Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix overflow when verifying signatures of content addressable paths #2452

Merged
merged 2 commits into from Oct 8, 2018

Conversation

ElvishJerricco
Copy link
Contributor

@ElvishJerricco ElvishJerricco commented Sep 26, 2018

Fixes #2451

@ElvishJerricco
Copy link
Contributor Author

I suppose I should add a test for this.

@ElvishJerricco
Copy link
Contributor Author

I just added a test that --sigs-needed 1000 works on signed content-addressed paths.

@edolstra
Copy link
Member

Actually we can just stop verifying sigs when we know that it's a content-addressable path, i.e. change

if (info2->isContentAddressed(*store)) validSigs = ValidPathInfo::maxSigs;
doSigs(info2->sigs);

to

if (info2->isContentAddressed(*store)) 
  validSigs = ValidPathInfo::maxSigs;
else
  doSigs(info2->sigs);

@ElvishJerricco
Copy link
Contributor Author

ElvishJerricco commented Sep 26, 2018

@edolstra I considered adding || info->isContentAddressed(*store) to this if statement:

nix/src/nix/verify.cc

Lines 110 to 111 in b7091ce

if (info->ultimate && !sigsNeeded)
good = true;

But I figured there might be a reason that we also ask substituters whether their info is content addressed. Like maybe somehow someone's metadata is screwed up and dropped the fact that the path is content addressed.

@ElvishJerricco
Copy link
Contributor Author

@edolstra Is that reason to keep the changes as is, or would you rather just call the path good if it's content-addressed?

@ElvishJerricco
Copy link
Contributor Author

@edolstra ping.

@edolstra edolstra merged commit 01bd66b into NixOS:master Oct 8, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants