From 1c5bf366be915fd91c3d87f9b779f394505214a8 Mon Sep 17 00:00:00 2001 From: Florian Klink Date: Wed, 11 Oct 2023 19:12:10 +0200 Subject: refactor(tvix/nar-bridge): panic on inval PathInfo.NarInfo.NarSha256 Bump code.tvl.fyi/tvix/store/protos past cl/9649, where Validate() already ensures the NarSha256 has the correct size. Change-Id: I774668822f4d9dbd4dea47dde6e4745dc95e8e7f Reviewed-on: https://cl.tvl.fyi/c/depot/+/9665 Reviewed-by: edef Tested-by: BuildkiteCI --- tvix/nar-bridge/default.nix | 2 +- tvix/nar-bridge/go.mod | 2 +- tvix/nar-bridge/go.sum | 4 ++-- tvix/nar-bridge/pkg/http/narinfo_get.go | 7 ++----- 4 files changed, 6 insertions(+), 9 deletions(-) (limited to 'tvix') diff --git a/tvix/nar-bridge/default.nix b/tvix/nar-bridge/default.nix index db31bd8657..0c7d1c6089 100644 --- a/tvix/nar-bridge/default.nix +++ b/tvix/nar-bridge/default.nix @@ -6,5 +6,5 @@ pkgs.buildGoModule { name = "nar-bridge"; src = depot.third_party.gitignoreSource ./.; - vendorHash = "sha256-gieFaLB3vgoSqCARCe8PZeJE8H2YQ48Fj2h2DBzUXu8="; + vendorHash = "sha256-drbjsty1hhVAvn/R/AiVIOPQREzHOB+90VpuM5D5COc="; } diff --git a/tvix/nar-bridge/go.mod b/tvix/nar-bridge/go.mod index dbf1208761..8a845c909d 100644 --- a/tvix/nar-bridge/go.mod +++ b/tvix/nar-bridge/go.mod @@ -2,7 +2,7 @@ module code.tvl.fyi/tvix/nar-bridge require ( code.tvl.fyi/tvix/castore/protos v0.0.0-20231009220507-d6e0c5ab9bb7 - code.tvl.fyi/tvix/store/protos v0.0.0-20231010202247-8ec3506856aa + code.tvl.fyi/tvix/store/protos v0.0.0-20231011152908-87506e287a9e github.com/alecthomas/kong v0.7.1 github.com/go-chi/chi v1.5.4 github.com/go-chi/chi/v5 v5.0.7 diff --git a/tvix/nar-bridge/go.sum b/tvix/nar-bridge/go.sum index f237b4dcdb..091a328f92 100644 --- a/tvix/nar-bridge/go.sum +++ b/tvix/nar-bridge/go.sum @@ -1,7 +1,7 @@ code.tvl.fyi/tvix/castore/protos v0.0.0-20231009220507-d6e0c5ab9bb7 h1:gX2LWo/QHwGZK2QsDap9Lx1GrKLPX6mfgeNbGK3mwrU= code.tvl.fyi/tvix/castore/protos v0.0.0-20231009220507-d6e0c5ab9bb7/go.mod h1:hj0y8RPthqn1QPj8u2jFe2vzH7NouUoclrwo1/CSbuc= -code.tvl.fyi/tvix/store/protos v0.0.0-20231010202247-8ec3506856aa h1:FwMglyEtXebo5rXgtLkxs+y11UVxAekGboFotdbfHcg= -code.tvl.fyi/tvix/store/protos v0.0.0-20231010202247-8ec3506856aa/go.mod h1:RmijF3bfElwtZpNkBtW66QEj/jldGNu+W2HlgZro7lw= +code.tvl.fyi/tvix/store/protos v0.0.0-20231011152908-87506e287a9e h1:6ZIrsMGvJFRHxY9DCXYoQQMNLJE1oK8Danm0ZJhZinM= +code.tvl.fyi/tvix/store/protos v0.0.0-20231011152908-87506e287a9e/go.mod h1:RmijF3bfElwtZpNkBtW66QEj/jldGNu+W2HlgZro7lw= github.com/alecthomas/assert/v2 v2.1.0 h1:tbredtNcQnoSd3QBhQWI7QZ3XHOVkw1Moklp2ojoH/0= github.com/alecthomas/kong v0.7.1 h1:azoTh0IOfwlAX3qN9sHWTxACE2oV8Bg2gAwBsMwDQY4= github.com/alecthomas/kong v0.7.1/go.mod h1:n1iCIO2xS46oE8ZfYCNDqdR0b0wZNrXAIAqro/2132U= diff --git a/tvix/nar-bridge/pkg/http/narinfo_get.go b/tvix/nar-bridge/pkg/http/narinfo_get.go index acb80c7390..b3ee01fab5 100644 --- a/tvix/nar-bridge/pkg/http/narinfo_get.go +++ b/tvix/nar-bridge/pkg/http/narinfo_get.go @@ -65,13 +65,10 @@ func renderNarinfo( return fmt.Errorf("PathInfo doesn't contain Narinfo field") } - // extract the NARHash + // extract the NARHash. This must succeed, as Validate() did succeed. narHash, err := nixhash.FromHashTypeAndDigest(0x12, pathInfo.GetNarinfo().GetNarSha256()) if err != nil { - // TODO: replace with panic once we use cl/9649 - - log.WithError(err).Error("invalid NarHash in PathInfo") - return fmt.Errorf("invalid NarHash in PathInfo") + panic("must parse NarHash") } // add things to the lookup table, in case the same process didn't handle the NAR hash yet. -- cgit 1.4.1