btrask
commented
9 years ago One option is the Lemon parser generator from SQLite: https://www.sqlite.org/arch.html
Open btrask opened 9 years ago
btrask
commented
9 years ago One option is the Lemon parser generator from SQLite: https://www.sqlite.org/arch.html
Right now our user query parser and our content-disposition parser use lots of raw pointer manipulation. This is obviously a bad idea.
One example of a parser that is designed to be secure is Nom, from the VLC project. It's written in Rust, which we could either embed in C (if we don't mind the dependency) or port/learn from.