nixos/nix
1
1
Fork 0
mirror of https://github.com/NixOS/nix.git synced 2025-11-08 19:46:02 +01:00
Code Activity

Merge pull request #14111 from Mic92/symlinks

Browse source 
Prevent infinite symlink loop in followLinksToStore()
This commit is contained in:
Jörg Thalheim 2025-09-29 13:49:19 +02:00 committed by GitHub
commit f816b9bcb8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/libstore/store-api.cc
View file

@ -58,12 +58,22 @@ std::pair<StorePath, Path> StoreDirConfig::toStorePath(PathView path) const
Path Store::followLinksToStore(std::string_view _path) const
{
Path path = absPath(std::string(_path));
// Limit symlink follows to prevent infinite loops
unsigned int followCount = 0;
const unsigned int maxFollow = 1024;
while (!isInStore(path)) {
if (!std::filesystem::is_symlink(path))
break;
if (++followCount >= maxFollow)
throw Error("too many symbolic links encountered while resolving '%s'", _path);
auto target = readLink(path);
path = absPath(target, dirOf(path));
}
if (!isInStore(path))
throw BadStorePath("path '%1%' is not in the Nix store", path);
return path;