You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So there's an ::std::io::BufRead::read_until(), which is great, except in cases where the input is untrusted (e.g. the context of a server process that listens for connections from the general public): while there's no possibility of an actual buffer overflow, an attacker could trivially cause undesirably high memory usage. Thus, read_until() would have to be avoided, but implementations might end up with what amounts to the same thing, with a limit on the amount of data read.
Given that this is a common usecase (it seems so to me, anyway), I propose adding this variation to BufRead as a provided method:
/// As `read_until()`, except that `buf` will be overwritten, not appended to,/// and with the additional restriction that not more than `buf.len()` bytes/// will be read.fnread_until_full(&mutself,byte:u8,buf:&mut[u8]) -> Result<usize>{ ...}
(I'm not particularly attached to the name read_until_full. There's probably a better one for it.)
The text was updated successfully, but these errors were encountered:
BlacklightShining
changed the title
Add an io::BufRead::read_until_n()
Add a version of io::BufRead::read_until() with a read limit
Dec 27, 2015
So there's an
::std::io::BufRead::read_until()
, which is great, except in cases where the input is untrusted (e.g. the context of a server process that listens for connections from the general public): while there's no possibility of an actual buffer overflow, an attacker could trivially cause undesirably high memory usage. Thus,read_until()
would have to be avoided, but implementations might end up with what amounts to the same thing, with a limit on the amount of data read.Given that this is a common usecase (it seems so to me, anyway), I propose adding this variation to
BufRead
as a provided method:(I'm not particularly attached to the name
read_until_full
. There's probably a better one for it.)The text was updated successfully, but these errors were encountered: