Comments (5)
vmx
commented on June 12, 2024
1
Thanks @mriise for a fix and @hummingly for being patient and explaining things in even more depths. It's funny that I even opened an issue about it and didn't recall.
from rust-multihash.
mriise
commented on June 12, 2024
1
quick note for transparency, this was a bit more broken than this issue mentions, since the digest returned by blake3 was only 32 bytes, anything bigger would've been filled with 0s
...fun
from rust-multihash.
vmx
commented on June 12, 2024
I don't think it would panic, but I might miss something.
So let's say S is 16 and digest_bytes.len() is 32. Then digest_bytes.len().max(S) would be 32.
So Blake3Hasher.finalize() makes sure that the returned value has at least S bytes, but maybe more. Then later, when the hash is used (that mostly happens in the multihash-derive crate), the result goes through Multihash::wrap(), which will error (not panic) in case the has is too long:
rust-multihash/src/multihash.rs
Lines 102 to 104 in f1d20e9
from rust-multihash.
hummingly
commented on June 12, 2024
My code looks like that where DIGEST_SIZE is 32 right now.
pub struct ContentHasher(Blake3Hasher<DIGEST_SIZE>);
impl ContentHasher {
pub fn new() -> ContentHasher {
ContentHasher(Blake3Hasher::default())
}
pub fn write(&mut self, input: &[u8]) {
self.0.update(input);
}
pub fn finish(&mut self) -> ContentHash {
let hash = multihash::Code::Blake3_256.wrap(self.0.finalize()).unwrap();
hash.resize::<DIGEST_SIZE>().unwrap()
}
pub fn reset(&mut self) {
self.0.reset();
}
}However, if I were to set it to something smaller than the default digest size (32), it will panic. The reason is an out of bounds indexing error due the array digest in the Blake3Hasher struct as I explained in the previous comment.
rust-multihash/src/hasher_impl.rs
Lines 100 to 103 in f1d20e9
So Blake3Hasher.finalize() makes sure that the returned value has at least S bytes, but maybe more. Then later, when the hash is used (that mostly happens in the multihash-derive crate), the result goes through Multihash::wrap(), which will error (not panic) in case the has is too long:
It is the other way around. The length will always be S or smaller because Blake3Hasher.finalize() returns a slice to the array digest in Blake3Hasher.
Do you consider it a user error to use an S smaller than the default size of the hash?
from rust-multihash.
mriise
commented on June 12, 2024
Blake3Hasher was originally intended to be flexible like this, but some implementation details had kept me away at the time but has since been fixed. see #130
The Code table being generic over Blake Digest sizes is still something to be solved, either through more proc macro magic or new const generic things.
from rust-multihash.
Related Issues (20)
- Implement ripemd160 HOT 3
- CI tries to run `fmt` with unstable feature and will always fail HOT 2
- Nix build is currently broken HOT 3
- Maintain a CHANGELOG.md HOT 3
- Let's make fewer breaking changes HOT 14
- Replace or Upgrade Tarpaulin Code Coverage HOT 2
- Split crate into `multihash`, `multihash-codetable` and `multihash-derive` HOT 5
- Tracking issue: Polish and stabilize the API HOT 5
- Use `sha1` dependency instead of `sha-1`
- Unsafe unwrap could cause an application to panic HOT 12
- Consider removing `MultihashDigest` and `Hasher` traits
- Write docs for transition to new crate structure HOT 6
- Parity Codec bumps MSRV to `1.64.0` HOT 4
- Add `cargo semver-checks` to CI to ensure we don't break the API accidentially HOT 1
- Add Sha3 SHAKE* HOT 12
- Only enforce MSRV if no features are activated
- Release 0.19 HOT 8
- multihash const constructors unusable HOT 5
- Redesign multihash::Error
- regression serde feature does not work with no-std
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-multihash.