Fix a rare situation when a garbage indice could be decompressed.

spacemeshos · May 17, 2023 · 48df557 · 48df557
1 parent 3c43900
commit 48df557
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 3 deletions.
diff --git a/src/compression.rs b/src/compression.rs
@@ -1,6 +1,8 @@
 use bitvec::prelude::*;
 use bitvec::{slice::BitSlice, view::BitView};
 
+/// Compress indexes into a byte slice.
+/// The number of bits used to store each index is `keep_bits`.
 pub(crate) fn compress_indices(indexes: &[u64], keep_bits: usize) -> Vec<u8> {
     let mut bv = bitvec![u8, Lsb0;];
     for index in indexes {
@@ -9,6 +11,8 @@ pub(crate) fn compress_indices(indexes: &[u64], keep_bits: usize) -> Vec<u8> {
     bv.as_raw_slice().to_owned()
 }
 
+/// Decompress indexes from a byte slice, previously compressed with `compress_indices`.
+/// Might return more indexes than the original, if the last byte contains unused bits.
 pub(crate) fn decompress_indexes(indexes: &[u8], bits: usize) -> impl Iterator<Item = u64> + '_ {
     BitSlice::<_, Lsb0>::from_slice(indexes)
         .chunks_exact(bits)
@@ -57,7 +61,7 @@ mod tests {
             let max_value = max(indexes).unwrap();
             let bits = required_bits(max_value);
             let compressed = compress_indices(&indexes, bits);
-            let decompressed: Vec<_> = decompress_indexes(&compressed, bits).collect();
+            let decompressed: Vec<_> = decompress_indexes(&compressed, bits).take(indexes.len()).collect();
             assert_eq!(indexes.as_slice(), &decompressed);
         }
     }

diff --git a/src/prove.rs b/src/prove.rs
@@ -318,7 +318,9 @@ mod tests {
         assert_eq!(77, proof.k2_pow);
         assert_eq!(
             indices,
-            decompress_indexes(&proof.indices, keep_bits).collect::<Vec<_>>()
+            decompress_indexes(&proof.indices, keep_bits)
+                .take(indices.len())
+                .collect::<Vec<_>>()
         );
     }
 

diff --git a/src/verification.rs b/src/verification.rs
@@ -115,7 +115,9 @@ pub fn verify(
         ));
     }
 
-    let indices_unpacked = decompress_indexes(&proof.indices, bits_per_index).collect_vec();
+    let indices_unpacked = decompress_indexes(&proof.indices, bits_per_index)
+        .take(params.k2 as usize)
+        .collect_vec();
     let commitment = calc_commitment(&metadata.node_id, &metadata.commitment_atx_id);
     let nonce_group = proof.nonce / NONCES_PER_AES;
     let cipher = AesCipher::new_with_k2pow(&challenge, nonce_group, proof.k2_pow);