[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging
From: |
Luiz Capitulino |
Subject: |
Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging |
Date: |
Fri, 5 Feb 2010 10:13:03 -0200 |
On Fri, 05 Feb 2010 10:13:33 +0100
Markus Armbruster <address@hidden> wrote:
> Anthony Liguori <address@hidden> writes:
>
> > On 02/04/2010 02:13 PM, Luiz Capitulino wrote:
> >> Add an assert() to qobject_from_jsonf() to assure that the returned
> >> QObject is not NULL. Currently this is duplicated in the callers.
> >>
> >> Signed-off-by: Luiz Capitulino<address@hidden>
> >> ---
> >> qjson.c | 1 +
> >> 1 files changed, 1 insertions(+), 0 deletions(-)
> >>
> >> diff --git a/qjson.c b/qjson.c
> >> index 9ad8a91..0922c06 100644
> >> --- a/qjson.c
> >> +++ b/qjson.c
> >> @@ -62,6 +62,7 @@ QObject *qobject_from_jsonf(const char *string, ...)
> >> obj = qobject_from_jsonv(string,&ap);
> >> va_end(ap);
> >>
> >> + assert(obj != NULL);
> >>
> >
> > This is wrong. We may get JSON from an untrusted source. Callers
> > need to deal with failure appropriately.
> >
> > It just so happens that we only parse JSON from an untrusted source
> > via qobject_from_json(), but the trust relationship is not obvious
> > given the two functions in their current form.
>
> We have many uses of qobject_from_jsonf() with a literal argument, and
> more to come. Making them all deal with failure would be tedious and
> clutter the code. What about a wrapper function that cannot fail?
As far as I can understand, qobject_from_jsonf() is supposed to
be that wrapper already.
- [Qemu-devel] [PATCH v0 0/4]: QMP related fixes, Luiz Capitulino, 2010/02/04
- [Qemu-devel] [PATCH 1/4] qjson: Improve debugging, Luiz Capitulino, 2010/02/04
- Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging, Anthony Liguori, 2010/02/04
- Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging, Luiz Capitulino, 2010/02/05
- Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging, Anthony Liguori, 2010/02/05
- Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging, Markus Armbruster, 2010/02/05
- Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging, Luiz Capitulino, 2010/02/08
- Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging, Anthony Liguori, 2010/02/08
- Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging, Luiz Capitulino, 2010/02/08
[Qemu-devel] [PATCH 4/4] QMP: Don't leak on connection close, Luiz Capitulino, 2010/02/04
[Qemu-devel] [PATCH 2/4] Monitor: remove unneeded checks, Luiz Capitulino, 2010/02/04
[Qemu-devel] [PATCH 3/4] QError: Don't abort on multiple faults, Luiz Capitulino, 2010/02/04