Defend against the length-contraction slot_testv_and_readv_and_writev DoS
Fixes #222 (closed)
Merge request reports
Activity
Created by: codecov[bot]
Codecov Report
Merging #272 (54e6b17b) into main (7afb04b1) will decrease coverage by
0.38%. The diff coverage is25.00%.
@@ Coverage Diff @@ ## main #272 +/- ## ========================================== - Coverage 92.01% 91.62% -0.39% ========================================== Files 50 50 Lines 4369 4384 +15 Branches 542 545 +3 ========================================== - Hits 4020 4017 -3 - Misses 306 320 +14 - Partials 43 47 +4Impacted Files Coverage Δ src/_zkapauthorizer/tests/strategies.py 95.49% <ø> (ø)src/_zkapauthorizer/tests/test_storage_server.py 31.57% <16.66%> (-1.39%)
src/_zkapauthorizer/_storage_server.py 91.32% <50.00%> (-0.77%)src/_zkapauthorizer/storage_common.py 93.84% <0.00%> (-3.08%)src/_zkapauthorizer/tests/test_storage_protocol.py 90.36% <0.00%> (-0.92%)src/_zkapauthorizer/model.py 93.58% <0.00%> (-0.68%)
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 7afb04b...54e6b17. Read the comment docs.918 918 slot_test_vectors(), 919 919 slot_data_vectors(), 920 one_of( 921 # The new length might be omitted completely. 922 just(None), 923 # Or it might be given as an integer. Allow a zero size which 924 # means "delete this share" in this context. 925 sizes(), 926 ), 920 # The underlying Tahoe-LAFS storage protocol allows None or an integer 921 # here (new_length) to set the size of the mutable container. The 922 # real Tahoe-LAFS storage client never uses this feature and always 923 # passes None. There are undesirable interactions between non-None 924 # values for new_length and our spending protocol. Therefore, we 925 # disable non-None values. So don't generate any here. 926 just(None),
Please register or sign in to reply