C0ffeeCode/redox-ssh
1
0
Fork 0
mirror of https://gitlab.redox-os.org/CoffeeCode/redox-ssh.git synced 2025-12-28 17:02:19 +01:00
Code Issues Activity Actions
redox-ssh/untrusted/index.html

222 lines
No EOL
11 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="generator" content="rustdoc">
<meta name="description" content="API documentation for the Rust `untrusted` crate.">
<meta name="keywords" content="rust, rustlang, rust-lang, untrusted">
<title>untrusted - Rust</title>
<link rel="stylesheet" type="text/css" href="../normalize.css">
<link rel="stylesheet" type="text/css" href="../rustdoc.css">
<link rel="stylesheet" type="text/css" href="../main.css">
</head>
<body class="rustdoc mod">
<!--[if lte IE 8]>
<div class="warning">
This old browser is unsupported and will most likely display funky
things.
</div>
<![endif]-->
<nav class="sidebar">
<p class='location'>Crate untrusted</p><div class="block items"><ul><li><a href="#structs">Structs</a></li><li><a href="#functions">Functions</a></li></ul></div><p class='location'></p><script>window.sidebarCurrent = {name: 'untrusted', ty: 'mod', relpath: '../'};</script>
</nav>
<nav class="sub">
<form class="search-form js-only">
<div class="search-container">
<input class="search-input" name="search"
autocomplete="off"
placeholder="Click or press S to search, ? for more options…"
type="search">
</div>
</form>
</nav>
<section id='main' class="content">
<h1 class='fqn'><span class='in-band'>Crate <a class="mod" href=''>untrusted</a></span><span class='out-of-band'><span id='render-detail'>
<a id="toggle-all-docs" href="javascript:void(0)" title="collapse all docs">
[<span class='inner'>&#x2212;</span>]
</a>
</span><a class='srclink' href='../src/untrusted/untrusted.rs.html#15-400' title='goto source code'>[src]</a></span></h1>
<div class='docblock'><p>untrusted.rs: Safe, fast, zero-panic, zero-crashing, zero-allocation
parsing of untrusted inputs in Rust.</p>
<p><code>git clone <a href="https://github.com/briansmith/untrusted">https://github.com/briansmith/untrusted</a></code></p>
<p>untrusted.rs goes beyond Rust&#39;s normal safety guarantees by also
guaranteeing that parsing will be panic-free, as long as
<code>untrusted::Input::as_slice_less_safe()</code> is not used. It avoids copying
data and heap allocation and strives to prevent common pitfalls such as
accidentally parsing input bytes multiple times. In order to meet these
goals, untrusted.rs is limited in functionality such that it works best for
input languages with a small fixed amount of lookahead such as ASN.1, TLS,
TCP/IP, and many other networking, IPC, and related protocols. Languages
that require more lookahead and/or backtracking require some significant
contortions to parse using this framework. It would not be realistic to use
it for parsing programming language code, for example.</p>
<p>The overall pattern for using untrusted.rs is:</p>
<ol>
<li><p>Write a recursive-descent-style parser for the input language, where the
input data is given as a <code>&amp;mut untrusted::Reader</code> parameter to each
function. Each function should have a return type of <code>Result&lt;V, E&gt;</code> for
some value type <code>V</code> and some error type <code>E</code>, either or both of which may
be <code>()</code>. Functions for parsing the lowest-level language constructs
should be defined. Those lowest-level functions will parse their inputs
using <code>::read_byte()</code>, <code>Reader::peek()</code>, and similar functions.
Higher-level language constructs are then parsed by calling the
lower-level functions in sequence.</p></li>
<li><p>Wrap the top-most functions of your recursive-descent parser in
functions that take their input data as an <code>untrusted::Input</code>. The
wrapper functions should call the <code>Input</code>&#39;s <code>read_all</code> (or a variant
thereof) method. The wrapper functions are the only ones that should be
exposed outside the parser&#39;s module.</p></li>
<li><p>After receiving the input data to parse, wrap it in an <code>untrusted::Input</code>
using <code>untrusted::Input::from()</code> as early as possible. Pass the
<code>untrusted::Input</code> to the wrapper functions when they need to be parsed.</p></li>
</ol>
<p>In general parsers built using <code>untrusted::Reader</code> do not need to explicitly
check for end-of-input unless they are parsing optional constructs, because
<code>Reader::read_byte()</code> will return <code>Err(EndOfInput)</code> on end-of-input.
Similarly, parsers using <code>untrusted::Reader</code> generally don&#39;t need to check
for extra junk at the end of the input as long as the parser&#39;s API uses the
pattern described above, as <code>read_all</code> and its variants automatically check
for trailing junk. <code>Reader::skip_to_end()</code> must be used when any remaining
unread input should be ignored without triggering an error.</p>
<p>untrusted.rs works best when all processing of the input data is done
through the <code>untrusted::Input</code> and <code>untrusted::Reader</code> types. In
particular, avoid trying to parse input data using functions that take
byte slices. However, when you need to access a part of the input data as
a slice to use a function that isn&#39;t written using untrusted.rs,
<code>Input::as_slice_less_safe()</code> can be used.</p>
<p>It is recommend to use <code>use untrusted;</code> and then <code>untrusted::Input</code>,
<code>untrusted::Reader</code>, etc., instead of using <code>use untrusted::*</code>. Qualifying
the names with <code>untrusted</code> helps remind the reader of the code that it is
dealing with <em>untrusted</em> input.</p>
<h1 id='examples' class='section-header'><a href='#examples'>Examples</a></h1>
<p><a href="https://github.com/briansmith/ring"><em>ring</em></a>&#39;s parser for the subset of
ASN.1 DER it needs to understand,
<a href="https://github.com/briansmith/ring/blob/master/src/der.rs"><code>ring::der</code></a>,
is built on top of untrusted.rs. <em>ring</em> also uses untrusted.rs to parse ECC
public keys, RSA PKCS#1 1.5 padding, and for all other parsing it does.</p>
<p>All of <a href="https://github.com/briansmith/webpki">webpki</a>&#39;s parsing of X.509
certificates (also ASN.1 DER) is done using untrusted.rs.</p>
</div><h2 id='structs' class='section-header'><a href="#structs">Structs</a></h2>
<table>
<tr class=' module-item'>
<td><a class="struct" href="struct.EndOfInput.html"
title='struct untrusted::EndOfInput'>EndOfInput</a></td>
<td class='docblock-short'>
<p>The error type used to indicate the end of the input was reached before the
operation could be completed.</p>
</td>
</tr>
<tr class=' module-item'>
<td><a class="struct" href="struct.Input.html"
title='struct untrusted::Input'>Input</a></td>
<td class='docblock-short'>
<p>A wrapper around <code>&amp;&#39;a [u8]</code> that helps in writing panic-free code.</p>
</td>
</tr>
<tr class=' module-item'>
<td><a class="struct" href="struct.Mark.html"
title='struct untrusted::Mark'>Mark</a></td>
<td class='docblock-short'>
<p>An index into the already-parsed input of a <code>Reader</code>.</p>
</td>
</tr>
<tr class=' module-item'>
<td><a class="struct" href="struct.Reader.html"
title='struct untrusted::Reader'>Reader</a></td>
<td class='docblock-short'>
<p>A read-only, forward-only* cursor into the data in an <code>Input</code>.</p>
</td>
</tr></table><h2 id='functions' class='section-header'><a href="#functions">Functions</a></h2>
<table>
<tr class=' module-item'>
<td><a class="fn" href="fn.read_all_optional.html"
title='fn untrusted::read_all_optional'>read_all_optional</a></td>
<td class='docblock-short'>
<p>Calls <code>read</code> with the given input as a <code>Reader</code>, ensuring that <code>read</code>
consumed the entire input. When <code>input</code> is <code>None</code>, <code>read</code> will be
called with <code>None</code>.</p>
</td>
</tr></table></section>
<section id='search' class="content hidden"></section>
<section class="footer"></section>
<aside id="help" class="hidden">
<div>
<h1 class="hidden">Help</h1>
<div class="shortcuts">
<h2>Keyboard Shortcuts</h2>
<dl>
<dt>?</dt>
<dd>Show this help dialog</dd>
<dt>S</dt>
<dd>Focus the search field</dd>
<dt>&larrb;</dt>
<dd>Move up in search results</dd>
<dt>&rarrb;</dt>
<dd>Move down in search results</dd>
<dt>&#9166;</dt>
<dd>Go to active search result</dd>
<dt>+</dt>
<dd>Collapse/expand all sections</dd>
</dl>
</div>
<div class="infos">
<h2>Search Tricks</h2>
<p>
Prefix searches with a type followed by a colon (e.g.
<code>fn:</code>) to restrict the search to a given type.
</p>
<p>
Accepted types are: <code>fn</code>, <code>mod</code>,
<code>struct</code>, <code>enum</code>,
<code>trait</code>, <code>type</code>, <code>macro</code>,
and <code>const</code>.
</p>
<p>
Search functions by type signature (e.g.
<code>vec -> usize</code> or <code>* -> vec</code>)
</p>
</div>
</div>
</aside>
<script>
window.rootPath = "../";
window.currentCrate = "untrusted";
</script>
<script src="../jquery.js"></script>
<script src="../main.js"></script>
<script defer src="../search-index.js"></script>
</body>
</html>
Reference in a new issue View git blame Copy permalink