Skip to content

cli: compute self-update checksum in-process (portability)#944

Merged
DeusData merged 1 commit into
mainfrom
fix/dryrun-hardening
Jul 7, 2026
Merged

cli: compute self-update checksum in-process (portability)#944
DeusData merged 1 commit into
mainfrom
fix/dryrun-hardening

Conversation

@DeusData

@DeusData DeusData commented Jul 7, 2026

Copy link
Copy Markdown
Owner

Replaces the sha256sum/shasum shell-out in the self-update checksum verification with an in-process SHA-256 (FIPS 180-4). The shell-out is unportable — the tool may be absent and cmd.exe does not dequote the single-quoted path — so the checksum could never be computed on Windows (dry-run test-windows failure: cli_sha256_file_matches_known_vector rc=-1). New src/foundation/sha256.c, validated against three NIST vectors (empty, "abc", 56-byte padding-edge).

cbm_cli_sha256_file shelled out to sha256sum/shasum, which is unportable:
the tool may be absent, and under cmd.exe the single-quoted path is not
dequoted so the hash of a downloaded release could never be computed on
Windows. Add a small in-process SHA-256 (FIPS 180-4, src/foundation/sha256.c)
and use it directly — no external tool, no per-OS branching, no popen. The
checksum test now covers three NIST vectors (empty, "abc", and a 56-byte
input that forces padding into a second block).

Signed-off-by: Martin Vogel <martin.vogel.tech@gmail.com>
@DeusData DeusData merged commit b637e33 into main Jul 7, 2026
11 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant