max/nix-super
1
0
Fork 0
mirror of https://github.com/privatevoid-net/nix-super.git synced 2024-11-15 02:36:16 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #11489 from bryanhonof/bryanhonof.warn-on-malformed-uri-query

Browse source 
fix: warn on malformed URI query parameter
This commit is contained in:
tomberek 2024-09-30 12:14:40 -04:00 committed by GitHub
commit 14f029dbe8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 43 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/libflake/flake/flakeref.cc
View file

@ -88,7 +88,7 @@ std::pair<FlakeRef, std::string> parsePathFlakeRefWithFragment(
if (fragmentStart != std::string::npos) { if (fragmentStart != std::string::npos) {
fragment = percentDecode(url.substr(fragmentStart+1)); fragment = percentDecode(url.substr(fragmentStart+1));
} }
if (pathEnd != std::string::npos && fragmentStart != std::string::npos) { if (pathEnd != std::string::npos && fragmentStart != std::string::npos && url[pathEnd] == '?') {
query = decodeQuery(url.substr(pathEnd+1, fragmentStart-pathEnd-1)); query = decodeQuery(url.substr(pathEnd+1, fragmentStart-pathEnd-1));
} }

12
src/libutil/url.cc
View file

@ -79,10 +79,14 @@ std::map<std::string, std::string> decodeQuery(const std::string & query)
for (auto s : tokenizeString<Strings>(query, "&")) { for (auto s : tokenizeString<Strings>(query, "&")) {
auto e = s.find('='); auto e = s.find('=');
if (e != std::string::npos) if (e == std::string::npos) {
result.emplace( warn("dubious URI query '%s' is missing equal sign '%s', ignoring", s, "=");
s.substr(0, e), continue;
percentDecode(std::string_view(s).substr(e + 1))); }
result.emplace(
s.substr(0, e),
percentDecode(std::string_view(s).substr(e + 1)));
} }
return result; return result;

31
tests/functional/flakes/dubious-query.sh Normal file
View file

@ -0,0 +1,31 @@
#!/usr/bin/env bash
source ./common.sh
requireGit
repoDir="$TEST_ROOT/repo"
createGitRepo "$repoDir"
createSimpleGitFlake "$repoDir"
# Check that a flakeref without a query is accepted correctly.
expectStderr 0 nix --offline build --dry-run "git+file://$repoDir#foo"
# Check that a flakeref with a good query is accepted correctly.
expectStderr 0 nix --offline build --dry-run "git+file://$repoDir?foo=bar#foo"
# Check that we get the dubious query warning, when passing in a query without an equal sign.
expectStderr 0 nix --offline build --dry-run "git+file://$repoDir?bar#foo" \
| grepQuiet "warning: dubious URI query 'bar' is missing equal sign '=', ignoring"
# Check that the anchor (#) is taken as a whole, not split, and throws an error.
expectStderr 1 nix --offline build --dry-run "git+file://$repoDir#foo?bar" \
| grepQuiet "error: flake 'git+file://$repoDir' does not provide attribute 'packages.$system.foo?bar', 'legacyPackages.$system.foo?bar' or 'foo?bar'"
# Check that a literal `?` in the query doesn't print dubious query warning.
expectStderr 0 nix --offline build --dry-run "git+file://$repoDir?#foo" \
| grepInverse "warning: dubious URI query "
# Check that a literal `?=` in the query doesn't print dubious query warning.
expectStderr 0 nix --offline build --dry-run "git+file://$repoDir?=#foo" \
| grepInverse "warning: dubious URI query "

3
tests/functional/flakes/local.mk
View file

@ -19,6 +19,7 @@ flake-tests := \
$(d)/eval-cache.sh \ $(d)/eval-cache.sh \
$(d)/search-root.sh \ $(d)/search-root.sh \
$(d)/config.sh \ $(d)/config.sh \
$(d)/show.sh $(d)/show.sh \
$(d)/dubious-query.sh
install-tests-groups += flake install-tests-groups += flake

1
tests/functional/flakes/meson.build
View file

@ -23,6 +23,7 @@ suites += {
'search-root.sh', 'search-root.sh',
'config.sh', 'config.sh',
'show.sh', 'show.sh',
'dubious-query.sh',
], ],
'workdir': meson.current_build_dir(), 'workdir': meson.current_build_dir(),
} }