From 20e2910c616531c9e4c8903c606c25af65bcf824 Mon Sep 17 00:00:00 2001
From: Zooko O'Whielacronx <zooko@zooko.com>
Date: Mon, 12 Sep 2011 15:24:58 -0700
Subject: [PATCH] immutable: prevent clients from reading past the end of share
 data, which would allow them to learn the cancellation secret Declare
 explicitly that we prevent this problem in the server's version dict. fixes
 #1528 (there are two patches that are each a sufficient fix to #1528 and this
 is one of them)

---
 src/allmydata/storage/immutable.py | 6 ++----
 src/allmydata/storage/server.py    | 1 +
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/allmydata/storage/immutable.py b/src/allmydata/storage/immutable.py
index b7c4a9f9..a50ff422 100644
--- a/src/allmydata/storage/immutable.py
+++ b/src/allmydata/storage/immutable.py
@@ -83,11 +83,9 @@ class ShareFile:
     def read_share_data(self, offset, length):
         precondition(offset >= 0)
         # reads beyond the end of the data are truncated. Reads that start
-        # beyond the end of the data return an empty string. I wonder why
-        # Python doesn't do the following computation for me?
+        # beyond the end of the data return an empty string.
         seekpos = self._data_offset+offset
-        fsize = os.path.getsize(self.home)
-        actuallength = max(0, min(length, fsize-seekpos))
+        actuallength = max(0, min(length, self._lease_offset-seekpos))
         if actuallength == 0:
             return ""
         f = open(self.home, 'rb')
diff --git a/src/allmydata/storage/server.py b/src/allmydata/storage/server.py
index 8350e813..7dd3cb47 100644
--- a/src/allmydata/storage/server.py
+++ b/src/allmydata/storage/server.py
@@ -222,6 +222,7 @@ class StorageServer(service.MultiService, Referenceable):
                     { "maximum-immutable-share-size": remaining_space,
                       "tolerates-immutable-read-overrun": True,
                       "delete-mutable-shares-with-zero-length-writev": True,
+                      "prevents-read-past-end-of-share-data": True,
                       },
                     "application-version": str(allmydata.__full_version__),
                     }
-- 
2.45.2