diff options
| author |  Runxi Yu | 2026-03-03 18:26:57 +0800 |
|---|---|---|
| committer | Runxi Yu | 2026-03-03 18:31:11 +0800 |
| commit | bd9519b464f919f2ca174a45c3c19c9a8a1fe3d1 (patch) | |
| tree | 1bc180ed1a1bdffc13569f552f70bc8b252fbed7 /objectstore | |
| parent | config: Add fuzz, regression tests, and updates (diff) | |
| signature | No signature | |
objectstore/packed: Check pack/idx checksums here.
We previously had helpers in format/pack/checksum that checks
.pack/.idx-related checksums with []byte-based APIs. But it only really
makes sense to use those []byte-based APIs on mmap's (otherwise it'd be
horribly inefficient).
Since the packed object-store only needs to check that the .pack and
.idx trailer match, we move the relevant part into objectstore/packed.
The rest are deleted for now; we'll definitely need a streaming version
for the pack verification (when ingesting packfiles from the network)
(though we might just make it a streaming API (writer? reader? not
decided yet) that *produces* a hash, then verify it in the caller; this
way we could reuse the function in the pack-producing routines). The
others might get the []byte-based APIs back, or perhaps they too get
streaming APIs.
Remember that "reading objects from a packed object store",
"creating/writing packfiles", and "ingesting an incoming pack (which
usually involves creating an .idx for it)", are all very different
tasks.
Diffstat (limited to 'objectstore')
| -rw-r--r-- | objectstore/packed/pack_idx_checksum.go | 30 | ||||
| -rw-r--r-- | objectstore/packed/store.go | 3 |
2 files changed, 31 insertions, 2 deletions
diff --git a/objectstore/packed/pack_idx_checksum.go b/objectstore/packed/pack_idx_checksum.go new file mode 100644 index 00000000..2f55a469 --- /dev/null +++ b/objectstore/packed/pack_idx_checksum.go @@ -0,0 +1,30 @@ +package packed + +import ( + "bytes" + "fmt" + + "codeberg.org/lindenii/furgit/objectid" +) + +// verifyMappedPackMatchesMappedIdx compares one mapped pack trailer hash with +// the pack hash recorded in one mapped idx trailer. +func verifyMappedPackMatchesMappedIdx(packData, idxData []byte, algo objectid.Algorithm) error { + hashSize := algo.Size() + if hashSize <= 0 { + return objectid.ErrInvalidAlgorithm + } + if len(packData) < hashSize { + return fmt.Errorf("objectstore/packed: pack too short for trailer hash") + } + if len(idxData) < hashSize*2 { + return fmt.Errorf("objectstore/packed: idx too short for trailer hashes") + } + + packTrailerHash := packData[len(packData)-hashSize:] + idxPackHash := idxData[len(idxData)-hashSize*2 : len(idxData)-hashSize] + if !bytes.Equal(packTrailerHash, idxPackHash) { + return fmt.Errorf("objectstore/packed: pack hash does not match idx") + } + return nil +} diff --git a/objectstore/packed/store.go b/objectstore/packed/store.go index bb6936ea..abd7175f 100644 --- a/objectstore/packed/store.go +++ b/objectstore/packed/store.go @@ -7,7 +7,6 @@ import ( "os" "sync" - packchecksum "codeberg.org/lindenii/furgit/format/pack/checksum" "codeberg.org/lindenii/furgit/objectid" "codeberg.org/lindenii/furgit/objectstore" ) @@ -195,7 +194,7 @@ func (store *Store) verifyPackMatchesIndexes(pack *packFile) error { if err != nil { return err } - if err := packchecksum.VerifyPackMatchesIdx(pack.data, index.data, store.algo); err != nil { + if err := verifyMappedPackMatchesMappedIdx(pack.data, index.data, store.algo); err != nil { return fmt.Errorf("objectstore/packed: pack %q does not match idx %q: %w", pack.name, index.idxName, err) } return nil |