From 01099c4dc9d78297500f371037481f874b866456 Mon Sep 17 00:00:00 2001
From: Robin Krahl <robin@nitrokey.com>
Date: Mon, 19 Feb 2024 20:21:30 +0100
Subject: [PATCH] Handle overlong icon values

We skip the icon field during deserialization if it is too long.
Previously, we directly tried to deserialize a String<N> and ignored any
errors.  This means that we also ignored any other errors, e. g. for
invalid data types.

This patch changes the implementation to first deserialize a string
slice and handle errors occuring during the deserialization.  Then we
check if the string slice fits into String<N> or if we should ignore the
value.
---
 src/webauthn.rs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/webauthn.rs b/src/webauthn.rs
index 5fef572..14489ce 100644
--- a/src/webauthn.rs
+++ b/src/webauthn.rs
@@ -71,8 +71,10 @@ fn deserialize_from_str_and_skip_if_too_long<'de, D, const L: usize>(
 where
     D: serde::Deserializer<'de>,
 {
-    let result: Result<String<L>, D::Error> = serde::Deserialize::deserialize(deserializer);
-    match result {
+    let s: &'de str = Deserialize::deserialize(deserializer)?;
+    // String::from(s) could panic and is not really infallibe.  It is removed in heapless 0.8.
+    #[allow(clippy::unnecessary_fallible_conversions)]
+    match String::try_from(s) {
         Ok(string) => Ok(Some(string)),
         Err(_err) => {
             info_now!("skipping field: {:?}", _err);