]> code.octet-stream.net Git - hashgood/blobdiff - src/verify.rs
Exit with non-zero exit code if a verification fails
[hashgood] / src / verify.rs
index 3d92964c8a2182ba7402b1129bc337e717ad0f04..0f2d1d88325de4e19b90da50479bd75b6fd81b52 100644 (file)
@@ -8,7 +8,7 @@ use std::fs::File;
 use std::io;
 use std::io::prelude::*;
 use std::io::BufReader;
-use std::path::PathBuf;
+use std::path::Path;
 
 /// Calculate a list of candidate hashes based on the options specified.
 /// If no hash options have been specified returns None.
@@ -61,20 +61,20 @@ fn get_from_clipboard() -> Result<CandidateHashes, String> {
             filename: None,
             bytes,
         };
-        return Ok(CandidateHashes {
+        Ok(CandidateHashes {
             alg,
             hashes: vec![candidate],
             source: VerificationSource::Clipboard,
-        });
+        })
     }
     #[cfg(not(feature = "paste"))]
     {
-        return Err("Paste not implemented".to_owned());
+        Err("Paste not implemented".to_owned())
     }
 }
 
 /// Generate a candidate hash from the digests file specified (could be "-" for STDIN), or throw an error.
-fn get_from_file(path: &PathBuf) -> Result<CandidateHashes, String> {
+fn get_from_file(path: &Path) -> Result<CandidateHashes, String> {
     // Get a reader for either standard input or the chosen path
     let reader: Box<dyn Read> = if path.to_str() == Some("-") {
         Box::new(std::io::stdin())
@@ -96,7 +96,7 @@ fn get_from_file(path: &PathBuf) -> Result<CandidateHashes, String> {
     let line = line.trim().to_owned();
 
     // Does our first line look like a raw hash on its own? If so, use that
-    if let Some(candidate) = read_raw_candidate_from_file(&line, &path) {
+    if let Some(candidate) = read_raw_candidate_from_file(&line, path) {
         return Ok(candidate);
     }
 
@@ -105,7 +105,7 @@ fn get_from_file(path: &PathBuf) -> Result<CandidateHashes, String> {
     let full_lines = vec![Ok(line)].into_iter().chain(reader.lines());
 
     // Does the entire file look like a coreutils-style digests file? (SHA1SUMS, etc.)
-    if let Some(candidate) = read_coreutils_digests_from_file(full_lines, &path) {
+    if let Some(candidate) = read_coreutils_digests_from_file(full_lines, path) {
         return Ok(candidate);
     }
 
@@ -129,11 +129,11 @@ fn try_parse_hash(s: &str) -> Option<(Algorithm, Vec<u8>)> {
     Some((alg, bytes))
 }
 
-fn read_raw_candidate_from_file(line: &str, path: &PathBuf) -> Option<CandidateHashes> {
+fn read_raw_candidate_from_file(line: &str, path: &Path) -> Option<CandidateHashes> {
     let (alg, bytes) = try_parse_hash(line)?;
     Some(CandidateHashes {
         alg,
-        source: VerificationSource::RawFile(path.clone()),
+        source: VerificationSource::RawFile(path.to_string_lossy().to_string()),
         hashes: vec![CandidateHash {
             bytes,
             filename: None,
@@ -141,47 +141,56 @@ fn read_raw_candidate_from_file(line: &str, path: &PathBuf) -> Option<CandidateH
     })
 }
 
-fn read_coreutils_digests_from_file<I, S>(lines: I, path: &PathBuf) -> Option<CandidateHashes>
+fn read_coreutils_digests_from_file<I, S>(lines: I, path: &Path) -> Option<CandidateHashes>
 where
     I: Iterator<Item = io::Result<S>>,
     S: AsRef<str>,
 {
     let mut hashes = vec![];
     let mut alg: Option<Algorithm> = None;
-    for l in lines {
-        if let Ok(l) = l {
-            let l = l.as_ref().trim();
-            // Allow (ignore) blank lines
-            if l.is_empty() {
-                continue;
-            }
-            // Expected format
-            // <valid-hash><space><space-or-*><filename>
-            let (line_alg, bytes, filename) = match l
-                .find(' ')
-                .and_then(|space_pos| (l.get(0..space_pos)).zip(l.get(space_pos + 2..)))
-                .and_then(|(maybe_hash, filename)| {
+    for l in lines.flatten() {
+        let l = l.as_ref().trim();
+        // Allow (ignore) blank lines
+        if l.is_empty() {
+            continue;
+        }
+        // Expected format
+        // <valid-hash><space><space-or-*><filename>
+        let (line_alg, bytes, filename) = match l
+            .find(' ')
+            .and_then(|space_pos| {
+                // Char before filename should be space for text or * for binary
+                match l.chars().nth(space_pos + 1) {
+                    Some(' ') | Some('*') => (l.get(..space_pos)).zip(l.get(space_pos + 2..)),
+                    _ => None,
+                }
+            })
+            .and_then(|(maybe_hash, filename)| {
+                // Filename should be in this position without extra whitespace
+                if filename.trim() == filename {
                     try_parse_hash(maybe_hash).map(|(alg, bytes)| (alg, bytes, filename))
-                }) {
-                Some(t) => t,
-                None => {
-                    // if we have a line with content we cannot parse, this is an error
-                    return None;
+                } else {
+                    None
                 }
-            };
-            if alg.is_some() && alg != Some(line_alg) {
-                // Different algorithms in the same digest file are not supported
+            }) {
+            Some(t) => t,
+            None => {
+                // if we have a line with content we cannot parse, this is an error
                 return None;
-            } else {
-                // If we are the first line, we define the overall algorithm
-                alg = Some(line_alg);
             }
-            // So far so good - create an entry for this line
-            hashes.push(CandidateHash {
-                bytes,
-                filename: Some(filename.to_owned()),
-            });
+        };
+        if alg.is_some() && alg != Some(line_alg) {
+            // Different algorithms in the same digest file are not supported
+            return None;
+        } else {
+            // If we are the first line, we define the overall algorithm
+            alg = Some(line_alg);
         }
+        // So far so good - create an entry for this line
+        hashes.push(CandidateHash {
+            bytes,
+            filename: Some(filename.to_owned()),
+        });
     }
 
     // It is a failure if we got zero hashes or we somehow don't know the algorithm
@@ -196,7 +205,7 @@ where
     // Otherwise all is well and we can return our results
     Some(CandidateHashes {
         alg,
-        source: VerificationSource::DigestsFile(path.clone()),
+        source: VerificationSource::DigestsFile(path.to_string_lossy().to_string()),
         hashes,
     })
 }
@@ -273,13 +282,11 @@ pub fn verify_hash<'a>(calculated: &Hash, candidates: &'a CandidateHashes) -> Ve
 
 #[cfg(test)]
 mod tests {
-    use std::path::Path;
-
     use super::*;
 
     #[test]
     fn test_read_raw_inputs() {
-        let example_path: PathBuf = "some_file".into();
+        let example_path = Path::new("some_file");
         let valid_md5 = "d229da563da18fe5d58cd95a6467d584";
         let valid_sha1 = "b314c7ebb7d599944981908b7f3ed33a30e78f3a";
         let valid_sha1_2 = valid_sha1.to_uppercase();
@@ -292,28 +299,28 @@ mod tests {
         let invalid5 = "1eb85fc97224598dad1852b5d 483bbcf0aa8608790dcc657a5a2a761ae9c8c6";
 
         assert!(matches!(
-            read_raw_candidate_from_file(valid_md5, &example_path),
+            read_raw_candidate_from_file(valid_md5, example_path),
             Some(CandidateHashes {
                 alg: Algorithm::Md5,
                 ..
             })
         ));
         assert!(matches!(
-            read_raw_candidate_from_file(valid_sha1, &example_path),
+            read_raw_candidate_from_file(valid_sha1, example_path),
             Some(CandidateHashes {
                 alg: Algorithm::Sha1,
                 ..
             })
         ));
         assert!(matches!(
-            read_raw_candidate_from_file(&valid_sha1_2, &example_path),
+            read_raw_candidate_from_file(&valid_sha1_2, example_path),
             Some(CandidateHashes {
                 alg: Algorithm::Sha1,
                 ..
             })
         ));
         assert!(matches!(
-            read_raw_candidate_from_file(valid_sha256, &example_path),
+            read_raw_candidate_from_file(valid_sha256, example_path),
             Some(CandidateHashes {
                 alg: Algorithm::Sha256,
                 ..
@@ -321,7 +328,7 @@ mod tests {
         ));
 
         for i in &[invalid1, invalid2, invalid3, invalid4, invalid5] {
-            assert!(read_raw_candidate_from_file(*i, &example_path).is_none());
+            assert!(read_raw_candidate_from_file(*i, example_path).is_none());
         }
     }
 
@@ -331,9 +338,9 @@ mod tests {
         75eb7420a9f5a260b04a3e8ad51e50f2838a17fc  lel.txt
 
         fe6c26d485a3573a1cb0ad0682f5105325a1905f  shasums";
-        let lines = shasums.lines().map(|l| std::io::Result::Ok(l));
-        let path = Path::new("SHASUMS").to_owned();
-        let candidates = read_coreutils_digests_from_file(lines, &path);
+        let lines = shasums.lines().map(std::io::Result::Ok);
+        let path = Path::new("SHASUMS");
+        let candidates = read_coreutils_digests_from_file(lines, path);
 
         assert_eq!(
             candidates,
@@ -353,8 +360,24 @@ mod tests {
                         filename: Some("shasums".to_owned()),
                     }
                 ],
-                source: VerificationSource::DigestsFile(path),
+                source: VerificationSource::DigestsFile(path.to_string_lossy().to_string()),
             })
         );
     }
+
+    #[test]
+    fn test_invalid_shasums() {
+        let no_format = "4b91f7a387a6edd4a7c0afb2897f1ca968c9695b cp";
+        let invalid_format = "4b91f7a387a6edd4a7c0afb2897f1ca968c9695b .cp";
+        let extra_space = "4b91f7a387a6edd4a7c0afb2897f1ca968c9695b   cp";
+
+        for digest in [no_format, invalid_format, extra_space] {
+            let lines = digest.lines().map(std::io::Result::Ok);
+            assert!(
+                read_coreutils_digests_from_file(lines, Path::new("SHASUMS")).is_none(),
+                "Should be invalid digest: {:?}",
+                digest
+            );
+        }
+    }
 }