Re: [Qemu-devel] [PATCH v2 0/4] json-streamer: Fix up code to limit nest

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v2 0/4] json-streamer: Fix up code to limit nest

From:	Eric Blake
Subject:	Re: [Qemu-devel] [PATCH v2 0/4] json-streamer: Fix up code to limit nesting and size
Date:	Thu, 19 Nov 2015 09:15:41 -0700
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0

On 11/19/2015 08:29 AM, Markus Armbruster wrote:
> Ugh, I almost dropped this on the floor.  I think it should go into
> 2.5, and I plan to take it through my tree.  If you disagree, please
> speak up.

It sounds like a bug fix to me (avoiding core dumps due to
user-triggerable input) and on that ground, qualifies for hard freeze in
my books.

> 
> We limit nesting depth and input size to defend against input
> triggering excessive heap or stack memory use (commit 29c75dd
> json-streamer: limit the maximum recursion depth and maximum token
> count).  This limiting is flawed in multiple ways.  Fix it up some.
> 
> Not yet fixed: this JSON parser is an absurd memory hog; see last
> patch.
> 
> v2:
> * Trivially rebased, R-bys retained
> * PATCH 3: Fix a nearby comment typo [Eric]
> * PATCH 4: Simplify make_nest() slightly
> * PATCH 5: Commit message tweaked

Hmm, when the series is only 4/4, changes to PATCH 5 are suspect :)

At any rate, the changes look correct, and minor enough that keeping my
R-b was the right thing to do.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH v2 2/4] json-streamer: Don't crash when input exceeds nesting limit, (continued)
- [Qemu-devel] [PATCH v2 2/4] json-streamer: Don't crash when input exceeds nesting limit, Markus Armbruster, 2015/11/19
- [Qemu-devel] [PATCH v2 1/4] json-streamer: Apply nesting limit more sanely, Markus Armbruster, 2015/11/19
- [Qemu-devel] [PATCH v2 4/4] json-streamer: Limit number of tokens in addition to total size, Markus Armbruster, 2015/11/19
  - Re: [Qemu-devel] [PATCH v2 4/4] json-streamer: Limit number of tokens in addition to total size, Paolo Bonzini, 2015/11/19
    - Re: [Qemu-devel] [PATCH v2 4/4] json-streamer: Limit number of tokens in addition to total size, Markus Armbruster, 2015/11/20
    - Re: [Qemu-devel] [PATCH v2 4/4] json-streamer: Limit number of tokens in addition to total size, Paolo Bonzini, 2015/11/20
    - Re: [Qemu-devel] [PATCH v2 4/4] json-streamer: Limit number of tokens in addition to total size, Eric Blake, 2015/11/20
    - Re: [Qemu-devel] [PATCH v2 4/4] json-streamer: Limit number of tokens in addition to total size, Paolo Bonzini, 2015/11/23
    - Re: [Qemu-devel] [PATCH v2 4/4] json-streamer: Limit number of tokens in addition to total size, Eric Blake, 2015/11/23
    - Re: [Qemu-devel] [PATCH v2 4/4] json-streamer: Limit number of tokens in addition to total size, Markus Armbruster, 2015/11/23
- Re: [Qemu-devel] [PATCH v2 0/4] json-streamer: Fix up code to limit nesting and size, Eric Blake <=
  - Re: [Qemu-devel] [PATCH v2 0/4] json-streamer: Fix up code to limit nesting and size, Markus Armbruster, 2015/11/19

Prev by Date: Re: [Qemu-devel] [Intel-gfx] [Announcement] 2015-Q3 release of XenGT - a Mediated Graphics Passthrough Solution from Intel
Next by Date: Re: [Qemu-devel] [PULL 0/3] target-arm queue
Previous by thread: Re: [Qemu-devel] [PATCH v2 4/4] json-streamer: Limit number of tokens in addition to total size
Next by thread: Re: [Qemu-devel] [PATCH v2 0/4] json-streamer: Fix up code to limit nesting and size
Index(es):
- Date
- Thread