diff options
| author | Stefan Boberg <[email protected]> | 2026-04-16 20:43:08 +0200 |
|---|---|---|
| committer | Stefan Boberg <[email protected]> | 2026-04-16 20:43:08 +0200 |
| commit | 245fca3a35677813061a2320976fa90f33bfb815 (patch) | |
| tree | 4355750a3d47d0f2bf886714f42e2d3515d2e729 /src/zenhttp | |
| parent | Handle POSIX short writes in FileCasStrategy chunk write loop (diff) | |
| download | archived-zen-sb/fixups.tar.xz archived-zen-sb/fixups.zip | |
Validate PayloadAlignment when loading CAS index headersb/fixups
CasContainerStrategy::ReadIndexFile previously accepted any nonzero
PayloadAlignment from the on-disk index header. The value is later
used as the multiplier in BlockStoreDiskLocation::GetOffset
((offset_bits_28) * PayloadAlignment) to translate packed disk
locations into block-file byte offsets.
A corrupt or malformed header with a non-power-of-two or outlandishly
large PayloadAlignment would silently skew every offset computed from
the loaded index, causing reads at wrong positions in block files.
The magic/version/checksum gate most corruption, but this is
defense-in-depth for bit-rot that happens to preserve the checksum,
and matches the power-of-two invariant that is already asserted when
the alignment is set at runtime (line 171).
Require IsPow2(PayloadAlignment) and cap at 4096 (sector-sized),
which covers the 16-byte default and leaves room for future tuning.
Diffstat (limited to 'src/zenhttp')
0 files changed, 0 insertions, 0 deletions