Don't trust trusted messages so much. Just trust that the pointers are valid…

Don't trust trusted messages so much. Just trust that the pointers are valid and in-bounds, but don't assume the data matches the schema. This makes it easier to safely create a 'trusted' message: just copy any message into a MessageBuilder, and if it ends up all in one segment, it's safe to use.

Don't trust trusted messages so much. Just trust that the pointers are valid…
Don't trust trusted messages so much. Just trust that the pointers are valid and in-bounds, but don't assume the data matches the schema. This makes it easier to safely create a 'trusted' message: just copy any message into a MessageBuilder, and if it ends up all in one segment, it's safe to use.
de15e658 · Kenton Varda · d7081cca · de15e658 · de15e658
Commit de15e658 authored May 18, 2013 by Kenton Varda
Expand all Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

layout.c++ c++/src/capnproto/layout.c++ +0 -0

layout.h c++/src/capnproto/layout.h +2 -2

No files found.
--- a/c++/src/capnproto/layout.c++
+++ b/c++/src/capnproto/layout.c++
--- a/c++/src/capnproto/layout.h
+++ b/c++/src/capnproto/layout.h
@@ -416,7 +416,7 @@ class StructReader {
 public:
  inline StructReader()
      : segment(nullptr), data(nullptr), pointers(nullptr), dataSize(0),
-        pointerCount(0), bit0Offset(0), nestingLimit(0) {}
+        pointerCount(0), bit0Offset(0), nestingLimit(0x7fffffff) {}

  static StructReader readRootTrusted(const word* location);
  static StructReader readRoot(const word* location, SegmentReader* segment, int nestingLimit);
@@ -609,7 +609,7 @@ class ListReader {
 public:
  inline ListReader()
      : segment(nullptr), ptr(nullptr), elementCount(0), step(0 * BITS / ELEMENTS),
-        structDataSize(0), structPointerCount(0), nestingLimit(0) {}
+        structDataSize(0), structPointerCount(0), nestingLimit(0x7fffffff) {}

  inline ElementCount size() const;
  // The number of elements in the list.