fetchClosure: Only allow some "safe" store types

2022-03-22 22:47:33 +01:00 · 2022-03-22 22:47:33 +01:00 · 4120930ac1
parent 7ffda0af6e
commit 4120930ac1
1 changed files with 10 additions and 2 deletions
--- a/src/libexpr/primops/fetchClosure.cc
+++ b/src/libexpr/primops/fetchClosure.cc
@ -1,6 +1,7 @@
 #include "primops.hh"
 #include "store-api.hh"
 #include "make-content-addressed.hh"
+#include "url.hh"

 namespace nix {

@ -50,8 +51,15 @@ static void prim_fetchClosure(EvalState & state, const Pos & pos, Value * * args
            .errPos = pos
        });

-    // FIXME: only allow some "trusted" store types (like BinaryCacheStore).
-    auto fromStore = openStore(*fromStoreUrl);
+    auto parsedURL = parseURL(*fromStoreUrl);
+
+    if (parsedURL.scheme != "http" && parsedURL.scheme != "https")
+        throw Error({
+            .msg = hintfmt("'fetchClosure' only supports http:// and https:// stores"),
+            .errPos = pos
+        });
+
+    auto fromStore = openStore(parsedURL.to_string());

    if (toCA) {
        if (!toPath || !state.store->isValidPath(*toPath)) {