7 releases

0.6.3-alpha.1 Oct 24, 2022
0.6.2 Oct 22, 2022
0.5.0 Oct 2, 2022
0.5.0-alpha.4 Sep 18, 2022

#203 in Encoding

Download history 8866/week @ 2022-11-28 8477/week @ 2022-12-05 9146/week @ 2022-12-12 7814/week @ 2022-12-19 4830/week @ 2022-12-26 7583/week @ 2023-01-02 9743/week @ 2023-01-09 9306/week @ 2023-01-16 9514/week @ 2023-01-23 8593/week @ 2023-01-30 7670/week @ 2023-02-06 6284/week @ 2023-02-13 6466/week @ 2023-02-20 6856/week @ 2023-02-27 7793/week @ 2023-03-06 7197/week @ 2023-03-13

28,799 downloads per month
Used in 3 crates

MIT/Apache

27KB
363 lines

High-level crate to extract the dependency trees embedded in binaries by cargo auditable.

Deserializes them to a JSON string or Rust data structures, at your option.

Features

  • Binary parsing designed from the ground up for resilience to malicious inputs.
  • 100% memory-safe Rust, including all dependencies. (There is some unsafe in serde_json and its dependencies, but only in serialization, which isn't used here).
  • Cross-platform, portable, easy to cross-compile. Runs on any Rust target with std.
  • Parses binaries from any supported platform, not just the platform it's running on.
  • Supports setting size limits for both input and output, to protect against OOMs and zip bombs.

Usage

// Uses the default limits: 1GiB input file size, 8MiB audit data size
let info = audit_info_from_file("path/to/file", Default::default())?;

Functions to load the data from a Read instance or from &[u8] are also provided, see the documentation.

Alternatives

rust-audit-info is a command-line interface to this crate.

If you need an even lower-level interface than the one provided by this crate, use the auditable-extract and auditable-serde crates.

Dependencies

~280–610KB
~13K SLoC