read-restrict

Enforce a strict limit on the number of bytes read from a Read with an error when exceeded.

Synopsis

```rust pub fn read>(path: P, restriction: usize) -> io::Result>; pub fn readtostring>(path: P, restriction: usize) -> io::Result;

pub trait ReadExt { fn restrict(self, restriction: u64) -> Restrict; }

impl ReadExt for R {}

impl Restrict { pub fn restriction(&self) -> u64; pub fn setrestriction(&mut self, restriction: u64); pub fn intoinner(self) -> T; pub fn getref(&self) -> &T; pub fn getmut(&mut self) -> &mut T; }

impl Read for Restrict {} impl BufRead for Restrict {} ```

Description

An adaptor around Rust's standard [io::Take] which instead of returning Ok(0) when the read limit is exceeded, instead returns an error of of the kind [ErrorKind::InvalidData].

This is intended for enforcing explicit input limits when simply truncating with take could result in incorrect behaviour.

read_restrict also offers restricted variants of [std::fs::read] and [std::fs::read_to_string], to conveniently prevent unbounded reads of overly-large files.

Example

```rust use std::io::{Read, Result, ErrorKind}; use read_restrict::ReadExt;

fn main() -> Result<()> { let f = std::fs::File::open("foo.txt")?; let mut handle = f.restrict(5); let mut buf = [0; 8]; asserteq!(5, handle.read(&mut buf)?); // reads at most 5 bytes asserteq!(0, handle.restriction()); // is now exhausted asserteq!(ErrorKind::InvalidData, handle.read(&mut buf).unwraperr().kind()); Ok(()) } ```

Or more realistically:

```rust use read_restrict::ReadExt;

fn main() -> std::io::Result<()> { let input = std::fs::File::open("foo.json")?; let input = std::io::BufReader::new(input); // buffer for performance let input = input.restrict(640 * 1024); // 640k should be enough JSON for anyone let data = serdejson::from_reader(input)?; Ok(()) } ```

Or even better:

rust fn main() -> std::io::Result<()> { let input = read_restrict::read_to_string("foo.json", 640 * 1024)?; let _data = serde_json::from_str(input)?; Ok(()) }