diff options
author | Matthew Barnes <mbarnes@redhat.com> | 2015-11-16 19:29:59 -0500 |
---|---|---|
committer | Matthew Barnes <mbarnes@redhat.com> | 2015-11-17 20:35:54 -0500 |
commit | 5307af5a7adc79af331c6da804c0ea75cb6adf22 (patch) | |
tree | b3fee96129441990c3bd72ded86766cf8e4ce6be /src/libostree/ostree-repo-refs.c | |
parent | 45cee1bd70234347198b9226f2d79c99b6fe27bc (diff) | |
download | ostree-5307af5a7adc79af331c6da804c0ea75cb6adf22.tar.gz |
repo: Validate checksums have correct length
ostree_checksum_bytes_peek() can return NULL if the checksum has an
incorrect length (most likely from disk corruption) but most callers
are not prepared to handle this and would likely crash.
Use ostree_checksum_bytes_peek_validate() instead, which sets a
GError on an invalid checksum.
Diffstat (limited to 'src/libostree/ostree-repo-refs.c')
-rw-r--r-- | src/libostree/ostree-repo-refs.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/src/libostree/ostree-repo-refs.c b/src/libostree/ostree-repo-refs.c index 23e47fc7..6d3bd51e 100644 --- a/src/libostree/ostree-repo-refs.c +++ b/src/libostree/ostree-repo-refs.c @@ -633,10 +633,15 @@ ostree_repo_remote_list_refs (OstreeRepo *self, if (ref_name != NULL) { + const guchar *csum_bytes; + g_variant_get_child (child, 1, "(t@aya{sv})", NULL, &csum_v, NULL); + csum_bytes = ostree_checksum_bytes_peek_validate (csum_v, error); + if (csum_bytes == NULL) + goto out; + + ostree_checksum_inplace_from_bytes (csum_bytes, tmp_checksum); - ostree_checksum_inplace_from_bytes (ostree_checksum_bytes_peek (csum_v), - tmp_checksum); g_hash_table_insert (ret_all_refs, g_strdup (ref_name), g_strdup (tmp_checksum)); |