From 7905fcd4faaad12d846b803d9eb5ed538def1610 Mon Sep 17 00:00:00 2001 From: Dan Engelbrecht Date: Mon, 4 Aug 2025 17:06:47 +0200 Subject: add hardening for legacy cache bucket manifests (#454) --- src/zenstore/cache/cachedisklayer.cpp | 51 +++++++++++++++++++++++++++-------- 1 file changed, 40 insertions(+), 11 deletions(-) (limited to 'src/zenstore/cache/cachedisklayer.cpp') diff --git a/src/zenstore/cache/cachedisklayer.cpp b/src/zenstore/cache/cachedisklayer.cpp index 15a1c9650..a5cab885f 100644 --- a/src/zenstore/cache/cachedisklayer.cpp +++ b/src/zenstore/cache/cachedisklayer.cpp @@ -348,11 +348,20 @@ BucketManifestSerializer::ParseManifest(RwLock::ExclusiveLockScope& Buck Stopwatch Timer; const auto _ = MakeGuard([&] { ZEN_INFO("parsed store manifest '{}' in {}", ManifestPath, NiceTimeSpanMs(Timer.GetElapsedTimeMs())); }); - const uint64_t Count = Manifest["Count"sv].AsUInt64(0); + const uint64_t Count = Manifest["Count"sv].AsUInt64(0); + CbArrayView KeyArray = Manifest["Keys"sv].AsArrayView(); + if (KeyArray.Num() != Count) + { + ZEN_WARN("Mismatch in size between 'Keys' ({}) array size and 'Count' ({}) in {}, skipping metadata", + KeyArray.Num(), + Count, + ManifestPath); + return; + } + std::vector KeysIndexes; KeysIndexes.reserve(Count); - CbArrayView KeyArray = Manifest["Keys"sv].AsArrayView(); for (CbFieldView& KeyView : KeyArray) { if (auto It = Index.find(KeyView.AsHash()); It != Index.end()) @@ -367,19 +376,43 @@ BucketManifestSerializer::ParseManifest(RwLock::ExclusiveLockScope& Buck size_t KeyIndexOffset = 0; CbArrayView TimeStampArray = Manifest["Timestamps"].AsArrayView(); - for (CbFieldView& TimeStampView : TimeStampArray) + if (KeysIndexes.size() != TimeStampArray.Num()) { - const PayloadIndex KeyIndex = KeysIndexes[KeyIndexOffset++]; - if (KeyIndex) + ZEN_WARN("Mismatch in size between 'Keys' ({}) and 'Timestamps' ({}) arrays in {}, skipping timestamps", + KeysIndexes.size(), + TimeStampArray.Num(), + ManifestPath); + } + else + { + for (CbFieldView& TimeStampView : TimeStampArray) { - AccessTimes[KeyIndex] = TimeStampView.AsInt64(); + const PayloadIndex KeyIndex = KeysIndexes[KeyIndexOffset++]; + if (KeyIndex) + { + AccessTimes[KeyIndex] = TimeStampView.AsInt64(); + } } } KeyIndexOffset = 0; CbArrayView RawHashArray = Manifest["RawHash"].AsArrayView(); CbArrayView RawSizeArray = Manifest["RawSize"].AsArrayView(); - if (RawHashArray.Num() == RawSizeArray.Num()) + if (RawHashArray.Num() != KeysIndexes.size()) + { + ZEN_WARN("Mismatch in size between 'Keys' ({}) and 'RawHash' ({}) arrays in {}, skipping meta data", + KeysIndexes.size(), + RawHashArray.Num(), + ManifestPath); + } + else if (RawSizeArray.Num() != KeysIndexes.size()) + { + ZEN_WARN("Mismatch in size between 'Keys' ({}) and 'RawSize' ({}) arrays in {}, skipping meta data", + KeysIndexes.size(), + RawSizeArray.Num(), + ManifestPath); + } + else { auto RawHashIt = RawHashArray.CreateViewIterator(); auto RawSizeIt = RawSizeArray.CreateViewIterator(); @@ -404,10 +437,6 @@ BucketManifestSerializer::ParseManifest(RwLock::ExclusiveLockScope& Buck RawSizeIt++; } } - else - { - ZEN_WARN("Mismatch in size between 'RawHash' and 'RawSize' arrays in {}, skipping meta data", ManifestPath); - } } Oid -- cgit v1.2.3