Security: Also check paths in the web server
[?]
Feb 13, 2013, 5:34 PM
7UHHF564BOGHA2CP4OZA3BEPUUTY5S3SS53A32F7RHEVSIDEVWRACDependencies
- [2]
PMNWRTGJAdd multiple output support - [3]
5NO7NCKT* Refactoring. - [4]
OD5FSS5A* Quick hack to allow viewing of dependency graphs (via nix-store -q - [5]
LBNVQXUB* Build the /build stuff in a separate controller. - [6]
MAOFG2TD* Allow omitting the product number if there is only one product in a - [*]
7DWCXNC7Use the new Nix Perl bindings - [*]
VYGMJ33O* Catalyst now escapes slashes to %2f, which broke defaultUriForProduct. - [*]
XJFHFZCA* Provide some redirects to build products by type so that we can for - [*]
NUIKDEHL* A quick hack to list the contents of various types of files (RPM, - [*]
GJFYEU3S* Nix now stores logs by default as bzip2, make sure the build page uncompresses before showing.
Change contents
- edit in src/lib/Hydra/Controller/Build.pm at line 13
use Nix::Config; - edit in src/lib/Hydra/Controller/Build.pm at line 170
}sub checkPath {my ($self, $c, $path) = @_;my $storeDir = $Nix::Config::storeDir . "/";error($c, "Invalid path in build product.")if substr($path, 0, length($storeDir)) ne $storeDir || $path =~ /\/\.\./; - replacement in src/lib/Hydra/Controller/Build.pm at line 189
notFound($c, "Product " . $product->path . " has disappeared.") unless -e $product->path;notFound($c, "Build product " . $product->path . " has disappeared.") unless -e $product->path; - edit in src/lib/Hydra/Controller/Build.pm at line 205
# Make sure the file is in the Nix store.checkPath($self, $c, $path); - edit in src/lib/Hydra/Controller/Build.pm at line 250[11.482][12.601]
checkPath($self, $c, $path);