--- CBOR-XS/XS.pm 2016/07/27 05:40:29 1.61 +++ CBOR-XS/XS.pm 2016/11/25 23:37:27 1.64 @@ -66,7 +66,7 @@ use common::sense; -our $VERSION = 1.5; +our $VERSION = 1.51; our @ISA = qw(Exporter); our @EXPORT = qw(encode_cbor decode_cbor); @@ -182,7 +182,7 @@ This means that such values will only be encoded once, and will not result in a deep cloning of the value on decode, in decoders supporting the value sharing extension. This also makes it possible to encode cyclic data -structures (which need C to ne enabled to be decoded by this +structures (which need C to be enabled to be decoded by this module). It is recommended to leave it off unless you know your @@ -987,7 +987,12 @@ any buffer overflows. Obviously, this module should ensure that and I am trying hard on making that true, but you never know. -Second, you need to avoid resource-starving attacks. That means you should +Second, CBOR::XS supports object serialisation - decoding CBOR can cause +calls to I C method in I package that exists in your +process (that is, CBOR::XS will not try to load modules, but any existing +C method or function can be called, so they all have to be secure). + +Third, you need to avoid resource-starving attacks. That means you should limit the size of CBOR data you accept, or make sure then when your resources run out, that's just fine (e.g. by using a separate process that can crash safely). The size of a CBOR string in octets is usually a good @@ -996,7 +1001,7 @@ too late when you already have it in memory, so you might want to check the size before you accept the string. -Third, CBOR::XS recurses using the C stack when decoding objects and +Fourth, CBOR::XS recurses using the C stack when decoding objects and arrays. The C stack is a limited resource: for instance, on my amd64 machine with 8MB of stack size I can decode around 180k nested arrays but only 14k nested CBOR objects (due to perl itself recursing deeply on croak @@ -1096,6 +1101,11 @@ =cut +# clumsy hv_store-in-perl +sub _hv_store { + $_[0]{$_[1]} = $_[2]; +} + our %FILTER = ( 0 => sub { # rfc4287 datetime, utf-8 require Time::Piece;