BERT

Elixir wrapper allowing safe use of binary erlang terms.

This method of serialization is orders of magnitude faster than JSON in most cases.

Installation

The package can be installed by adding ex_bert to your list of dependencies in mix.exs:

def deps do
  [
    {:ex_bert, "~> 1.0.1"}
  ]
end

Usage

iex> {:ok, bert} = BERT.encode("hello")              
{:ok, <<131, 109, 0, 0, 0, 5, 104, 101, 108, 108, 111>>}

iex> bert = BERT.encode!("hello")              
<<131, 109, 0, 0, 0, 5, 104, 101, 108, 108, 111>>

iex> {:ok, term} = BERT.decode(bert)
{:ok, "hello"}

iex> term = BERT.decode!(bert)
"hello"

Security

The decode functions enable the :safe_atoms and :safe_values options by default, which prevents some potential security concerns. For example:

iex> {:ok, fun} = BERT.encode(& &1)
{:ok,
 <<131, 112, 0, 0, 0, 154, 1, 189, 144, 182, 154, 187, 236, 207, 96, 89, 18, 34,
   161, 52, 152, 16, 216, 0, 0, 0, 6, 0, 0, 0, 1, 100, 0, 8, 101, 114, 108, 95,
   101, 118, 97, 108, 97, 6, 98, 5, 236, 133, ...>>}
iex> BERT.decode(fun)
{:error, %ArgumentError{message: "binary contains unsafe terms"}}