Safe deserialisation with cstr key

[xor-gate]

Currently i'm using the lowlevel reader API to deserialize key-values and make decisions based on that. I have a memory contrained system and reusing kv char buffers (for mpack_type_str). The current limitation of the mpack_read API is there is no mpack_read_cstr function which does prober NULL termination and bound checking. I'm not able to use the expect API because I have already read the tag from the stream. The expect API only works when no tag is current in the reader state.

I think the solution would be to move the read part of the mpack_expect_cstr into mpack reader API.

Here is a snippet:

void di_rpc_deserialize_msg(mpack_reader_t *reader, struct di_rpc_msg *msg)
{
        char k[64];
        char v[64];
        ....

        /* Loop over all keys */
        keys = mpack_expect_map(reader);
        for (size_t n = 0; n < keys; n++) {
                /* Reset read kv */
                k[0] = 0;
                v[0] = 0;

                /* Key */
                mpack_expect_cstr(reader, k, sizeof(k));

                /* Value */
                t = mpack_read_tag(reader);
                if (t.type == mpack_type_str) {
                        /* It would be much better to have mpack_read_cstr here ... */
                        mpack_read_bytes(reader, v, sizeof(v));
                        v[t.v.l] = 0;

[ludocode]

Ah, yeah that's probably a good idea. Note that when using mpack_read_bytes(), you need to pass the number of bytes you want to read, not the size of your buffer. So you need to do the bounds check on the buffer (checking t.v.l < sizeof(v) - 1 first), then pass t.v.l to mpack_read_bytes(). The reason for this is so that you can read a big data element in chunks, calling mpack_read_bytes() multiple times to get all the data.

Another thing I wanted to add to the reader API is a UTF-8 checking read function as well, so there are a few extra functions needed here I think. I'll look into it soon.

[ludocode]

mpack_read_cstr() is now implemented on develop (along with mpack_read_utf8_cstr() which checks UTF-8.) Note that for these functions, you must pass both the buffer size and string length. This is because the reader doesn't actually store the string's length (unless tracking is enabled) which is intentional. It's only stored in the tag that you got back in mpack_read_tag().

This function is quite low-level though and can be confusing, so the documentation recommends using mpack_expect_cstr() instead wherever possible (which now wraps the new function.)

[xor-gate]

It is clear for me that these function will not store the state itself. Thanks for your effort!