`CborValidateCompleteData` is ambiguous
liketechnik opened this issue · 2 comments
The CborValidateCompleteData flag for cbor_value_validate() does not specify if it verifies that the CBOR stream being parsed does not contain any data after the current element (passed as it) or after iteration over the whole stream / content of the current element for validation (done on a copy of the parser state / current element, cf.
Lines 646 to 647 in 590c28a
In its current implementation, it does the former, i. e. initializing a parser on a non-empty CBOR stream and validating it with CborValidateCompleteData leads to a CborErrorGarbageAtEnd.
Since the description of cbor_value_validate() explicitly mentions using it before iterating over the stream ("the application can iterate over the items with certainty that no errors will appear during parsing"), I would have expected the latter behavior.
I have illustrated this with two very small sample programs in a gist.
In case there is agreement the current behavior is unexpected and should be changed, you can find the necessary change at liketechnik@5c23464 (add .patch to the github url to directly access it as a patch: 5c23464.patch).
You're right, this is a bug.