From 9504015031a7299f22a9827ff0eded74a95c66f8 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 31 Jan 2024 19:03:01 +0200 Subject: feat(tvix/castore/blobsvc): validate StatBlobResponse All chunks must have valid blake3 digests. It is allowed to send an empty list, if no more granular chunking is available. Change-Id: I7ecb53579cdf40fd938bb68a85685751b4d3626f Reviewed-on: https://cl.tvl.fyi/c/depot/+/10726 Tested-by: BuildkiteCI Reviewed-by: Connor Brewster Autosubmit: flokli --- tvix/castore/src/proto/mod.rs | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'tvix/castore/src/proto') diff --git a/tvix/castore/src/proto/mod.rs b/tvix/castore/src/proto/mod.rs index edf042e3dfa6..59f5c1fdf3f6 100644 --- a/tvix/castore/src/proto/mod.rs +++ b/tvix/castore/src/proto/mod.rs @@ -56,6 +56,14 @@ pub enum ValidateNodeError { InvalidSymlinkTarget(Vec), } +/// Errors that occur during StatBlobResponse validation +#[derive(Debug, PartialEq, Eq, thiserror::Error)] +pub enum ValidateStatBlobResponseError { + /// Invalid digest length encountered + #[error("Invalid digest length {0} for chunk #{1}")] + InvalidDigestLen(usize, usize), +} + /// Checks a Node name for validity as an intermediate node. /// We disallow slashes, null bytes, '.', '..' and the empty string. fn validate_node_name(name: &[u8]) -> Result<(), ValidateNodeError> { @@ -299,6 +307,23 @@ impl Directory { } } +impl StatBlobResponse { + /// Validates a StatBlobResponse. All chunks must have valid blake3 digests. + /// It is allowed to send an empty list, if no more granular chunking is + /// available. + pub fn validate(&self) -> Result<(), ValidateStatBlobResponseError> { + for (i, chunk) in self.chunks.iter().enumerate() { + if chunk.digest.len() != blake3::KEY_LEN { + return Err(ValidateStatBlobResponseError::InvalidDigestLen( + chunk.digest.len(), + i, + )); + } + } + Ok(()) + } +} + /// Struct to hold the state of an iterator over all nodes of a Directory. /// /// Internally, this keeps peekable Iterators over all three lists of a -- cgit 1.4.1