diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2018-01-10 21:38:08 +0100 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2018-01-11 00:00:02 +0100 |
| commit | 39d1e9654c102339f3d99b0e52a49639182f972b (patch) | |
| tree | 17158d104e6c2031d36b6b5157abecc1d5707ba0 /guix/store.scm | |
| parent | 17af5d51de7c40756a4a39d336f81681de2ba447 (diff) | |
| download | gnu-guix-39d1e9654c102339f3d99b0e52a49639182f972b.tar gnu-guix-39d1e9654c102339f3d99b0e52a49639182f972b.tar.gz | |
store: Fix potential over-reads in 'import-paths'.
Previously 'process-stderr' would always pass a bytevector of MAX-LEN to
then daemon in the %stderr-read case (i.e., 'import-paths'), instead of
LEN (where LEN <= MAX-LEN).
In practice the extra bytes didn't cause a protocol violation or
anything because they happen at the end of the stream, which typically
contains the canonical sexp of the signature, and the extra zeros were
just ignored.
* guix/serialization.scm (write-bytevector): Add optional 'l' parameter
and honor it.
* guix/store.scm (process-stderr): Pass LEN to 'write-bytevector'.
Diffstat (limited to 'guix/store.scm')
| -rw-r--r-- | guix/store.scm | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/guix/store.scm b/guix/store.scm index 89db46b8e6..6742611c6f 100644 --- a/guix/store.scm +++ b/guix/store.scm @@ -609,7 +609,7 @@ encoding conversion errors." (let* ((max-len (read-int p)) (data (make-bytevector max-len)) (len (get-bytevector-n! user-port data 0 max-len))) - (write-bytevector data p) + (write-bytevector data p len) #f)) ((= k %stderr-next) ;; Log a string. Build logs are usually UTF-8-encoded, but they |