syndicate-lang
/
preserves
mirror of https://gitlab.com/preserves/preserves.git
1
0
Fork 1
Code Releases Activity

Adjust language around overlong varint encodings

This commit is contained in:
Tony Garnock-Jones 2022-06-12 09:26:47 +02:00
parent cc97b6150c
commit 8bb3f329a2
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
preserves-binary.md
View File

@ -64,19 +64,17 @@ The following table illustrates varint-encoding.
| 300 | `0000010 0101100` | 2 172 |
| 1000000000 | `0000011 1011100 1101011 0010100 0000000` | 3 92 107 20 128 |
There is no requirement that a varint-encoded `m` in a `Repr` be the unique shortest encoding
for that `m`.[^overlong-varint] However, implementations *SHOULD* use the shortest encoding
whereever possible when writing, and *SHOULD* reject excessively long encodings when reading
encoded values.[^excessively-long-varint]
There is no requirement that a varint-encoded `m` in a `Repr` be the
unique shortest encoding for that `m`.[^overlong-varint] However,
implementations *SHOULD* use the shortest encoding whereever possible
when writing, and *MAY* reject encodings with more than eight leading
`0` bytes when reading encoded values.
[^overlong-varint]: **Implementation note.** The spec permits overlong length encodings to
reduce wasted activity in resource-constrained situations. If an implementation is in
anything other than a very low-level language, it is likely to be able to use
[IOList](./conventions.html#iolists)-style data structures to avoid unnecessary copying.
[^excessively-long-varint]: As a guideline, reject more than eight leading `0` bytes in a
varint.
### Records, Sequences, Sets and Dictionaries.
«<L F_1...F_m>» = [0xA7] ++ seq(«L», «F_1», ..., «F_m»)
@ -206,8 +204,11 @@ an empty sequence annotated with two symbols, `a` and `b`, is
annotations are skipped, an endless sequence of annotations may give an
illusion of progress.
**Overlong varints.** The binary format allows (but discourages) overlong [varint](#varint)s.
Consider optional restrictions on the number of redundant leading `0` bytes accepted when
**Overlong varints.** The binary format allows (but discourages)
overlong [varint](#varint)s. Because every `Repr` has a bound on its
length from its surrounding context, this is not a denial-of-service
vector *per se*; however, implementations may wish to consider optional
restrictions on the number of redundant leading `0` bytes accepted when
reading a varint.
**Canonical form for cryptographic hashing and signing.** No canonical