From dfe0f781ed284e627456e86d4eb87bfbc996a71c Mon Sep 17 00:00:00 2001 From: Kaleb Luedtke Date: Thu, 20 Feb 2025 22:38:21 -0600 Subject: [PATCH] Validate NestedInstaller fields are not present if Base Installer is not Archive --- .../AppInstallerCLITests.vcxproj | 6 ++++++ .../AppInstallerCLITests.vcxproj.filters | 10 ++++++++-- ...t-Bad-NonArchive-NestedInstallerFiles.yaml | 20 +++++++++++++++++++ ...st-Bad-NonArchive-NestedInstallerType.yaml | 19 ++++++++++++++++++ src/AppInstallerCLITests/YamlManifest.cpp | 2 ++ .../Manifest/ManifestValidation.cpp | 13 ++++++++++++ .../Public/winget/ManifestValidation.h | 1 + 7 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 src/AppInstallerCLITests/TestData/Manifest-Bad-NonArchive-NestedInstallerFiles.yaml create mode 100644 src/AppInstallerCLITests/TestData/Manifest-Bad-NonArchive-NestedInstallerType.yaml diff --git a/src/AppInstallerCLITests/AppInstallerCLITests.vcxproj b/src/AppInstallerCLITests/AppInstallerCLITests.vcxproj index 1ef9b7326e..5de6149557 100644 --- a/src/AppInstallerCLITests/AppInstallerCLITests.vcxproj +++ b/src/AppInstallerCLITests/AppInstallerCLITests.vcxproj @@ -1055,6 +1055,12 @@ true + + TestData + + + TestData + diff --git a/src/AppInstallerCLITests/AppInstallerCLITests.vcxproj.filters b/src/AppInstallerCLITests/AppInstallerCLITests.vcxproj.filters index c8bbb5d87c..a7f64f4a0d 100644 --- a/src/AppInstallerCLITests/AppInstallerCLITests.vcxproj.filters +++ b/src/AppInstallerCLITests/AppInstallerCLITests.vcxproj.filters @@ -1,4 +1,4 @@ - + @@ -1068,5 +1068,11 @@ TestData + + TestData + + + TestData + - \ No newline at end of file + diff --git a/src/AppInstallerCLITests/TestData/Manifest-Bad-NonArchive-NestedInstallerFiles.yaml b/src/AppInstallerCLITests/TestData/Manifest-Bad-NonArchive-NestedInstallerFiles.yaml new file mode 100644 index 0000000000..229f51070e --- /dev/null +++ b/src/AppInstallerCLITests/TestData/Manifest-Bad-NonArchive-NestedInstallerFiles.yaml @@ -0,0 +1,20 @@ +# Bad manifest. NestedInstallerFiles used with non-archive InstallerType +# yaml-language-server: $schema=https://raw.githubusercontent.com/microsoft/winget-cli/refs/heads/master/schemas/JSON/manifests/v1.10.0/manifest.singleton.1.10.0.json +PackageIdentifier: AppInstallerCliTest.TestMsixInstaller +PackageVersion: 1.0.0.0 +PackageLocale: en-US +PackageName: AppInstaller Test MSIX Installer +ShortDescription: AppInstaller Test MSIX Installer +Publisher: Microsoft Corporation +Moniker: AICLITestMsix +License: Test +Installers: + - Architecture: x64 + InstallerUrl: https://github.com/microsoft/msix-packaging/blob/master/src/test/testData/unpack/TestAppxPackage_x64.appx?raw=true + InstallerType: msix + InstallerSha256: 6a2d3683fa19bf00e58e07d1313d20a5f5735ebbd6a999d33381d28740ee07ea + PackageFamilyName: 20477fca-282d-49fb-b03e-371dca074f0f_8wekyb3d8bbwe + NestedInstallerFiles: + - RelativeFilePath: Test +ManifestType: singleton +ManifestVersion: 1.10.0 diff --git a/src/AppInstallerCLITests/TestData/Manifest-Bad-NonArchive-NestedInstallerType.yaml b/src/AppInstallerCLITests/TestData/Manifest-Bad-NonArchive-NestedInstallerType.yaml new file mode 100644 index 0000000000..06f2d0fbf5 --- /dev/null +++ b/src/AppInstallerCLITests/TestData/Manifest-Bad-NonArchive-NestedInstallerType.yaml @@ -0,0 +1,19 @@ +# Bad manifest. NestedInstallerType used with non-archive InstallerType +# yaml-language-server: $schema=https://raw.githubusercontent.com/microsoft/winget-cli/refs/heads/master/schemas/JSON/manifests/v1.10.0/manifest.singleton.1.10.0.json +PackageIdentifier: AppInstallerCliTest.TestMsixInstaller +PackageVersion: 1.0.0.0 +PackageLocale: en-US +PackageName: AppInstaller Test MSIX Installer +ShortDescription: AppInstaller Test MSIX Installer +Publisher: Microsoft Corporation +Moniker: AICLITestMsix +License: Test +Installers: + - Architecture: x64 + InstallerUrl: https://github.com/microsoft/msix-packaging/blob/master/src/test/testData/unpack/TestAppxPackage_x64.appx?raw=true + InstallerType: msix + InstallerSha256: 6a2d3683fa19bf00e58e07d1313d20a5f5735ebbd6a999d33381d28740ee07ea + PackageFamilyName: 20477fca-282d-49fb-b03e-371dca074f0f_8wekyb3d8bbwe + NestedInstallerType: portable +ManifestType: singleton +ManifestVersion: 1.10.0 diff --git a/src/AppInstallerCLITests/YamlManifest.cpp b/src/AppInstallerCLITests/YamlManifest.cpp index 78dcc455c2..44ada4a18e 100644 --- a/src/AppInstallerCLITests/YamlManifest.cpp +++ b/src/AppInstallerCLITests/YamlManifest.cpp @@ -839,6 +839,8 @@ TEST_CASE("ReadBadManifests", "[ManifestValidation]") { "InstallFlowTest_LicenseAgreement.yaml", "Field usage requires verified publishers. [Agreement]", false, GetTestManifestValidateOption(false, true) }, { "Manifest-Bad-ApproximateVersionInPackageVersion.yaml", "Approximate version not allowed. [PackageVersion]" }, { "Manifest-Bad-ApproximateVersionInArpVersion.yaml", "Approximate version not allowed. [DisplayVersion]" }, + { "Manifest-Bad-NonArchive-NestedInstallerType.yaml", "Field usage requires InstallerType to be an archive type. [NestedInstallerType]" }, + { "Manifest-Bad-NonArchive-NestedInstallerFiles.yaml", "Field usage requires InstallerType to be an archive type. [NestedInstallerFiles]" }, }; for (auto const& testCase : TestCases) diff --git a/src/AppInstallerCommonCore/Manifest/ManifestValidation.cpp b/src/AppInstallerCommonCore/Manifest/ManifestValidation.cpp index d7f24ccd81..42c3c83a1e 100644 --- a/src/AppInstallerCommonCore/Manifest/ManifestValidation.cpp +++ b/src/AppInstallerCommonCore/Manifest/ManifestValidation.cpp @@ -71,6 +71,7 @@ namespace AppInstaller::Manifest { AppInstaller::Manifest::ManifestError::SchemaHeaderManifestTypeMismatch , "The manifest type in the schema header does not match the ManifestType property value in the manifest."sv }, { AppInstaller::Manifest::ManifestError::SchemaHeaderManifestVersionMismatch, "The manifest version in the schema header does not match the ManifestVersion property value in the manifest."sv }, { AppInstaller::Manifest::ManifestError::SchemaHeaderUrlPatternMismatch, "The schema header URL does not match the expected pattern."sv }, + { AppInstaller::Manifest::ManifestError::InvalidArchiveField, "Field usage requires InstallerType to be an archive type."sv }, }; return ErrorIdToMessageMap; @@ -333,6 +334,18 @@ namespace AppInstaller::Manifest } } } + else + { + // If base installer is not an archive type, NestedInstaller fields should not be present + if (installer.NestedInstallerType != InstallerTypeEnum::Unknown) + { + resultErrors.emplace_back(ManifestError::InvalidArchiveField, "NestedInstallerType"); + } + if (installer.NestedInstallerFiles.size() != 0) + { + resultErrors.emplace_back(ManifestError::InvalidArchiveField, "NestedInstallerFiles"); + } + } // Check empty string before calling IsValidUrl to avoid duplicate error reporting. if (!installer.Url.empty() && IsValidURL(NULL, Utility::ConvertToUTF16(installer.Url).c_str(), 0) == S_FALSE) diff --git a/src/AppInstallerCommonCore/Public/winget/ManifestValidation.h b/src/AppInstallerCommonCore/Public/winget/ManifestValidation.h index d3874078d8..d61ef75fc1 100644 --- a/src/AppInstallerCommonCore/Public/winget/ManifestValidation.h +++ b/src/AppInstallerCommonCore/Public/winget/ManifestValidation.h @@ -73,6 +73,7 @@ namespace AppInstaller::Manifest WINGET_DEFINE_RESOURCE_STRINGID(SchemaHeaderManifestTypeMismatch); WINGET_DEFINE_RESOURCE_STRINGID(SchemaHeaderManifestVersionMismatch); WINGET_DEFINE_RESOURCE_STRINGID(SchemaHeaderUrlPatternMismatch); + WINGET_DEFINE_RESOURCE_STRINGID(InvalidArchiveField); } struct ValidationError