From 20e2910c616531c9e4c8903c606c25af65bcf824 Mon Sep 17 00:00:00 2001 From: Zooko O'Whielacronx <zooko@zooko.com> Date: Mon, 12 Sep 2011 15:24:58 -0700 Subject: [PATCH] immutable: prevent clients from reading past the end of share data, which would allow them to learn the cancellation secret Declare explicitly that we prevent this problem in the server's version dict. fixes #1528 (there are two patches that are each a sufficient fix to #1528 and this is one of them) --- src/allmydata/storage/immutable.py | 6 ++---- src/allmydata/storage/server.py | 1 + 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/src/allmydata/storage/immutable.py b/src/allmydata/storage/immutable.py index b7c4a9f9..a50ff422 100644 --- a/src/allmydata/storage/immutable.py +++ b/src/allmydata/storage/immutable.py @@ -83,11 +83,9 @@ class ShareFile: def read_share_data(self, offset, length): precondition(offset >= 0) # reads beyond the end of the data are truncated. Reads that start - # beyond the end of the data return an empty string. I wonder why - # Python doesn't do the following computation for me? + # beyond the end of the data return an empty string. seekpos = self._data_offset+offset - fsize = os.path.getsize(self.home) - actuallength = max(0, min(length, fsize-seekpos)) + actuallength = max(0, min(length, self._lease_offset-seekpos)) if actuallength == 0: return "" f = open(self.home, 'rb') diff --git a/src/allmydata/storage/server.py b/src/allmydata/storage/server.py index 8350e813..7dd3cb47 100644 --- a/src/allmydata/storage/server.py +++ b/src/allmydata/storage/server.py @@ -222,6 +222,7 @@ class StorageServer(service.MultiService, Referenceable): { "maximum-immutable-share-size": remaining_space, "tolerates-immutable-read-overrun": True, "delete-mutable-shares-with-zero-length-writev": True, + "prevents-read-past-end-of-share-data": True, }, "application-version": str(allmydata.__full_version__), } -- 2.45.2