fix: enforce deterministic multihash varints

fixes #117
multiformats · Feb 4, 2020 · ac3d4df · ac3d4df
1 parent e600087
commit ac3d4df
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 26 deletions.
diff --git a/go.mod b/go.mod
@@ -4,6 +4,7 @@ require (
 	github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1
 	github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771
 	github.com/mr-tron/base58 v1.1.3
+	github.com/multiformats/go-varint v0.0.4
 	github.com/spaolacci/murmur3 v1.1.0
 	golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8
 )

diff --git a/go.sum b/go.sum
@@ -2,10 +2,12 @@ github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 h1:lYpkrQH5ajf0
 github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ=
 github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771 h1:MHkK1uRtFbVqvAgvWxafZe54+5uBxLluGylDiKgdhwo=
 github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM=
-github.com/mr-tron/base58 v1.1.2 h1:ZEw4I2EgPKDJ2iEw0cNmLB3ROrEmkOtXIkaG7wZg+78=
-github.com/mr-tron/base58 v1.1.2/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
 github.com/mr-tron/base58 v1.1.3 h1:v+sk57XuaCKGXpWtVBX8YJzO7hMGx4Aajh4TQbdEFdc=
 github.com/mr-tron/base58 v1.1.3/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc=
+github.com/multiformats/go-varint v0.0.3 h1:1OZFaq4XbSNQE6ujqgr6/EIZlgHE7DmojAFsLqAJ26M=
+github.com/multiformats/go-varint v0.0.3/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE=
+github.com/multiformats/go-varint v0.0.4 h1:CplQWhUouUgTZ53vNFE8VoWr2VjaKXci+xyrKyyFuSw=
+github.com/multiformats/go-varint v0.0.4/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE=
 github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI=
 github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=

diff --git a/io.go b/io.go
@@ -1,10 +1,11 @@
 package multihash
 
 import (
-	"encoding/binary"
 	"errors"
 	"io"
 	"math"
+
+	"github.com/multiformats/go-varint"
 )
 
 // Reader is an io.Reader wrapper that exposes a function
@@ -60,28 +61,22 @@ func (r *mhReader) ReadByte() (byte, error) {
 }
 
 func (r *mhReader) ReadMultihash() (Multihash, error) {
-	code, err := binary.ReadUvarint(r)
+	code, err := varint.ReadUvarint(r)
 	if err != nil {
 		return nil, err
 	}
 
-	length, err := binary.ReadUvarint(r)
+	length, err := varint.ReadUvarint(r)
 	if err != nil {
 		return nil, err
 	}
 	if length > math.MaxInt32 {
 		return nil, errors.New("digest too long, supporting only <= 2^31-1")
 	}
 
-	pre := make([]byte, 2*binary.MaxVarintLen64)
-	spot := pre
-	n := binary.PutUvarint(spot, code)
-	spot = pre[n:]
-	n += binary.PutUvarint(spot, length)
-
-	buf := make([]byte, int(length)+n)
-	copy(buf, pre[:n])
-
+	buf := make([]byte, varint.UvarintSize(code)+varint.UvarintSize(length)+int(length))
+	n := varint.PutUvarint(buf, code)
+	n += varint.PutUvarint(buf[n:], length)
 	if _, err := io.ReadFull(r.r, buf[n:]); err != nil {
 		return nil, err
 	}

diff --git a/multihash.go b/multihash.go
@@ -4,13 +4,13 @@
 package multihash
 
 import (
-	"encoding/binary"
 	"encoding/hex"
 	"errors"
 	"fmt"
 	"math"
 
 	b58 "github.com/mr-tron/base58/base58"
+	"github.com/multiformats/go-varint"
 )
 
 // errors
@@ -159,7 +159,10 @@ var DefaultLengths = map[uint64]int{
 }
 
 func uvarint(buf []byte) (uint64, []byte, error) {
-	n, c := binary.Uvarint(buf)
+	n, c, err := varint.FromUvarint(buf)
+	if err != nil {
+		return n, buf, err
+	}
 
 	if c == 0 {
 		return n, buf, ErrVarintBufferShort
@@ -258,18 +261,16 @@ func Decode(buf []byte) (*DecodedMultihash, error) {
 // Encode a hash digest along with the specified function code.
 // Note: the length is derived from the length of the digest itself.
 func Encode(buf []byte, code uint64) ([]byte, error) {
-
 	if !ValidCode(code) {
 		return nil, ErrUnknownCode
 	}
 
-	start := make([]byte, 2*binary.MaxVarintLen64, 2*binary.MaxVarintLen64+len(buf))
-	spot := start
-	n := binary.PutUvarint(spot, code)
-	spot = start[n:]
-	n += binary.PutUvarint(spot, uint64(len(buf)))
+	newBuf := make([]byte, varint.UvarintSize(code)+varint.UvarintSize(uint64(len(buf)))+len(buf))
+	n := varint.PutUvarint(newBuf, code)
+	n += varint.PutUvarint(newBuf[n:], uint64(len(buf)))
 
-	return append(start[:n], buf...), nil
+	copy(newBuf[n:], buf)
+	return newBuf, nil
 }
 
 // EncodeName is like Encode() but providing a string name

diff --git a/multihash_test.go b/multihash_test.go
@@ -7,6 +7,8 @@ import (
 	"fmt"
 	"strings"
 	"testing"
+
+	"github.com/multiformats/go-varint"
 )
 
 // maybe silly, but makes it so changing
@@ -299,13 +301,18 @@ func TestDecodeErrorInvalid(t *testing.T) {
 
 func TestBadVarint(t *testing.T) {
 	_, err := Cast([]byte{129, 128, 128, 128, 128, 128, 128, 128, 128, 128, 129, 1})
-	if err != ErrVarintTooLong {
+	if err != varint.ErrOverflow {
 		t.Error("expected error from varint longer than 64bits, got: ", err)
 	}
-	_, err = Cast([]byte{128, 128, 128})
-	if err != ErrVarintBufferShort {
+	_, err = Cast([]byte{129, 128, 128})
+	if err != varint.ErrUnderflow {
 		t.Error("expected error from cut-off varint, got: ", err)
 	}
+
+	_, err = Cast([]byte{128, 1})
+	if err != varint.ErrNotMinimal {
+		t.Error("expected error non-minimal varint, got: ", err)
+	}
 }
 
 func BenchmarkEncode(b *testing.B) {