ICO: Add header validation in strict mode#3033
Conversation
197g
left a comment
197g
left a comment
There was a problem hiding this comment.
Appreciate the idea, more validation to keep strict mode from changing behavior silently on reserved data 👍
| let count = u16::from_le_bytes(header[4..6].try_into().unwrap()); | ||
| let mut header = header.as_slice(); | ||
|
|
||
| let reserved = header.read_u16::<LittleEndian>()?; |
There was a problem hiding this comment.
I'd use split_first_chunk here to instead of an IO-facing library. Alternatively, but only since this is uniformly u16, you might turn header into [[u8; 2]; 3] and read it with as_flattened? Lots of alternatives that do not involve an IO error for a statically sized array and constant condition.
There was a problem hiding this comment.
TBH, I just copied what TGA is doing. Should we not do that there too?
I also considered the u16 approach, but didn't like it because it makes it really easy to mess up endian. E.g.
let mut header = [0_u16; 3];
reader.read_exact(bytemuck::cast_slice_mut(&mut header))?;
let [reserved, id_type, entries] = header; // only correct on LE systemsBut I agree with you that the IO interface is a little overkill. Maybe we could just have a 2 or 3 util methods like this:
// Panics when OOB
fn read_u16<Endian>(slice: &[u8], offset: usize) -> u16;I saw this pattern in Chrome, so that might be an idea.
That, and I want to lay the groundwork for supporting CUR files eventually. |
2 participants
This PR adds more validation for the ICO header in strict mode.
Changes: