From: Taylor Blau <me@ttaylorr.com>
To: Jeff King <peff@peff.net>
Cc: "SZEDER Gábor" <szeder.dev@gmail.com>,
git@vger.kernel.org, dstolee@microsoft.com
Subject: Re: [PATCH 4/4] midx: report checksum mismatches during 'verify'
Date: Tue, 16 Nov 2021 16:10:10 -0500 [thread overview]
Message-ID: <YZQeMjjtxS2LU2Tk@nand.local> (raw)
In-Reply-To: <YYzq0uBr+uoVvkbC@coredump.intra.peff.net>
On Thu, Nov 11, 2021 at 05:05:06AM -0500, Jeff King wrote:
> > Since SHA1 is essentially random, there's a 1:256 chance of that
> > happening, assuming that the file's content is random.
>
> The most exact fix here would be to read the final byte, increment it
> mod-256, and write it back, which would ensure it was always changed.
> But that's a bit annoying to do in shell. Perhaps just corrupting more
> bytes is a good solution? The patch below should reduce your changes to
> 1 in 2^80.
>
> diff --git a/t/t5319-multi-pack-index.sh b/t/t5319-multi-pack-index.sh
> index 3f69e43178..a612e44547 100755
> --- a/t/t5319-multi-pack-index.sh
> +++ b/t/t5319-multi-pack-index.sh
> @@ -482,8 +482,10 @@ test_expect_success 'corrupt MIDX is not reused' '
> '
>
> test_expect_success 'verify incorrect checksum' '
> - pos=$(($(wc -c <$objdir/pack/multi-pack-index) - 1)) &&
> - corrupt_midx_and_verify $pos "\377" $objdir "incorrect checksum"
> + pos=$(($(wc -c <$objdir/pack/multi-pack-index) - 10)) &&
> + corrupt_midx_and_verify $pos \
> + "\377\377\377\377\377\377\377\377\377\377" \
> + $objdir "incorrect checksum"
> '
>
> test_expect_success 'repack progress off for redirected stderr' '
>
> There are other variants, of course. Just appending a single byte to the
> file is enough to give you a high probability of failing the checksum
> (since it shifts it all by one byte, making it essentially random), but
> the corrupt_midx() helper doesn't support that.
Thanks SZEDER for the report, and thanks Peff for the fix :).
I agree that it's annoyingly cumbersome to write back the last byte
incremented mod-256. So I'm content to just make it astronomically
unlikely to run into a collision in practice. (As a matter of fact, I'm
surprised that the current implementation hasn't produced failures for
us more often).
Peff: do you want me to turn this into a patch or were you planning on
it?
Thanks,
Taylor
next prev parent reply other threads:[~2021-11-16 21:10 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-23 18:39 [PATCH 0/4] midx: verify MIDX checksum before reusing Taylor Blau
2021-06-23 18:39 ` [PATCH 1/4] csum-file: introduce checksum_valid() Taylor Blau
2021-06-24 19:42 ` Jeff King
2021-06-23 18:39 ` [PATCH 2/4] commit-graph: rewrite to use checksum_valid() Taylor Blau
2021-06-24 19:42 ` Jeff King
2021-06-23 18:39 ` [PATCH 3/4] midx: don't reuse corrupt MIDXs when writing Taylor Blau
2021-06-24 20:00 ` Jeff King
2021-06-23 18:39 ` [PATCH 4/4] midx: report checksum mismatches during 'verify' Taylor Blau
2021-06-24 4:22 ` Bagas Sanjaya
2021-06-24 20:10 ` Jeff King
2021-11-10 23:11 ` SZEDER Gábor
2021-11-11 10:05 ` Jeff King
2021-11-16 21:10 ` Taylor Blau [this message]
2021-11-16 21:38 ` [PATCH] t5319: corrupt more bytes of the midx checksum Jeff King
2021-11-16 21:43 ` Taylor Blau
2021-11-16 22:12 ` Derrick Stolee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YZQeMjjtxS2LU2Tk@nand.local \
--to=me@ttaylorr.com \
--cc=dstolee@microsoft.com \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
--cc=szeder.dev@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).