From: Zooko O'Whielacronx Date: Mon, 12 Sep 2011 22:24:58 +0000 (-0700) Subject: immutable: prevent clients from reading past the end of share data, which would allow... X-Git-Tag: allmydata-tahoe-1.9.0a2~45 X-Git-Url: https://git.rkrishnan.org/specifications/(%5B%5E?a=commitdiff_plain;h=20e2910c616531c9e4c8903c606c25af65bcf824;p=tahoe-lafs%2Ftahoe-lafs.git immutable: prevent clients from reading past the end of share data, which would allow them to learn the cancellation secret Declare explicitly that we prevent this problem in the server's version dict. fixes #1528 (there are two patches that are each a sufficient fix to #1528 and this is one of them) --- diff --git a/src/allmydata/storage/immutable.py b/src/allmydata/storage/immutable.py index b7c4a9f9..a50ff422 100644 --- a/src/allmydata/storage/immutable.py +++ b/src/allmydata/storage/immutable.py @@ -83,11 +83,9 @@ class ShareFile: def read_share_data(self, offset, length): precondition(offset >= 0) # reads beyond the end of the data are truncated. Reads that start - # beyond the end of the data return an empty string. I wonder why - # Python doesn't do the following computation for me? + # beyond the end of the data return an empty string. seekpos = self._data_offset+offset - fsize = os.path.getsize(self.home) - actuallength = max(0, min(length, fsize-seekpos)) + actuallength = max(0, min(length, self._lease_offset-seekpos)) if actuallength == 0: return "" f = open(self.home, 'rb') diff --git a/src/allmydata/storage/server.py b/src/allmydata/storage/server.py index 8350e813..7dd3cb47 100644 --- a/src/allmydata/storage/server.py +++ b/src/allmydata/storage/server.py @@ -222,6 +222,7 @@ class StorageServer(service.MultiService, Referenceable): { "maximum-immutable-share-size": remaining_space, "tolerates-immutable-read-overrun": True, "delete-mutable-shares-with-zero-length-writev": True, + "prevents-read-past-end-of-share-data": True, }, "application-version": str(allmydata.__full_version__), }