feat(tvix/store): validate blob size in NARRenderer r/5917

Make sure the blob size in the current proto node matches what we get
back from the blob backend.

Change-Id: I939fa18f37c7bc86ada8a495c7be622e69ec47f8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8129
Tested-by: BuildkiteCI
Reviewed-by: raitobezarius <tvl@lahfa.xyz>

1 files changed, 11 insertions, 0 deletions

diff --git a/tvix/store/src/nar/renderer.rs b/tvix/store/src/nar/renderer.rs
index d8d9886b31..94a392d361 100644
--- a/tvix/store/src/nar/renderer.rs
+++ b/tvix/store/src/nar/renderer.rs
@@ -76,6 +76,17 @@ impl<BS: BlobService, CS: ChunkService + Clone, DS: DirectoryService> NARRendere
                         return Err(RenderError::BlobNotFound(digest, proto_file_node.name));
                     }
                     Some(blob_meta) => {
+                        // make sure the blob_meta size matches what we expect from proto_file_node
+                        let blob_meta_size = blob_meta.chunks.iter().fold(0, |acc, e| acc + e.size);
+                        if blob_meta_size != proto_file_node.size {
+                            return Err(RenderError::UnexpectedBlobMeta(
+                                digest,
+                                proto_file_node.name,
+                                proto_file_node.size,
+                                blob_meta_size,
+                            ));
+                        }
+
                         let mut blob_reader = std::io::BufReader::new(BlobReader::open(
                             &self.chunk_service,
                             blob_meta,