Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

backuptar: SecurityDescriptorFromTarHeader() don't decode twice #233

Merged
merged 1 commit into from
Mar 23, 2022
Merged

backuptar: SecurityDescriptorFromTarHeader() don't decode twice #233

merged 1 commit into from
Mar 23, 2022

Conversation

thaJeztah
Copy link
Contributor

I noticed this when looking at #220

While writing, I wondered why we didn't just return the result of base64.StdEncoding.DecodeString() directly, but it looks like that may return "garbage" output on failure; https://github.com/golang/go/blob/go1.17.7/src/encoding/base64/base64.go#L382-L387

Here's a short example showing that; https://go.dev/play/p/6kCw85ofiTx

package main

import (
	"encoding/base64"
	"fmt"
)

func main() {
	sd1, err := base64.StdEncoding.DecodeString("Hello, 世界")
	if err != nil {
		fmt.Println(err)
	}
	fmt.Printf("%+v: %s\n", sd1, string(sd1))
}

The above shows;

illegal base64 data at input byte 5
[29 233 101]: ��e

While callers should never trust output if an error occurs, it's probably better to explicitly return nil just to be sure no garbage is used.

This may be a theoretical situation, but the tar headers may contain
both the old and new headers, in which case we would be decoding
both.

This patch rewrites the function to try the new headers first, and
return early if found, then fall back to trying the old headers.

@thaJeztah
backuptar: SecurityDescriptorFromTarHeader() don't decode twice
b8fee7e 
This may be a theoretical situation, but the tar headers may contain
both the old and new headers, in which case we would be decoding
both.

This patch rewrites the function to try the new headers first, and
return early if found, then fall back to trying the old headers.

Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah thaJeztah requested a review from a team as a code owner February 18, 2022 09:52
@thaJeztah
Copy link
Contributor Author

@ambarve @kevpar ptal

dcantah
dcantah approved these changes Mar 21, 2022
View reviewed changes
Copy link
Contributor

@dcantah dcantah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. @ambarve Still like you to take a quick peek as you're probably most familiar here

ambarve
ambarve approved these changes Mar 23, 2022
View reviewed changes
Copy link
Contributor

@ambarve ambarve left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ambarve ambarve merged commit 843abba into microsoft:master Mar 23, 2022
@thaJeztah thaJeztah deleted the fast_return_header branch March 23, 2022 17:28
@thaJeztah
Copy link
Contributor Author

Thanks for reviewing, everyone!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ambarve ambarve ambarve approved these changes

@dcantah dcantah dcantah approved these changes

@anmaxvl anmaxvl anmaxvl approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@thaJeztah @anmaxvl @dcantah @ambarve