https://crates.io/crates/httparse is a widely used HTTP parsing crate, most notably powering hyper and reqwest.
cargo-geiger shows the following when httparse is used via reqwest:
Functions Expressions Impls Traits Methods Dependency
10/10 198/232 0/0 0/0 3/3 httparse 1.3.5
Unsafe code in parsers it quite dangerous. Binary format parsers are the poster children for memory safety vulnerabilities.
Text format parsers are a bit less dangerous, but having so much unsafe parsing code exposed to untrusted input is still scary.
https://crates.io/crates/httparse is a widely used HTTP parsing crate, most notably powering
hyperandreqwest.cargo-geiger shows the following when
httparseis used viareqwest:Unsafe code in parsers it quite dangerous. Binary format parsers are the poster children for memory safety vulnerabilities.
Text format parsers are a bit less dangerous, but having so much unsafe parsing code exposed to untrusted input is still scary.