Improve validation of fdroid import page parsing

author Ciaran Gultnieks <ciaran@ciarang.com>

Sat, 31 Jan 2015 12:07:33 +0000 (12:07 +0000)

committer Ciaran Gultnieks <ciaran@ciarang.com>

Sat, 31 Jan 2015 12:07:42 +0000 (12:07 +0000)
author Ciaran Gultnieks <ciaran@ciarang.com>
Sat, 31 Jan 2015 12:07:33 +0000 (12:07 +0000)
committer Ciaran Gultnieks <ciaran@ciarang.com>
Sat, 31 Jan 2015 12:07:42 +0000 (12:07 +0000)
diff --git a/fdroidserver/import.py b/fdroidserver/import.py

index c837fffdbd8e051d3275b5061a135455489a3a1c..9f3e42ea064f5de7372975115db2148c841d0907 100644 (file)
--- a/fdroidserver/import.py
+++ b/fdroidserver/import.py
@@ -226,6 +226,16 @@ def main():
          logging.error("the manual for a list of supported formats, and supply one of those.")
          sys.exit(1)
  
+    # Ensure we have a sensible-looking repo address at this point. If not, we
+    # might have got a page format we weren't expecting. (Note that we
+    # specifically don't want git@...)
+    if ((repotype != 'bzr' and (not repo.startswith('http://') and
+        not repo.startswith('https://') and
+        not repo.startswith('git://'))) or
+            ' ' in repo):
+        logging.error("Repo address '{0}' does not seem to be valid".format(repo))
+        sys.exit(1)
+
      # Get a copy of the source so we can extract some info...
      logging.info('Getting source from ' + repotype + ' repo at ' + repo)
      src_dir = os.path.join(tmp_dir, 'importer')
author	Ciaran Gultnieks <ciaran@ciarang.com>
	Sat, 31 Jan 2015 12:07:33 +0000 (12:07 +0000)
committer	Ciaran Gultnieks <ciaran@ciarang.com>
	Sat, 31 Jan 2015 12:07:42 +0000 (12:07 +0000)