From 66550feb26f091f645d9e25ad0febef6d3d8f2eb Mon Sep 17 00:00:00 2001 From: Ross Burton Date: Mon, 13 Aug 2018 18:20:54 +0100 Subject: classes: sanity-check LIC_FILES_CHKSUM We assume that LIC_FILES_CHKSUM is a file: URI but don't actually verify this, which can lead to problems if you have a URI that resolves to a path of / as Bitbake will then dutifully checksum / recursively. [ YOCTO #12883 ] (From OE-Core rev: e2b8a3d5a10868f9c0dec8d7b9f5f89fdd100fc8) (From OE-Core rev: f6f54155420ae54a34f1ab87e76623c536adf2f9) Signed-off-by: Ross Burton Signed-off-by: Richard Purdie Signed-off-by: Armin Kuster Signed-off-by: Richard Purdie --- meta/classes/base.bbclass | 4 ++-- meta/classes/license.bbclass | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass index bd0d6e3ca6..3014767b8a 100644 --- a/meta/classes/base.bbclass +++ b/meta/classes/base.bbclass @@ -100,8 +100,8 @@ def get_lic_checksum_file_list(d): # We only care about items that are absolute paths since # any others should be covered by SRC_URI. try: - path = bb.fetch.decodeurl(url)[2] - if not path: + (method, host, path, user, pswd, parm) = bb.fetch.decodeurl(url) + if method != "file" or not path: raise bb.fetch.MalformedUrl(url) if path[0] == '/': diff --git a/meta/classes/license.bbclass b/meta/classes/license.bbclass index d353110464..82fab9c63b 100644 --- a/meta/classes/license.bbclass +++ b/meta/classes/license.bbclass @@ -482,7 +482,9 @@ def find_license_files(d): for url in lic_files.split(): try: - (type, host, path, user, pswd, parm) = bb.fetch.decodeurl(url) + (method, host, path, user, pswd, parm) = bb.fetch.decodeurl(url) + if method != "file" or not path: + raise bb.fetch.MalformedUrl() except bb.fetch.MalformedUrl: bb.fatal("%s: LIC_FILES_CHKSUM contains an invalid URL: %s" % (d.getVar('PF'), url)) # We want the license filename and path -- cgit v1.2.3-54-g00ecf