When reading a DCP set up asset hashes from the CPL/PKL, not by digesting the actual asset.

Previously when reading a DCP we would recalculate asset hashes. This meant that corrupted DCPs could be loaded in and their hashes re-written (if nobody checked the new hashes against the ones in the PKL/CPL). It seems better to take the hashes from the metadata. Then if the assets are corrupted and the DCP is re-written the PKL/CPL hashes will be preserved, showing rather than hiding the corruption.
author: Carl Hetherington <cth@carlh.net> 2023-06-27 00:11:43 +0200
committer: Carl Hetherington <cth@carlh.net> 2023-06-29 01:25:40 +0200
commit: e702623781c8d5853b79a29ca8c5f495d0ade3d1 (patch)
tree: 50240036d3cf18d87c9582d71e5fd3ee2d29e8e5 /src/verify.cc
parent: d305bb807a686fd7850257a724f46a77977fe491 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/src/verify.cc b/src/verify.cc
index 394326fe..8f318af9 100644
--- a/src/verify.cc
+++ b/src/verify.cc
@@ -386,6 +386,12 @@ enum class VerifyAssetResult {
 static VerifyAssetResult
 verify_asset (shared_ptr<const DCP> dcp, shared_ptr<const ReelFileAsset> reel_file_asset, function<void (float)> progress)
 {
+	/* When reading the DCP the hash will have been set to the one from the PKL/CPL.
+	 * We want to calculate the hash of the actual file contents here, so that we
+	 * can check it.  unset_hash() means that this calculation will happen on the
+	 * call to hash().
+	 */
+	reel_file_asset->asset_ref()->unset_hash();
 	auto const actual_hash = reel_file_asset->asset_ref()->hash(progress);
 
 	auto pkls = dcp->pkls();
author	Carl Hetherington <cth@carlh.net>	2023-06-27 00:11:43 +0200
committer	Carl Hetherington <cth@carlh.net>	2023-06-29 01:25:40 +0200
commit	e702623781c8d5853b79a29ca8c5f495d0ade3d1 (patch)
tree	50240036d3cf18d87c9582d71e5fd3ee2d29e8e5 /src/verify.cc
parent	d305bb807a686fd7850257a724f46a77977fe491 (diff)