highperfocused/ollama
1
0
Fork 0
mirror of https://github.com/ollama/ollama.git synced 2025-08-04 06:03:18 +02:00
Code Issues Packages Projects Releases Wiki Activity

validate the format of the digest when getting the model path (#4175)

Browse Source
This commit is contained in:
Patrick Devine
2024-05-05 11:46:12 -07:00
committed by GitHub
parent 026869915f
commit 2a21363bb7
2 changed files with 84 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
server/modelpath.go
View File

@@ -6,6 +6,7 @@ import (
"net/url"
"os"
"path/filepath"
"regexp"
"strings"
)
@@ -25,9 +26,10 @@ const (
)
var (
ErrInvalidImageFormat = errors.New("invalid image format")
ErrInvalidProtocol = errors.New("invalid protocol scheme")
ErrInsecureProtocol = errors.New("insecure protocol http")
ErrInvalidImageFormat = errors.New("invalid image format")
ErrInvalidProtocol = errors.New("invalid protocol scheme")
ErrInsecureProtocol = errors.New("insecure protocol http")
ErrInvalidDigestFormat = errors.New("invalid digest format")
)
func ParseModelPath(name string) ModelPath {
@@ -149,6 +151,17 @@ func GetBlobsPath(digest string) (string, error) {
return "", err
}
// only accept actual sha256 digests
pattern := "^sha256[:-][0-9a-fA-F]{64}$"
re := regexp.MustCompile(pattern)
if err != nil {
return "", err
}
if digest != "" && !re.MatchString(digest) {
return "", ErrInvalidDigestFormat
}
digest = strings.ReplaceAll(digest, ":", "-")
path := filepath.Join(dir, "blobs", digest)
dirPath := filepath.Dir(path)