-
Notifications
You must be signed in to change notification settings - Fork 285
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Undocumented capacity limit for HeaderMap #603
Comments
Good catch, thanks for reporting this! I'd propose a few improvements:
|
I believe the correct way to fix that is to introduce fallible It's clearly vulnerability right now, because all usages like this one will cause a panic cc @seanmonstar |
Yea, I think the three bullet points I listed above would be a great addition. Want to submit a PR? |
HeaderMap
has a capacity limit of 24576 headers. Adding any more headers triggers a panic when reserving more capacity.I can't see any way to prevent the panic when handling incoming headers, except to hard-wire a check for this value into calling code.
It would be useful to expose this value as a public constant.
At the very least it should be documented. Currently
HeaderMap::reserve
says "Panics if the new allocation size overflows usize." This should be "Panics if the new allocation size is greater than 24576."The text was updated successfully, but these errors were encountered: