From ac3d4dff6b3ecd6e64a100c94b793a4f101efa1e Mon Sep 17 00:00:00 2001 From: Steven Allen Date: Mon, 3 Feb 2020 19:06:52 -0800 Subject: [PATCH] fix: enforce deterministic multihash varints fixes #117 --- go.mod | 1 + go.sum | 6 ++++-- io.go | 19 +++++++------------ multihash.go | 19 ++++++++++--------- multihash_test.go | 13 ++++++++++--- 5 files changed, 32 insertions(+), 26 deletions(-) diff --git a/go.mod b/go.mod index 61373d3..b8a16f4 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ require ( github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771 github.com/mr-tron/base58 v1.1.3 + github.com/multiformats/go-varint v0.0.4 github.com/spaolacci/murmur3 v1.1.0 golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 ) diff --git a/go.sum b/go.sum index a5a2413..a632362 100644 --- a/go.sum +++ b/go.sum @@ -2,10 +2,12 @@ github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 h1:lYpkrQH5ajf0 github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ= github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771 h1:MHkK1uRtFbVqvAgvWxafZe54+5uBxLluGylDiKgdhwo= github.com/minio/sha256-simd v0.1.1-0.20190913151208-6de447530771/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM= -github.com/mr-tron/base58 v1.1.2 h1:ZEw4I2EgPKDJ2iEw0cNmLB3ROrEmkOtXIkaG7wZg+78= -github.com/mr-tron/base58 v1.1.2/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= github.com/mr-tron/base58 v1.1.3 h1:v+sk57XuaCKGXpWtVBX8YJzO7hMGx4Aajh4TQbdEFdc= github.com/mr-tron/base58 v1.1.3/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= +github.com/multiformats/go-varint v0.0.3 h1:1OZFaq4XbSNQE6ujqgr6/EIZlgHE7DmojAFsLqAJ26M= +github.com/multiformats/go-varint v0.0.3/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE= +github.com/multiformats/go-varint v0.0.4 h1:CplQWhUouUgTZ53vNFE8VoWr2VjaKXci+xyrKyyFuSw= +github.com/multiformats/go-varint v0.0.4/go.mod h1:3Ls8CIEsrijN6+B7PbrXRPxHRPuXSrVKRY101jdMZYE= github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= diff --git a/io.go b/io.go index 4629016..3a31baa 100644 --- a/io.go +++ b/io.go @@ -1,10 +1,11 @@ package multihash import ( - "encoding/binary" "errors" "io" "math" + + "github.com/multiformats/go-varint" ) // Reader is an io.Reader wrapper that exposes a function @@ -60,12 +61,12 @@ func (r *mhReader) ReadByte() (byte, error) { } func (r *mhReader) ReadMultihash() (Multihash, error) { - code, err := binary.ReadUvarint(r) + code, err := varint.ReadUvarint(r) if err != nil { return nil, err } - length, err := binary.ReadUvarint(r) + length, err := varint.ReadUvarint(r) if err != nil { return nil, err } @@ -73,15 +74,9 @@ func (r *mhReader) ReadMultihash() (Multihash, error) { return nil, errors.New("digest too long, supporting only <= 2^31-1") } - pre := make([]byte, 2*binary.MaxVarintLen64) - spot := pre - n := binary.PutUvarint(spot, code) - spot = pre[n:] - n += binary.PutUvarint(spot, length) - - buf := make([]byte, int(length)+n) - copy(buf, pre[:n]) - + buf := make([]byte, varint.UvarintSize(code)+varint.UvarintSize(length)+int(length)) + n := varint.PutUvarint(buf, code) + n += varint.PutUvarint(buf[n:], length) if _, err := io.ReadFull(r.r, buf[n:]); err != nil { return nil, err } diff --git a/multihash.go b/multihash.go index 1aec53f..cd44006 100644 --- a/multihash.go +++ b/multihash.go @@ -4,13 +4,13 @@ package multihash import ( - "encoding/binary" "encoding/hex" "errors" "fmt" "math" b58 "github.com/mr-tron/base58/base58" + "github.com/multiformats/go-varint" ) // errors @@ -159,7 +159,10 @@ var DefaultLengths = map[uint64]int{ } func uvarint(buf []byte) (uint64, []byte, error) { - n, c := binary.Uvarint(buf) + n, c, err := varint.FromUvarint(buf) + if err != nil { + return n, buf, err + } if c == 0 { return n, buf, ErrVarintBufferShort @@ -258,18 +261,16 @@ func Decode(buf []byte) (*DecodedMultihash, error) { // Encode a hash digest along with the specified function code. // Note: the length is derived from the length of the digest itself. func Encode(buf []byte, code uint64) ([]byte, error) { - if !ValidCode(code) { return nil, ErrUnknownCode } - start := make([]byte, 2*binary.MaxVarintLen64, 2*binary.MaxVarintLen64+len(buf)) - spot := start - n := binary.PutUvarint(spot, code) - spot = start[n:] - n += binary.PutUvarint(spot, uint64(len(buf))) + newBuf := make([]byte, varint.UvarintSize(code)+varint.UvarintSize(uint64(len(buf)))+len(buf)) + n := varint.PutUvarint(newBuf, code) + n += varint.PutUvarint(newBuf[n:], uint64(len(buf))) - return append(start[:n], buf...), nil + copy(newBuf[n:], buf) + return newBuf, nil } // EncodeName is like Encode() but providing a string name diff --git a/multihash_test.go b/multihash_test.go index 3d579f9..d008bf6 100644 --- a/multihash_test.go +++ b/multihash_test.go @@ -7,6 +7,8 @@ import ( "fmt" "strings" "testing" + + "github.com/multiformats/go-varint" ) // maybe silly, but makes it so changing @@ -299,13 +301,18 @@ func TestDecodeErrorInvalid(t *testing.T) { func TestBadVarint(t *testing.T) { _, err := Cast([]byte{129, 128, 128, 128, 128, 128, 128, 128, 128, 128, 129, 1}) - if err != ErrVarintTooLong { + if err != varint.ErrOverflow { t.Error("expected error from varint longer than 64bits, got: ", err) } - _, err = Cast([]byte{128, 128, 128}) - if err != ErrVarintBufferShort { + _, err = Cast([]byte{129, 128, 128}) + if err != varint.ErrUnderflow { t.Error("expected error from cut-off varint, got: ", err) } + + _, err = Cast([]byte{128, 1}) + if err != varint.ErrNotMinimal { + t.Error("expected error non-minimal varint, got: ", err) + } } func BenchmarkEncode(b *testing.B) {