Re: [Qemu-devel] [PATCH] json: Fix to reject duplicate object member names

Thu, 06 Dec 2018 05:12:01 -0800 

Philippe Mathieu-Daudé <[email protected]> writes:

> On 12/6/18 1:17 PM, Markus Armbruster wrote:
>> The JSON parser happily accepts duplicate object member names.  The
>> last value wins.  Reproducer #1:
>> 
>>     $ qemu-system-x86_64 -qmp stdio
>>     {"QMP": {"version": {"qemu": {"micro": 93, "minor": 0, "major": 3},
>>     "package": "v3.1.0-rc3-7-g87a45d86ed"}, "capabilities": []}}
>>     {'execute':'qmp_capabilities'}
>>     {"return": {}}
>>     {'execute':'blockdev-add','arguments':{'driver':'null-co',
>>      'node-name':'foo','node-name':'bar'}}
>>     {"return": {}}
>>     {'execute':'query-named-block-nodes'}
>>     {"return": [{ [...] "node-name": "bar" [...] }]}
>> 
>> Reproducer #2 is iotest 229.
>> 
>> Fix the parser to reject duplicates, and fix iotest 229 not to use
>> them.
>
> Looks like 2 different patches.

I admit it does.  But the iotest one is trivial, so I decided to squash
it in.

>> Reported-by: Max Reitz <[email protected]>
>> Signed-off-by: Markus Armbruster <[email protected]>
>> ---
>>  qobject/json-parser.c  | 5 +++++
>>  tests/qemu-iotests/229 | 1 -
>>  2 files changed, 5 insertions(+), 1 deletion(-)
>> 
>> diff --git a/qobject/json-parser.c b/qobject/json-parser.c
>> index 5a840dfd86..a86de3f462 100644
>> --- a/qobject/json-parser.c
>> +++ b/qobject/json-parser.c
>> @@ -288,6 +288,11 @@ static int parse_pair(JSONParserContext *ctxt, QDict 
>> *dict)
>>          goto out;
>>      }
>>  
>> +    if (qdict_haskey(dict, qstring_get_str(key))) {
>> +        parse_error(ctxt, token, "duplicate key");
>> +        goto out;
>> +    }
>> +        
>>      qdict_put_obj(dict, qstring_get_str(key), value);
>>  
>>      qobject_unref(key);
>> diff --git a/tests/qemu-iotests/229 b/tests/qemu-iotests/229
>> index 86602437ff..893d098ad2 100755
>> --- a/tests/qemu-iotests/229
>> +++ b/tests/qemu-iotests/229
>> @@ -69,7 +69,6 @@ echo
>>  _send_qemu_cmd $QEMU_HANDLE \
>>      "{'execute': 'drive-mirror',
>>                   'arguments': {'device': 'testdisk',
>> -                               'mode':   'absolute-paths',
>>                                 'format': '$IMGFMT',
>>                                 'target': '$DEST_IMG',
>>                                 'sync':   'full',
>> 
>
> Reviewed-by: Philippe Mathieu-Daudé <[email protected]>

Thanks!

Reply via email to