Detect and disallow base32 hash overflow
Example (before this commit): $ nix-hash --type sha256 --to-base16 4n0igfxbd3kqvvj2k2xgysrp63l4v2gd110fwkk4apfpm0hvzwh0 \ | xargs nix-hash --type sha256 --to-base32 0n0igfxbd3kqvvj2k2xgysrp63l4v2gd110fwkk4apfpm0hvzwh0 It's a real-life example: https://github.com/NixOS/nixpkgs/pull/20208/files#r86695567
This commit is contained in:
parent
eec5409a69
commit
818aad3ec4
1 changed files with 7 additions and 1 deletions
|
@ -165,7 +165,13 @@ Hash parseHash32(HashType ht, const string & s)
|
||||||
unsigned int i = b / 8;
|
unsigned int i = b / 8;
|
||||||
unsigned int j = b % 8;
|
unsigned int j = b % 8;
|
||||||
hash.hash[i] |= digit << j;
|
hash.hash[i] |= digit << j;
|
||||||
if (i < hash.hashSize - 1) hash.hash[i + 1] |= digit >> (8 - j);
|
|
||||||
|
if (i < hash.hashSize - 1) {
|
||||||
|
hash.hash[i + 1] |= digit >> (8 - j);
|
||||||
|
} else {
|
||||||
|
if (digit >> (8 - j))
|
||||||
|
throw BadHash(format("invalid base-32 hash ‘%1%’") % s);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return hash;
|
return hash;
|
||||||
|
|
Loading…
Reference in a new issue