qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] qemu: json: Fix parsing of integers >= 0x800000

From: Anthony Liguori
Subject: Re: [Qemu-devel] [PATCH] qemu: json: Fix parsing of integers >= 0x8000000000000000
Date: Mon, 23 May 2011 08:45:54 -0500
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110424 Lightning/1.0b2 Thunderbird/3.1.10 
On 05/23/2011 08:40 AM, Daniel P. Berrange wrote:

On Mon, May 23, 2011 at 08:33:03AM -0500, Anthony Liguori wrote:

On 05/23/2011 08:04 AM, Daniel P. Berrange wrote:

On Fri, May 20, 2011 at 01:11:05PM -0500, Anthony Liguori wrote:

On 05/20/2011 01:03 PM, Richard W.M. Jones wrote:


There seem to be a few unsafe uses of strto* functions.  This patch
just fixes the one that affects me :-)


Sending an integer of this size is not valid JSON.

Your patch won't accept negative numbers, correct?

JSON only supports int64_t.


That's not really true. JSON supports arbitrarily large numbers
&   integers.


Try the following snippet in your browser:

<html>
<head>
<script type="text/javascript">
alert(9223372036854775807);
</script>
</head>
</html>

The actual value of the alert will surprise you :-)

Integers in Javascript are actually represented as doubles
internally which means that integer constants are only accurate up
to 52 bits.

So really, we should cap integers at 32-bit :-/

Have I mentioned recently that I really dislike JSON...


NB, I am distinguishing between JSON the generic specification and
JSON as implemented in web browsers. JSON the specification has *no*
limitation on integers. Any limitation, like the one you demonstrate,
is inherantly just specific to the implementation.
No, EMCA is very specific in how integers are handled in JavaScript. Every implementation of JavaScript is going to exhibit this behavior.
The JSON specification lack of specificity here I think has to be interpreted as a deferral to the EMCA specification.
But to the point, I don't see what the point of using JSON is if our interpretation doesn't actually work with JavaScript. 


We have no need to
limit ourselves to what web browsers currently support for integers in
JSON.
It's not web browsers. This behavior is well specified in the EMCA specification. 


Indeed, limiting ourselves to what browsers support will make the
JSON monitor mode essentially useless, requiring yet another new mode
with a format which can actually represent the data we need to use.

What I suggested is in compliance with the JSON specification and allows
us to support uint64 which we need for commands which take disk or memory
offsets.
At the end of the day, we need to worry about supporting clients. I think clients are going to refer to the behavior of JavaScript for guidance. So if we expect a client to not round integers, we can't send ones that are greater than 52-bit. 

This is an extremely nasty silent failure mode.

Or, we need to just say that we're not JSON compatible.

Regards,

Anthony Liguori



Regards,
Daniel
reply via email to
[Prev in Thread] Current Thread [Next in Thread]