Add message size limit of 64 keys.

2020-04-15 07:30:05 -05:00 · 2020-04-15 07:30:05 -05:00 · 9fba00c48b
parent ee37cd012e
commit 9fba00c48b
3 changed files with 20 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -55,7 +55,7 @@ Eg: `pigeon identity show` becomes `./pigeon-cli show`.
 - [X] Run Flog / Flay and friends to find duplications. Will aid in port to other languages.
 - [X] Make all methods private except those required for the CLI.
 - [X] Add Lipmaa links like the Bamboo folks do.
- - [ ] Set a max message size.
+ - [X] Set a max message size.
 - [ ] Make the switch to LevelDB, RocksDB, [UNQLite](https://unqlite.org/features.html) or similar (currently using Ruby PStore).
 - [ ] Make CLI names consistent with API names. Eg: find vs. read.
 - [ ] Create regexes in ::Lexer using strings and Regexp.new() for cleaner regexes.
--- a/dist/pigeon/message.rb
+++ b/dist/pigeon/message.rb
@ -5,9 +5,10 @@ module Pigeon
    attr_reader :author, :kind, :body, :signature, :depth, :lipmaa, :prev

    class VerificationError < StandardError; end
+    class MessageSizeError < StandardError; end

    VERFIY_ERROR = "Expected field `%s` to equal %s, got: %s"
-
+    MSG_SIZE_ERROR = "Messages cannot have more than 64 keys. Got %s."
    # Store a message that someone (not the LocalIdentity)
    # has authored.
    def self.ingest(author:, body:, depth:, kind:, lipmaa:, prev:, signature:)
@ -54,6 +55,11 @@ module Pigeon
    end

    def verify_counted_fields
+      key_count = body.count
+      if key_count > 64
+        msg = MSG_SIZE_ERROR % key_count
+        raise MessageSizeError, msg
+      end
      count = store.get_message_count_for(author.multihash)
      expected_prev = store.get_message_by_depth(author.multihash, count - 1) || Pigeon::NOTHING
      assert("depth", count, depth)
--- a/spec/pigeon/message_spec.rb
+++ b/spec/pigeon/message_spec.rb
@ -94,6 +94,18 @@ RSpec.describe Pigeon::Message do
  end

  it "verifies accuracy of Lipmaa links"
+
+  it "does not allow message with more than 64 keys" do
+    error = "Messages cannot have more than 64 keys. Got 65."
+    body = {}
+    65.times do
+      body[SecureRandom.hex(6)] = SecureRandom.hex(6)
+    end
+    expect do
+      create_message(body)
+    end.to raise_error(Pigeon::Message::MessageSizeError, error)
+  end
+
  it "verifies accuracy of signatures" do
    # === Initial setup
    Pigeon::LocalIdentity.current