Skip to content

Commit 1432818

Browse files
LucretielLucretiel
committed
Sequence and Map deserialize now check for unconsumed items
1 parent 36e8d01 commit 1432818

File tree

1 file changed

+50
-23
lines changed

1 file changed

+50
-23
lines changed

rmp-serde/src/decode.rs

Lines changed: 50 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,10 @@
11
//! Generic MessagePack deserialization.
22
3+
use std::convert::TryInto;
34
use std::error;
45
use std::fmt::{self, Display, Formatter};
56
use std::io::{self, Cursor, ErrorKind, Read};
7+
use std::num::TryFromIntError;
68
use std::str::{self, Utf8Error};
79

810
use byteorder::{self, ReadBytesExt};
@@ -157,6 +159,13 @@ impl<'a> From<DecodeStringError<'a>> for Error {
157159
}
158160
}
159161

162+
impl From<TryFromIntError> for Error {
163+
#[cold]
164+
fn from(_: TryFromIntError) -> Self {
165+
Error::OutOfRange
166+
}
167+
}
168+
160169
/// A Deserializer that reads bytes from a buffer.
161170
///
162171
/// # Note
@@ -327,8 +336,6 @@ impl<'de, R: ReadSlice<'de>, C: SerializerConfig> Deserializer<R, C> {
327336
}
328337

329338
fn read_128(&mut self) -> Result<[u8; 16], Error> {
330-
use std::convert::TryInto;
331-
332339
let marker = self.take_or_read_marker()?;
333340

334341
if marker != Marker::Bin8 {
@@ -508,35 +515,55 @@ impl<'de, 'a, R: ReadSlice<'de>, C: SerializerConfig> serde::Deserializer<'de> f
508515
Marker::FixStr(len) => Ok(len.into()),
509516
Marker::Str8 => read_u8(&mut self.rd).map(u32::from),
510517
Marker::Str16 => read_u16(&mut self.rd).map(u32::from),
511-
Marker::Str32 | _ => read_u32(&mut self.rd).map(u32::from),
518+
Marker::Str32 => read_u32(&mut self.rd).map(u32::from),
519+
_ => unreachable!()
512520
}?;
513521
self.read_str_data(len, visitor)
514522
}
515523
Marker::FixArray(_) |
516524
Marker::Array16 |
517525
Marker::Array32 => {
518526
let len = match marker {
519-
Marker::FixArray(len) => Ok(len.into()),
520-
Marker::Array16 => read_u16(&mut self.rd).map(u32::from),
521-
Marker::Array32 | _ => read_u32(&mut self.rd).map(u32::from),
522-
}?;
523-
depth_count!(self.depth, visitor.visit_seq(SeqAccess::new(self, len as usize)))
527+
Marker::FixArray(len) => len.into(),
528+
Marker::Array16 => read_u16(&mut self.rd)?.into(),
529+
Marker::Array32 => read_u32(&mut self.rd)?,
530+
_ => unreachable!(),
531+
};
532+
533+
depth_count!(self.depth, {
534+
let mut seq = SeqAccess::new(self, len);
535+
let res = visitor.visit_seq(&mut seq)?;
536+
match seq.left {
537+
0 => Ok(res),
538+
excess => Err(Error::LengthMismatch(len - excess)),
539+
}
540+
})
524541
}
525542
Marker::FixMap(_) |
526543
Marker::Map16 |
527544
Marker::Map32 => {
528545
let len = match marker {
529-
Marker::FixMap(len) => Ok(len.into()),
530-
Marker::Map16 => read_u16(&mut self.rd).map(u32::from),
531-
Marker::Map32 | _ => read_u32(&mut self.rd).map(u32::from),
532-
}?;
533-
depth_count!(self.depth, visitor.visit_map(MapAccess::new(self, len as usize)))
546+
Marker::FixMap(len) => len.into(),
547+
Marker::Map16 => read_u16(&mut self.rd)?.into(),
548+
Marker::Map32 => read_u32(&mut self.rd)?,
549+
_ => unreachable!()
550+
};
551+
552+
depth_count!(self.depth, {
553+
let mut seq = MapAccess::new(self, len);
554+
let res = visitor.visit_map(&mut seq)?;
555+
match seq.left {
556+
0 => Ok(res),
557+
excess => Err(Error::LengthMismatch(len - excess)),
558+
}
559+
})
534560
}
535-
Marker::Bin8 | Marker::Bin16| Marker::Bin32 => {
561+
Marker::Bin8 | Marker::Bin16 | Marker::Bin32 => {
536562
let len = match marker {
537563
Marker::Bin8 => read_u8(&mut self.rd).map(u32::from),
538564
Marker::Bin16 => read_u16(&mut self.rd).map(u32::from),
539-
Marker::Bin32 | _ => read_u32(&mut self.rd).map(u32::from),
565+
Marker::Bin32 => read_u32(&mut self.rd).map(u32::from),
566+
_ => unreachable!()
540567
}?;
541568
match read_bin_data(&mut self.rd, len)? {
542569
Reference::Borrowed(buf) => visitor.visit_borrowed_bytes(buf),
@@ -706,12 +733,12 @@ impl<'de, 'a, R: ReadSlice<'de>, C: SerializerConfig> serde::Deserializer<'de> f
706733

707734
struct SeqAccess<'a, R, C> {
708735
de: &'a mut Deserializer<R, C>,
709-
left: usize,
736+
left: u32,
710737
}
711738

712739
impl<'a, R: 'a, C> SeqAccess<'a, R, C> {
713740
#[inline]
714-
fn new(de: &'a mut Deserializer<R, C>, len: usize) -> Self {
741+
fn new(de: &'a mut Deserializer<R, C>, len: u32) -> Self {
715742
SeqAccess {
716743
de,
717744
left: len,
@@ -736,17 +763,17 @@ impl<'de, 'a, R: ReadSlice<'de> + 'a, C: SerializerConfig> de::SeqAccess<'de> fo
736763

737764
#[inline(always)]
738765
fn size_hint(&self) -> Option<usize> {
739-
Some(self.left)
766+
self.left.try_into().ok()
740767
}
741768
}
742769

743770
struct MapAccess<'a, R, C> {
744771
de: &'a mut Deserializer<R, C>,
745-
left: usize,
772+
left: u32,
746773
}
747774

748775
impl<'a, R: 'a, C> MapAccess<'a, R, C> {
749-
fn new(de: &'a mut Deserializer<R, C>, len: usize) -> Self {
776+
fn new(de: &'a mut Deserializer<R, C>, len: u32) -> Self {
750777
MapAccess {
751778
de,
752779
left: len,
@@ -763,7 +790,7 @@ impl<'de, 'a, R: ReadSlice<'de> + 'a, C: SerializerConfig> de::MapAccess<'de> fo
763790
{
764791
if self.left > 0 {
765792
self.left -= 1;
766-
Ok(Some(seed.deserialize(&mut *self.de)?))
793+
seed.deserialize(&mut *self.de).map(Some)
767794
} else {
768795
Ok(None)
769796
}
@@ -773,12 +800,12 @@ impl<'de, 'a, R: ReadSlice<'de> + 'a, C: SerializerConfig> de::MapAccess<'de> fo
773800
fn next_value_seed<V>(&mut self, seed: V) -> Result<V::Value, Self::Error>
774801
where V: DeserializeSeed<'de>
775802
{
776-
Ok(seed.deserialize(&mut *self.de)?)
803+
seed.deserialize(&mut *self.de)
777804
}
778805

779806
#[inline(always)]
780807
fn size_hint(&self) -> Option<usize> {
781-
Some(self.left)
808+
self.left.try_into().ok()
782809
}
783810
}
784811

0 commit comments

Comments
 (0)