From fe854f03791be5024b84d2dc793e79a8eb5300e8 Mon Sep 17 00:00:00 2001 From: Philip Craig Date: Sat, 4 Apr 2026 10:52:49 +1000 Subject: [PATCH] Add security info (#872) --- README.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/README.md b/README.md index b7ddb4a..7b4ade0 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,28 @@ fn main() -> Result<(), Box> { See [`crates/examples`](crates/examples) for more examples. +## Security + +This crate is intended to be used with trusted inputs. For example, it is +suitable for use as part of a compiler toolchain, but not for malware analysis +or a service exposed to arbitrary inputs. + +The crate aims to be reliable: it provides memory safety (with some use of +`unsafe` for performance), and malformed input is expected to result in an +error rather than a panic or incorrect parsing. + +However, there are significant limitations: + +* There is little effort to mitigate denial of service attacks (such as + algorithmic complexity attacks due to overlapping structures). + +* The crate does not aim to replicate the behaviour of platform loaders such as + the Windows loader or dynamic linkers. Data returned by the parser may not + match the data used by a loader. + +Non-intrusive fixes (low complexity or overhead) for these are welcome, but it +is not a focus of development. + ## Minimum supported Rust version (MSRV) Changes to MSRV are not considered breaking changes. We are conservative about