test that downloaded binary artifacts are valid archives before computing checksum (#4116)

tomerd · web-flow · commit b4c58742ffc4 · 2022-02-10T12:18:05.000-08:00
motivation: a web-server may return an invalid archive file (say as a result of a redirect) which should emit a nicer error message instead of checksum mismatch

changes:
* add an Archiver::validate API
* implement the validate API uzing unzip -t
* add adjust tests

rdar://73225887
diff --git a/Sources/Basics/Archiver+Zip.swift b/Sources/Basics/Archiver+Zip.swift
@@ -44,9 +44,22 @@ public struct ZipArchiver: Archiver {
         Process.popen(arguments: ["unzip", archivePath.pathString, "-d", destinationPath.pathString], queue: .sharedConcurrent) { result in
             completion(result.tryMap { processResult in
                 guard processResult.exitStatus == .terminated(code: 0) else {
-                    throw try  StringError(processResult.utf8stderrOutput())
+                    throw try StringError(processResult.utf8stderrOutput())
                 }
             })
         }
     }
+
+    public func validate(path: AbsolutePath, completion: @escaping (Result<Bool, Error>) -> Void) {
+        guard fileSystem.exists(path) else {
+            completion(.failure(FileSystemError(.noEntry, path)))
+            return
+        }
+
+        Process.popen(arguments: ["unzip", "-t", path.pathString], queue: .sharedConcurrent) { result in
+            completion(result.tryMap { processResult in
+                return processResult.exitStatus == .terminated(code: 0)
+            })
+        }
+    }
 }
diff --git a/Sources/Basics/Archiver.swift b/Sources/Basics/Archiver.swift
@@ -26,4 +26,14 @@ public protocol Archiver {
         to destinationPath: AbsolutePath,
         completion: @escaping (Result<Void, Error>) -> Void
     )
+
+    /// Asynchronously validates if a file is an archive.
+    ///
+    /// - Parameters:
+    ///   - path: The `AbsolutePath` to the archive to validate.
+    ///   - completion: The completion handler that will be called when the operation finishes to notify of its success.
+    func validate(
+        path: AbsolutePath,
+        completion: @escaping (Result<Bool, Error>) -> Void
+    )
 }
diff --git a/Sources/SPMTestSupport/MockArchiver.swift b/Sources/SPMTestSupport/MockArchiver.swift
@@ -12,7 +12,8 @@ import Basics
 import TSCBasic
 
 public class MockArchiver: Archiver {
-    public typealias Handler = (MockArchiver, AbsolutePath, AbsolutePath, (Result<Void, Error>) -> Void) throws -> Void
+    public typealias ExtractionHandler = (MockArchiver, AbsolutePath, AbsolutePath, (Result<Void, Error>) -> Void) throws -> Void
+    public typealias ValidationHandler = (MockArchiver, AbsolutePath, (Result<Bool, Error>) -> Void) throws -> Void
 
     public struct Extraction: Equatable {
         public let archivePath: AbsolutePath
@@ -26,10 +27,16 @@ public class MockArchiver: Archiver {
 
     public let supportedExtensions: Set<String> = ["zip"]
     public let extractions = ThreadSafeArrayStore<Extraction>()
-    public let handler: Handler?
+    public let extractionHandler: ExtractionHandler?
+    public let validationHandler: ValidationHandler?
 
-    public init(handler: Handler? = nil) {
-        self.handler = handler
+    public convenience init(handler: ExtractionHandler? = nil) {
+        self.init(extractionHandler: handler, validationHandler: nil)
+    }
+
+    public init(extractionHandler: ExtractionHandler? = nil, validationHandler: ValidationHandler? = nil) {
+        self.extractionHandler = extractionHandler
+        self.validationHandler = validationHandler
     }
 
     public func extract(
@@ -38,7 +45,7 @@ public class MockArchiver: Archiver {
         completion: @escaping (Result<Void, Error>) -> Void
     ) {
         do {
-            if let handler = self.handler {
+            if let handler = self.extractionHandler {
                 try handler(self, archivePath, destinationPath, completion)
             } else {
                 self.extractions.append(Extraction(archivePath: archivePath, destinationPath: destinationPath))
@@ -48,4 +55,16 @@ public class MockArchiver: Archiver {
             completion(.failure(error))
         }
     }
+
+    public func validate(path: AbsolutePath, completion: @escaping (Result<Bool, Error>) -> Void) {
+        do {
+            if let handler = self.validationHandler {
+                try handler(self, path, completion)
+            } else {
+                completion(.success(true))
+            }
+        } catch {
+            completion(.failure(error))
+        }
+    }
 }
diff --git a/Sources/SPMTestSupport/MockRegistry.swift b/Sources/SPMTestSupport/MockRegistry.swift
@@ -288,12 +288,10 @@ private struct MockRegistryArchiver: Archiver {
 
     func extract(from archivePath: AbsolutePath, to destinationPath: AbsolutePath, completion: @escaping (Result<Void, Error>) -> Void) {
         do {
-            let content: String = try self.fileSystem.readFileContents(archivePath)
-            let lines = content.split(separator: "\n").map(String.init)
+            let lines = try self.readFileContents(archivePath)
             guard lines.count >= 2 else {
                 throw StringError("invalid mock zip format, not enough lines")
             }
-
             let rootPath = lines[1]
             for path in lines[2..<lines.count] {
                 let relativePath = String(path.dropFirst(rootPath.count + 1))
@@ -308,4 +306,18 @@ private struct MockRegistryArchiver: Archiver {
             completion(.failure(error))
         }
     }
+
+    func validate(path: AbsolutePath, completion: @escaping (Result<Bool, Error>) -> Void) {
+        do {
+            let lines = try self.readFileContents(path)
+            completion(.success(lines.count >= 2))
+        } catch {
+            completion(.failure(error))
+        }
+    }
+
+    private func readFileContents(_ path: AbsolutePath) throws -> [String] {
+        let content: String = try self.fileSystem.readFileContents(path)
+        return content.split(separator: "\n").map(String.init)
+    }
 }
diff --git a/Sources/Workspace/Diagnostics.swift b/Sources/Workspace/Diagnostics.swift
@@ -130,6 +130,10 @@ extension Basics.Diagnostic {
         .warning("dependency '\(packageName)' is missing; retrieving again")
     }
 
+    static func artifactInvalidArchive(artifactURL: Foundation.URL, targetName: String) -> Self {
+        .error("invalid archive returned from '\(artifactURL.absoluteString)' which is required by binary target '\(targetName)'")
+    }
+
     static func artifactChecksumChanged(targetName: String) -> Self {
         .error("artifact of binary target '\(targetName)' has changed checksum; this is a potential security risk so the new artifact won't be downloaded")
     }
@@ -142,6 +146,10 @@ extension Basics.Diagnostic {
         .error("failed downloading '\(artifactURL.absoluteString)' which is required by binary target '\(targetName)': \(reason)")
     }
 
+    static func artifactFailedValidation(artifactURL: Foundation.URL, targetName: String, reason: String) -> Self {
+        .error("failed validating archive from '\(artifactURL.absoluteString)' which is required by binary target '\(targetName)': \(reason)")
+    }
+
     static func artifactFailedExtraction(artifactURL: Foundation.URL, targetName: String, reason: String) -> Self {
         .error("failed extracting '\(artifactURL.absoluteString)' which is required by binary target '\(targetName)': \(reason)")
     }
diff --git a/Sources/Workspace/Workspace.swift b/Sources/Workspace/Workspace.swift
@@ -2539,85 +2539,105 @@ extension Workspace {
                         semaphore.signal()
                     }
 
+                    // TODO: Use the same extraction logic for both remote and local archived artifacts.
                     switch downloadResult {
                     case .success:
-                        guard let archiveChecksum = observabilityScope.trap ({ try self.checksum(forBinaryArtifactAt: archivePath) }) else {
-                            return
-                        }
-                        guard archiveChecksum == artifact.checksum else {
-                            observabilityScope.emit(.artifactInvalidChecksum(targetName: artifact.targetName, expectedChecksum: artifact.checksum, actualChecksum: archiveChecksum))
-                            observabilityScope.trap { try self.fileSystem.removeFileTree(archivePath) }
-                            return
-                        }
 
-                        guard let tempExtractionDirectory = observabilityScope.trap({ () -> AbsolutePath in
-                            let path = self.location.artifactsDirectory.appending(components: "extract", artifact.packageRef.identity.description, artifact.targetName, UUID().uuidString)
-                            try self.fileSystem.forceCreateDirectory(at: path)
-                            return path
-                        }) else {
-                            return
-                        }
-
-                        // TODO: Use the same extraction logic for both remote and local archived artifacts.
                         group.enter()
-                        observabilityScope.emit(debug: "extracting \(archivePath) to \(tempExtractionDirectory)")
-                        self.archiver.extract(from: archivePath, to: tempExtractionDirectory, completion: { extractResult in
+                        observabilityScope.emit(debug: "validating \(archivePath)")
+                        self.archiver.validate(path: archivePath, completion: { validationResult in
                             defer { group.leave() }
 
-                            switch extractResult {
-                            case .success:
-                                var artifactPath: AbsolutePath? = nil
-                                observabilityScope.trap {
-                                    try self.fileSystem.withLock(on: parentDirectory, type: .exclusive) {
-                                        // strip first level component if needed
-                                        if try self.fileSystem.shouldStripFirstLevel(archiveDirectory: tempExtractionDirectory, acceptableExtensions: BinaryTarget.Kind.allCases.map({ $0.fileExtension })) {
-                                            observabilityScope.emit(debug: "stripping first level component from  \(tempExtractionDirectory)")
-                                            try self.fileSystem.stripFirstLevel(of: tempExtractionDirectory)
-                                        } else {
-                                            observabilityScope.emit(debug: "no first level component stripping needed for \(tempExtractionDirectory)")
-                                        }
-                                        let content = try self.fileSystem.getDirectoryContents(tempExtractionDirectory)
-                                        // copy from temp location to actual location
-                                        for file in content {
-                                            let source = tempExtractionDirectory.appending(component: file)
-                                            let destination = parentDirectory.appending(component: file)
-                                            if self.fileSystem.exists(destination) {
-                                                try self.fileSystem.removeFileTree(destination)
-                                            }
-                                            try self.fileSystem.copy(from: source, to: destination)
-                                            if destination.basenameWithoutExt == artifact.targetName {
-                                                artifactPath = destination
-                                            }
-                                        }
-                                    }
-                                    // remove temp location
-                                    try self.fileSystem.removeFileTree(tempExtractionDirectory)
+                            switch validationResult {
+                            case .success(let valid):
+                                guard valid else {
+                                    observabilityScope.emit(.artifactInvalidArchive(artifactURL: artifact.url, targetName: artifact.targetName))
+                                    return
+                                }
+
+                                guard let archiveChecksum = observabilityScope.trap ({ try self.checksum(forBinaryArtifactAt: archivePath) }) else {
+                                    return
+                                }
+                                guard archiveChecksum == artifact.checksum else {
+                                    observabilityScope.emit(.artifactInvalidChecksum(targetName: artifact.targetName, expectedChecksum: artifact.checksum, actualChecksum: archiveChecksum))
+                                    observabilityScope.trap { try self.fileSystem.removeFileTree(archivePath) }
+                                    return
                                 }
 
-                                guard let mainArtifactPath = artifactPath else {
-                                    return observabilityScope.emit(.artifactNotFound(targetName: artifact.targetName, artifactName: artifact.targetName))
+                                guard let tempExtractionDirectory = observabilityScope.trap({ () -> AbsolutePath in
+                                    let path = self.location.artifactsDirectory.appending(components: "extract", artifact.packageRef.identity.description, artifact.targetName, UUID().uuidString)
+                                    try self.fileSystem.forceCreateDirectory(at: path)
+                                    return path
+                                }) else {
+                                    return
                                 }
 
-                                result.append(
-                                    .remote(
-                                        packageRef: artifact.packageRef,
-                                        targetName: artifact.targetName,
-                                        url: artifact.url.absoluteString,
-                                        checksum: artifact.checksum,
-                                        path: mainArtifactPath
-                                    )
-                                )
-                                self.delegate?.didDownloadBinaryArtifact(from: artifact.url.absoluteString, result: .success(mainArtifactPath), duration: downloadStart.distance(to: .now()))
+                                group.enter()
+                                observabilityScope.emit(debug: "extracting \(archivePath) to \(tempExtractionDirectory)")
+                                self.archiver.extract(from: archivePath, to: tempExtractionDirectory, completion: { extractResult in
+                                    defer { group.leave() }
+
+                                    switch extractResult {
+                                    case .success:
+                                        var artifactPath: AbsolutePath? = nil
+                                        observabilityScope.trap {
+                                            try self.fileSystem.withLock(on: parentDirectory, type: .exclusive) {
+                                                // strip first level component if needed
+                                                if try self.fileSystem.shouldStripFirstLevel(archiveDirectory: tempExtractionDirectory, acceptableExtensions: BinaryTarget.Kind.allCases.map({ $0.fileExtension })) {
+                                                    observabilityScope.emit(debug: "stripping first level component from  \(tempExtractionDirectory)")
+                                                    try self.fileSystem.stripFirstLevel(of: tempExtractionDirectory)
+                                                } else {
+                                                    observabilityScope.emit(debug: "no first level component stripping needed for \(tempExtractionDirectory)")
+                                                }
+                                                let content = try self.fileSystem.getDirectoryContents(tempExtractionDirectory)
+                                                // copy from temp location to actual location
+                                                for file in content {
+                                                    let source = tempExtractionDirectory.appending(component: file)
+                                                    let destination = parentDirectory.appending(component: file)
+                                                    if self.fileSystem.exists(destination) {
+                                                        try self.fileSystem.removeFileTree(destination)
+                                                    }
+                                                    try self.fileSystem.copy(from: source, to: destination)
+                                                    if destination.basenameWithoutExt == artifact.targetName {
+                                                        artifactPath = destination
+                                                    }
+                                                }
+                                            }
+                                            // remove temp location
+                                            try self.fileSystem.removeFileTree(tempExtractionDirectory)
+                                        }
+
+                                        guard let mainArtifactPath = artifactPath else {
+                                            return observabilityScope.emit(.artifactNotFound(targetName: artifact.targetName, artifactName: artifact.targetName))
+                                        }
+
+                                        result.append(
+                                            .remote(
+                                                packageRef: artifact.packageRef,
+                                                targetName: artifact.targetName,
+                                                url: artifact.url.absoluteString,
+                                                checksum: artifact.checksum,
+                                                path: mainArtifactPath
+                                            )
+                                        )
+                                        self.delegate?.didDownloadBinaryArtifact(from: artifact.url.absoluteString, result: .success(mainArtifactPath), duration: downloadStart.distance(to: .now()))
+                                    case .failure(let error):
+                                        let reason = (error as? LocalizedError)?.errorDescription ?? "\(error)"
+                                        observabilityScope.emit(.artifactFailedExtraction(artifactURL: artifact.url, targetName: artifact.targetName, reason: reason))
+                                        self.delegate?.didDownloadBinaryArtifact(from: artifact.url.absoluteString, result: .failure(error), duration: downloadStart.distance(to: .now()))
+                                    }
+
+                                    observabilityScope.trap { try self.fileSystem.removeFileTree(archivePath) }
+                                })
                             case .failure(let error):
-                                let reason = (error as? LocalizedError)?.errorDescription ?? error.localizedDescription
-                                observabilityScope.emit(.artifactFailedExtraction(artifactURL: artifact.url, targetName: artifact.targetName, reason: reason))
+                                let reason = (error as? LocalizedError)?.errorDescription ?? "\(error)"
+                                observabilityScope.emit(.artifactFailedValidation(artifactURL: artifact.url, targetName: artifact.targetName, reason: "\(reason)"))
                                 self.delegate?.didDownloadBinaryArtifact(from: artifact.url.absoluteString, result: .failure(error), duration: downloadStart.distance(to: .now()))
                             }
-
-                            observabilityScope.trap { try self.fileSystem.removeFileTree(archivePath) }
                         })
                     case .failure(let error):
-                        observabilityScope.emit(.artifactFailedDownload(artifactURL: artifact.url, targetName: artifact.targetName, reason: "\(error)"))
+                        let reason = (error as? LocalizedError)?.errorDescription ?? "\(error)"
+                        observabilityScope.emit(.artifactFailedDownload(artifactURL: artifact.url, targetName: artifact.targetName, reason: "\(reason)"))
                         self.delegate?.didDownloadBinaryArtifact(from: artifact.url.absoluteString, result: .failure(error), duration: downloadStart.distance(to: .now()))
                     }
                 })
diff --git a/Tests/BasicsTests/ZipArchiverTests.swift b/Tests/BasicsTests/ZipArchiverTests.swift
diff --git a/Tests/WorkspaceTests/WorkspaceTests.swift b/Tests/WorkspaceTests/WorkspaceTests.swift

Original file line number	Diff line number	Diff line change
`@@ -44,9 +44,22 @@ public struct ZipArchiver: Archiver {`
`44`	`44`	`Process.popen(arguments: ["unzip", archivePath.pathString, "-d", destinationPath.pathString], queue: .sharedConcurrent) { result in`
`45`	`45`	`completion(result.tryMap { processResult in`
`46`	`46`	`guard processResult.exitStatus == .terminated(code: 0) else {`
`47`		`- throw try StringError(processResult.utf8stderrOutput())`
	`47`	`+ throw try StringError(processResult.utf8stderrOutput())`
`48`	`48`	`}`
`49`	`49`	`})`
`50`	`50`	`}`
`51`	`51`	`}`
	`52`	`+`
	`53`	`+ public func validate(path: AbsolutePath, completion: @escaping (Result<Bool, Error>) -> Void) {`
	`54`	`+ guard fileSystem.exists(path) else {`
	`55`	`+ completion(.failure(FileSystemError(.noEntry, path)))`
	`56`	`+ return`
	`57`	`+ }`
	`58`	`+`
	`59`	`+ Process.popen(arguments: ["unzip", "-t", path.pathString], queue: .sharedConcurrent) { result in`
	`60`	`+ completion(result.tryMap { processResult in`
	`61`	`+ return processResult.exitStatus == .terminated(code: 0)`
	`62`	`+ })`
	`63`	`+ }`
	`64`	`+ }`
`52`	`65`	`}`
Original file line number	Diff line number	Diff line change
`@@ -130,6 +130,10 @@ extension Basics.Diagnostic {`
`130`	`130`	`.warning("dependency '\(packageName)' is missing; retrieving again")`
`131`	`131`	`}`
`132`	`132`
	`133`	`+ static func artifactInvalidArchive(artifactURL: Foundation.URL, targetName: String) -> Self {`
	`134`	`+ .error("invalid archive returned from '\(artifactURL.absoluteString)' which is required by binary target '\(targetName)'")`
	`135`	`+ }`
	`136`	`+`
`133`	`137`	`static func artifactChecksumChanged(targetName: String) -> Self {`
`134`	`138`	`.error("artifact of binary target '\(targetName)' has changed checksum; this is a potential security risk so the new artifact won't be downloaded")`
`135`	`139`	`}`
`@@ -142,6 +146,10 @@ extension Basics.Diagnostic {`
`142`	`146`	`.error("failed downloading '\(artifactURL.absoluteString)' which is required by binary target '\(targetName)': \(reason)")`
`143`	`147`	`}`
`144`	`148`
	`149`	`+ static func artifactFailedValidation(artifactURL: Foundation.URL, targetName: String, reason: String) -> Self {`
	`150`	`+ .error("failed validating archive from '\(artifactURL.absoluteString)' which is required by binary target '\(targetName)': \(reason)")`
	`151`	`+ }`
	`152`	`+`
`145`	`153`	`static func artifactFailedExtraction(artifactURL: Foundation.URL, targetName: String, reason: String) -> Self {`
`146`	`154`	`.error("failed extracting '\(artifactURL.absoluteString)' which is required by binary target '\(targetName)': \(reason)")`
`147`	`155`	`}`