Re: [libvirt] [PATCH] qemu: qapi: Limit traversal depth for QAPI schema queries
On Fri, Sep 06, 2019 at 10:33:15AM +0200, Peter Krempa wrote:
Implicitly the query depth is limited by the length of the QAPI
schema
query, but 'alternate' and 'array' QAPI meta-types don't consume a
part
of the query string thus a loop on such types would get our traversal
code stuck in an infinite loop. Prevent this from happening by limiting
the nesting depth to 1000.
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/qemu/qemu_qapi.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
Reviewed-by: Daniel P. Berrangé <berrange(a)redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|