From fa4b413c025728e266f9ff214846cf22bdbaed91 Mon Sep 17 00:00:00 2001 From: "Owen W. Taylor" Date: Tue, 16 Jun 2026 14:23:58 -0400 Subject: [PATCH] Make mandatory properties from OCI specifications mandatory Mark all properties required by the OCI specification as required; this eliminates a bunch of cases where we were assuming that descriptor->digest was non-NULL, and potentially generating critical errors from g_return_if_fail(). --- common/flatpak-json-oci.c | 19 +++++++++++++------ common/flatpak-json-private.h | 6 ++++++ 2 files changed, 19 insertions(+), 6 deletions(-) diff --git a/common/flatpak-json-oci.c b/common/flatpak-json-oci.c index f79212c7f..aa89a03b4 100644 --- a/common/flatpak-json-oci.c +++ b/common/flatpak-json-oci.c @@ -88,9 +88,9 @@ flatpak_oci_descriptor_free (FlatpakOciDescriptor *self) } static FlatpakJsonProp flatpak_oci_descriptor_props[] = { - FLATPAK_JSON_STRING_PROP (FlatpakOciDescriptor, mediatype, "mediaType"), - FLATPAK_JSON_STRING_PROP (FlatpakOciDescriptor, digest, "digest"), - FLATPAK_JSON_INT64_PROP (FlatpakOciDescriptor, size, "size"), + FLATPAK_JSON_MANDATORY_STRING_PROP (FlatpakOciDescriptor, mediatype, "mediaType"), + FLATPAK_JSON_MANDATORY_STRING_PROP (FlatpakOciDescriptor, digest, "digest"), + FLATPAK_JSON_MANDATORY_INT64_PROP (FlatpakOciDescriptor, size, "size"), FLATPAK_JSON_STRV_PROP (FlatpakOciDescriptor, urls, "urls"), FLATPAK_JSON_STRMAP_PROP (FlatpakOciDescriptor, annotations, "annotations"), FLATPAK_JSON_LAST_PROP @@ -127,6 +127,10 @@ flatpak_oci_manifest_descriptor_free (FlatpakOciManifestDescriptor *self) g_free (self); } +/* Note that according to the OCI image spec, architecture and os are mandatory + * elements of the `platform` object - but the platform object is itself optional, + * so we leave them marked optional here to avoid confusion. + */ static FlatpakJsonProp flatpak_oci_manifest_platform_props[] = { FLATPAK_JSON_STRING_PROP (FlatpakOciManifestPlatform, architecture, "architecture"), FLATPAK_JSON_STRING_PROP (FlatpakOciManifestPlatform, os, "os"), @@ -276,8 +280,11 @@ flatpak_oci_manifest_class_init (FlatpakOciManifestClass *klass) GObjectClass *object_class = G_OBJECT_CLASS (klass); FlatpakJsonClass *json_class = FLATPAK_JSON_CLASS (klass); static FlatpakJsonProp props[] = { - FLATPAK_JSON_STRUCT_PROP (FlatpakOciManifest, config, "config", flatpak_oci_descriptor_props), - FLATPAK_JSON_STRUCTV_PROP (FlatpakOciManifest, layers, "layers", flatpak_oci_descriptor_props), + FLATPAK_JSON_MANDATORY_STRUCT_PROP (FlatpakOciManifest, config, "config", flatpak_oci_descriptor_props), + /* Not marked as REQUIRED in the OCI spec, but also not marked OPTIONAL. A manifest + * without layers, is in any case, useless to us. + */ + FLATPAK_JSON_MANDATORY_STRUCTV_PROP (FlatpakOciManifest, layers, "layers", flatpak_oci_descriptor_props), FLATPAK_JSON_STRMAP_PROP (FlatpakOciManifest, annotations, "annotations"), FLATPAK_JSON_LAST_PROP }; @@ -433,7 +440,7 @@ flatpak_oci_index_class_init (FlatpakOciIndexClass *klass) GObjectClass *object_class = G_OBJECT_CLASS (klass); FlatpakJsonClass *json_class = FLATPAK_JSON_CLASS (klass); static FlatpakJsonProp props[] = { - FLATPAK_JSON_STRUCTV_PROP (FlatpakOciIndex, manifests, "manifests", flatpak_oci_manifest_descriptor_props), + FLATPAK_JSON_MANDATORY_STRUCTV_PROP (FlatpakOciIndex, manifests, "manifests", flatpak_oci_manifest_descriptor_props), FLATPAK_JSON_STRMAP_PROP (FlatpakOciIndex, annotations, "annotations"), FLATPAK_JSON_LAST_PROP }; diff --git a/common/flatpak-json-private.h b/common/flatpak-json-private.h index 75fa607e1..9f000d712 100644 --- a/common/flatpak-json-private.h +++ b/common/flatpak-json-private.h @@ -65,6 +65,8 @@ struct _FlatpakJsonProp { _name, G_STRUCT_OFFSET (_struct, _field), FLATPAK_JSON_PROP_TYPE_STRING, 0, 0, FLATPAK_JSON_PROP_FLAGS_MANDATORY } #define FLATPAK_JSON_INT64_PROP(_struct, _field, _name) \ { _name, G_STRUCT_OFFSET (_struct, _field), FLATPAK_JSON_PROP_TYPE_INT64 } +#define FLATPAK_JSON_MANDATORY_INT64_PROP(_struct, _field, _name) \ + { _name, G_STRUCT_OFFSET (_struct, _field), FLATPAK_JSON_PROP_TYPE_INT64, 0, 0, FLATPAK_JSON_PROP_FLAGS_MANDATORY } #define FLATPAK_JSON_BOOL_PROP(_struct, _field, _name) \ { _name, G_STRUCT_OFFSET (_struct, _field), FLATPAK_JSON_PROP_TYPE_BOOL } #define FLATPAK_JSON_STRV_PROP(_struct, _field, _name) \ @@ -77,6 +79,10 @@ struct _FlatpakJsonProp { _name, G_STRUCT_OFFSET (_struct, _field), FLATPAK_JSON_PROP_TYPE_BOOLMAP } #define FLATPAK_JSON_STRUCT_PROP(_struct, _field, _name, _props) \ { _name, G_STRUCT_OFFSET (_struct, _field), FLATPAK_JSON_PROP_TYPE_STRUCT, (gpointer) _props} +/* MANDATORY_STRUCT_PROP is one that must be present when demarshalling */ +#define FLATPAK_JSON_MANDATORY_STRUCT_PROP(_struct, _field, _name, _props) \ + { _name, G_STRUCT_OFFSET (_struct, _field), FLATPAK_JSON_PROP_TYPE_STRUCT, (gpointer) _props, 0, FLATPAK_JSON_PROP_FLAGS_MANDATORY} +/* OPT_STRUCT_PROP is one that is not emitted into the result when marshalling if it would be empty */ #define FLATPAK_JSON_OPT_STRUCT_PROP(_struct, _field, _name, _props) \ { _name, G_STRUCT_OFFSET (_struct, _field), FLATPAK_JSON_PROP_TYPE_STRUCT, (gpointer) _props, 0, FLATPAK_JSON_PROP_FLAGS_OPTIONAL} #define FLATPAK_JSON_STRICT_STRUCT_PROP(_struct, _field, _name, _props) \