Stefan Fuhrmann wrote on Mon, May 02, 2016 at 07:19:34 +0200:
> On 30.04.2016 02:47, Daniel Shahaf wrote:
> >Does any third-party tool make that optimization?
>
> Such a tool would probably ignore checksums altogether
> because there is no point in explicitly ignoring them
> for empty files only.
I thought a reader could, if a "Content-Length: 0" header was present,
hardcode the EXPECTED_MD5 value to d41d8cd98f00b204e9800998ecf8427e
instead of reading it from the Checksum-MD5 header. It's not possible
to do this optimization for any non-zero Content-Length, and it still
provides the reader with assurance of transport integrity of the payload
itself.
What this optimization doesn't provide is assurance against certain bugs
in the dump producer, e.g., against a bug whereby the correct payload
and checksum, but incorrect Content-Length header, would be written,
*and* the payload would look like whatever the dumpstream parser
expects to follow an empty payload.
What's the worst-case failure mode of this optimization, then?
So far, I haven't come up with a failure mode that's both likely and
worse than a parse error on the next node.
Cheers,
Daniel
(by "payload" I mean the byte string whose md5 and length are in the
dump node headers)
Received on 2016-05-02 14:05:08 CEST