#protect

better-limit-reader

Configurable limit reader that limits the number of bytes read from an underlying reader, supporting decompression from Gzip and Zlib compressed via flate2

1 stable release

3.0.0 Sep 8, 2024
2.0.0 Sep 8, 2024
1.0.2 Sep 7, 2024
0.2.0 Sep 6, 2024
0.1.4 Sep 6, 2024

#4 in #protect

MIT/Apache

25KB
530 lines

better-limit-reader-rs

Crates.io Version Released API docs

Exposes LimitReader which is a limit reader, that protects against zip-bombs and other nefarious activities that limits the number of bytes read from an underlying reader.

This crate is heavily inspired by Jon Gjengset’s “Crust of Rust” episode on the inner workings of git on YouTube and mitigrating Zip-bombs.

It has been said, the name is a bit boisterous, but at least it sets high ambitions for this wee crate.

API usage

Refer to the docs for further examples.

Upcoming enhancements (in no particular order)

  • Gzip decompression.
  • no_std support (?); This needs planning via an issue on Github.
  • TBD: If you have any requests, please open an issue!

Building

This runs a release build, runs tests and generates docs.

./build.sh

MSRV

This project is tested against the most recent stable rust version.

License

This work is licensed under either of

at your option.

Dependencies

~1–1.5MB
~32K SLoC