mirror of
https://gerrit.googlesource.com/git-repo
synced 2024-12-23 07:16:21 +00:00
Ensure clone.bundle files have proper header
Server auth middleware may return a 200 from a clone.bundle request that is not a bundle file, but instead a login or access denied page. Instead of just checking the file size, actually check the first few bytes of the file to ensure it is a bundle file before proceeding. Change-Id: Icea07567c568a24fd838e5cf974c58f9e4abd7c0
This commit is contained in:
parent
710d4b0391
commit
91f3ba5a3f
13
project.py
13
project.py
@ -1804,7 +1804,7 @@ class Project(object):
|
|||||||
return False
|
return False
|
||||||
|
|
||||||
if os.path.exists(tmpPath):
|
if os.path.exists(tmpPath):
|
||||||
if curlret == 0 and os.stat(tmpPath).st_size > 16:
|
if curlret == 0 and self._IsValidBundle(tmpPath):
|
||||||
os.rename(tmpPath, dstPath)
|
os.rename(tmpPath, dstPath)
|
||||||
return True
|
return True
|
||||||
else:
|
else:
|
||||||
@ -1813,6 +1813,17 @@ class Project(object):
|
|||||||
else:
|
else:
|
||||||
return False
|
return False
|
||||||
|
|
||||||
|
def _IsValidBundle(self, path):
|
||||||
|
try:
|
||||||
|
with open(path) as f:
|
||||||
|
if f.read(16) == '# v2 git bundle\n':
|
||||||
|
return True
|
||||||
|
else:
|
||||||
|
print("Invalid clone.bundle file; ignoring.", file=sys.stderr)
|
||||||
|
return False
|
||||||
|
except OSError:
|
||||||
|
return False
|
||||||
|
|
||||||
def _Checkout(self, rev, quiet=False):
|
def _Checkout(self, rev, quiet=False):
|
||||||
cmd = ['checkout']
|
cmd = ['checkout']
|
||||||
if quiet:
|
if quiet:
|
||||||
|
Loading…
Reference in New Issue
Block a user