[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 21/56] json: Reject invalid UTF-8 sequences
From: |
Markus Armbruster |
Subject: |
Re: [Qemu-devel] [PATCH 21/56] json: Reject invalid UTF-8 sequences |
Date: |
Thu, 16 Aug 2018 16:50:49 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) |
Eric Blake <address@hidden> writes:
> On 08/10/2018 09:40 AM, Markus Armbruster wrote:
>
>>>> + cp = mod_utf8_codepoint(ptr, 6, &end);
>>>
>>> Why are you hard-coding 6 here, rather than computing min(6,
>>> strchr(ptr,0)-ptr)? If the user passes an invalid sequence at the end
>>> of the string, can we end up making mod_utf8_codepoint() read beyond
>>> the end of our string? Would it be better to just always pass the
>>> remaining string length (mod_utf8_codepoint() only cares about
>>> stopping short of 6 bytes, but never reads beyond there even if you
>>> pass a larger number)?
>>
>> mod_utf8_codepoint() never reads beyond '\0'. The second parameter
>> exists only so you can further limit reads. I like to provide that
>> capability, because it sometimes saves a silly substring copy.
>
> Okay. Perhaps the comments on mod_utf8_codepoint() could make that
> more clear that the contract is not violated (I didn't spot it without
> a close re-read of the code, prompted by your reply). But that's
> possibly a separate patch.
Well, the contract says @s is a string, and that means no access beyond
the terminating null character is permitted. Perhaps too subtle. My
contracts often are.
[...]
- Re: [Qemu-devel] [PATCH 34/56] json: Don't pass null @tokens to json_parser_parse(), (continued)
[Qemu-devel] [PATCH 38/56] json: Pass lexical errors and limit violations to callback, Markus Armbruster, 2018/08/08
[Qemu-devel] [PATCH 37/56] json: Treat unwanted interpolation as lexical error, Markus Armbruster, 2018/08/08
[Qemu-devel] [PATCH 42/56] json: Improve names of lexer states related to numbers, Markus Armbruster, 2018/08/08
[Qemu-devel] [PATCH 50/56] json: Unbox tokens queue in JSONMessageParser, Markus Armbruster, 2018/08/08
[Qemu-devel] [PATCH 19/56] json: Tighten and simplify qstring_from_escaped_str()'s loop, Markus Armbruster, 2018/08/08