classes: sanity-check LIC_FILES_CHKSUM

We assume that LIC_FILES_CHKSUM is a file: URI but don't actually verify this,
which can lead to problems if you have a URI that resolves to a path of / as
Bitbake will then dutifully checksum / recursively.

[ YOCTO #12883 ]

(From OE-Core rev: e2b8a3d5a10868f9c0dec8d7b9f5f89fdd100fc8)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index bb1f4b753365b53e2935e90d37d9e1374a7dff33..abb4eadf500267c87993013ee90bfa38cc422007 100644 (file)
--- a/meta/classes/base.bbclass
+++ b/meta/classes/base.bbclass
@@ -100,8 +100,8 @@ def get_lic_checksum_file_list(d):
         # We only care about items that are absolute paths since
         # any others should be covered by SRC_URI.
         try:
-            path = bb.fetch.decodeurl(url)[2]
-            if not path:
+            (method, host, path, user, pswd, parm) = bb.fetch.decodeurl(url)
+            if method != "file" or not path:
                 raise bb.fetch.MalformedUrl(url)
 
             if path[0] == '/':

diff --git a/meta/classes/license.bbclass b/meta/classes/license.bbclass
index 06dd4a8c1171c39bfc6b683978a8d66d5888134d..5103ed8533d6d8348be78784796f303bea156566 100644 (file)
--- a/meta/classes/license.bbclass
+++ b/meta/classes/license.bbclass
@@ -480,7 +480,9 @@ def find_license_files(d):
 
     for url in lic_files.split():
         try:
-            (type, host, path, user, pswd, parm) = bb.fetch.decodeurl(url)
+            (method, host, path, user, pswd, parm) = bb.fetch.decodeurl(url)
+            if method != "file" or not path:
+                raise bb.fetch.MalformedUrl()
         except bb.fetch.MalformedUrl:
             bb.fatal("%s: LIC_FILES_CHKSUM contains an invalid URL:  %s" % (d.getVar('PF'), url))
         # We want the license filename and path