fix: Limit the maximum number of assertions allowed for C2PA Manifest

ssanthosh · ssanthosh · commit 4a121328f63f · 2026-03-19T00:03:59.000+05:30
diff --git a/sdk/src/builder.rs b/sdk/src/builder.rs
@@ -779,6 +779,12 @@ impl Builder {
         S: Into<String>,
         T: Serialize,
     {
+        let max_assertions = self.context.settings().builder.max_assertions;
+        if self.definition.assertions.len() >= max_assertions {
+            return Err(Error::TooManyAssertions {
+                max: max_assertions,
+            });
+        }
         let created = false;
         self.definition.assertions.push(AssertionDefinition {
             label: label.into(),
@@ -804,6 +810,12 @@ impl Builder {
         S: Into<String>,
         T: Serialize,
     {
+        let max_assertions = self.context.settings().builder.max_assertions;
+        if self.definition.assertions.len() >= max_assertions {
+            return Err(Error::TooManyAssertions {
+                max: max_assertions,
+            });
+        }
         let created = false;
         self.definition.assertions.push(AssertionDefinition {
             label: label.into(),
@@ -5773,6 +5785,47 @@ mod tests {
         assert!(reader.active_manifest().is_some());
     }
 
+    #[test]
+    fn test_add_assertion_limit() {
+        use crate::settings::Settings;
+
+        // Default limit is 100; verify the 100th assertion succeeds and the 101st is rejected.
+        let mut builder = Builder::new();
+        let data = serde_json::json!({"value": 1});
+        for i in 0..100 {
+            builder
+                .add_assertion_json(format!("org.test.assertion.{i}"), &data)
+                .expect("should succeed within limit");
+        }
+        let err = builder
+            .add_assertion_json("org.test.assertion.overflow", &data)
+            .expect_err("101st assertion should be rejected");
+        assert!(matches!(err, Error::TooManyAssertions { max: 100 }));
+
+        // Verify the limit is configurable: set max_assertions=2 via settings.
+        let settings = Settings {
+            builder: crate::settings::builder::BuilderSettings {
+                max_assertions: 2,
+                ..Default::default()
+            },
+            ..Default::default()
+        };
+        let context = Context::new()
+            .with_settings(settings)
+            .expect("valid settings");
+        let mut builder = Builder::from_context(context);
+        builder
+            .add_assertion_json("org.test.a1", &data)
+            .expect("first assertion should succeed");
+        builder
+            .add_assertion_json("org.test.a2", &data)
+            .expect("second assertion should succeed");
+        let err = builder
+            .add_assertion_json("org.test.a3", &data)
+            .expect_err("third assertion should exceed limit of 2");
+        assert!(matches!(err, Error::TooManyAssertions { max: 2 }));
+    }
+
     // Ensures that the future returned by `Builder::sign_async` implements `Send`, thus making it
     // possible to spawn on a Tokio runtime.
     #[test]
diff --git a/sdk/src/error.rs b/sdk/src/error.rs
@@ -115,6 +115,9 @@ pub enum Error {
     #[error("more than one manifest store detected")]
     TooManyManifestStores,
 
+    #[error("assertion limit exceeded: maximum allowed is {max}")]
+    TooManyAssertions { max: usize },
+
     #[error("manifest is not refernced by any ingredient")]
     UnreferencedManifest,
 
diff --git a/sdk/src/settings/builder.rs b/sdk/src/settings/builder.rs
@@ -583,6 +583,18 @@ pub struct BuilderSettings {
     ///
     /// [`TimeStamp`]: crate::assertions::TimeStamp
     pub auto_timestamp_assertion: TimeStampSettings,
+    /// Maximum number of assertions that can be added to a single manifest.
+    ///
+    /// Limits resource consumption when processing untrusted manifests with a large number
+    /// of assertions. Calls to [`Builder::add_assertion`] or [`Builder::add_assertion_json`]
+    /// that would exceed this limit return [`Error::TooManyAssertions`].
+    ///
+    /// The default value is 100.
+    ///
+    /// [`Builder::add_assertion`]: crate::Builder::add_assertion
+    /// [`Builder::add_assertion_json`]: crate::Builder::add_assertion_json
+    /// [`Error::TooManyAssertions`]: crate::Error::TooManyAssertions
+    pub max_assertions: usize,
 }
 
 impl Default for BuilderSettings {
@@ -599,6 +611,7 @@ impl Default for BuilderSettings {
             prefer_box_hash: false,
             generate_c2pa_archive: Some(true),
             auto_timestamp_assertion: TimeStampSettings::default(),
+            max_assertions: 100,
         }
     }
 }
