From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:47637) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QRvFg-0004nZ-54 for qemu-devel@nongnu.org; Wed, 01 Jun 2011 19:55:05 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QRvFe-0002Vk-Eg for qemu-devel@nongnu.org; Wed, 01 Jun 2011 19:55:03 -0400 Received: from mout.perfora.net ([74.208.4.194]:64354) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QRp3v-0007zr-E4 for qemu-devel@nongnu.org; Wed, 01 Jun 2011 13:18:31 -0400 From: Michael Roth Date: Wed, 1 Jun 2011 12:14:59 -0500 Message-Id: <1306948500-15086-14-git-send-email-mdroth@linux.vnet.ibm.com> In-Reply-To: <1306948500-15086-1-git-send-email-mdroth@linux.vnet.ibm.com> References: <1306948500-15086-1-git-send-email-mdroth@linux.vnet.ibm.com> Subject: [Qemu-devel] [PATCH v1][ 13/14] json-streamer: add handling for JSON_ERROR token/state List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: aliguori@linux.vnet.ibm.com, Jes.Sorensen@redhat.com, agl@linux.vnet.ibm.com, mdroth@linux.vnet.ibm.com, lcapitulino@redhat.com This allows a JSON_ERROR state to be passed to the streamer to force a flush of the current tokens and pass a NULL token list to the parser rather that have it churn on bad data. (Alternatively we could just not pass it to the parser at all, but it may be useful to push there errors up the stack. NULL token lists are not currently handled by the parser, the next patch will address that) Signed-off-by: Michael Roth --- json-streamer.c | 35 +++++++++++++++++++++++------------ 1 files changed, 23 insertions(+), 12 deletions(-) diff --git a/json-streamer.c b/json-streamer.c index a6cb28f..c255c78 100644 --- a/json-streamer.c +++ b/json-streamer.c @@ -56,29 +56,40 @@ static void json_message_process_token(JSONLexer *lexer, QString *token, JSONTok qlist_append(parser->tokens, dict); - if (parser->brace_count < 0 || + if (type == JSON_ERROR) { + goto out_emit_bad; + } else if (parser->brace_count < 0 || parser->bracket_count < 0 || (parser->brace_count == 0 && parser->bracket_count == 0)) { - parser->brace_count = 0; - parser->bracket_count = 0; - parser->emit(parser, parser->tokens); - QDECREF(parser->tokens); - parser->tokens = qlist_new(); - parser->token_size = 0; + goto out_emit; } else if (parser->token_size > MAX_TOKEN_SIZE || parser->bracket_count > MAX_NESTING || parser->brace_count > MAX_NESTING) { /* Security consideration, we limit total memory allocated per object * and the maximum recursion depth that a message can force. */ - parser->brace_count = 0; - parser->bracket_count = 0; - parser->emit(parser, parser->tokens); + goto out_emit; + } + + return; + +out_emit_bad: + /* clear out token list and tell the parser to emit and error + * indication by passing it a NULL list + */ + QDECREF(parser->tokens); + parser->tokens = NULL; +out_emit: + /* send current list of tokens to parser and reset tokenizer */ + parser->brace_count = 0; + parser->bracket_count = 0; + parser->emit(parser, parser->tokens); + if (parser->tokens) { QDECREF(parser->tokens); - parser->tokens = qlist_new(); - parser->token_size = 0; } + parser->tokens = qlist_new(); + parser->token_size = 0; } void json_message_parser_init(JSONMessageParser *parser, -- 1.7.0.4