[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v2 15/26] qapi: Document shortcoming with union 'dat
From: |
Markus Armbruster |
Subject: |
[Qemu-devel] [PATCH v2 15/26] qapi: Document shortcoming with union 'data' branch |
Date: |
Fri, 28 Aug 2015 18:45:55 +0200 |
From: Eric Blake <address@hidden>
Add a FIXME to remind us to fully audit whether removing the
'void *data' branch of each qapi union type can be done safely.
Signed-off-by: Eric Blake <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
---
scripts/qapi-types.py | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/scripts/qapi-types.py b/scripts/qapi-types.py
index 82141cd..8444f98 100644
--- a/scripts/qapi-types.py
+++ b/scripts/qapi-types.py
@@ -219,6 +219,14 @@ struct %(name)s
''',
discriminator_type_name=c_name(discriminator_type_name))
+ # FIXME: What purpose does data serve, besides preventing a union that
+ # has a branch named 'data'? We use it in qapi-visit.py to decide
+ # whether to bypass the switch statement if visiting the discriminator
+ # failed; but since we 0-initialize structs, and cannot tell what
+ # branch of the union is in use if the discriminator is invalid, there
+ # should not be any data leaks even without a data pointer. Or, if
+ # 'data' is merely added to guarantee we don't have an empty union,
+ # shouldn't we enforce that at .json parse time?
ret += mcgen('''
union { /* union tag is @%(c_name)s */
void *data;
--
2.4.3
- [Qemu-devel] [PATCH v2 07/26] qapi: Fix generated code when flat union has member 'kind', (continued)
- [Qemu-devel] [PATCH v2 07/26] qapi: Fix generated code when flat union has member 'kind', Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 16/26] qapi: Document flaws in checking of names, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 09/26] qapi-visit: Fix generated code when schema has forward refs, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 06/26] qapi: Drop unused and useless parameters and variables, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 23/26] qapi-commands: Inline gen_marshal_output_call(), Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 17/26] tests/qapi-schema: Restore test case for flat union base bug, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 14/26] qapi: Document that input visitor semantics are prone to leaks, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 19/26] qapi-tests: New tests for union, alternate command arguments, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 25/26] qapi-commands: Drop useless initialization, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 18/26] tests/qapi-schema: Rename tests from data- to args-, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 15/26] qapi: Document shortcoming with union 'data' branch,
Markus Armbruster <=
- [Qemu-devel] [PATCH v2 21/26] qapi: Command returning anonymous type doesn't work, outlaw, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 26/26] qapi: Generated code cleanup, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 22/26] qapi-commands: Fix gen_err_check(e) for e and e != 'local_err', Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 20/26] qapi: Fix to reject union command and event arguments, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH v2 24/26] qapi-commands: Don't feed output of mcgen() to mcgen() again, Markus Armbruster, 2015/08/28
- [Qemu-devel] [PATCH 27/31] qapi: Drop one of two "simple union must not have base" checks, Markus Armbruster, 2015/08/31
- [Qemu-devel] [PATCH 31/31] qapi: Simplify error reporting for array types, Markus Armbruster, 2015/08/31
- [Qemu-devel] [PATCH 28/31] tests/qapi-schema: Cover two more syntax errors, Markus Armbruster, 2015/08/31