formats icon indicating copy to clipboard operation
formats copied to clipboard
verified publisher icon RustCrypto

der: SetOfVec::insert can break the structure on error

Open roblabla opened this issue 2 months ago • 0 comments

The way SetOfVec::insert is implemented results in the internal structure containing an unsorted duplicate value, because it first inserts the value, and then check whether it's a dupe while simultaneously sorting it:

  • SetOfVec::insert: https://github.com/RustCrypto/formats/blob/master/der/src/asn1/set_of.rs#L268-L271
  • der_sort: https://github.com/RustCrypto/formats/blob/master/der/src/asn1/set_of.rs#L456-L473

Could der_sort perhaps remove the duplicate so the structure is still valid in case the insert function returns an error?

roblabla avatar Dec 15 '25 14:12 roblabla