On 24-08-20, Henrique de Moraes Holschuh wrote: > On 24/08/2020 09:01, Baptiste Jonglez wrote: > > On 24-08-20, Henrique de Moraes Holschuh wrote: > > > On 24/08/2020 07:53, Baptiste Jonglez wrote: > > > > It is more user-friendly to tell the user that the checksum is wrong, so > > > > move the file size check at the end. > > > > > > It is also far more expensive in the failure case, not to mention the fact > > > that you're going to process data you KNOW to be wrong when you could have > > > easily avoided it. > > > > I agree, this leads to unnecessary processing in the failure case, > > i.e. when the size & checksum are wrong. > > > > However, this failure case is rather unexpected, and I doubt that a > > slightly higher processing time (if it is even measurable) is an issue > > when you are dealing with corrupted packages. > > Give it an ultra-large sparse file as input, on purpose (attacker) or due to > corrupted filesystem with weird inode data. Suddenly, you would be much > happier had you checked the file size first (i.e. without this change)...
Ok, I can see how it could go wrong. Note that the size check is quite recent (January 2019). Before this size check was introduced, the situation you describe could already happen. > IMHO, your proposed change should be backed by a strong reason that offsets > the increased risk. Again IMHO, the commit log doesn't currently provide a > strong enough reason. > > But that's IMO. Let's wait for other opinions (or you could provide a > stronger reason to apply this change, perhaps?) No, it's really just cosmetic, the change was based on a private discussion. In the end I don't mind one way of the other, and your argument makes sense regarding the trade-off. Please disregard this patch, and I will send a v2 of the other patch so that it doesn't depend on this one. Baptiste
signature.asc
Description: PGP signature
_______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
