refactor(tvix/nar-bridge): panic on inval PathInfo.NarInfo.NarSha256

Bump code.tvl.fyi/tvix/store/protos past cl/9649, where Validate()
already ensures the NarSha256 has the correct size.

Change-Id: I774668822f4d9dbd4dea47dde6e4745dc95e8e7f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9665
Reviewed-by: edef <edef@edef.eu>
Tested-by: BuildkiteCI
This commit is contained in:
Florian Klink 2023-10-11 19:12:10 +02:00 committed by flokli
parent e64e97ee23
commit 1c5bf366be
4 changed files with 6 additions and 9 deletions

View file

@ -6,5 +6,5 @@ pkgs.buildGoModule {
name = "nar-bridge"; name = "nar-bridge";
src = depot.third_party.gitignoreSource ./.; src = depot.third_party.gitignoreSource ./.;
vendorHash = "sha256-gieFaLB3vgoSqCARCe8PZeJE8H2YQ48Fj2h2DBzUXu8="; vendorHash = "sha256-drbjsty1hhVAvn/R/AiVIOPQREzHOB+90VpuM5D5COc=";
} }

View file

@ -2,7 +2,7 @@ module code.tvl.fyi/tvix/nar-bridge
require ( require (
code.tvl.fyi/tvix/castore/protos v0.0.0-20231009220507-d6e0c5ab9bb7 code.tvl.fyi/tvix/castore/protos v0.0.0-20231009220507-d6e0c5ab9bb7
code.tvl.fyi/tvix/store/protos v0.0.0-20231010202247-8ec3506856aa code.tvl.fyi/tvix/store/protos v0.0.0-20231011152908-87506e287a9e
github.com/alecthomas/kong v0.7.1 github.com/alecthomas/kong v0.7.1
github.com/go-chi/chi v1.5.4 github.com/go-chi/chi v1.5.4
github.com/go-chi/chi/v5 v5.0.7 github.com/go-chi/chi/v5 v5.0.7

View file

@ -1,7 +1,7 @@
code.tvl.fyi/tvix/castore/protos v0.0.0-20231009220507-d6e0c5ab9bb7 h1:gX2LWo/QHwGZK2QsDap9Lx1GrKLPX6mfgeNbGK3mwrU= code.tvl.fyi/tvix/castore/protos v0.0.0-20231009220507-d6e0c5ab9bb7 h1:gX2LWo/QHwGZK2QsDap9Lx1GrKLPX6mfgeNbGK3mwrU=
code.tvl.fyi/tvix/castore/protos v0.0.0-20231009220507-d6e0c5ab9bb7/go.mod h1:hj0y8RPthqn1QPj8u2jFe2vzH7NouUoclrwo1/CSbuc= code.tvl.fyi/tvix/castore/protos v0.0.0-20231009220507-d6e0c5ab9bb7/go.mod h1:hj0y8RPthqn1QPj8u2jFe2vzH7NouUoclrwo1/CSbuc=
code.tvl.fyi/tvix/store/protos v0.0.0-20231010202247-8ec3506856aa h1:FwMglyEtXebo5rXgtLkxs+y11UVxAekGboFotdbfHcg= code.tvl.fyi/tvix/store/protos v0.0.0-20231011152908-87506e287a9e h1:6ZIrsMGvJFRHxY9DCXYoQQMNLJE1oK8Danm0ZJhZinM=
code.tvl.fyi/tvix/store/protos v0.0.0-20231010202247-8ec3506856aa/go.mod h1:RmijF3bfElwtZpNkBtW66QEj/jldGNu+W2HlgZro7lw= code.tvl.fyi/tvix/store/protos v0.0.0-20231011152908-87506e287a9e/go.mod h1:RmijF3bfElwtZpNkBtW66QEj/jldGNu+W2HlgZro7lw=
github.com/alecthomas/assert/v2 v2.1.0 h1:tbredtNcQnoSd3QBhQWI7QZ3XHOVkw1Moklp2ojoH/0= github.com/alecthomas/assert/v2 v2.1.0 h1:tbredtNcQnoSd3QBhQWI7QZ3XHOVkw1Moklp2ojoH/0=
github.com/alecthomas/kong v0.7.1 h1:azoTh0IOfwlAX3qN9sHWTxACE2oV8Bg2gAwBsMwDQY4= github.com/alecthomas/kong v0.7.1 h1:azoTh0IOfwlAX3qN9sHWTxACE2oV8Bg2gAwBsMwDQY4=
github.com/alecthomas/kong v0.7.1/go.mod h1:n1iCIO2xS46oE8ZfYCNDqdR0b0wZNrXAIAqro/2132U= github.com/alecthomas/kong v0.7.1/go.mod h1:n1iCIO2xS46oE8ZfYCNDqdR0b0wZNrXAIAqro/2132U=

View file

@ -65,13 +65,10 @@ func renderNarinfo(
return fmt.Errorf("PathInfo doesn't contain Narinfo field") return fmt.Errorf("PathInfo doesn't contain Narinfo field")
} }
// extract the NARHash // extract the NARHash. This must succeed, as Validate() did succeed.
narHash, err := nixhash.FromHashTypeAndDigest(0x12, pathInfo.GetNarinfo().GetNarSha256()) narHash, err := nixhash.FromHashTypeAndDigest(0x12, pathInfo.GetNarinfo().GetNarSha256())
if err != nil { if err != nil {
// TODO: replace with panic once we use cl/9649 panic("must parse NarHash")
log.WithError(err).Error("invalid NarHash in PathInfo")
return fmt.Errorf("invalid NarHash in PathInfo")
} }
// add things to the lookup table, in case the same process didn't handle the NAR hash yet. // add things to the lookup table, in case the same process didn't handle the NAR hash yet.