Ensure clone.bundle files have proper header

Server auth middleware may return a 200 from a clone.bundle request that is not a bundle file, but instead a login or access denied page. Instead of just checking the file size, actually check the first few bytes of the file to ensure it is a bundle file before proceeding. Change-Id: Icea07567c568a24fd838e5cf974c58f9e4abd7c0
author: Dave Borowitz <dborowitz@google.com> 2013-06-03 12:15:23 -0700
committer: Dave Borowitz <dborowitz@google.com> 2013-06-04 00:12:01 +0000
commit: 91f3ba5a3f6e3c76577b94c0a6c31974d5a3f077 (patch)
tree: f24f107433374a5ae8264af2dbfbf01b59703dc8 /project.py
parent: 710d4b03911bc6fc0b313af56e81b957ccae2348 (diff)
download: git-repo-91f3ba5a3f6e3c76577b94c0a6c31974d5a3f077.tar.gz
1 files changed, 12 insertions, 1 deletions
diff --git a/project.py b/project.py
index 5a7a6ca8..18e1131d 100644
--- a/project.py
+++ b/project.py
@@ -1804,7 +1804,7 @@ class Project(object):
      return False
    if os.path.exists(tmpPath):
-      if curlret == 0 and os.stat(tmpPath).st_size > 16:
+      if curlret == 0 and self._IsValidBundle(tmpPath):
        os.rename(tmpPath, dstPath)
        return True
      else:
@@ -1813,6 +1813,17 @@ class Project(object):
    else:
      return False
+  def _IsValidBundle(self, path):
+    try:
+      with open(path) as f:
+        if f.read(16) == '# v2 git bundle\n':
+          return True
+        else:
+          print("Invalid clone.bundle file; ignoring.", file=sys.stderr)
+          return False
+    except OSError:
+      return False
  def _Checkout(self, rev, quiet=False):
    cmd = ['checkout']
    if quiet:
author	Dave Borowitz <dborowitz@google.com>	2013-06-03 12:15:23 -0700
committer	Dave Borowitz <dborowitz@google.com>	2013-06-04 00:12:01 +0000
commit	91f3ba5a3f6e3c76577b94c0a6c31974d5a3f077 (patch)
tree	f24f107433374a5ae8264af2dbfbf01b59703dc8 /project.py
parent	710d4b03911bc6fc0b313af56e81b957ccae2348 (diff)
download	git-repo-91f3ba5a3f6e3c76577b94c0a6c31974d5a3f077.tar.gz