lemma/resource_limits.rs
1/// Resource limits to prevent abuse and enable predictable memory usage
2///
3/// These limits protect against malicious inputs while being generous enough
4/// for all legitimate use cases.
5#[derive(Debug, Clone)]
6pub struct ResourceLimits {
7 /// Maximum file size in bytes
8 /// Real usage: ~5KB, Limit: 5MB (1000x)
9 pub max_file_size_bytes: usize,
10
11 /// Maximum expression nesting depth
12 /// Real usage: ~3 levels, Limit: 100 (30x+)
13 pub max_expression_depth: usize,
14
15 /// Maximum size of a single fact value in bytes
16 /// Real usage: ~100 bytes, Limit: 1KB (10x)
17 /// Enables server pre-allocation for zero-allocation evaluation
18 pub max_fact_value_bytes: usize,
19
20 /// Maximum evaluation time in milliseconds
21 /// Real usage: ~1-10ms, Limit: 1000ms (100-1000x)
22 pub max_evaluation_time_ms: u64,
23}
24
25impl Default for ResourceLimits {
26 fn default() -> Self {
27 Self {
28 max_file_size_bytes: 5 * 1024 * 1024, // 5 MB
29 max_expression_depth: 100,
30 max_fact_value_bytes: 1024, // 1 KB
31 max_evaluation_time_ms: 1000, // 1 second
32 }
33 }
34}
35
36impl ResourceLimits {
37 /// Create a new ResourceLimits with default values
38 pub fn new() -> Self {
39 Self::default()
40 }
41}