From 6305ea6ad24ac26fc08163f8dad9466464be9dfd Mon Sep 17 00:00:00 2001
From: Robert Hensing <robert@roberthensing.nl>
Date: Fri, 25 Aug 2023 17:18:37 +0200
Subject: [PATCH] pathExists: isDir when endswith /

Fixes https://github.com/NixOS/nix/issues/8838

(cherry picked from commit 1e08e12d8138b09e6872cb498b723ade9ad71d68)
---
 src/libexpr/primops.cc              | 16 +++++++++++++---
 tests/lang/eval-okay-pathexists.nix |  1 +
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/src/libexpr/primops.cc b/src/libexpr/primops.cc
index 42efca4e7..eb351d43a 100644
--- a/src/libexpr/primops.cc
+++ b/src/libexpr/primops.cc
@@ -1508,15 +1508,25 @@ static RegisterPrimOp primop_storePath({
 
 static void prim_pathExists(EvalState & state, const PosIdx pos, Value * * args, Value & v)
 {
+    auto & arg = *args[0];
+
     /* We don’t check the path right now, because we don’t want to
        throw if the path isn’t allowed, but just return false (and we
        can’t just catch the exception here because we still want to
-       throw if something in the evaluation of `*args[0]` tries to
+       throw if something in the evaluation of `arg` tries to
        access an unauthorized path). */
-    auto path = realisePath(state, pos, *args[0], { .checkForPureEval = false });
+    auto path = realisePath(state, pos, arg, { .checkForPureEval = false });
+
+    /* SourcePath doesn't know about trailing slash. */
+    auto mustBeDir = arg.type() == nString && arg.str().ends_with("/");
 
     try {
-        v.mkBool(state.checkSourcePath(path).pathExists());
+        auto checked = state.checkSourcePath(path);
+        auto exists = checked.pathExists();
+        if (exists && mustBeDir) {
+            exists = checked.lstat().type == InputAccessor::tDirectory;
+        }
+        v.mkBool(exists);
     } catch (SysError & e) {
         /* Don't give away info from errors while canonicalising
            ‘path’ in restricted mode. */
diff --git a/tests/lang/eval-okay-pathexists.nix b/tests/lang/eval-okay-pathexists.nix
index 8eae37e70..e1246e370 100644
--- a/tests/lang/eval-okay-pathexists.nix
+++ b/tests/lang/eval-okay-pathexists.nix
@@ -1,6 +1,7 @@
 builtins.pathExists (./lib.nix)
 && builtins.pathExists (builtins.toPath ./lib.nix)
 && builtins.pathExists (builtins.toString ./lib.nix)
+&& !builtins.pathExists (builtins.toString ./lib.nix + "/")
 && builtins.pathExists (builtins.toPath (builtins.toString ./lib.nix))
 && !builtins.pathExists (builtins.toPath (builtins.toString ./bla.nix))
 && builtins.pathExists ./lib.nix