qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] simple qmp core dump


From: Markus Armbruster
Subject: Re: [Qemu-devel] simple qmp core dump
Date: Wed, 28 Oct 2015 10:19:44 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux)

Markus Armbruster <address@hidden> writes:

> Eric Blake <address@hidden> writes:
>
>> Just noticed this core dump (I was actually trying to exceed the 1024
>> hard-baked limit in qmp-input-visitor.c which tries to set an Error
>> object, but it looks like that limit was unreachable due to this earlier
>> assertion):
>>
>> $ printf '{"execute":"qmp_capabilities","id":%1025s' " " | tr ' ' { |
>>     ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -qmp stdio
>> {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2},
>> "package": ""}, "capabilities": []}}
>> main-loop: WARNING: I/O thread spun for 1000 iterations
>> **
>> ERROR:qobject/json-parser.c:294:parser_context_peek_token: assertion
>> failed: (ctxt->tokens.pos < ctxt->tokens.count)
>> Aborted (core dumped)
>>
>> I don't know the best way to deal with a client that abuses QMP
>> protocol, but it would at least be nice to not abort.
>
> Handwritten parser crashes, surprise, surprise.
>
> 1023 works, 1024 crashes.  Need to dig to find out why.

Regressed in commit 65c0f1e "json-parser: don't replicate tokens at each
level of recursion", v1.2.0.  Until then, we got a clean "{"error":
{"class": "GenericError", "desc": "Invalid JSON syntax"}}".



reply via email to

[Prev in Thread] Current Thread [Next in Thread]