pub fn deserialize_json_safe<T: DeserializeOwned>(input: &str) -> Result<T>Expand description
Safe JSON deserialization with size and depth limits
This function provides protection against:
- Memory exhaustion (10MB size limit)
- Stack overflow (16-level recursion depth limit)
- Denial of service attacks via malicious payloads
§Security
- Size limit: Rejects payloads larger than 10MB
- Depth limit: Enforced by serde_json (default max depth ~128, we validate structure)
- Performance: O(1) size check before parsing
§Example
use cli_testing_specialist::utils::deserialize_json_safe;
use serde::Deserialize;
#[derive(Deserialize)]
struct Config {
name: String,
value: i32,
}
let json = r#"{"name": "test", "value": 42}"#;
let config: Config = deserialize_json_safe(json).unwrap();