From 56d25799fc12701958156f43f8b91695241e6530 Mon Sep 17 00:00:00 2001 From: Daniel Lemire Date: Fri, 7 Jun 2024 15:09:51 -0400 Subject: [PATCH 1/2] documenting validation --- README.md | 11 ++++++++--- example_roaring_test.go | 6 +++++- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index f6705dfe..e2379e43 100644 --- a/README.md +++ b/README.md @@ -249,15 +249,20 @@ consider the following sample of code: buf := new(bytes.Buffer) size,err:=rb.WriteTo(buf) if err != nil { - t.Errorf("Failed writing") + fmt.Println("Failed writing") // return or panic } newrb:= New() size,err=newrb.ReadFrom(buf) if err != nil { - t.Errorf("Failed reading") + fmt.Println("Failed reading") // return or panic + } + // if buf is an untrusted source, you should validate the result + // (this adds a bit of complexity but it is necessary for security) + if(!newrb.Validate()) { + fmt.Println("Failed validation") // return or panic } if ! rb.Equals(newrb) { - t.Errorf("Cannot retrieve serialized version") + fmt.Println("Cannot retrieve serialized version") } ``` diff --git a/example_roaring_test.go b/example_roaring_test.go index b5161213..39496ce0 100644 --- a/example_roaring_test.go +++ b/example_roaring_test.go @@ -58,7 +58,11 @@ func TestExample_roaring060(t *testing.T) { if err != nil { fmt.Println("Failed reading") t.Errorf("Failed reading") - + } + // if buf is an untrusted source, you should validate the result + // (this adds a bit of complexity but it is necessary for security) + if !newrb.Validate() { + fmt.Println("Failed validation") } if !rb1.Equals(newrb) { fmt.Println("I did not get back to original bitmap?") From 20ee4df2a087fbb066944a053989b5d9c51bd6f2 Mon Sep 17 00:00:00 2001 From: Daniel Lemire Date: Fri, 7 Jun 2024 15:13:40 -0400 Subject: [PATCH 2/2] fixing usage --- README.md | 2 +- example_roaring_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e2379e43..ce9185a7 100644 --- a/README.md +++ b/README.md @@ -258,7 +258,7 @@ consider the following sample of code: } // if buf is an untrusted source, you should validate the result // (this adds a bit of complexity but it is necessary for security) - if(!newrb.Validate()) { + if newrb.Validate() != nil { fmt.Println("Failed validation") // return or panic } if ! rb.Equals(newrb) { diff --git a/example_roaring_test.go b/example_roaring_test.go index 39496ce0..0800a959 100644 --- a/example_roaring_test.go +++ b/example_roaring_test.go @@ -61,7 +61,7 @@ func TestExample_roaring060(t *testing.T) { } // if buf is an untrusted source, you should validate the result // (this adds a bit of complexity but it is necessary for security) - if !newrb.Validate() { + if newrb.Validate() != nil { fmt.Println("Failed validation") } if !rb1.Equals(newrb) {