From 0f18786b09e9729d79c0f14f7843b4d8402b6115 Mon Sep 17 00:00:00 2001 From: Tiago Quelhas Date: Mon, 29 Aug 2022 08:25:18 -0700 Subject: [PATCH] Do not crash on URIs without a host component. URIs such as `unix://...` (Unix domain socket) may legitimately be missing a host component. We should gracefully handle them when looking for a credential helper (no such helper can exist for them since the lookup is host-based, but this could change in the future). Fixes #16171 which is a regression in 5.3. We had some tests for this in remote_execution_test.sh, but they were disabled due to flakiness in 8e3c0df. I've filed #16185 to reenable them. Closes #16184. PiperOrigin-RevId: 470724658 Change-Id: Ibd7203546f00fe2335c14e7a5fa6d5bf64868bac --- .../credentialhelper/CredentialHelperProvider.java | 8 +++++++- .../credentialhelper/CredentialHelperProviderTest.java | 9 +++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/google/devtools/build/lib/authandtls/credentialhelper/CredentialHelperProvider.java b/src/main/java/com/google/devtools/build/lib/authandtls/credentialhelper/CredentialHelperProvider.java index ded7e5eab3c0d0..e13d1b40385a8b 100644 --- a/src/main/java/com/google/devtools/build/lib/authandtls/credentialhelper/CredentialHelperProvider.java +++ b/src/main/java/com/google/devtools/build/lib/authandtls/credentialhelper/CredentialHelperProvider.java @@ -16,6 +16,7 @@ import com.google.common.annotations.VisibleForTesting; import com.google.common.base.Preconditions; +import com.google.common.base.Strings; import com.google.common.collect.ImmutableMap; import com.google.devtools.build.lib.vfs.Path; import com.google.errorprone.annotations.Immutable; @@ -66,7 +67,12 @@ private CredentialHelperProvider( public Optional findCredentialHelper(URI uri) { Preconditions.checkNotNull(uri); - String host = Preconditions.checkNotNull(uri.getHost()); + String host = uri.getHost(); + if (Strings.isNullOrEmpty(host)) { + // Some URIs (e.g. unix://) legitimately have no host component. + return Optional.empty(); + } + Optional credentialHelper = findHostCredentialHelper(host) .or(() -> findWildcardCredentialHelper(host)) diff --git a/src/test/java/com/google/devtools/build/lib/authandtls/credentialhelper/CredentialHelperProviderTest.java b/src/test/java/com/google/devtools/build/lib/authandtls/credentialhelper/CredentialHelperProviderTest.java index 25b6c03ff8e6b2..89b6dbc6396b75 100644 --- a/src/test/java/com/google/devtools/build/lib/authandtls/credentialhelper/CredentialHelperProviderTest.java +++ b/src/test/java/com/google/devtools/build/lib/authandtls/credentialhelper/CredentialHelperProviderTest.java @@ -104,6 +104,15 @@ public void invalidPattern() throws Exception { assertInvalidPattern("foo-*.münchen.de"); } + @Test + public void uriWithoutHostComponent() throws Exception { + Path helper = fileSystem.getPath(EXAMPLE_COM_HELPER_PATH); + CredentialHelperProvider provider = + CredentialHelperProvider.builder().add("example.com", helper).build(); + + assertThat(provider.findCredentialHelper(URI.create("unix:///path/to/socket"))).isEmpty(); + } + @Test public void addNonExecutableDefaultHelper() throws Exception { Path helper = fileSystem.getPath("/path/to/non/executable");