Skip to content

Commit

Permalink
fetchClosure: Only allow some "safe" store types
Browse files Browse the repository at this point in the history
  • Loading branch information
@edolstra
edolstra committed Mar 24, 2022
1 parent 7ffda0a commit 4120930
Showing 1 changed file with 10 additions and 2 deletions.
12 changes: 10 additions & 2 deletions src/libexpr/primops/fetchClosure.cc
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
#include "primops.hh"
#include "store-api.hh"
#include "make-content-addressed.hh"
#include "url.hh"

namespace nix {

Expand Down Expand Up @@ -50,8 +51,15 @@ static void prim_fetchClosure(EvalState & state, const Pos & pos, Value * * args
.errPos = pos
});

// FIXME: only allow some "trusted" store types (like BinaryCacheStore).
auto fromStore = openStore(*fromStoreUrl);
auto parsedURL = parseURL(*fromStoreUrl);

if (parsedURL.scheme != "http" && parsedURL.scheme != "https")

This comment has been minimized.

Sign in to view

Copy link
@tomberek

tomberek Oct 2, 2022

Contributor

@edolstra What would be unsafe with allowing s3, ssh, etc?
throw Error({
.msg = hintfmt("'fetchClosure' only supports http:// and https:// stores"),
.errPos = pos
});

auto fromStore = openStore(parsedURL.to_string());

if (toCA) {
if (!toPath || !state.store->isValidPath(*toPath)) {
Expand Down

0 comments on commit 4120930

Please sign in to comment.