On Fri, 2015-05-15 at 15:20 +0200, Lennart Poettering wrote: > On Thu, 07.05.15 17:47, Pavel Odvody (podv...@redhat.com) wrote: > > > Signed-off-by: Pavel Odvody <podv...@redhat.com> > > We dont do S-o-b in systemd. > oops.
> > --- > > src/shared/import-util.c | 19 +++++++++++++++++++ > > src/shared/import-util.h | 1 + > > 2 files changed, 20 insertions(+) > > > > diff --git a/src/shared/import-util.c b/src/shared/import-util.c > > index 660d92a..f2fb6d0 100644 > > --- a/src/shared/import-util.c > > +++ b/src/shared/import-util.c > > @@ -150,6 +150,25 @@ int raw_strip_suffixes(const char *p, char **ret) { > > return 0; > > } > > > > +bool dkr_ref_is_valid(const char *ref) { > > + const char *colon; > > + > > + if (isempty(ref)) > > + return false; > > + > > + colon = strchr(ref, ':'); > > + if (!colon) > > + return filename_is_valid(ref); > > + > > + else if (!startswith(ref, "sha256")) > > + return false; > > + > > + else if (!in_charset(colon + 1, "0123456789abcdef")) > > + return false; > > > Hmm, how precisely do this refs look, can you provide some examples? > > Right now you do not validate anything between "sha256" and the first > ":", that's not intended, is it? > > Lennart > You're right, there's a blind spot, the digest reference looks like this: sha256:7266a84a67d01165f222eac5785fed00791eb3aec0fd8a18086b76310280d9da Thanks for catching this. -- Pavel Odvody <podv...@redhat.com> Software Engineer - EMEA ENG Developer Experience 5EC1 95C1 8E08 5BD9 9BBF 9241 3AFA 3A66 024F F68D Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno
signature.asc
Description: This is a digitally signed message part
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel