From 6849f6662b6444aacfcc8ff8999a8076a9191995 Mon Sep 17 00:00:00 2001 From: Frank Viernau Date: Mon, 19 Feb 2024 11:12:55 +0100 Subject: [PATCH] fix(gradle-inspector): Ignore zero by size artifact archive files Gradle artifacts are archive files. A file with zero bytes size never is a valid archive, so fallback to `RemoteArtifact.EMPTY` in that case. This fixes one possible rot cause of #8116. Signed-off-by: Frank Viernau --- .../src/main/kotlin/GradleInspector.kt | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/plugins/package-managers/gradle-inspector/src/main/kotlin/GradleInspector.kt b/plugins/package-managers/gradle-inspector/src/main/kotlin/GradleInspector.kt index cc8f27352304f..ae1907d6482e6 100644 --- a/plugins/package-managers/gradle-inspector/src/main/kotlin/GradleInspector.kt +++ b/plugins/package-managers/gradle-inspector/src/main/kotlin/GradleInspector.kt @@ -87,6 +87,11 @@ private val GRADLE_USER_HOME = Os.env["GRADLE_USER_HOME"]?.let { File(it) } ?: O */ const val OPTION_GRADLE_VERSION = "gradleVersion" +/** + * The sha1 sum for a zero by size file. + */ +private const val ZERO_BYTES_FILE_SHA1 = "da39a3ee5e6b4b0d3255bfef95601890afd80709" + /** * The [Gradle](https://gradle.org/) package manager for Java. * @@ -371,7 +376,11 @@ private fun createRemoteArtifact( val checksum = okHttpClient.downloadText("$artifactUrl.$algorithm") .getOrElse { return RemoteArtifact.EMPTY } - return RemoteArtifact(artifactUrl, parseChecksum(checksum, algorithm)) + // Ignore file with zero byte size, because it cannot be a valid archive. + val hash = parseChecksum(checksum, algorithm).takeIf { it.value != ZERO_BYTES_FILE_SHA1 } + ?: return RemoteArtifact.EMPTY + + return RemoteArtifact(artifactUrl, hash) } /**