lib/refs: Add runtime error checking for collection ID validity

Instead of treating it as a programming error — given that it’s user
input, that’s not really appropriate. This modifies write_ref() and
list_collection_refs() to implement validation.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
Closes: #924
Approved by: cgwalters

diff --git a/src/libostree/ostree-repo-refs.c b/src/libostree/ostree-repo-refs.c
index 849d5d8f9090d6a57ecc548a664177b038cc5ec2..491f22bd236bb3d86bd79c3aabc88df8aaee0dff 100644 (file)
--- a/src/libostree/ostree-repo-refs.c
+++ b/src/libostree/ostree-repo-refs.c
@@ -769,6 +769,13 @@ _ostree_repo_write_ref (OstreeRepo                 *self,
 
   g_return_val_if_fail (remote == NULL || ref->collection_id == NULL, FALSE);
 
+  if (remote != NULL && !ostree_validate_remote_name (remote, error))
+    return FALSE;
+  if (ref->collection_id != NULL && !ostree_validate_collection_id (ref->collection_id, error))
+    return FALSE;
+  if (!ostree_validate_rev (ref->ref_name, error))
+    return FALSE;
+
   if (remote == NULL &&
       (ref->collection_id == NULL || g_strcmp0 (ref->collection_id, ostree_repo_get_collection_id (self)) == 0))
     {
@@ -928,11 +935,12 @@ ostree_repo_list_collection_refs (OstreeRepo    *self,
                                   GError       **error)
 {
   g_return_val_if_fail (OSTREE_IS_REPO (self), FALSE);
-  g_return_val_if_fail (match_collection_id == NULL ||
-                        ostree_validate_collection_id (match_collection_id, NULL), FALSE);
   g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), FALSE);
   g_return_val_if_fail (error == NULL || *error == NULL, FALSE);
 
+  if (match_collection_id != NULL && !ostree_validate_collection_id (match_collection_id, error))
+    return FALSE;
+
   g_autoptr(GHashTable) ret_all_refs = NULL;
 
   ret_all_refs = g_hash_table_new_full (ostree_collection_ref_hash,