Red Hat Bugzilla – Bug 1303428
Checksum calculation may lead to memory exhaustion
Last modified: 2016-02-02 09:30:41 EST
Description of problem:
Chapter 3.3.1 of the Installation Guide ("Verifying checksums on Windows systems") suggests to pass the image as a byte array to the ComputeHash() method for calculating the SHA-256 checksum:
> $download_checksum = [System.BitConverter]::ToString($sha256.ComputeHash([System.IO.File]::ReadAllBytes("$PWD\$image"))).ToLower() -replace '-', ''
This reads the entire image into memory and may thus result in memory exhaustion (System.OutOfMemoryException), depending on the size of the image and the available memory in the computer running the verification.
Read the image as a stream instead of a byte array.
> $stream = (Get-Item "$PWD\$image").OpenRead()
> $hash = $sha256.ComputeHash($stream)
> $download_checksum = [System.BitConverter]::ToString($hash).ToLower() -replace '-'
*** This bug has been marked as a duplicate of bug 1175759 ***