From 6646e028210e54381d6edb98c20213988285c133 Mon Sep 17 00:00:00 2001
From: clawbot <clawbot@openclaw>
Date: Sun, 8 Feb 2026 16:10:54 -0800
Subject: [PATCH] Fix AddFile to verify actual bytes read matches declared size

Return an error if totalRead != size after reading the file,
preventing silent data corruption from truncated or oversized reads.

Closes #25
---
 mfer/builder.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/mfer/builder.go b/mfer/builder.go
index 22d4d4a..db605e2 100644
--- a/mfer/builder.go
+++ b/mfer/builder.go
@@ -3,6 +3,7 @@ package mfer
 import (
 	"crypto/sha256"
 	"errors"
+	"fmt"
 	"io"
 	"sync"
 	"time"
@@ -96,6 +97,11 @@ func (b *Builder) AddFile(
 		}
 	}
 
+	// Verify actual bytes read matches declared size
+	if totalRead != size {
+		return totalRead, fmt.Errorf("size mismatch for %q: declared %d bytes but read %d bytes", path, size, totalRead)
+	}
+
 	// Encode hash as multihash (SHA2-256)
 	mh, err := multihash.Encode(h.Sum(nil), multihash.SHA2_256)
 	if err != nil {