From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1NdAFF-00069o-9k
	for qemu-devel@nongnu.org; Thu, 04 Feb 2010 17:32:17 -0500
Received: from [199.232.76.173] (port=51022 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1NdAFE-000691-AK
	for qemu-devel@nongnu.org; Thu, 04 Feb 2010 17:32:16 -0500
Received: from Debian-exim by monty-python.gnu.org with spam-scanned (Exim
	4.60) (envelope-from <anthony@codemonkey.ws>) id 1NdAEs-0003Yp-RL
	for qemu-devel@nongnu.org; Thu, 04 Feb 2010 17:32:15 -0500
Received: from mail-iw0-f187.google.com ([209.85.223.187]:49826)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <anthony@codemonkey.ws>) id 1NdAEp-0003Xv-A6
	for qemu-devel@nongnu.org; Thu, 04 Feb 2010 17:31:51 -0500
Received: by iwn17 with SMTP id 17so3499666iwn.18
	for <qemu-devel@nongnu.org>; Thu, 04 Feb 2010 14:31:48 -0800 (PST)
Message-ID: <4B6B4AD2.3060704@codemonkey.ws>
Date: Thu, 04 Feb 2010 16:31:46 -0600
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] [PATCH 1/4] qjson: Improve debugging
References: <1265314396-6583-1-git-send-email-lcapitulino@redhat.com>
	<1265314396-6583-2-git-send-email-lcapitulino@redhat.com>
In-Reply-To: <1265314396-6583-2-git-send-email-lcapitulino@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Luiz Capitulino <lcapitulino@redhat.com>
Cc: qemu-devel@nongnu.org

On 02/04/2010 02:13 PM, Luiz Capitulino wrote:
> Add an assert() to qobject_from_jsonf() to assure that the returned
> QObject is not NULL. Currently this is duplicated in the callers.
>
> Signed-off-by: Luiz Capitulino<lcapitulino@redhat.com>
> ---
>   qjson.c |    1 +
>   1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/qjson.c b/qjson.c
> index 9ad8a91..0922c06 100644
> --- a/qjson.c
> +++ b/qjson.c
> @@ -62,6 +62,7 @@ QObject *qobject_from_jsonf(const char *string, ...)
>       obj = qobject_from_jsonv(string,&ap);
>       va_end(ap);
>
> +    assert(obj != NULL);
>    

This is wrong.  We may get JSON from an untrusted source.  Callers need 
to deal with failure appropriately.

It just so happens that we only parse JSON from an untrusted source via 
qobject_from_json(), but the trust relationship is not obvious given the 
two functions in their current form.

Regards,

Anthony Liguori

>       return obj;
>   }
>
>