From: Ciaran Gultnieks <ciaran@ciarang.com>
Date: Sat, 31 Jan 2015 12:07:33 +0000 (+0000)
Subject: Improve validation of fdroid import page parsing
X-Git-Tag: 0.4.0~126
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=95ff6de599751892b7a52abe919bd7322156176b;p=fdroidserver.git

Improve validation of fdroid import page parsing
---

diff --git a/fdroidserver/import.py b/fdroidserver/import.py
index c837fffd..9f3e42ea 100644
--- a/fdroidserver/import.py
+++ b/fdroidserver/import.py
@@ -226,6 +226,16 @@ def main():
         logging.error("the manual for a list of supported formats, and supply one of those.")
         sys.exit(1)
 
+    # Ensure we have a sensible-looking repo address at this point. If not, we
+    # might have got a page format we weren't expecting. (Note that we
+    # specifically don't want git@...)
+    if ((repotype != 'bzr' and (not repo.startswith('http://') and
+        not repo.startswith('https://') and
+        not repo.startswith('git://'))) or
+            ' ' in repo):
+        logging.error("Repo address '{0}' does not seem to be valid".format(repo))
+        sys.exit(1)
+
     # Get a copy of the source so we can extract some info...
     logging.info('Getting source from ' + repotype + ' repo at ' + repo)
     src_dir = os.path.join(tmp_dir, 'importer')