summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@intel.com>2018-08-13 17:20:54 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-08-30 14:57:44 (GMT)
commit66550feb26f091f645d9e25ad0febef6d3d8f2eb (patch)
treef5a4c6306e64ef58f9e5f70476d0c9c2b205a3d6
parent02b05d1ff48e0bfe57fc7d19dc7fbf2d1c80fc09 (diff)
downloadpoky-66550feb26f091f645d9e25ad0febef6d3d8f2eb.tar.gz
classes: sanity-check LIC_FILES_CHKSUM
We assume that LIC_FILES_CHKSUM is a file: URI but don't actually verify this, which can lead to problems if you have a URI that resolves to a path of / as Bitbake will then dutifully checksum / recursively. [ YOCTO #12883 ] (From OE-Core rev: e2b8a3d5a10868f9c0dec8d7b9f5f89fdd100fc8) (From OE-Core rev: f6f54155420ae54a34f1ab87e76623c536adf2f9) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/base.bbclass4
-rw-r--r--meta/classes/license.bbclass4
2 files changed, 5 insertions, 3 deletions
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index bd0d6e3..3014767 100644
--- a/meta/classes/base.bbclass
+++ b/meta/classes/base.bbclass
@@ -100,8 +100,8 @@ def get_lic_checksum_file_list(d):
100 # We only care about items that are absolute paths since 100 # We only care about items that are absolute paths since
101 # any others should be covered by SRC_URI. 101 # any others should be covered by SRC_URI.
102 try: 102 try:
103 path = bb.fetch.decodeurl(url)[2] 103 (method, host, path, user, pswd, parm) = bb.fetch.decodeurl(url)
104 if not path: 104 if method != "file" or not path:
105 raise bb.fetch.MalformedUrl(url) 105 raise bb.fetch.MalformedUrl(url)
106 106
107 if path[0] == '/': 107 if path[0] == '/':
diff --git a/meta/classes/license.bbclass b/meta/classes/license.bbclass
index d353110..82fab9c 100644
--- a/meta/classes/license.bbclass
+++ b/meta/classes/license.bbclass
@@ -482,7 +482,9 @@ def find_license_files(d):
482 482
483 for url in lic_files.split(): 483 for url in lic_files.split():
484 try: 484 try:
485 (type, host, path, user, pswd, parm) = bb.fetch.decodeurl(url) 485 (method, host, path, user, pswd, parm) = bb.fetch.decodeurl(url)
486 if method != "file" or not path:
487 raise bb.fetch.MalformedUrl()
486 except bb.fetch.MalformedUrl: 488 except bb.fetch.MalformedUrl:
487 bb.fatal("%s: LIC_FILES_CHKSUM contains an invalid URL: %s" % (d.getVar('PF'), url)) 489 bb.fatal("%s: LIC_FILES_CHKSUM contains an invalid URL: %s" % (d.getVar('PF'), url))
488 # We want the license filename and path 490 # We want the license filename and path