darrenldl
commented
5 years ago Actually this is somewhat mitigated already in repair_core by the supplying of pred, but the buffer checking occurs before pred checking takes place.
Right now the pred signature takes a block as input, but most predicates should only require working at header level, so adding a header_pred might be an even better solution, the checking of which takes place before syncing from buffer.
The panic originates from
check_buffer!atsbx_block::mod.rs:812, in the functionsync_from_bufferincorruption_tests_encode_stdin.shtest, when the header version number is corrupted to become another version number. Blkar was in repair mode when the panic happened.When the block size associated with the header's version number is bigger than the provided buffer in
sync_from_buffer, it panics viacheck_buffer!. This behaviour, however, means it neglects completely the possibility of header being malformed and when we are anticipating with a specific block size. However, it is impossible to tell with certainty whether the header is well formed or not due to SBX format design, so blkar is forced to trust the header at various places as well.So the best remedy is to return error along the line of
InsufficientBufferSizeforsync_from_bufferand maybe other similar functions.