fix: off by one error in domain seperation #226
Closed
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Looked like there was a fixed length assumption for version bytes causing off-by-one errors with an inaccurate tag length calculation potentially leading to hash collisions. The static domain tag construction is not reflecting actual content variations.
Hopefully this addresses it:
We can dynamically construct the domain tags based on actual content, ensuring uniqueness. This should accurately calculate full the tag length to prevent inconsistencies, and then from there we can update the digest with exact length bytes and then the constructed tag. My thoughts is it's safer to converts version and label bytes to strings safely using String::from_utf8. this version implements expect for error handling to clearly identify conversion failures. I looked over the broader class and it looks like the approach is to panic, so I kept it consistent instead of returning String, which I had initially considered.
Tested with build and cargo bench, and everything passes.