OpenE2K
/
qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
qemu-e2k/qobject
History
Markus Armbruster 0753113a26 qjson: Don't crash when input exceeds nesting limit 
We limit nesting depth and input size to defend against input
triggering excessive heap or stack memory use (commit 29c75dd
json-streamer: limit the maximum recursion depth and maximum token
count).  However, when the nesting limit is exceeded,
parser_context_peek_token()'s assertion fails.

Broken in commit 65c0f1e "json-parser: don't replicate tokens at each
level of recursion".

To reproduce stuff 1025 open braces or brackets into QMP.

Fix by taking the error exit instead of the normal one.

Reported-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <1448486613-17634-3-git-send-email-armbru@redhat.com>
 		2015-11-26 09:18:04 +01:00
..
Makefile.objs qerror: Finally unused, clean up 2015-06-22 18:20:40 +02:00
json-lexer.c json-lexer: fix escaped backslash in single-quoted string 2014-06-23 11:01:24 -04:00
json-parser.c Include qapi/qmp/qerror.h exactly where needed 2015-06-22 18:20:41 +02:00
json-streamer.c qjson: Don't crash when input exceeds nesting limit 2015-11-26 09:18:04 +01:00
qbool.c qbool: Make conversion from QObject * accept null 2015-10-29 14:34:44 +01:00
qdict.c qstring: Make conversion from QObject * accept null 2015-10-29 14:34:45 +01:00
qfloat.c qfloat qint: Make conversion from QObject * accept null 2015-10-29 14:34:45 +01:00
qint.c qfloat qint: Make conversion from QObject * accept null 2015-10-29 14:34:45 +01:00
qjson.c qerror: Finally unused, clean up 2015-06-22 18:20:40 +02:00
qlist.c qlist: Make conversion from QObject * accept null 2015-10-29 14:34:45 +01:00
qnull.c qobject: Add a special null QObject 2015-05-11 08:59:07 -04:00
qstring.c qstring: Make conversion from QObject * accept null 2015-10-29 14:34:45 +01:00