0.11.x merge to master #530

atuchin-m · 2025-10-17T13:38:17Z

The commits were rebased in a new branch 0.11.x-merge (to preserve the original commits).

The PR moves from per-NetworkList flatbuffers to a one (per-Engine). It doesn't affect the performance metrics, but opens a possibility to put cosmetic filters to the same flatbuffer. It also simplifies the serialization/deserialization code.

* Unsafe tools moved to flatbuffers. * Added FlatMultiMapView, FlatFilterMap replaced. * Added FlatSetView. * Removed unused utils. * Temporary marked FlatSet as dead_code. * Added test for FlatSetView. * Added FlatMultiMapView tests. * Clean up. * Ignore live test. * Clippy fixes. * Review issues are addressed. * Optional iterator for multimap (improve perf). * Removed unused file.

The PR introduces new structures to be used in cosmetic_filters: FlatSerialize trait for things that can be serialized to flatbuffer; Builder structure to help construct a serializable representation + unit tests; Migrate network filter to the new API; Increase MIN_ALIGNMENT to 8 to support using u64 as a key.

The PR introduces new structures to store cosmetic filters in flatbuffer. * The algorithms to sort and apply rules shouldn't be touched, only storage level is changed. * CosmeticFilterCache is now a view for a flatbuffer data. * Old storage layer (via serde) is removed, the version is now stored in the flatbuffer, * Another container 'FlatMap' is introduced + tests * Most host-specific rules are stored in a single FlatMap (domain_hash => HostnameSpecificRules). Although, the most common rule kinds are stored as a dedicated multi-maps to save memory * A code to build flatbuffer structure is moved to dedicated files.

unfortunately this requires duplicating some definitions to support additional `Send + Sync` trait bounds, since Rust does not natively support conditional supertraits.

github-actions · 2025-10-17T13:41:14Z

[puLL-Merge] - brave/adblock-rust@530

Description

This PR significantly refactors the internal storage and serialization architecture of the adblock-rust crate. The main changes include:

Serialization format overhaul: Migrates from MessagePack (rmp-serde) to FlatBuffers for engine serialization, with a new .dat file format that includes integrity checking via seahash
Storage refactoring: Replaces in-memory HashMap/HashSet storage with FlatBuffer-based containers, introducing new container types like FlatMapView, FlatMultiMapView, HashMapView, etc.
Feature flag changes: Renames unsync-regex-caching to single-thread and regex-debug-info to debug-info
Cosmetic filter storage redesign: Moves cosmetic filter caching from runtime HashMap structures to pre-serialized FlatBuffer containers
Resource storage abstraction: Introduces ResourceStorageBackend trait to allow custom resource storage implementations
Dependency updates: Pins rustc-hash to v1.1.0 for better performance

Possible Issues

Breaking changes: The serialization format version bump from 1 to 2 means existing .dat files will be incompatible and need regeneration
Memory usage patterns: The new FlatBuffer-based approach may have different memory usage characteristics that could affect performance in memory-constrained environments
Complex migration path: The extensive refactoring makes it difficult to incrementally adopt changes, potentially causing issues for downstream consumers
Hash function stability: The code relies on rustc_hash::FxHasher being stable across runs, which is critical for deterministic serialization

Security Hotspots

Unsafe operations in flatbuffer handling (lines around fb_vector_to_slice, VerifiedFlatbufferMemory): Uses unsafe code to convert FlatBuffer vectors to slices, with alignment assumptions that could cause memory safety issues if violated
Integrity checking bypass: While seahash verification is added, the from_builder path skips verification entirely, potentially allowing corrupted data to be processed
Permission encoding in cosmetic filters: The encode_script_with_permission function encodes permission bits as the last character of a string, which could be vulnerable to string manipulation attacks

Changes

Changes

Cargo.toml/Cargo.lock: Updates dependencies, pins rustc-hash to v1.1.0, renames feature flags
src/data_format/: Complete rewrite of serialization logic, removes MessagePack dependency
src/filters/: Major refactoring of network filter storage, introduces FlatBuffer-based implementations
src/flatbuffers/: New module with container abstractions for FlatBuffer data structures
src/cosmetic_filter_cache.rs: Converts from runtime HashMap storage to FlatBuffer-based storage
src/cosmetic_filter_cache_builder.rs: New builder pattern for cosmetic filter serialization
src/resources/: Introduces ResourceStorageBackend trait for pluggable storage backends
src/engine.rs: Updates to use new storage architecture, changes serialization API
benches/: Updates benchmarks to work with new API
tests/: Extensive test updates and new container-specific tests

sequenceDiagram
    participant User
    participant Engine
    participant FilterDataContext
    participant FlatBufferMemory
    participant CosmeticCache
    participant ResourceStorage

    User->>Engine: from_rules(rules)
    Engine->>FilterDataContext: new(flatbuffer_memory)
    FilterDataContext->>FlatBufferMemory: create verified memory
    Engine->>CosmeticCache: from_context(filter_data_context)
    Engine->>ResourceStorage: default (in-memory backend)

    User->>Engine: check_network_request(request)
    Engine->>FilterDataContext: access network filters
    FilterDataContext->>FlatBufferMemory: query flatbuffer data
    FlatBufferMemory-->>Engine: filter results

    User->>Engine: serialize()
    Engine->>FilterDataContext: get flatbuffer data
    FilterDataContext-->>Engine: raw flatbuffer bytes
    Engine-->>User: serialized .dat file with integrity hash

    User->>Engine: deserialize(data)
    Engine->>FlatBufferMemory: verify integrity hash
    FlatBufferMemory->>FilterDataContext: create new context
    Engine->>CosmeticCache: rebuild from new context

github-actions · 2025-10-17T13:42:58Z

src/flatbuffers/fb_network_filter_generated.rs

+                        flatbuffers::Vector<'a, flatbuffers::ForwardsUOffset<&'a str>>,
+                    >>(StringVector::VT_DATA, None)
+                    .unwrap()
+            }
