safety-dance icon indicating copy to clipboard operation
safety-dance copied to clipboard
verified publisher icon rust-secure-code

Audit httparse

Open Shnatsel opened this issue 4 years ago • 1 comments

https://crates.io/crates/httparse is a widely used HTTP parsing crate, most notably powering hyper and reqwest.

cargo-geiger shows the following when httparse is used via reqwest:

Functions  Expressions  Impls  Traits  Methods  Dependency
10/10      198/232      0/0    0/0     3/3      httparse 1.3.5

Unsafe code in parsers it quite dangerous. Binary format parsers are the poster children for memory safety vulnerabilities.

Text format parsers are a bit less dangerous, but having so much unsafe parsing code exposed to untrusted input is still scary.

Shnatsel avatar Mar 06 '21 15:03 Shnatsel

The str::from_utf8_unchecked() invocations all look correct. The loops assert that every byte in the slice prior to the Bytes iterator's current position is valid, and the checks done on the bytes all imply that the prefix contains valid UTF-8.

LegionMammal978 avatar May 28 '22 17:05 LegionMammal978