diff --git a/Cargo.toml b/Cargo.toml index b3bdb15..7270ccd 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -9,12 +9,27 @@ license-file = "LICENSE.md" rust-version = "1.85.0" [workspace.lints.rust] +arithmetic_overflow = "forbid" unsafe_code = "forbid" +[workspace.lints.clippy] +arithmetic_side_effects = "forbid" +as_conversions = "forbid" +checked_conversions = "forbid" +default_union_representation = "forbid" +expect_used = "forbid" +indexing_slicing = "forbid" +integer_division = "forbid" +integer_division_remainder_used = "forbid" +transmute_undefined_repr = "forbid" +unchecked_duration_subtraction = "forbid" +unwrap_used = "forbid" + [profile.release] codegen-units = 1 lto = "fat" opt-level = 3 +overflow-checks = true strip = "debuginfo" [workspace.dependencies] diff --git a/README.md b/README.md index 77225a4..414f6c4 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ A set of crates for the construction and use of optimized IP filtering mechanism 1. Create `private/secret.sh` containing `export IP2LOCATION_TOKEN=''` 1. Run `./private/dl.sh DB1LITECSV DB1LITECSVIPV6` -1. List available countries using `cargo run -- -f private/DB1-LITE-V4.CSV list` +1. List available countries using `cargo run -- -i private/DB1-LITE-V4.CSV list` 1. Generate a filter using `cargo run -- -i ./private/DB1-LITE-V4.CSV merge -c BD,BR,CN,HK,IL,IN,IQ,IR,KP,PK,QA,RO,RS,RU,SA,SG,SO,SS,SY,TR,TW,UA,DZ -o ./private/filter4.bin` 1. Generate a filter using `cargo run -- -i ./private/DB1-LITE-V6.CSV merge -c BD,BR,CN,HK,IL,IN,IQ,IR,KP,PK,QA,RO,RS,RU,SA,SG,SO,SS,SY,TR,TW,UA,DZ -6 -o ./private/filter6.bin` 1. Verify IP ranges using `cargo run -- -i ./private/filter4.bin load` or `cargo run -- -i ./private/filter6.bin load -6` diff --git a/cli/Cargo.toml b/cli/Cargo.toml index 56fea17..5c823ee 100644 --- a/cli/Cargo.toml +++ b/cli/Cargo.toml @@ -7,8 +7,22 @@ edition.workspace = true license-file.workspace = true rust-version.workspace = true -[lints] -workspace = true +[lints.rust] +arithmetic_overflow = "forbid" +unsafe_code = "forbid" + +[lints.clippy] +arithmetic_side_effects = "deny" +as_conversions = "deny" +checked_conversions = "deny" +default_union_representation = "deny" +expect_used = "deny" +indexing_slicing = "deny" +integer_division = "deny" +integer_division_remainder_used = "deny" +transmute_undefined_repr = "deny" +unchecked_duration_subtraction = "deny" +unwrap_used = "deny" [dependencies] ipfilter = { workspace = true, features = ["std"] } diff --git a/cli/src/main.rs b/cli/src/main.rs index 069f807..33f89cb 100644 --- a/cli/src/main.rs +++ b/cli/src/main.rs @@ -4,7 +4,7 @@ use std::fs; use ipfilter::{v4, v6}; -use anyhow::Result; +use anyhow::{Context, Result}; use clap::Parser; use ipnet::{Ipv4Subnets, Ipv6Subnets}; @@ -27,7 +27,16 @@ fn main() -> Result<()> { for result in reader.records() { let record = result?; - countries.insert((record[2].to_owned(), record[3].to_owned())); + countries.insert(( + record + .get(2) + .context("record is missing index 2")? + .to_owned(), + record + .get(3) + .context("record is missing index 3")? + .to_owned(), + )); } let mut countries: Vec<_> = countries.drain().collect(); @@ -50,7 +59,7 @@ fn main() -> Result<()> { let records = reader .records() - .filter_ok(|r| countries.contains(&r[2])) + .filter_ok(|r| r.get(2).map(|r| countries.contains(r)).unwrap_or(false)) .map(|r| r.map_err(anyhow::Error::from)); macro_rules! merge_ip { @@ -59,8 +68,18 @@ fn main() -> Result<()> { .map(|r| { r.and_then(|record| { Ok(<$net>::new( - <$addr>::from_bits(record[0].parse()?), - <$addr>::from_bits(record[1].parse()?), + <$addr>::from_bits( + record + .get(0) + .context("record is missing index 0")? + .parse()?, + ), + <$addr>::from_bits( + record + .get(1) + .context("record is missing index 1")? + .parse()?, + ), 0, )) })