nixos/nix
1
1
Fork 0
mirror of https://github.com/NixOS/nix.git synced 2025-12-09 10:31:02 +01:00
Code Activity

Fix Non-virtual interface pattern for RestrictedStore::addDependency

Browse source 
I didn't do things quite right in 496e43ec72:

- Forgot to remove the now-redundant `isAllowed` check.

- Called the non-virtual, not the superclass's impl, in
  `addDependencyPrep`, causing bad recursion / UB.

Doing this fixes a crash I encountered with manual testing an Nix Ninja
--- hopefully we will get Nix Ninja or similar in a NixOS test longer
term to defend against this thing happening again.
This commit is contained in:
John Ericson 2025-12-07 11:30:46 -05:00
parent 42d7d9676d
commit 4652345ac3
2 changed files with 1 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/libstore/unix/build/chroot-derivation-builder.cc
View file

@ -181,7 +181,7 @@ struct ChrootDerivationBuilder : virtual DerivationBuilderImpl
std::pair<Path, Path> addDependencyPrep(const StorePath & path) std::pair<Path, Path> addDependencyPrep(const StorePath & path)
{ {
DerivationBuilderImpl::addDependency(path); DerivationBuilderImpl::addDependencyImpl(path);
debug("materialising '%s' in the sandbox", store.printStorePath(path)); debug("materialising '%s' in the sandbox", store.printStorePath(path));

3
src/libstore/unix/build/linux-derivation-builder.cc
View file

@ -711,9 +711,6 @@ struct ChrootLinuxDerivationBuilder : ChrootDerivationBuilder, LinuxDerivationBu
void addDependencyImpl(const StorePath & path) override void addDependencyImpl(const StorePath & path) override
{ {
if (isAllowed(path))
return;
auto [source, target] = ChrootDerivationBuilder::addDependencyPrep(path); auto [source, target] = ChrootDerivationBuilder::addDependencyPrep(path);
/* Bind-mount the path into the sandbox. This requires /* Bind-mount the path into the sandbox. This requires