Bug: 174788905

Clone this repo:
  1. 735b5e3 Update TEST_MAPPING by Jeff Vander Stoep · 6 days ago master
  2. 47b6f53 Merge "Update TEST_MAPPING" am: 0b7d84efea am: 17a86435c2 am: e0e3915c7e am: 49d57486cd by Treehugger Robot · 8 months ago main-16k-with-phones
  3. 49d5748 Merge "Update TEST_MAPPING" am: 0b7d84efea am: 17a86435c2 am: e0e3915c7e by Treehugger Robot · 8 months ago
  4. e0e3915 Merge "Update TEST_MAPPING" am: 0b7d84efea am: 17a86435c2 by Treehugger Robot · 8 months ago main-16k
  5. 17a8643 Merge "Update TEST_MAPPING" am: 0b7d84efea by Treehugger Robot · 8 months ago

THE SOFTWARE IS PROVIDED “AS IS” AND THE AUTHORS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

untrusted.rs

Safe, fast, zero-panic, zero-crashing, zero-allocation parsing of untrusted inputs in Rust.

untrusted.rs is 100% Rust with no use of unsafe. It never uses the heap. No part of untrusted.rs's API will ever panic or cause a crash. It is #![no_std] and so it works perfectly with both libcore- and libstd- based projects. It does not depend on any crates other than libcore.

untrusted.rs is intended to be used with the latest version of Rust Stable. It should usually work with the latest Rust Beta and Rust Nightly versions too. Using a version of untrusted.rs other than the latest release available on crates.io is not recommended.

Documentation

See the documentation at https://briansmith.org/rustdoc/untrusted/.

To use untrusted.rs in your project, add a dependency to your Cargo.toml like this:

[dependencies]
untrusted = "0.2"

Examples

ring's parser for the subset of ASN.1 DER it needs to understand, ring::der, is built on top of untrusted.rs. ring also uses untrusted.rs to parse ECC public keys, RSA PKCS#1 1.5 padding, and everything else.

All of webpki's parsing of X.509 certificates (also ASN.1 DER) is done using untrusted.rs.

Contributing

Patches welcome!

When contributing changes, state that you agree to license your contribution under the same terms as the existing code by putting this at the bottom of your commit message:


I agree to license my contributions to each file under the terms given at the top of each file I changed.

Currently, the biggest needs for this library are:

  • Unit tests.
  • Documentation.
  • More examples.
  • Static analysis and fuzzing.

Online Automated Testing

Travis CI is used for Android, Linux, and Mac OS X. The tests are run for the current release of each Rust channel (Stable, Beta, Nightly). Since untrusted.rs only depends on libcore and it only uses 100% cross-platform code without using unsafe, it should work anywhere as long as these platforms are passing.

<img src=https://travis-ci.org/briansmith/untrusted.svg?branch=master>

Bug Reporting

Please report bugs either as pull requests or as issues in the issue tracker. untrusted.rs has a full disclosure vulnerability policy. Please do NOT attempt to report any security vulnerability in this code privately to anybody.

License

See LICENSE.txt, an ISC-style (simplified MIT) license.