rasn 0.28.4

A safe no_std ASN.1 codec framework.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147

// These tests verify that rasn correctly enforces maximum recursion depth limits during
// decoding to prevent stack exhaustion attacks.
//
// The test payloads were generated using the script available at:
// https://gist.github.com/Boslx/5f7be237dd996b2a95d8b9528bc1dce7

use crate::recursive_module::RecursiveChoice;
use rasn::error::DecodeErrorKind;
use rasn::{aper, ber, cer, coer, der, jer, oer, uper};

#[allow(
    non_camel_case_types,
    non_snake_case,
    non_upper_case_globals,
    unused,
    clippy::too_many_arguments
)]
pub mod recursive_module {
    extern crate alloc;
    use core::borrow::Borrow;
    use rasn::prelude::*;
    #[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, Eq, Hash)]
    #[rasn(choice, automatic_tags)]
    pub enum RecursiveChoice {
        id(Integer),
        sequence(RecursiveSequence),
        set(RecursiveSet),
        sequenceOf(RecursiveSequenceOf),
        setOf(RecursiveSetOf),
    }
    #[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, Eq, Hash)]
    #[rasn(automatic_tags)]
    pub struct RecursiveSequence {
        pub id: Integer,
        pub next: Option<Box<RecursiveChoice>>,
    }
    impl RecursiveSequence {
        pub fn new(id: Integer, next: Option<Box<RecursiveChoice>>) -> Self {
            Self { id, next }
        }
    }
    #[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, Eq, Hash)]
    #[rasn(delegate)]
    pub struct RecursiveSequenceOf(pub SequenceOf<RecursiveChoice>);
    #[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, Eq, Hash)]
    #[rasn(set, automatic_tags)]
    pub struct RecursiveSet {
        pub id: Integer,
        pub next: Option<Box<RecursiveChoice>>,
    }
    impl RecursiveSet {
        pub fn new(id: Integer, next: Option<Box<RecursiveChoice>>) -> Self {
            Self { id, next }
        }
    }
    #[derive(AsnType, Debug, Clone, Decode, Encode, PartialEq, Eq, Hash)]
    #[rasn(delegate)]
    pub struct RecursiveSetOf(pub SetOf<RecursiveChoice>);
}

fn nested_exceeds_max_parse_depth_level(mut kind: &DecodeErrorKind) -> Option<usize> {
    let mut level = 0;
    loop {
        match kind {
            DecodeErrorKind::ExceedsMaxParseDepth => return Some(level),
            DecodeErrorKind::FieldError { nested, .. } => {
                level += 1;
                kind = &nested.kind
            }
            _ => return None,
        }
    }
}

#[test]
fn recursive_depth_150_aper() {
    let bytes = &*include_bytes!("data/recursive_depth_150.aper");
    let err = aper::decode::<RecursiveChoice>(bytes).unwrap_err();
    let level = nested_exceeds_max_parse_depth_level(&err.kind)
        .expect("expected ExceedsMaxParseDepth somewhere in nested FieldError");
    assert_eq!(level, 16);
}

#[test]
fn recursive_depth_150_ber() {
    let bytes = &*include_bytes!("data/recursive_depth_150.ber");
    let err = ber::decode::<RecursiveChoice>(bytes).unwrap_err();
    let level = nested_exceeds_max_parse_depth_level(&err.kind)
        .expect("expected ExceedsMaxParseDepth somewhere in nested FieldError");
    assert_eq!(level, 16);
}

#[test]
fn recursive_depth_150_cer() {
    let bytes = &*include_bytes!("data/recursive_depth_150.cer");
    let err = cer::decode::<RecursiveChoice>(bytes).unwrap_err();
    let level = nested_exceeds_max_parse_depth_level(&err.kind)
        .expect("expected ExceedsMaxParseDepth somewhere in nested FieldError");
    assert_eq!(level, 16);
}

#[test]
fn recursive_depth_150_coer() {
    let bytes = &*include_bytes!("data/recursive_depth_150.coer");
    let err = coer::decode::<RecursiveChoice>(bytes).unwrap_err();
    let level = nested_exceeds_max_parse_depth_level(&err.kind)
        .expect("expected ExceedsMaxParseDepth somewhere in nested FieldError");
    assert_eq!(level, 16);
}

#[test]
fn recursive_depth_150_der() {
    let bytes = &*include_bytes!("data/recursive_depth_150.der");
    let err = der::decode::<RecursiveChoice>(bytes).unwrap_err();
    let level = nested_exceeds_max_parse_depth_level(&err.kind)
        .expect("expected ExceedsMaxParseDepth somewhere in nested FieldError");
    assert_eq!(level, 16);
}

#[test]
fn recursive_depth_150_jer() {
    // serde_json has a limit of 128
    // https://github.com/serde-rs/json/blob/4f6dbfac79647d032b0997b5ab73022340c6dab7/src/de.rs#L63
    let text = include_str!("data/recursive_depth_150.jer");
    let err = jer::decode::<RecursiveChoice>(text).unwrap_err();
    assert!(
        matches!(&*err.kind, DecodeErrorKind::Parser { msg } if msg.contains("recursion limit exceeded"))
    );
}

#[test]
fn recursive_depth_150_oer() {
    let bytes = &*include_bytes!("data/recursive_depth_150.oer");
    let err = oer::decode::<RecursiveChoice>(bytes).unwrap_err();
    let level = nested_exceeds_max_parse_depth_level(&err.kind)
        .expect("expected ExceedsMaxParseDepth somewhere in nested FieldError");
    assert_eq!(level, 16);
}

#[test]
fn recursive_depth_150_uper() {
    let bytes = &*include_bytes!("data/recursive_depth_150.uper");
    let err = uper::decode::<RecursiveChoice>(bytes).unwrap_err();
    let level = nested_exceeds_max_parse_depth_level(&err.kind)
        .expect("expected ExceedsMaxParseDepth somewhere in nested FieldError");
    assert_eq!(level, 16);
}