tuning

Author: lemire

include/ada/implementation.h

@@ -109,11 +109,10 @@ extern template ada::result<url_aggregator> parse<url_aggregator>(
  * object. Use this when you only need to validate URLs without needing
  * their parsed components.
  *
- * Inputs whose size exceeds `get_max_input_length()` are rejected. However,
- * because `can_parse` does not perform full normalization (percent-encoding,
- * IDNA, etc.), it cannot detect cases where a short input would normalize
- * into a URL that exceeds the limit. In such edge cases `can_parse` may
- * return `true` while `parse` returns an error.
+ * When `get_max_input_length()` is set to a value smaller than the default,
+ * `can_parse` may still return `true` for overlength inputs that are
+ * structurally valid, because the fast path skips the length check for
+ * performance. Use `parse()` when strict length enforcement is required.
  *
  * @param input The URL string to validate. Must be valid ASCII or UTF-8.
  * @param base_input Optional pointer to a base URL string for resolving

src/implementation.cpp

@@ -311,18 +311,6 @@ std::string href_from_file(std::string_view input) {
 }
 
 bool can_parse(std::string_view input, const std::string_view* base_input) {
-  // Reject inputs that exceed the configurable maximum length.
-  // Note: can_parse() does not perform normalization (percent-encoding, IDNA),
-  // so it cannot detect cases where a short input normalizes into a long URL.
-  // In such edge cases can_parse() may return true while parse() fails.
-  if (input.size() > ada::get_max_input_length()) {
-    return false;
-  }
-  if (base_input != nullptr &&
-      base_input->size() > ada::get_max_input_length()) {
-    return false;
-  }
-
   // Fast path: handles the overwhelming majority of inputs -- absolute special
   // URLs with an ASCII domain, no credentials, and no base -- with a single
   // forward scan and zero allocations.
@@ -332,6 +320,20 @@ bool can_parse(std::string_view input, const std::string_view* base_input) {
     }
   }
 
+  // Reject inputs that exceed the configurable maximum length.
+  // This check is placed after the fast path so the common case (default 4 GB
+  // limit, absolute URLs) pays no overhead.
+  // Note: can_parse() does not perform normalization (percent-encoding, IDNA),
+  // so it cannot detect cases where a short input normalizes into a long URL.
+  // In such edge cases can_parse() may return true while parse() fails.
+  const uint32_t max_length = ada::get_max_input_length();
+  if (input.size() > max_length) {
+    return false;
+  }
+  if (base_input != nullptr && base_input->size() > max_length) {
+    return false;
+  }
+
   // Fallback: run the parser in validation-only mode (store_values=false),
   // which skips all the expensive work that isn't needed to determine validity:
   // buffer reservation, credential encoding, path normalisation, query and

tests/ada_c.cpp

@@ -618,8 +618,11 @@ TEST(ada_c, max_input_length) {
 
   ada_free(result);
 
-  // can_parse should also reject overlength inputs.
-  ASSERT_FALSE(ada_can_parse(long_url.c_str(), long_url.size()));
+  // can_parse may return true for overlength inputs that are structurally
+  // valid, because the fast path does not check the length limit (by design,
+  // for performance). The full parse (ada_parse) does enforce the limit. We
+  // just verify it doesn't crash.
+  (void)ada_can_parse(long_url.c_str(), long_url.size());
 
   // Restore default.
   ada_set_max_input_length(original);