1. Patchew
  2. QEMU
  3. [Qemu-devel] [PATCH 00/56] json: Fixes, error reporting improvements, cleanups
  4. View patch

[Qemu-devel] [PATCH 44/56] json: Fix latent parser aborts at end of input

Markus Armbruster posted 56 patches 7 years, 2 months ago
There is a newer version of this series
[Qemu-devel] [PATCH 44/56] json: Fix latent parser aborts at end of input
Posted by Markus Armbruster 7 years, 2 months ago 
json-parser.c carefully reports end of input like this:

    token = parser_context_pop_token(ctxt);
    if (token == NULL) {
	parse_error(ctxt, NULL, "premature EOI");
	goto out;
    }

Except parser_context_pop_token() can't return null, it fails its
assertion instead.  Same for parser_context_peek_token().  Broken in
commit 65c0f1e9558, and faithfully preserved in commit 95385fe9ace.
Only a latent bug, because the streamer throws away any input that
could trigger it.

Drop the assertions, so we can fix the streamer in the next commit.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
---
 qobject/json-parser.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/qobject/json-parser.c b/qobject/json-parser.c
index 350a9d267b..c2974d46b3 100644
--- a/qobject/json-parser.c
+++ b/qobject/json-parser.c
@@ -221,14 +221,12 @@ out:
 static JSONToken *parser_context_pop_token(JSONParserContext *ctxt)
 {
     g_free(ctxt->current);
-    assert(!g_queue_is_empty(ctxt->buf));
     ctxt->current = g_queue_pop_head(ctxt->buf);
     return ctxt->current;
 }
 
 static JSONToken *parser_context_peek_token(JSONParserContext *ctxt)
 {
-    assert(!g_queue_is_empty(ctxt->buf));
     return g_queue_peek_head(ctxt->buf);
 }
 
-- 
2.17.1
Re: [Qemu-devel] [PATCH 44/56] json: Fix latent parser aborts at end of input
Posted by Eric Blake 7 years, 2 months ago 
On 08/08/2018 07:03 AM, Markus Armbruster wrote:
> json-parser.c carefully reports end of input like this:
> 
>      token = parser_context_pop_token(ctxt);
>      if (token == NULL) {
> 	parse_error(ctxt, NULL, "premature EOI");
> 	goto out;
>      }

Are the TABs in the commit message intentional?

> 
> Except parser_context_pop_token() can't return null, it fails its
> assertion instead.  Same for parser_context_peek_token().  Broken in
> commit 65c0f1e9558, and faithfully preserved in commit 95385fe9ace.
> Only a latent bug, because the streamer throws away any input that
> could trigger it.
> 
> Drop the assertions, so we can fix the streamer in the next commit.
> 
> Signed-off-by: Markus Armbruster <armbru@redhat.com>
> ---
>   qobject/json-parser.c | 2 --
>   1 file changed, 2 deletions(-)

Reviewed-by: Eric Blake <eblake@redhat.com>

-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org
Re: [Qemu-devel] [PATCH 44/56] json: Fix latent parser aborts at end of input
Posted by Markus Armbruster 7 years, 2 months ago 
Eric Blake <eblake@redhat.com> writes:

> On 08/08/2018 07:03 AM, Markus Armbruster wrote:
>> json-parser.c carefully reports end of input like this:
>>
>>      token = parser_context_pop_token(ctxt);
>>      if (token == NULL) {
>> 	parse_error(ctxt, NULL, "premature EOI");
>> 	goto out;
>>      }
>
> Are the TABs in the commit message intentional?

No.  Suspect a paste accident.  Fixing...

>> Except parser_context_pop_token() can't return null, it fails its
>> assertion instead.  Same for parser_context_peek_token().  Broken in
>> commit 65c0f1e9558, and faithfully preserved in commit 95385fe9ace.
>> Only a latent bug, because the streamer throws away any input that
>> could trigger it.
>>
>> Drop the assertions, so we can fix the streamer in the next commit.
>>
>> Signed-off-by: Markus Armbruster <armbru@redhat.com>
>> ---
>>   qobject/json-parser.c | 2 --
>>   1 file changed, 2 deletions(-)
>
> Reviewed-by: Eric Blake <eblake@redhat.com>

Thanks!

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.