From 7e5c79a2d210e7b986803d5fe5c7ebb504b3e74e Mon Sep 17 00:00:00 2001
From: regnat <rg@regnat.ovh>
Date: Thu, 8 Jul 2021 13:29:58 +0200
Subject: [PATCH] Forbid the `name` attribute for fetchTree
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

We need to support it for the “old” fetch* functions for backwards
compatibility, but we don’t need it for fetchTree (as it’s a new
function).
Given that changing the `name` messes-up the content hashing, we can
just forbid passing a custom `name` argument to it
---
 src/libexpr/primops/fetchTree.cc | 7 +++++++
 tests/tarball.sh                 | 6 +++++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/libexpr/primops/fetchTree.cc b/src/libexpr/primops/fetchTree.cc
index b8b99d4fa..472efe0ee 100644
--- a/src/libexpr/primops/fetchTree.cc
+++ b/src/libexpr/primops/fetchTree.cc
@@ -119,6 +119,13 @@ static void fetchTree(
                 .errPos = pos
             });
 
+        if (auto nameIter = attrs.find("name"); nameIter != attrs.end())
+            throw Error({
+                .msg = hintfmt("attribute 'name' isn’t supported in call to 'fetchTree'"),
+                .errPos = pos
+            });
+
+
         input = fetchers::Input::fromAttrs(std::move(attrs));
     } else {
         auto url = fixURI(state.coerceToString(pos, *args[0], context, false, false), state);
diff --git a/tests/tarball.sh b/tests/tarball.sh
index 279ef5672..1301922a5 100644
--- a/tests/tarball.sh
+++ b/tests/tarball.sh
@@ -30,7 +30,6 @@ test_tarball() {
     nix-build  -o $TEST_ROOT/result -E "import (fetchTree file://$tarball)"
     nix-build  -o $TEST_ROOT/result -E "import (fetchTree { type = \"tarball\"; url = file://$tarball; })"
     nix-build  -o $TEST_ROOT/result -E "import (fetchTree { type = \"tarball\"; url = file://$tarball; narHash = \"$hash\"; })"
-    nix-build  -o $TEST_ROOT/result -E "import (fetchTree { type = \"tarball\"; url = file://$tarball; narHash = \"$hash\"; name = \"foo\"; })"
     nix-build  -o $TEST_ROOT/result -E "import (fetchTree { type = \"tarball\"; url = file://$tarball; narHash = \"sha256-xdKv2pq/IiwLSnBBJXW8hNowI4MrdZfW+SYqDQs7Tzc=\"; })" 2>&1 | grep 'NAR hash mismatch in input'
 
     nix-instantiate --strict --eval -E "!((import (fetchTree { type = \"tarball\"; url = file://$tarball; narHash = \"$hash\"; })) ? submodules)" >&2
@@ -41,6 +40,11 @@ test_tarball() {
     (! nix-instantiate --eval -E '<fnord/xyzzy> 1' -I fnord=file://no-such-tarball$ext)
 
     nix-instantiate --eval -E '<fnord/config.nix>' -I fnord=file://no-such-tarball$ext -I fnord=.
+
+    # Ensure that the `name` attribute isn’t accepted as that would mess
+    # with the content-addressing
+    (! nix-instantiate --eval -E "fetchTree { type = \"tarball\"; url = file://$tarball; narHash = \"$hash\"; name = \"foo\"; }")
+
 }
 
 test_tarball '' cat