Expand ID range to harden brute forcing #71

cgzones · 2024-09-22T10:24:04Z

Expand the value space from 2^32 to 2^64, resulting in keys of length 11 instead of 6.
In particular important for one-time-pastes.
i64 is used as inner type since sqlite does not support storing u64.

matze · 2024-09-23T08:04:35Z

If I see correctly, this will break all existing paste ids?

cgzones · 2024-09-25T17:45:58Z

Added backwards compatibility.

Expand the domain for IDs from 2^32 to 2^64, resulting in keys of length 11 instead of 6. In particular important for one-time-pastes. i64 is used as inner type since sqlite does not support storing u64.

matze · 2025-01-17T20:58:51Z

src/id.rs

    }

    #[test]
    fn convert_id_from_string() {
-        assert!(Id::from_str("abDE+-").is_ok());
+        /* Support ID generated in the old 32-bit format */
+        //assert!(Id::from_str("abDE+-").is_ok());


Why is this outcommented? Also, please use proper Rust comments, i.e. // instead of /* */.

matze · 2025-01-17T21:00:15Z

src/id.rs

-        s.push(CHAR_TABLE[(self.n & 0x3) as usize]);
-
-        write!(f, "{s}")
+        #[allow(clippy::cast_sign_loss)]


matze · 2025-01-17T21:01:02Z

src/id.rs


-/// Represents a 32-bit integer either numerically or mapped to a 6 character string.
+pub type Inner = i64;


Stupid question: what's the point of this type alias?

cgzones force-pushed the id_expand branch from f62fb5d to 645e6a1 Compare September 25, 2024 17:45

cgzones force-pushed the id_expand branch from 645e6a1 to 04085bd Compare October 1, 2024 15:32

cgzones force-pushed the id_expand branch from 04085bd to a9f18ce Compare November 2, 2024 20:07

Expand ID range to harden brute forcing

363988d

Expand the domain for IDs from 2^32 to 2^64, resulting in keys of length 11 instead of 6. In particular important for one-time-pastes. i64 is used as inner type since sqlite does not support storing u64.

cgzones force-pushed the id_expand branch from a9f18ce to 363988d Compare January 17, 2025 20:02

matze reviewed Jan 17, 2025

View reviewed changes

src/id.rs

s.push(CHAR_TABLE[(self.n & 0x3) as usize]);

write!(f, "{s}")

#[allow(clippy::cast_sign_loss)]

Copy link

Owner

matze Jan 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤔

matze reviewed Jan 17, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Expand ID range to harden brute forcing #71

Expand ID range to harden brute forcing #71

cgzones commented Sep 22, 2024

matze commented Sep 23, 2024

cgzones commented Sep 25, 2024

matze Jan 17, 2025

matze Jan 17, 2025

matze Jan 17, 2025


		/// Represents a 32-bit integer either numerically or mapped to a 6 character string.
		pub type Inner = i64;

Expand ID range to harden brute forcing #71

Are you sure you want to change the base?

Expand ID range to harden brute forcing #71

Conversation

cgzones commented Sep 22, 2024

matze commented Sep 23, 2024

cgzones commented Sep 25, 2024

matze Jan 17, 2025

Choose a reason for hiding this comment

matze Jan 17, 2025

Choose a reason for hiding this comment

matze Jan 17, 2025

Choose a reason for hiding this comment