ONIMAI-SMP/ShatteredPrism
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

Merge pull request #2751 from Ryex/security/modrith-hash-priority

Browse Source 
Prefer stronger hashes from Modrinth
This commit is contained in:
ZekeZ 2024-08-25 13:53:04 +10:00 committed by GitHub
commit 1bb7f35ddb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
launcher/modplatform/modrinth/ModrinthInstanceCreationTask.cpp
View File

@ -348,14 +348,14 @@ bool ModrinthCreationTask::parseManifest(const QString& index_path,
QJsonObject hashes = Json::requireObject(modInfo, "hashes"); QJsonObject hashes = Json::requireObject(modInfo, "hashes");
QString hash; QString hash;
QCryptographicHash::Algorithm hashAlgorithm; QCryptographicHash::Algorithm hashAlgorithm;
hash = Json::ensureString(hashes, "sha1");
hashAlgorithm = QCryptographicHash::Sha1;
if (hash.isEmpty()) {
hash = Json::ensureString(hashes, "sha512"); hash = Json::ensureString(hashes, "sha512");
hashAlgorithm = QCryptographicHash::Sha512; hashAlgorithm = QCryptographicHash::Sha512;
if (hash.isEmpty()) { if (hash.isEmpty()) {
hash = Json::ensureString(hashes, "sha256"); hash = Json::ensureString(hashes, "sha256");
hashAlgorithm = QCryptographicHash::Sha256; hashAlgorithm = QCryptographicHash::Sha256;
if (hash.isEmpty()) {
hash = Json::ensureString(hashes, "sha1");
hashAlgorithm = QCryptographicHash::Sha1;
if (hash.isEmpty()) { if (hash.isEmpty()) {
throw JSONValidationError("No hash found for: " + file.path); throw JSONValidationError("No hash found for: " + file.path);
} }