Skip to content

Commit

Permalink
fix(gradle-inspector): Ignore zero by size artifact archive files
Browse files Browse the repository at this point in the history
Maven artifacts are archive files. A file with zero bytes size never
is a valid archive, so fallback to `RemoteArtifact.EMPTY` in that case.

This fixes one possible root cause of #8116.

Signed-off-by: Frank Viernau <[email protected]>
  • Loading branch information
fviernau committed Feb 19, 2024
1 parent 5ab6f8e commit 769f34d
Showing 1 changed file with 14 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,11 @@ private val GRADLE_USER_HOME = Os.env["GRADLE_USER_HOME"]?.let { File(it) } ?: O
*/
const val OPTION_GRADLE_VERSION = "gradleVersion"

/**
* The sha1 sum for a zero by size file.
*/
private const val ZERO_BYTES_FILE_SHA1 = "da39a3ee5e6b4b0d3255bfef95601890afd80709"

/**
* The [Gradle](https://gradle.org/) package manager for Java.
*
Expand Down Expand Up @@ -353,7 +358,7 @@ private fun Collection<OrtDependency>.toPackageRefs(
* Create a [RemoteArtifact] based on the given [pomUrl], [classifier] and [extension]. The hash value is retrieved
* remotely.
*/
private fun createRemoteArtifact(
private fun GradleInspector.createRemoteArtifact(
pomUrl: String?,
classifier: String? = null,
extension: String? = null
Expand All @@ -371,7 +376,14 @@ private fun createRemoteArtifact(
val checksum = okHttpClient.downloadText("$artifactUrl.$algorithm")
.getOrElse { return RemoteArtifact.EMPTY }

return RemoteArtifact(artifactUrl, parseChecksum(checksum, algorithm))
// Ignore file with zero byte size, because it cannot be a valid archive.
val hash = parseChecksum(checksum, algorithm).takeUnless { it.value == ZERO_BYTES_FILE_SHA1 }
?: run {
logger.info("Ignoring zero byte size artifact: $artifactUrl.")
return RemoteArtifact.EMPTY
}

return RemoteArtifact(artifactUrl, hash)
}

/**
Expand Down

0 comments on commit 769f34d

Please sign in to comment.