diff options
| author | Alberto Sartori <alberto.sartori@huawei.com> | 2023-11-15 16:08:18 +0100 |
|---|---|---|
| committer | Alberto Sartori <alberto.sartori@huawei.com> | 2023-11-15 16:43:33 +0100 |
| commit | 808352e5473f90b4042370e037788d3793f4b8c3 (patch) | |
| tree | 1e49afff0eeafe875796d063f06a0941ff541255 /src/buildtool/execution_api/execution_service/execution_server.cpp | |
| parent | e3e3cba99c06d1ee56200800fce727f8c5dd4d41 (diff) | |
| download | justbuild-808352e5473f90b4042370e037788d3793f4b8c3.tar.gz | |
just-execute: verify the validity of all the hashes received over the wire
Diffstat (limited to 'src/buildtool/execution_api/execution_service/execution_server.cpp')
| -rw-r--r-- | src/buildtool/execution_api/execution_service/execution_server.cpp | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/src/buildtool/execution_api/execution_service/execution_server.cpp b/src/buildtool/execution_api/execution_service/execution_server.cpp index 9705ad57..c6789235 100644 --- a/src/buildtool/execution_api/execution_service/execution_server.cpp +++ b/src/buildtool/execution_api/execution_service/execution_server.cpp @@ -26,6 +26,7 @@ #include "src/buildtool/execution_api/execution_service/operation_cache.hpp" #include "src/buildtool/file_system/file_system_manager.hpp" #include "src/buildtool/storage/garbage_collector.hpp" +#include "src/utils/cpp/verify_hash.hpp" static void UpdateTimeStamp(::google::longrunning::Operation* op) { ::google::protobuf::Timestamp t; @@ -40,6 +41,10 @@ auto ExecutionServiceImpl::GetAction(::bazel_re::ExecuteRequest const* request) const noexcept -> std::pair<std::optional<::bazel_re::Action>, std::optional<std::string>> { // get action description + if (auto error_msg = IsAHash(request->action_digest().hash()); error_msg) { + logger_.Emit(LogLevel::Error, *error_msg); + return {std::nullopt, *error_msg}; + } auto path = storage_->CAS().BlobPath(request->action_digest(), false); if (!path) { auto str = fmt::format("could not retrieve blob {} from cas", @@ -57,7 +62,11 @@ auto ExecutionServiceImpl::GetAction(::bazel_re::ExecuteRequest const* request) return {std::nullopt, str}; } } - + if (auto error_msg = IsAHash(action.input_root_digest().hash()); + error_msg) { + logger_.Emit(LogLevel::Error, *error_msg); + return {std::nullopt, *error_msg}; + } path = Compatibility::IsCompatible() ? storage_->CAS().BlobPath(action.input_root_digest(), false) : storage_->CAS().TreePath(action.input_root_digest()); @@ -74,7 +83,10 @@ auto ExecutionServiceImpl::GetAction(::bazel_re::ExecuteRequest const* request) auto ExecutionServiceImpl::GetCommand(::bazel_re::Action const& action) const noexcept -> std::pair<std::optional<::bazel_re::Command>, std::optional<std::string>> { - + if (auto error_msg = IsAHash(action.command_digest().hash()); error_msg) { + logger_.Emit(LogLevel::Error, *error_msg); + return {std::nullopt, *error_msg}; + } auto path = storage_->CAS().BlobPath(action.command_digest(), false); if (!path) { auto str = fmt::format("could not retrieve blob {} from cas", @@ -488,6 +500,10 @@ auto ExecutionServiceImpl::WaitExecution( ::grpc::ServerWriter<::google::longrunning::Operation>* writer) -> ::grpc::Status { auto const& hash = request->name(); + if (auto error_msg = IsAHash(hash); error_msg) { + logger_.Emit(LogLevel::Error, *error_msg); + return ::grpc::Status{::grpc::StatusCode::INVALID_ARGUMENT, *error_msg}; + } logger_.Emit(LogLevel::Trace, "WaitExecution: {}", hash); std::optional<::google::longrunning::Operation> op; do { |