Skip to content

Commit

Permalink
Fix hash computation when importing NARs greater than 4 GiB
Browse files Browse the repository at this point in the history 
This caused "nix-store --import" to compute an incorrect hash on NARs
that don't fit in an unsigned int. The import would succeed, but
"nix-store --verify-path" or subsequent exports would detect an
incorrect hash.

A deeper issue is that the export/import format does not contain a
hash, so we can't detect such issues early.

Also, I learned that -Wall does not warn about this.
  • Loading branch information
@edolstra
edolstra committed Apr 28, 2017
1 parent 39b08f4 commit 41c4558
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/libutil/hash.cc
View file
Expand Up @@ -224,7 +224,7 @@ static void start(HashType ht, Ctx & ctx)


static void update(HashType ht, Ctx & ctx,
const unsigned char * bytes, unsigned int len)
const unsigned char * bytes, size_t len)
{
if (ht == htMD5) MD5_Update(&ctx.md5, bytes, len);
else if (ht == htSHA1) SHA1_Update(&ctx.sha1, bytes, len);
Expand Down

2 comments on commit 41c4558

@ysangkok
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can use -Wconversion...

@vcunat
Copy link
Member

@vcunat vcunat commented on 41c4558 Apr 30, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, but it's a bit aggressive, leading to loads of warnings in typical bigger projects. It might still be worth it to fix all such cases by explicit casts...

Please sign in to comment.