add validation of compact binary payloads before reading them (#483)

* add validation of compact binary payloads before reading them

2 files changed, 27 insertions, 19 deletions

diff --git a/src/zenstore/buildstore/buildstore.cpp b/src/zenstore/buildstore/buildstore.cpp
index 1b2cf036b..d65c2bf06 100644
--- a/src/zenstore/buildstore/buildstore.cpp
+++ b/src/zenstore/buildstore/buildstore.cpp
@@ -3,6 +3,7 @@
 #include <zenstore/buildstore/buildstore.h>
 
 #include <zencore/compactbinarybuilder.h>
+#include <zencore/compactbinaryutil.h>
 #include <zencore/compress.h>
 #include <zencore/fmtutils.h>
 #include <zencore/logging.h>
@@ -138,24 +139,33 @@ BuildStore::BuildStore(const BuildStoreConfig& Config, GcManager& Gc, CidStore&
 		{
 			RwLock::ExclusiveLockScope Lock(m_Lock);
 
-			CbObject ManifestReader = LoadCompactBinaryObject(ReadFile(ManifestPath).Flatten());
-			Oid		 ManifestId		= ManifestReader["id"].AsObjectId();
-			uint32_t Version		= ManifestReader["version"].AsUInt32();
-			DateTime CreationDate	= ManifestReader["createdAt"].AsDateTime();
-			ZEN_UNUSED(CreationDate);
-			if (ManifestId == Oid::Zero || Version != blobstore::impl::ManifestVersion)
+			CbValidateError ValidateResult = CbValidateError::None;
+			if (CbObject ManifestReader = ValidateAndReadCompactBinaryObject(ReadFile(ManifestPath).Flatten(), ValidateResult);
+				ValidateResult == CbValidateError::None && ManifestReader)
 			{
-				ZEN_WARN("Invalid manifest at {}, wiping state", ManifestPath);
-				IsNew = true;
+				Oid		 ManifestId	  = ManifestReader["id"].AsObjectId();
+				uint32_t Version	  = ManifestReader["version"].AsUInt32();
+				DateTime CreationDate = ManifestReader["createdAt"].AsDateTime();
+				ZEN_UNUSED(CreationDate);
+				if (ManifestId == Oid::Zero || Version != blobstore::impl::ManifestVersion)
+				{
+					ZEN_WARN("Invalid manifest at {}, wiping state", ManifestPath);
+					IsNew = true;
+				}
+				else
+				{
+					m_BlobLogFlushPosition = ReadPayloadLog(Lock, BlobLogPath, 0);
+					m_MetaLogFlushPosition = ReadMetadataLog(Lock, MetaLogPath, 0);
+					if (IsFile(AccessTimesPath))
+					{
+						ReadAccessTimes(Lock, AccessTimesPath);
+					}
+				}
 			}
 			else
 			{
-				m_BlobLogFlushPosition = ReadPayloadLog(Lock, BlobLogPath, 0);
-				m_MetaLogFlushPosition = ReadMetadataLog(Lock, MetaLogPath, 0);
-				if (IsFile(AccessTimesPath))
-				{
-					ReadAccessTimes(Lock, AccessTimesPath);
-				}
+				ZEN_WARN("Invalid manifest at {} ('{}'), wiping state", ManifestPath, ToString(ValidateResult));
+				IsNew = true;
 			}
 		}
 
diff --git a/src/zenstore/cache/cacherpc.cpp b/src/zenstore/cache/cacherpc.cpp
index 5d9a68919..83301f863 100644
--- a/src/zenstore/cache/cacherpc.cpp
+++ b/src/zenstore/cache/cacherpc.cpp
@@ -190,9 +190,8 @@ CacheRpcHandler::HandleRpcRequest(const CacheRequestContext& Context,
 
 	m_CacheStats.RpcRequests.fetch_add(1);
 
-	CbPackage	 Package;
-	CbObjectView Object;
-	CbObject	 ObjectBuffer;
+	CbPackage Package;
+	CbObject  Object;
 	try
 	{
 		if (ContentType == ZenContentType::kCbObject)
@@ -203,8 +202,7 @@ CacheRpcHandler::HandleRpcRequest(const CacheRequestContext& Context,
 				return RpcResponseCode::BadRequest;
 			}
 
-			ObjectBuffer = LoadCompactBinaryObject(std::move(Body));
-			Object		 = ObjectBuffer;
+			Object = LoadCompactBinaryObject(std::move(Body));
 			if (!Object)
 			{
 				ZEN_WARN("Content format not supported, expected compact binary format");