Fix critical data integrity and security issues

- Atomic writes in store (write-to-temp + rename) to prevent
  corruption on crash
- Validate DHT results against requested content hash to reject
  forged data from malicious nodes
- Limit protocol line size to 128 KiB on Unix socket to prevent
  memory exhaustion
- Use saturating_add for TTL expiry to prevent u64 overflow

1 files changed, 11 insertions, 1 deletions

diff --git a/src/ops.rs b/src/ops.rs
index 302bd58..45fb919 100644
--- a/src/ops.rs
+++ b/src/ops.rs
@@ -118,7 +118,17 @@ pub fn get_paste(
         if vals.is_empty() {
             return Err(PasteError::NotFound);
         }
-        vals[0].clone()
+        // Verify DHT result: the content hash must match the
+        // requested key to prevent a malicious node from
+        // injecting arbitrary data.
+        match vals.iter().find(|v| {
+            Paste::from_bytes(v)
+                .map(|p| Paste::content_key(&p.content) == *hash)
+                .unwrap_or(false)
+        }) {
+            Some(v) => v.clone(),
+            None => return Err(PasteError::NotFound),
+        }
     };
 
     let paste = Paste::from_bytes(&data).ok_or(PasteError::InvalidKey)?;