here/${here}",
+ 
}
+ 
EOF
+ 
	atf_check \
+ 
		-o match:"Unable to update repository test" \
+ 
		-e not-match:"meta.*No such file or directory" \
+ 
		-s exit:1 \
+ 
		pkg -R repos update
+
+ 
	cat > repos/test.conf << EOF
+ 
test: {
+ 
  url: "file:///${here}",
+ 
}
+ 
EOF
+
+ 
	atf_check \
+ 
		-o match:"Unable to update repository test" \
+ 
		-e not-match:"meta.*No such file or directory" \
+ 
		-s exit:1 \
+ 
		pkg -R repos update
+
+ 
	cat > repos/test.conf << EOF
+ 
test: {
+ 
  url: "file://${here}",
+ 
}
+ 
EOF
+
+ 
	atf_check \
+ 
		-o match:"Unable to update repository test" \
+ 
		-e not-match:"meta.*No such file or directory" \
+ 
		-s exit:1 \
+ 
		pkg -R repos update
+
+ 
	cat > repos/test.conf << EOF
+ 
test: {
+ 
  url: "file:/${here}",
+ 
}
+ 
EOF
+
+ 
	atf_check \
+ 
		-o match:"Unable to update repository test" \
+ 
		-e match:"meta.*No such file or directory" \
+ 
		-s exit:1 \
+ 
		pkg -R repos update
+ 
}