Bug 1303428 - Checksum calculation may lead to memory exhaustion
Summary: Checksum calculation may lead to memory exhaustion
Keywords:
Status: CLOSED DUPLICATE of bug 1175759
Alias: None
Product: Fedora Documentation
Classification: Retired
Component: install-guide
Version: devel
Hardware: All
OS: Windows
unspecified
low
Target Milestone: ---
Assignee: Pete Travis
QA Contact: Fedora Docs QA
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-01-31 17:24 UTC by Ansgar Wiechers
Modified: 2016-02-02 14:30 UTC (History)
3 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2016-02-02 14:30:41 UTC
Embargoed:


Attachments (Terms of Use)

Description Ansgar Wiechers 2016-01-31 17:24:19 UTC
Description of problem:

Chapter 3.3.1 of the Installation Guide[1] ("Verifying checksums on Windows systems") suggests to pass the image as a byte array to the ComputeHash() method for calculating the SHA-256 checksum:

> $download_checksum = [System.BitConverter]::ToString($sha256.ComputeHash([System.IO.File]::ReadAllBytes("$PWD\$image"))).ToLower() -replace '-', ''

This reads the entire image into memory and may thus result in memory exhaustion (System.OutOfMemoryException), depending on the size of the image and the available memory in the computer running the verification.


Solution:

Read the image as a stream[2] instead of a byte array.

> $stream = (Get-Item "$PWD\$image").OpenRead()
> $hash = $sha256.ComputeHash($stream)
> $stream.Close()
> $download_checksum = [System.BitConverter]::ToString($hash).ToLower() -replace '-'


 [1]: https://docs.fedoraproject.org/en-US/Fedora/23/html/Installation_Guide/sect-verifying-images.html
 [2]: https://msdn.microsoft.com/en-us/library/xa627k19.aspx

Comment 1 Pete Travis 2016-02-02 14:30:41 UTC

*** This bug has been marked as a duplicate of bug 1175759 ***


Note You need to log in before you can comment on or make changes to this bug.