summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2018-08-13 18:20:54 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-08-14 11:36:31 +0100
commita316be88cddffe448faa242536d1e6d8279554fb (patch)
tree685bd66afe48be133bc1e589b7c55407c5d02b01
parent4b2513defabcc3659d129137f82f9a73dec2f472 (diff)
downloadpoky-a316be88cddffe448faa242536d1e6d8279554fb.tar.gz
classes: sanity-check LIC_FILES_CHKSUM
We assume that LIC_FILES_CHKSUM is a file: URI but don't actually verify this, which can lead to problems if you have a URI that resolves to a path of / as Bitbake will then dutifully checksum / recursively. [ YOCTO #12883 ] (From OE-Core rev: e2b8a3d5a10868f9c0dec8d7b9f5f89fdd100fc8) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/base.bbclass4
-rw-r--r--meta/classes/license.bbclass4
2 files changed, 5 insertions, 3 deletions
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index 1a359a04b7..df11c8b270 100644
--- a/meta/classes/base.bbclass
+++ b/meta/classes/base.bbclass
@@ -100,8 +100,8 @@ def get_lic_checksum_file_list(d):
100 # We only care about items that are absolute paths since 100 # We only care about items that are absolute paths since
101 # any others should be covered by SRC_URI. 101 # any others should be covered by SRC_URI.
102 try: 102 try:
103 path = bb.fetch.decodeurl(url)[2] 103 (method, host, path, user, pswd, parm) = bb.fetch.decodeurl(url)
104 if not path: 104 if method != "file" or not path:
105 raise bb.fetch.MalformedUrl(url) 105 raise bb.fetch.MalformedUrl(url)
106 106
107 if path[0] == '/': 107 if path[0] == '/':
diff --git a/meta/classes/license.bbclass b/meta/classes/license.bbclass
index 2ac15a1bc8..4cf7f074fc 100644
--- a/meta/classes/license.bbclass
+++ b/meta/classes/license.bbclass
@@ -205,7 +205,9 @@ def find_license_files(d):
205 205
206 for url in lic_files.split(): 206 for url in lic_files.split():
207 try: 207 try:
208 (type, host, path, user, pswd, parm) = bb.fetch.decodeurl(url) 208 (method, host, path, user, pswd, parm) = bb.fetch.decodeurl(url)
209 if method != "file" or not path:
210 raise bb.fetch.MalformedUrl()
209 except bb.fetch.MalformedUrl: 211 except bb.fetch.MalformedUrl:
210 bb.fatal("%s: LIC_FILES_CHKSUM contains an invalid URL: %s" % (d.getVar('PF'), url)) 212 bb.fatal("%s: LIC_FILES_CHKSUM contains an invalid URL: %s" % (d.getVar('PF'), url))
211 # We want the license filename and path 213 # We want the license filename and path