From: Laszlo Ersek <lersek@redhat.com>
To: Eric Blake <eblake@redhat.com>
Cc: lcapitulino@redhat.com, akong@redhat.com,
Michael Roth <mdroth@linux.vnet.ibm.com>,
qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH 06/10] json-parser: fix handling of large whole number values
Date: Fri, 10 May 2013 14:47:18 +0200 [thread overview]
Message-ID: <518CEC56.7070602@redhat.com> (raw)
In-Reply-To: <518CE683.4000600@redhat.com>
On 05/10/13 14:22, Eric Blake wrote:
> On 05/09/2013 08:20 PM, Michael Roth wrote:
>> Currently our JSON parser assumes that numbers lacking a mantissa are
>> integers and attempts to store them as QInt/int64 values. This breaks in
>> the case where the number overflows/underflows int64 values (which is
>> still valid JSON)
>>
>> Fix this by detecting such cases and using a QFloat to store the value
>> instead.
>>
>> Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
>> ---
>> qobject/json-parser.c | 26 +++++++++++++++++++++++---
>> 1 file changed, 23 insertions(+), 3 deletions(-)
>
> This changes the error message handed back to QMP clients, and possibly
> exposes problems in other qemu code that receives the result of json
> parses. Previously, for an 'int' argument, if you passed in a too-large
> number, you got an error that the argument was too large for int. Now,
> the number is accepted as a double; are we guaranteed that in a context
> that expects a qint, when that code is now handed a qfloat (a case which
> was previously impossible because qint_from_int protected it), that the
> code will still behave correctly?
I tried to consider this while reviewing... Maybe I was wrong.
The pre-patch code for JSON_INTEGER:
obj = QOBJECT(qint_from_int(strtoll(token_get_value(token), NULL, 10)));
doesn't check for errors at all. (I assume that JSON_INTEGER is selected
by the parser, token_get_type(), based on syntax purely.)
I thought when the pre-patch version encounters an int-looking decimal
string that's actually too big in magnitude for an int, you'd simply end
up with LLONG_MIN or LLONG_MAX, but no error. strtoll() clamps the
value, errno is lost, and qint_from_int() sees nothing wrong.
With the patch, you end up with a float instead of an int-typed
LLONG_MIN/LLONG_MAX, and also no error.
> At any rate, libvirt already checks that all numbers that fall outside
> the range of int64_t are never passed over qmp when passing an int
> argument (and yes, this is annoying, in that large 64-bit unsigned
> numbers have to be passed as negative numbers, rather than exceeding
> INT64_MAX), so libvirt should not be triggering this newly exposed code
> path. But even if libvirt doesn't plan on triggering it, I'd still feel
> better if your commit message documented evidence of testing what
> happens in this case. For example, compare what
> {"execute":"add-fd","arguments":{"fdset-id":"99999999999999999999"}}
> does before and after this patch.
That would be likely interesting to test, yes.
Laszlo
next prev parent reply other threads:[~2013-05-10 12:45 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-10 2:20 [Qemu-devel] [PATCH v2 00/10] qapi: add support for lists of native types Michael Roth
2013-05-10 2:20 ` [Qemu-devel] [PATCH 01/10] qapi: qapi-types.py, native list support Michael Roth
2013-05-10 3:04 ` Amos Kong
2013-05-10 11:32 ` mdroth
2013-05-10 14:07 ` Luiz Capitulino
2013-05-10 15:51 ` mdroth
2013-05-10 2:20 ` [Qemu-devel] [PATCH 02/10] qapi: qapi-visit.py, fix list handling for union types Michael Roth
2013-05-10 2:20 ` [Qemu-devel] [PATCH 03/10] qapi: qapi-visit.py, native list support Michael Roth
2013-05-10 2:20 ` [Qemu-devel] [PATCH 04/10] qapi: enable generation of native list code Michael Roth
2013-05-10 14:10 ` Luiz Capitulino
2013-05-10 16:32 ` mdroth
2013-05-10 22:28 ` mdroth
2013-05-10 2:20 ` [Qemu-devel] [PATCH 05/10] qapi: fix leak in unit tests Michael Roth
2013-05-10 15:14 ` Luiz Capitulino
2013-05-10 2:20 ` [Qemu-devel] [PATCH 06/10] json-parser: fix handling of large whole number values Michael Roth
2013-05-10 11:55 ` Laszlo Ersek
2013-05-10 12:22 ` Eric Blake
2013-05-10 12:47 ` Laszlo Ersek [this message]
2013-05-10 13:30 ` mdroth
2013-05-10 14:08 ` Eric Blake
2013-05-10 14:51 ` mdroth
2013-05-10 15:17 ` Luiz Capitulino
2013-05-10 16:00 ` mdroth
2013-05-10 2:20 ` [Qemu-devel] [PATCH 07/10] qapi: fix visitor serialization tests for numbers/doubles Michael Roth
2013-05-10 2:21 ` [Qemu-devel] [PATCH 08/10] qapi: add native list coverage for visitor serialization tests Michael Roth
2013-05-10 2:21 ` [Qemu-devel] [PATCH 09/10] qapi: add native list coverage for QMP output visitor tests Michael Roth
2013-05-10 2:21 ` [Qemu-devel] [PATCH 10/10] qapi: add native list coverage for QMP input " Michael Roth
2013-05-10 15:30 ` [Qemu-devel] [PATCH v2 00/10] qapi: add support for lists of native types Luiz Capitulino
2013-05-10 15:40 ` Laszlo Ersek
2013-05-10 15:43 ` Luiz Capitulino
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=518CEC56.7070602@redhat.com \
--to=lersek@redhat.com \
--cc=akong@redhat.com \
--cc=eblake@redhat.com \
--cc=lcapitulino@redhat.com \
--cc=mdroth@linux.vnet.ibm.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).