Using structs doesn't actually prevent this? It seems to be expected behaviour to deserialize into a HashMap and "overwrite" duplicated values. There's a way this could potentially cause a security bug?
#rustlang Important serde trap: duplicated keys in collections are not errors. Can lead to security implications (you thought you validated all values, but something sneaked through a dup key). https://play.rust-lang.org/?version=stable&mode=debug&edition=2018&gist=3e8828153d33d2d6343f4e4e73dd3992 …
-
-
-
Using structs does prevent it. https://play.rust-lang.org/?version=stable&mode=debug&edition=2018&gist=8c90eb3f95a552346174cec8e7149bd1 … I don't find it expected. Quite the opposite. As for security issues: Imagine writing a validation proxy that inspects all values, and let the request through if they're all OK. Attacker can hide data in a first dup. value.
- Još 3 druga odgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.