FbIN/android-foss
1
0
Fork 0
mirror of https://github.com/offa/android-foss.git synced 2026-04-20 04:06:19 +05:30
Code Issues Projects Releases Packages Wiki Activity

fix(security): potential indexerror when parsing malformed readme (#632)

Browse source 
If a line starting with `*` (app entry) appears before any category header (`### •` or `## –`), `categories[-1]` will raise an `IndexError` because the `categories` list will be empty. A malformed or tampered README.md could cause the CI script to crash with an unhandled exception.

Affected files: ensure_sorted.py

Signed-off-by: Trần Bách <45133811+barttran2k@users.noreply.github.com>
This commit is contained in:
Trần Bách 2026-04-08 01:15:24 +07:00 committed by GitHub
commit bfb7d0d758
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
ensure_sorted.py
View file

@ -79,6 +79,8 @@ def main():
categories.append(category)
# This is an app
elif lines[i].startswith("*"):
if not categories:
raise RuntimeError("App entry found before any category header")
# The last category in the categories list is the one we're working on
category = categories[-1]
category.add_app(lines[i])