Make remaining bytes validation conditional on strict mode #112
Conversation
WalkthroughThe change conditions remaining-body checks during atom decoding on build configuration. In src/any.rs, src/atom.rs, and src/tokio/atom.rs, checks that previously returned UnderDecode when leftover bytes remained are now executed only when the "strict" feature is enabled or under cfg(test). In non-strict, non-test builds leftover bytes in atom bodies are no longer treated as UnderDecode. No public signatures were changed. 🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing touches
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Fix all issues with AI agents
In `@src/atom.rs`:
- Around line 66-68: The trailing-bytes rejection in the ReadFrom<Option<T>>
implementation is currently unconditional and inconsistent with the earlier
check that only errors when cfg!(feature = "strict") || cfg!(test); update the
Option<T> ReadFrom impl (and the similar occurrence around the other block at
lines referenced in the review) to gate the UnderDecode(T::KIND) return behind
the same condition (cfg!(feature = "strict") || cfg!(test)) so non-strict builds
tolerate trailing bytes like the other path; locate the check inside the impl
ReadFrom for Option<T> and the other matching block and wrap or replace the
unconditional Err(...) with the conditional check used earlier.
|
Apart from the issue flagged by the review bot, it'd be good to test this. A bit tricky with the test == strict case. And from my review on #111:
|
ISOBMFF does not mandate tail padding or alignment for boxes. The only strict requirement is that the box size correctly covers all bytes. MOV writers often pad atoms with zeros to align to 4 or 8 byte boundaries. This is a legacy convention, not required by ISOBMFF, and parsers should handle it. |
|
The modified behaviour requires tests. Unsure of the best way to do this - probably turning off strict mode whenever we're testing, and checking with and without the feature flag enabled.
OK. Can you add the quicktime reference for this as an explanatory comment in the code? |
|
Should we log when the entire box isn't processed, similar to when unknown atoms are parsed? The reason I added |
Checking whether the remaining bytes are zeroed makes sense from a correctness perspective, but it does come with a performance cost. Using a strict mode here seems like a good compromise: it allows catching potential issues during development, while preserving optimal performance and compatibility for regular crate users. |
3 participants
This PR makes non-strict builds more tolerant of leftover bytes in MP4 atom bodies, improving robustness when decoding real-world files. Strict validation remains unchanged for tests and strict-mode builds.