From 53b4b2fcbc345df7f7e20eb7fbcbed39e341f336 Mon Sep 17 00:00:00 2001 From: mpostma Date: Thu, 29 Jul 2021 16:07:04 +0200 Subject: [PATCH] Use serdeval for validating json format. --- Cargo.lock | 17 ++++++++++------- meilisearch-http/Cargo.toml | 2 +- .../src/index_controller/update_actor/actor.rs | 14 +++++--------- 3 files changed, 16 insertions(+), 17 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index b1e2ac465..c046c31ed 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1666,7 +1666,6 @@ dependencies = [ "num_cpus", "obkv", "once_cell", - "oxidized-json-checker", "parking_lot", "paste", "pin-project", @@ -1679,6 +1678,7 @@ dependencies = [ "serde", "serde_json", "serde_url_params", + "serdeval", "sha-1 0.9.6", "sha2", "siphasher", @@ -1969,12 +1969,6 @@ dependencies = [ "num-traits", ] -[[package]] -name = "oxidized-json-checker" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "938464aebf563f48ab86d1cfc0e2df952985c0b814d3108f41d1b85e7f5b0dac" - [[package]] name = "page_size" version = "0.4.2" @@ -2784,6 +2778,15 @@ dependencies = [ "serde", ] +[[package]] +name = "serdeval" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94023adfd3d548a8bd9a1f09c09f44eaab7080c7a9ab20314bb65154bee62bd0" +dependencies = [ + "serde", +] + [[package]] name = "sha-1" version = "0.8.2" diff --git a/meilisearch-http/Cargo.toml b/meilisearch-http/Cargo.toml index 6191ca2bb..e251511ab 100644 --- a/meilisearch-http/Cargo.toml +++ b/meilisearch-http/Cargo.toml @@ -55,7 +55,6 @@ milli = { git = "https://github.com/meilisearch/milli.git", tag = "v0.8.0" } mime = "0.3.16" num_cpus = "1.13.0" once_cell = "1.5.2" -oxidized-json-checker = "0.3.2" parking_lot = "0.11.1" rand = "0.7.3" rayon = "1.5.0" @@ -77,6 +76,7 @@ obkv = "0.2.0" pin-project = "1.0.7" whoami = { version = "1.1.2", optional = true } reqwest = { version = "0.11.3", features = ["json", "rustls-tls"], default-features = false, optional = true } +serdeval = "0.1.0" [dependencies.sentry] default-features = false diff --git a/meilisearch-http/src/index_controller/update_actor/actor.rs b/meilisearch-http/src/index_controller/update_actor/actor.rs index 8ba96dad1..59a22910f 100644 --- a/meilisearch-http/src/index_controller/update_actor/actor.rs +++ b/meilisearch-http/src/index_controller/update_actor/actor.rs @@ -7,7 +7,7 @@ use std::sync::Arc; use async_stream::stream; use futures::StreamExt; use log::trace; -use oxidized_json_checker::JsonChecker; +use serdeval::*; use tokio::fs; use tokio::io::AsyncWriteExt; use tokio::sync::mpsc; @@ -180,7 +180,7 @@ where let update_store = self.store.clone(); tokio::task::spawn_blocking(move || { - use std::io::{copy, sink, BufReader, Seek}; + use std::io::{BufReader, Seek}; // If the payload is empty, ignore the check. let update_uuid = if let Some((mut file, uuid)) = file_path { @@ -188,14 +188,10 @@ where file.seek(SeekFrom::Start(0))?; // Check that the json payload is valid: let reader = BufReader::new(&mut file); - let mut checker = JsonChecker::new(reader); + // Validate that the payload is in the correct format. + let _: Seq> = serde_json::from_reader(reader) + .map_err(|e| UpdateActorError::InvalidPayload(Box::new(e)))?; - if copy(&mut checker, &mut sink()).is_err() || checker.finish().is_err() { - // The json file is invalid, we use Serde to get a nice error message: - file.seek(SeekFrom::Start(0))?; - let _: serde_json::Value = serde_json::from_reader(file) - .map_err(|e| UpdateActorError::InvalidPayload(Box::new(e)))?; - } Some(uuid) } else { None