Expand description
Binary format helpers shared across AOF and snapshot files.
Provides TLV-style encoding primitives, CRC32 checksums, and magic byte constants. All multi-byte integers are stored in little-endian.
Enums§
- Format
Error - Errors that can occur when reading or writing persistence formats.
Constants§
- AOF_
MAGIC - Magic bytes for the AOF file header.
- FORMAT_
VERSION - Current unencrypted format version.
- FORMAT_
VERSION_ ENCRYPTED - Format version for encrypted files.
- MAX_
COLLECTION_ COUNT - Maximum element count for collections (lists, sets, hashes, sorted sets) in persistence formats. Prevents corrupt count fields from causing unbounded iteration during deserialization. 100M is well beyond any realistic collection while catching obviously corrupt u32 values.
- MAX_
FIELD_ LEN - Maximum length we’ll allocate when reading a length-prefixed field. 512 MB is generous for any realistic key or value — a corrupt or malicious length prefix won’t cause a multi-gigabyte allocation.
- MAX_
PERSISTED_ VECTOR_ COUNT - Maximum element count per vector set in persistence formats. Prevents corrupt count fields from causing unbounded loops.
- MAX_
PERSISTED_ VECTOR_ DIMS - Maximum vector dimensions allowed in persistence formats. Matches the protocol-layer cap. Records exceeding this are rejected during deserialization to prevent OOM from corrupt files.
- MAX_
PERSISTED_ VECTOR_ TOTAL_ FLOATS - Maximum total f32 elements (dim * count) for vector deserialization. Caps total allocation at ~4 GB. Without this, a crafted file with 65536 dims x 10M vectors would attempt ~2.6 TB.
- SNAP_
MAGIC - Magic bytes for the snapshot file header.
Functions§
- capped_
capacity - Caps pre-allocation to avoid huge allocations from corrupt count fields.
- crc32
- Computes a CRC32 checksum over a byte slice.
- read_
bytes - Reads a length-prefixed byte vector:
[len: u32][data]. - read_
f32 - Reads an
f32in little-endian. - read_
f64 - Reads an
f64in little-endian. - read_
header - Reads and validates a file header. Returns an error if magic doesn’t match or version is unsupported. Returns the format version.
- read_
i64 - Reads an
i64in little-endian. - read_u8
- Reads a
u8from the reader. - read_
u16 - Reads a
u16in little-endian. - read_
u32 - Reads a
u32in little-endian. - validate_
collection_ count - Validates that a deserialized collection count is within bounds.
Returns
InvalidDataif the count exceedsMAX_COLLECTION_COUNT. - validate_
vector_ total - Validates that the total vector element budget (dim * count) is within bounds. Call after validating dim and count individually.
- verify_
crc32 - Verifies that
datamatches the expected CRC32 checksum. - verify_
crc32_ values - Verifies that two CRC32 values match.
- write_
bytes - Writes a length-prefixed byte slice:
[len: u32][data]. - write_
f32 - Writes an
f32in little-endian. - write_
f64 - Writes an
f64in little-endian. - write_
header - Writes a file header: magic bytes + version byte.
- write_
header_ versioned - Writes a file header with an explicit version byte.
- write_
i64 - Writes an
i64in little-endian. - write_
len - Writes a collection length as u32, returning an error if it exceeds
u32::MAX. - write_
u8 - Writes a
u8to the writer. - write_
u16 - Writes a
u16in little-endian. - write_
u32 - Writes a
u32in little-endian.