diff options
Diffstat (limited to 'tvix/store/src/nar')
| -rw-r--r-- | tvix/store/src/nar/mod.rs | 3 | ||||
| -rw-r--r-- | tvix/store/src/nar/renderer.rs | 11 |
2 files changed, 14 insertions, 0 deletions
diff --git a/tvix/store/src/nar/mod.rs b/tvix/store/src/nar/mod.rs index d7d2cec4d803..a3a8677d92a6 100644 --- a/tvix/store/src/nar/mod.rs +++ b/tvix/store/src/nar/mod.rs @@ -17,6 +17,9 @@ pub enum RenderError { #[error("unable to find blob {}, referred from {}", BASE64.encode(.0), .1)] BlobNotFound(Vec<u8>, String), + #[error("unexpected size in metadata for blob {}, referred from {} returned, expected {}, got {}", BASE64.encode(.0), .1, .2, .3)] + UnexpectedBlobMeta(Vec<u8>, String, u32, u32), + #[error("failure using the NAR writer: {0}")] NARWriterError(std::io::Error), } diff --git a/tvix/store/src/nar/renderer.rs b/tvix/store/src/nar/renderer.rs index d8d9886b315d..94a392d36171 100644 --- a/tvix/store/src/nar/renderer.rs +++ b/tvix/store/src/nar/renderer.rs @@ -76,6 +76,17 @@ impl<BS: BlobService, CS: ChunkService + Clone, DS: DirectoryService> NARRendere return Err(RenderError::BlobNotFound(digest, proto_file_node.name)); } Some(blob_meta) => { + // make sure the blob_meta size matches what we expect from proto_file_node + let blob_meta_size = blob_meta.chunks.iter().fold(0, |acc, e| acc + e.size); + if blob_meta_size != proto_file_node.size { + return Err(RenderError::UnexpectedBlobMeta( + digest, + proto_file_node.name, + proto_file_node.size, + blob_meta_size, + )); + } + let mut blob_reader = std::io::BufReader::new(BlobReader::open( &self.chunk_service, blob_meta, |