Open aochagavia opened 1 year ago
There is an error with the current implementation of DigestBuf::write, which causes incorrect hashes to be calculated. The problem is that the call to self.inner.write is not guaranteed to write all the bytes in buf, so the same bytes might be offered to the hasher more than once. https://github.com/termoshtt/ocipkg/blob/8f98b8f88fb737896dfb1a9438f6f20e8a70457d/ocipkg/src/digest.rs#L97-L100
DigestBuf::write
self.inner.write
buf
The problem can be solved by rewriting the function as follows:
fn write(&mut self, buf: &[u8]) -> io::Result<usize> { let written = self.inner.write(buf)?; self.hasher.update(&buf[..written]); Ok(written) }
There is an error with the current implementation of
DigestBuf::write, which causes incorrect hashes to be calculated. The problem is that the call toself.inner.writeis not guaranteed to write all the bytes inbuf, so the same bytes might be offered to the hasher more than once. https://github.com/termoshtt/ocipkg/blob/8f98b8f88fb737896dfb1a9438f6f20e8a70457d/ocipkg/src/digest.rs#L97-L100The problem can be solved by rewriting the function as follows: