Adjust language around overlong varint encodings
This commit is contained in:
parent
cc97b6150c
commit
8bb3f329a2
|
@ -64,19 +64,17 @@ The following table illustrates varint-encoding.
|
||||||
| 300 | `0000010 0101100` | 2 172 |
|
| 300 | `0000010 0101100` | 2 172 |
|
||||||
| 1000000000 | `0000011 1011100 1101011 0010100 0000000` | 3 92 107 20 128 |
|
| 1000000000 | `0000011 1011100 1101011 0010100 0000000` | 3 92 107 20 128 |
|
||||||
|
|
||||||
There is no requirement that a varint-encoded `m` in a `Repr` be the unique shortest encoding
|
There is no requirement that a varint-encoded `m` in a `Repr` be the
|
||||||
for that `m`.[^overlong-varint] However, implementations *SHOULD* use the shortest encoding
|
unique shortest encoding for that `m`.[^overlong-varint] However,
|
||||||
whereever possible when writing, and *SHOULD* reject excessively long encodings when reading
|
implementations *SHOULD* use the shortest encoding whereever possible
|
||||||
encoded values.[^excessively-long-varint]
|
when writing, and *MAY* reject encodings with more than eight leading
|
||||||
|
`0` bytes when reading encoded values.
|
||||||
|
|
||||||
[^overlong-varint]: **Implementation note.** The spec permits overlong length encodings to
|
[^overlong-varint]: **Implementation note.** The spec permits overlong length encodings to
|
||||||
reduce wasted activity in resource-constrained situations. If an implementation is in
|
reduce wasted activity in resource-constrained situations. If an implementation is in
|
||||||
anything other than a very low-level language, it is likely to be able to use
|
anything other than a very low-level language, it is likely to be able to use
|
||||||
[IOList](./conventions.html#iolists)-style data structures to avoid unnecessary copying.
|
[IOList](./conventions.html#iolists)-style data structures to avoid unnecessary copying.
|
||||||
|
|
||||||
[^excessively-long-varint]: As a guideline, reject more than eight leading `0` bytes in a
|
|
||||||
varint.
|
|
||||||
|
|
||||||
### Records, Sequences, Sets and Dictionaries.
|
### Records, Sequences, Sets and Dictionaries.
|
||||||
|
|
||||||
«<L F_1...F_m>» = [0xA7] ++ seq(«L», «F_1», ..., «F_m»)
|
«<L F_1...F_m>» = [0xA7] ++ seq(«L», «F_1», ..., «F_m»)
|
||||||
|
@ -206,8 +204,11 @@ an empty sequence annotated with two symbols, `a` and `b`, is
|
||||||
annotations are skipped, an endless sequence of annotations may give an
|
annotations are skipped, an endless sequence of annotations may give an
|
||||||
illusion of progress.
|
illusion of progress.
|
||||||
|
|
||||||
**Overlong varints.** The binary format allows (but discourages) overlong [varint](#varint)s.
|
**Overlong varints.** The binary format allows (but discourages)
|
||||||
Consider optional restrictions on the number of redundant leading `0` bytes accepted when
|
overlong [varint](#varint)s. Because every `Repr` has a bound on its
|
||||||
|
length from its surrounding context, this is not a denial-of-service
|
||||||
|
vector *per se*; however, implementations may wish to consider optional
|
||||||
|
restrictions on the number of redundant leading `0` bytes accepted when
|
||||||
reading a varint.
|
reading a varint.
|
||||||
|
|
||||||
**Canonical form for cryptographic hashing and signing.** No canonical
|
**Canonical form for cryptographic hashing and signing.** No canonical
|
||||||
|
|
Loading…
Reference in New Issue