]> Cypherpunks repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6901096)
cmd/go: fix detection of unexpected files in downloaded zips
authorRuss Cox <rsc@golang.org>
Tue, 13 Nov 2018 14:28:33 +0000 (09:28 -0500)
committerRuss Cox <rsc@golang.org>
Fri, 16 Nov 2018 17:49:55 +0000 (17:49 +0000)
A bug in the old code was indirectly causing a confusing print,
but CL 131635 fixed the print instead of the surrounding code.
Fix the surrounding code, restore the old print, and test that the
error is actually reported (it was being ignored in a direct go get
but displaying in go build).

Change-Id: I03c21380fce481060c443b0cc820f3617497fdd9
Reviewed-on: https://go-review.googlesource.com/c/149317
Reviewed-by: Bryan C. Mills <bcmills@google.com>
src/cmd/go/internal/modfetch/fetch.go patch | blob | history
src/cmd/go/internal/modget/get.go patch | blob | history
src/cmd/go/proxy_test.go patch | blob | history
src/cmd/go/testdata/mod/rsc.io_badzip_v1.0.0.txt [new file with mode: 0644] patch | blob
src/cmd/go/testdata/script/mod_load_badzip.txt [new file with mode: 0644] patch | blob

diff --git a/src/cmd/go/internal/modfetch/fetch.go b/src/cmd/go/internal/modfetch/fetch.go
index 8485932b42fca538fbfbf00c4fffc904d96bbbc8..9984595c05510f7151575637b6949a5a9459aceb 100644 (file)
--- a/src/cmd/go/internal/modfetch/fetch.go
+++ b/src/cmd/go/internal/modfetch/fetch.go
@@ -119,11 +119,11 @@ func downloadZip(mod module.Version, target string) error {
        if err != nil {
                return err
        }
-       prefix := mod.Path + "@" + mod.Version
+       prefix := mod.Path + "@" + mod.Version + "/"
        for _, f := range z.File {
                if !strings.HasPrefix(f.Name, prefix) {
                        z.Close()
-                       return fmt.Errorf("zip for %s has unexpected file %s", prefix, f.Name)
+                       return fmt.Errorf("zip for %s has unexpected file %s", prefix[:len(prefix)-1], f.Name)
                }
        }
        z.Close()
diff --git a/src/cmd/go/internal/modget/get.go b/src/cmd/go/internal/modget/get.go
index ffc9a12f9536438576bc7e4c2f00008bd0bf5d37..c2e134c2d695dc91aac13a642ca6121a866e0180 100644 (file)
--- a/src/cmd/go/internal/modget/get.go
+++ b/src/cmd/go/internal/modget/get.go
@@ -534,9 +534,11 @@ func runGet(cmd *base.Command, args []string) {
                                        // module root.
                                        continue
                                }
+                               base.Errorf("%s", p.Error)
                        }
                        todo = append(todo, p)
                }
+               base.ExitIfErrors()
 
                // If -d was specified, we're done after the download: no build.
                // (The load.PackagesAndErrors is what did the download
diff --git a/src/cmd/go/proxy_test.go b/src/cmd/go/proxy_test.go
index 97fc4b0e80735c2b45f78fd505d1db929eb66bd3..830cea029b7ac2ef4787fa8b22f91170296aacfa 100644 (file)
--- a/src/cmd/go/proxy_test.go
+++ b/src/cmd/go/proxy_test.go
@@ -197,7 +197,13 @@ func proxyHandler(w http.ResponseWriter, r *http.Request) {
                                if strings.HasPrefix(f.Name, ".") {
                                        continue
                                }
-                               zf, err := z.Create(path + "@" + vers + "/" + f.Name)
+                               var zipName string
+                               if strings.HasPrefix(f.Name, "/") {
+                                       zipName = f.Name[1:]
+                               } else {
+                                       zipName = path + "@" + vers + "/" + f.Name
+                               }
+                               zf, err := z.Create(zipName)
                                if err != nil {
                                        return cached{nil, err}
                                }
diff --git a/src/cmd/go/testdata/mod/rsc.io_badzip_v1.0.0.txt b/src/cmd/go/testdata/mod/rsc.io_badzip_v1.0.0.txt
new file mode 100644 (file)
index 0000000..07a38fa
--- /dev/null
+++ b/src/cmd/go/testdata/mod/rsc.io_badzip_v1.0.0.txt
@@ -0,0 +1,11 @@
+rsc.io/badzip v1.0.0
+written by hand
+
+-- .mod --
+module rsc.io/badzip
+-- .info --
+{"Version":"v1.0.0"}
+-- x.go --
+package x
+-- /rsc.io/badzip@v1.0.0.txt --
+This file should not be here.
diff --git a/src/cmd/go/testdata/script/mod_load_badzip.txt b/src/cmd/go/testdata/script/mod_load_badzip.txt
new file mode 100644 (file)
index 0000000..95513de
--- /dev/null
+++ b/src/cmd/go/testdata/script/mod_load_badzip.txt
@@ -0,0 +1,11 @@
+# Zip files with unexpected file names inside should be rejected.
+env GO111MODULE=on
+
+! go get -d rsc.io/badzip
+stderr 'zip for rsc.io/badzip@v1.0.0 has unexpected file rsc.io/badzip@v1.0.0.txt'
+
+! go build rsc.io/badzip
+stderr 'zip for rsc.io/badzip@v1.0.0 has unexpected file rsc.io/badzip@v1.0.0.txt'
+
+-- go.mod --
+module m
Go GOST TLS 1.3