[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 02/10] qapi: fail hard on stack imbalance
From: |
Luiz Capitulino |
Subject: |
Re: [Qemu-devel] [PATCH 02/10] qapi: fail hard on stack imbalance |
Date: |
Mon, 26 Mar 2012 11:15:46 -0300 |
On Thu, 22 Mar 2012 12:51:04 +0100
Paolo Bonzini <address@hidden> wrote:
> QmpOutputVisitor will segfault if an imbalanced end function is
> called. So we can abort in QmpInputVisitor too.
>
> Signed-off-by: Paolo Bonzini <address@hidden>
> ---
> qapi/qmp-input-visitor.c | 5 +----
> 1 files changed, 1 insertions(+), 4 deletions(-)
>
> diff --git a/qapi/qmp-input-visitor.c b/qapi/qmp-input-visitor.c
> index e6b6152..b4013cc 100644
> --- a/qapi/qmp-input-visitor.c
> +++ b/qapi/qmp-input-visitor.c
> @@ -77,11 +77,8 @@ static void qmp_input_push(QmpInputVisitor *qiv, const
> QObject *obj, Error **err
>
> static void qmp_input_pop(QmpInputVisitor *qiv, Error **errp)
> {
> + assert(qiv->nb_stack > 0);
> qiv->nb_stack--;
> - if (qiv->nb_stack < 0) {
> - error_set(errp, QERR_BUFFER_OVERRUN);
> - return;
> - }
> }
Just to confirm: this can't be triggered by malicious clients, right?
The original series submitted by Michael had this, but I asked him to
change because I thought clients could trigger it. But by reading the code
now it seems to me that the end_struct() function is only generated by types
we know about.
>
> static void qmp_input_start_struct(Visitor *v, void **obj, const char *kind,
- [Qemu-devel] [PATCH 00/10] QAPI minor fixes and strict mode, Paolo Bonzini, 2012/03/22
- [Qemu-devel] [PATCH 02/10] qapi: fail hard on stack imbalance, Paolo Bonzini, 2012/03/22
- [Qemu-devel] [PATCH 01/10] qapi: add a test case for type errors, Paolo Bonzini, 2012/03/22
- [Qemu-devel] [PATCH 04/10] qapi: shortcut visits on errors, Paolo Bonzini, 2012/03/22
- [Qemu-devel] [PATCH 03/10] qapi: fix memory leak on error, Paolo Bonzini, 2012/03/22
- [Qemu-devel] [PATCH 05/10] qapi: allow freeing partially-allocated objects, Paolo Bonzini, 2012/03/22
- [Qemu-devel] [PATCH 06/10] qapi: simplify qmp_input_next_list, Paolo Bonzini, 2012/03/22