| Message ID | 1457503418-31299-1-git-send-email-peterx@redhat.com |
|---|---|
| State | New |
| Headers | show |
Sorry to forgot CCing Eric/Markus/Kevin. This patch title is not correct, which should be: "Fix unbounded stack warning for qdict_array_entries" Do I need to re-send with the same content? I'm using g_strdup_printf() here, considering it's most convenient, safe, and as long as it's called rarely only when quorum device opens. Thanks. Peter On Wed, Mar 09, 2016 at 02:03:38PM +0800, Peter Xu wrote: > Signed-off-by: Peter Xu <peterx@redhat.com> > --- > qobject/qdict.c | 15 ++++++--------- > 1 file changed, 6 insertions(+), 9 deletions(-) > > diff --git a/qobject/qdict.c b/qobject/qdict.c > index 9833bd0..9188a87 100644 > --- a/qobject/qdict.c > +++ b/qobject/qdict.c > @@ -704,19 +704,16 @@ int qdict_array_entries(QDict *src, const char *subqdict) > for (i = 0; i < INT_MAX; i++) { > QObject *subqobj; > int subqdict_entries; > - size_t slen = 32 + subqdict_len; > - char indexstr[slen], prefix[slen]; > - size_t snprintf_ret; > + char *prefix = g_strdup_printf("%s%u.", subqdict, i); > > - snprintf_ret = snprintf(indexstr, slen, "%s%u", subqdict, i); > - assert(snprintf_ret < slen); > + subqdict_entries = qdict_count_prefixed_entries(src, prefix); > > - subqobj = qdict_get(src, indexstr); > + /* Remove ending "." */ > + prefix[strlen(prefix) - 1] = 0x00; > + subqobj = qdict_get(src, prefix); > > - snprintf_ret = snprintf(prefix, slen, "%s%u.", subqdict, i); > - assert(snprintf_ret < slen); > + g_free(prefix); > > - subqdict_entries = qdict_count_prefixed_entries(src, prefix); > if (subqdict_entries < 0) { > return subqdict_entries; > } > -- > 2.4.3 >
On 03/09/2016 06:36 PM, Peter Xu wrote: > Sorry to forgot CCing Eric/Markus/Kevin. > > This patch title is not correct, which should be: > > "Fix unbounded stack warning for qdict_array_entries" Keep the 'qdict:' prefix, but yes, adding "warning" helps the commit message. > > Do I need to re-send with the same content? For just the title adjustment, it's up to the maintainer. Often, a maintainer will make small changes like that before sending a pull request. > > I'm using g_strdup_printf() here, considering it's most convenient, > safe, and as long as it's called rarely only when quorum device > opens. On the other hand, this information might have been useful... > > Thanks. > Peter > > On Wed, Mar 09, 2016 at 02:03:38PM +0800, Peter Xu wrote: >> Signed-off-by: Peter Xu <peterx@redhat.com> ...in the commit body proper (explaining why you are always allocating, because it is not a hot path). So a v2 might indeed be easier. >> +++ b/qobject/qdict.c >> @@ -704,19 +704,16 @@ int qdict_array_entries(QDict *src, const char *subqdict) >> for (i = 0; i < INT_MAX; i++) { >> QObject *subqobj; >> int subqdict_entries; >> - size_t slen = 32 + subqdict_len; >> - char indexstr[slen], prefix[slen]; >> - size_t snprintf_ret; >> + char *prefix = g_strdup_printf("%s%u.", subqdict, i); If we were worried that this could be a hot path, you could add a %n and &len here... >> >> - snprintf_ret = snprintf(indexstr, slen, "%s%u", subqdict, i); >> - assert(snprintf_ret < slen); >> + subqdict_entries = qdict_count_prefixed_entries(src, prefix); >> >> - subqobj = qdict_get(src, indexstr); >> + /* Remove ending "." */ >> + prefix[strlen(prefix) - 1] = 0x00; ...to avoid the strlen() call here. But this is not a hot path, and %n always makes me worry about security, so I'm fine with your approach. However, 0x00 is a rather verbose way of writing 0 (and even if you want verbosity, '\0' is more idiomatic 0x00). At this point, if you send a v2 with s/0x00/0/ and the improved commit message, you can also include: Reviewed-by: Eric Blake <eblake@redhat.com>
On Mon, Mar 21, 2016 at 02:58:25PM -0600, Eric Blake wrote: > On 03/09/2016 06:36 PM, Peter Xu wrote: > > Sorry to forgot CCing Eric/Markus/Kevin. > > > > This patch title is not correct, which should be: > > > > "Fix unbounded stack warning for qdict_array_entries" > > Keep the 'qdict:' prefix, but yes, adding "warning" helps the commit > message. > > > > > Do I need to re-send with the same content? > > For just the title adjustment, it's up to the maintainer. Often, a > maintainer will make small changes like that before sending a pull request. > > > > > I'm using g_strdup_printf() here, considering it's most convenient, > > safe, and as long as it's called rarely only when quorum device > > opens. > > On the other hand, this information might have been useful... > > > > > Thanks. > > Peter > > > > On Wed, Mar 09, 2016 at 02:03:38PM +0800, Peter Xu wrote: > >> Signed-off-by: Peter Xu <peterx@redhat.com> > > ...in the commit body proper (explaining why you are always allocating, > because it is not a hot path). So a v2 might indeed be easier. > > >> +++ b/qobject/qdict.c > >> @@ -704,19 +704,16 @@ int qdict_array_entries(QDict *src, const char *subqdict) > >> for (i = 0; i < INT_MAX; i++) { > >> QObject *subqobj; > >> int subqdict_entries; > >> - size_t slen = 32 + subqdict_len; > >> - char indexstr[slen], prefix[slen]; > >> - size_t snprintf_ret; > >> + char *prefix = g_strdup_printf("%s%u.", subqdict, i); > > If we were worried that this could be a hot path, you could add a %n and > &len here... > > >> > >> - snprintf_ret = snprintf(indexstr, slen, "%s%u", subqdict, i); > >> - assert(snprintf_ret < slen); > >> + subqdict_entries = qdict_count_prefixed_entries(src, prefix); > >> > >> - subqobj = qdict_get(src, indexstr); > >> + /* Remove ending "." */ > >> + prefix[strlen(prefix) - 1] = 0x00; > > ...to avoid the strlen() call here. But this is not a hot path, and %n > always makes me worry about security, so I'm fine with your approach. > > However, 0x00 is a rather verbose way of writing 0 (and even if you want > verbosity, '\0' is more idiomatic 0x00). > > At this point, if you send a v2 with s/0x00/0/ and the improved commit > message, you can also include: > Reviewed-by: Eric Blake <eblake@redhat.com> Will respin just like above, and with you r-b. Thanks! -- peterx
diff --git a/qobject/qdict.c b/qobject/qdict.c index 9833bd0..9188a87 100644 --- a/qobject/qdict.c +++ b/qobject/qdict.c @@ -704,19 +704,16 @@ int qdict_array_entries(QDict *src, const char *subqdict) for (i = 0; i < INT_MAX; i++) { QObject *subqobj; int subqdict_entries; - size_t slen = 32 + subqdict_len; - char indexstr[slen], prefix[slen]; - size_t snprintf_ret; + char *prefix = g_strdup_printf("%s%u.", subqdict, i); - snprintf_ret = snprintf(indexstr, slen, "%s%u", subqdict, i); - assert(snprintf_ret < slen); + subqdict_entries = qdict_count_prefixed_entries(src, prefix); - subqobj = qdict_get(src, indexstr); + /* Remove ending "." */ + prefix[strlen(prefix) - 1] = 0x00; + subqobj = qdict_get(src, prefix); - snprintf_ret = snprintf(prefix, slen, "%s%u.", subqdict, i); - assert(snprintf_ret < slen); + g_free(prefix); - subqdict_entries = qdict_count_prefixed_entries(src, prefix); if (subqdict_entries < 0) { return subqdict_entries; }
Signed-off-by: Peter Xu <peterx@redhat.com> --- qobject/qdict.c | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-)