Skip to content

fix(storage): Avoid use of uninitialised memory#1224

Open
jayvdb wants to merge 1 commit intofoyer-rs:mainfrom
jayvdb:storage-buffer-ub
Open

fix(storage): Avoid use of uninitialised memory#1224
jayvdb wants to merge 1 commit intofoyer-rs:mainfrom
jayvdb:storage-buffer-ub

Conversation

@jayvdb
Copy link
Contributor

@jayvdb jayvdb commented Dec 14, 2025
edited
Loading

What's changed and what's your intention?

Avoid use of uninitialised memory in storage, by being careful when creating the checksum, and implementing a custom PartialEq.

It is possible that none of these problems could occur via typical use of foyer, and there are no other crates.io published uses of foyer-storage according to https://crates.io/crates/foyer-storage/reverse_dependencies .

Checklist

  • I have written the necessary rustdoc comments
  • I have added the necessary unit tests and integration tests
  • I have passed cargo x (or cargo x --fast instead if the old tests are not modified) in my local environment.

Related issues or PRs (optional)

Fixes #1223

@jayvdb jayvdb changed the title Avoid use of uninitialised memory in storage fix(storage): Avoid use of uninitialised memory Dec 14, 2025
@jayvdb jayvdb force-pushed the storage-buffer-ub branch 2 times, most recently from f9ec4ba to b24e0a0 Compare December 14, 2025 12:45
@jayvdb
Avoid use of uninitialised memory in storage
f08b96d 
Signed-off-by: John Vandenberg <jayvdb@gmail.com>
@jayvdb
Copy link
Contributor Author

jayvdb commented Dec 14, 2025

@MrCroxx , can you approve these workflows?

MrCroxx
MrCroxx reviewed Dec 15, 2025
View reviewed changes
Copy link
Member

@MrCroxx MrCroxx left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generally LGTM.

Thank you John. Good catch!

I've reviewed #1223 and this PR. IIUC, the original codes will not actually cause UB, but I'm happy to fix the miri failed case.

Since this refactor will break existing disk cache data, I'll mark it and delay its release to next major release.

foyer-storage/src/engine/block/buffer.rs
impl BlobIndexReader {
pub fn read(buf: &[u8]) -> Option<Vec<BlobEntryIndex>> {
let checksum = Checksummer::checksum64(&buf[BlobIndex::CHECKSUM_BYTES..]);
let count =
Copy link
Member

@MrCroxx MrCroxx Dec 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to check if the loaded count is within the maximum count limiation. Or L142 will overflow read buf.

Copy link
Contributor Author

@jayvdb jayvdb Dec 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note I have two more miri reports of UB, and a few other oddities to investigate, but I am close to putting up a PR for miri CI. As these fixes will be delayed, I will ignore the relevant tests under miri, so we can get the miri testing in early.

Copy link
Member

@MrCroxx MrCroxx Dec 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think foyer also has needs to introduce miri test. Let me add it later.

Copy link
Contributor Author

@jayvdb jayvdb Dec 15, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As previously promised, #1226

@MrCroxx MrCroxx added bug Something isn't working breaking change labels Dec 15, 2025
@MrCroxx MrCroxx added this to the v0.22 milestone Dec 15, 2025
@codecov
Copy link

codecov bot commented Dec 15, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.

Files with missing lines Coverage Δ
foyer-storage/src/engine/block/buffer.rs 96.86% <100.00%> (+0.13%) ⬆️
foyer-storage/src/io/bytes.rs 60.46% <ø> (ø)

... and 3 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@jayvdb jayvdb mentioned this pull request Dec 16, 2025
Open
3 tasks
@MrCroxx MrCroxx modified the milestones: v0.22, v0.23 Jan 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MrCroxx MrCroxx MrCroxx left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

breaking change bug Something isn't working

Projects

foyer - Development Roadmap
Status: No status

Milestone

v0.23

Development

Successfully merging this pull request may close these issues.

undefined behaviour in foyer-storage buffer

2 participants

@jayvdb @MrCroxx