I appreciate that from_buffer explicitly fails when given a buffer that's too small for the given type, but is there any reason it doesn't (or couldn't, on an opt-in basis) fail when given a buffer that's too big for the given type?
For example,
Current code:
def verify_bool(signature, message, pk_bytes):
with ffi.from_buffer(signature) as sig,\
ffi.from_buffer(message) as m,\
ffi.from_buffer('CRYPTO_PUBLICKEYBYTES_t', pk_bytes) as pk:
if len(pk) < len(pk_bytes):
# https://github.com/python-cffi/cffi/blob/v1.17.1/src/c/_cffi_backend.c#L7347
raise ValueError(f"buffer is too large ({len(pk_bytes)} bytes) for '{ffi.getctype('CRYPTO_PUBLICKEYBYTES_t')}' ({len(pk)} bytes)")
errno = lib.crypto_sign_verify(sig, len(sig), m, len(m), pk)
return (errno == 0)Ideal code:
def verify_bool(signature, message, pk_bytes):
with ffi.from_buffer(signature) as sig,\
ffi.from_buffer(message) as m,\
ffi.from_buffer('CRYPTO_PUBLICKEYBYTES_t', pk_bytes, strict=True) as pk:
errno = lib.crypto_sign_verify(sig, len(sig), m, len(m), pk)
return (errno == 0)
I appreciate that
from_bufferexplicitly fails when given a buffer that's too small for the given type, but is there any reason it doesn't (or couldn't, on an opt-in basis) fail when given a buffer that's too big for the given type?For example,
Current code:
Ideal code: