maurice/snix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(tvix/store/protos): validate NarSha256

Browse source 
Change-Id: I016d1b020b04850f0dca68c2ea96643230dada10
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9649
Reviewed-by: Brian McGee <brian@bmcgee.ie>
Tested-by: BuildkiteCI
This commit is contained in:
Florian Klink 2023-10-11 13:08:29 +02:00 committed by flokli
parent 6dab608198
commit 8ced43f3c7
2 changed files with 17 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tvix/store/protos/pathinfo.go
View file

@ -2,6 +2,7 @@ package storev1
import (
"bytes"
"crypto/sha256"
"encoding/base64"
"fmt"
@ -20,6 +21,11 @@ func (p *PathInfo) Validate() (*storepath.StorePath, error) {
// If there's a Narinfo field populated..
if narInfo := p.GetNarinfo(); narInfo != nil {
// ensure the NarSha256 digest has the correct length.
if len(narInfo.GetNarSha256()) != sha256.Size {
return nil, fmt.Errorf("invalid number of bytes for NarSha256: expected %d, got %d", sha256.Size, len(narInfo.GetNarSha256()))
}
// ensure the number of references matches len(References).
if len(narInfo.GetReferenceNames()) != len(p.GetReferences()) {
return nil, fmt.Errorf("inconsistent number of references: %d (references) vs %d (narinfo)", len(narInfo.GetReferenceNames()), len(p.GetReferences()))