diff options
author | Karen Arutyunov <karen@codesynthesis.com> | 2018-09-19 15:44:36 +0300 |
---|---|---|
committer | Karen Arutyunov <karen@codesynthesis.com> | 2018-10-11 00:13:41 +0300 |
commit | 6a2f1fa7da3b35dd9ec8d1431163f4cbeb808f7e (patch) | |
tree | 5878fcdca24f435b1561c5c1906a699f84b095c8 | |
parent | e62ff8b6f68af6d7b70a8482839ab81a732fd6ac (diff) |
Verify that task repository location is remote
-rw-r--r-- | bbot/agent/agent.cxx | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/bbot/agent/agent.cxx b/bbot/agent/agent.cxx index 4760578..82a5f69 100644 --- a/bbot/agent/agent.cxx +++ b/bbot/agent/agent.cxx @@ -1044,7 +1044,7 @@ try } else { - for (const string& u: controllers) + for (string& u: controllers) { task_response_manifest r; @@ -1101,14 +1101,23 @@ try if (!r.session.empty ()) // Got a task. { - url = u; - const task_manifest& t (*r.task); + + // For security reasons let's require the repository location to be + // remote. + // + if (t.repository.local ()) + { + error << "local repository from " << u << ": " << t.repository; + continue; + } + l2 ([&]{trace << "task for " << t.name << '/' << t.version << " " << "on " << t.machine << " " - << "from " << url;}); + << "from " << u;}); - tr = move (r); + tr = move (r); + url = move (u); break; } } |