Skip to content
This repository has been archived by the owner on Aug 11, 2021. It is now read-only.

resolver.put allows you to create invalid blocks #91

Closed
wanderer opened this issue Aug 8, 2017 · 11 comments
Closed

resolver.put allows you to create invalid blocks #91

wanderer opened this issue Aug 8, 2017 · 11 comments
Labels
exp/expert Having worked on the specific codebase is important help wanted Seeking public contribution on this issue kind/bug A bug in existing code (including security flaws) P2 Medium: Good to have, but can wait until someone steps up

Comments

@wanderer
Copy link
Member

wanderer commented Aug 8, 2017
edited
Loading 

const node = {
  'test': 1
}
resolve.put(node, { format: 'dag-cbor', hashAlg: 'sha2-256'}, () => {
   console.log('done!')
})

node.test = 2

This will produce an invalid node, it will have the contents of {test: 2} with the cid of {test: 1}
Most of the time changing the node before resolve.put is done would be a mistake but it can easily prevented at the level of this module. The problem is that serialize the data twice (here and here). If it would only be serialized once then hashed this would be prevented. It would help to have this first though.
@daviddias daviddias added the kind/bug A bug in existing code (including security flaws) label Aug 8, 2017
@daviddias
Copy link
Member

Thanks for reporting this bug. It is a fun one indeed!

A simple (and I believe to be the wisest) solution would be to make a copy at the beginning of put, however, that would force us to add a copy function to the interface-ipld-format so that we know how to make a 1:1 copy of any format.

Mind submitting a PR with a test?

@kumavis
Copy link
Contributor

kumavis commented Aug 8, 2017

Hmm do we need a ipldXResolver.clone method?

@daviddias
Copy link
Member

@kumavis if we go with that solution, then yes

@wanderer
Copy link
Member Author

wanderer commented Aug 8, 2017

Hmm do we need a ipldXResolver.clone method?

i think i would argue against it since we have serialize. Which is copying in a sense. If we serialized once then hashed the serialized data instead of serializing twice then invalid blocks coudn't be generated

@daviddias
Copy link
Member

@wanderer it would work for this case, yes, but getting .copy would prevent other weird scenarios int he future. We can: a) solve this by taking in your proposal -- ipld/interface-ipld-format#7 -- and b) keep considering adding .copy to interface-ipld-format.

@wanderer
Copy link
Member Author

wanderer commented Aug 8, 2017

@diasdavid in which case would this not work? I can't think of anything off the top of my head. But if there are things that mutate the serialized version somehow then i guess we could aslo specify that serialize does a copy

@daviddias
Copy link
Member

It will work 👍

@wanderer
Copy link
Member Author

wanderer commented Aug 9, 2017

@diasdavid okie! test added

daviddias pushed a commit that referenced this issue Aug 26, 2017
@daviddias
test: added failing test case for issue #91 (#92)
2fcf471 
Signed-off-by: wanderer <mjbecze@gmail.com>
@daviddias daviddias mentioned this issue Aug 26, 2017
Closed
11 tasks
@daviddias daviddias added the status/ready Ready to be worked label Sep 13, 2017
@daviddias daviddias added P0 Critical: Tackled by core team ASAP exp/expert Having worked on the specific codebase is important help wanted Seeking public contribution on this issue labels Oct 18, 2017
@daviddias daviddias added status/in-progress In progress and removed status/ready Ready to be worked labels Dec 30, 2017
@daviddias daviddias self-assigned this Dec 30, 2017
@daviddias daviddias removed their assignment Jan 25, 2018
@daviddias daviddias added status/ready Ready to be worked and removed status/in-progress In progress labels Jan 25, 2018
@daviddias
Copy link
Member

@vmx just getting this on your radar :)

@daviddias daviddias added P1 High: Likely tackled by core team if no one steps up and removed P0 Critical: Tackled by core team ASAP labels Jan 26, 2018
@richardschneider
Copy link
Contributor

ipld/interface-ipld-format#32 will resolve this. cid will take the serialised output not the dagNode.

@vmx vmx added P2 Medium: Good to have, but can wait until someone steps up and removed P1 High: Likely tackled by core team if no one steps up labels Nov 14, 2018
@vmx
Copy link
Member

vmx commented May 8, 2019

As cid() is now taking the serialized version of a node, that's not an issue anymore.

@vmx vmx closed this as completed May 8, 2019
@ghost ghost removed the status/ready Ready to be worked label May 8, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
exp/expert Having worked on the specific codebase is important help wanted Seeking public contribution on this issue kind/bug A bug in existing code (including security flaws) P2 Medium: Good to have, but can wait until someone steps up
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@vmx @wanderer @richardschneider @daviddias @kumavis