cargo-audit: cap input size for audit bin

[glaziermag]

Hi all — per feedback on the fork PR, I’ve moved this upstream and squashed to a single commit. This implements the input-size cap for cargo audit bin (plus an explicit regression test for oversized inputs) and keeps the existing auditable payload-size limit behavior, now optionally overrideable via CLI.

If you’d prefer a different default cap value or flag naming/semantics (e.g., 0 meaning unlimited), I’m happy to adjust.

Summary

• Add cargo audit bin flags to bound binary input size and auditable payload parsing
• Enforce a bounded read before scanning to mitigate OOM risk on very large inputs
• Add a regression test that asserts oversized inputs are rejected

Tries to address #740.

Test plan

• cargo test -p cargo-audit

[djc]

It says here there is a default limit, but I don't see that being enforced in the changes from this PR. Am I missing something?

If you're up for it, It would be nice to add these two values in two separate commits.

[glaziermag]

Ah, you're totally right about the default limit—that's pretty confusing on my end! The 8MB default is actually enforced upstream inside rustsec::binary_scanning::load_deps_from_binary whenever None is passed to it, which is why there wasn't a visible size check directly in the PR diff.

To make things explicitly clear for anyone reading the code, I've updated the PR to enforce the 8MB fallback on the cargo-audit side too. I also went ahead and split the two limits into their own separate commits as you suggested.

Thanks so much for the thorough review! Let me know if you spot anything else or if this looks okay now.