From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34535) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1adGZe-0006xJ-2W for qemu-devel@nongnu.org; Tue, 08 Mar 2016 07:17:14 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1adGZd-00071C-9e for qemu-devel@nongnu.org; Tue, 08 Mar 2016 07:17:14 -0500 References: <1457420446-25276-1-git-send-email-peterx@redhat.com> <1457420446-25276-3-git-send-email-peterx@redhat.com> <87twkhe6bm.fsf@blackfin.pond.sub.org> From: Paolo Bonzini Message-ID: <56DEC2BF.5040502@redhat.com> Date: Tue, 8 Mar 2016 13:17:03 +0100 MIME-Version: 1.0 In-Reply-To: <87twkhe6bm.fsf@blackfin.pond.sub.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 2/8] block: fix unbounded stack for dump_qdict List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Markus Armbruster , Peter Xu Cc: Kevin Wolf , qemu-devel@nongnu.org, qemu-block@nongnu.org On 08/03/2016 09:12, Markus Armbruster wrote: > I'm afraid this isn't a good idea. It relies on the non-local argument > that nobody will ever put a key longer than 255 into a qdict that gets > dumped. That may even be the case, but you need to *prove* it, not just > assert it. The weakest acceptable proof might be assertions in every > place that put keys into a dict that might get dumped. I suspect that's > practical and maintainable only if there's a single place that does it. > > If this was a good idea, I'd recommend to avoid the awkward macro: > > char key[256]; > int i; > > assert(strlen(entry->key) + 1 <= ARRAY_SIZE(key)); > > There are several other ways to limit the stack usage: > > 1. Move the array from stack to heap. Fine unless it's on a hot path. > As far as I can tell, this dumping business is for HMP and qemu-io, > i.e. not hot. I think this is the best. You can just g_strdup, modify in place, print and free. Paolo