[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 0/4] vhost-user: avoid g_return_val_if() in get/set_config()
|
From: |
Stefan Hajnoczi |
|
Subject: |
Re: [PATCH 0/4] vhost-user: avoid g_return_val_if() in get/set_config() |
|
Date: |
Wed, 2 Dec 2020 15:09:39 +0000 |
On Wed, Nov 18, 2020 at 07:21:15PM +0400, Marc-André Lureau wrote:
> Hi
>
> On Wed, Nov 18, 2020 at 1:17 PM Stefan Hajnoczi <stefanha@redhat.com> wrote:
>
> > Markus Armbruster pointed out that g_return_val_if() is meant for
> > programming
> > errors. It must not be used for input validation since it can be compiled
> > out.
> > Use explicit if statements instead.
> >
> > This patch series converts vhost-user device backends that use
> > g_return_val_if() in get/set_config().
> >
> > Stefan Hajnoczi (4):
> > contrib/vhost-user-blk: avoid g_return_val_if() input validation
> > contrib/vhost-user-gpu: avoid g_return_val_if() input validation
> > contrib/vhost-user-input: avoid g_return_val_if() input validation
> > block/export: avoid g_return_val_if() input validation
> >
> >
> The condition is the same for all the patches, checking the message config
> payload is large enough. Afaict, the value is set by the client, so it
> could be a runtime error, and thus explicit checking is required.
>
> Nevertheless, one nice thing about g_return* macros, is that it provides an
> error message when the condition fails, which helps. Could you replace it?
>
> (fwiw, I think g_return* macros are so convenient, I would simply make
> G_DISABLE_CHECKS forbidden and call it a day)
I'll add an error message in v2.
Stefan
signature.asc
Description: PGP signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [PATCH 0/4] vhost-user: avoid g_return_val_if() in get/set_config(),
Stefan Hajnoczi <=