"015715f554f19a809cd80ff53a3881fddfda1336" (history) in projects: qemu

Searched hist:"015715 f554f19a809cd80ff53a3881fddfda1336" (Results 1 – 6 of 6) sorted by relevance

/qemu/tests/qtest/
H A D	tpm-util.c	015715f554f19a809cd80ff53a3881fddfda1336 Mon Aug 06 06:53:33 UTC 2018 Markus Armbruster <armbru@redhat.com> tests: Clean up string interpolation into QMP input (simple cases) When you build QMP input manually like this cmd = g_strdup_printf("{ 'execute': 'migrate'," "'arguments': { 'uri': '%s' } }", uri); rsp = qmp(cmd); g_free(cmd); you're responsible for escaping the interpolated values for JSON. Not done here, and therefore works only for sufficiently nice @uri. For instance, if @uri contained a single "'", qobject_from_vjsonf_nofail() would abort. A sufficiently nasty @uri could even inject unwanted members into the arguments object. Leaving interpolation into JSON to qmp() is more robust: rsp = qmp("{ 'execute': 'migrate', 'arguments': { 'uri': %s } }", uri); It's also more concise. Clean up the simple cases where we interpolate exactly a JSON value. Bonus: gets rid of non-literal format strings. A step towards compile-time format string checking without triggering -Wformat-nonliteral. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <20180806065344.7103-13-armbru@redhat.com>
H A D	vhost-user-test.c	015715f554f19a809cd80ff53a3881fddfda1336 Mon Aug 06 06:53:33 UTC 2018 Markus Armbruster <armbru@redhat.com> tests: Clean up string interpolation into QMP input (simple cases) When you build QMP input manually like this cmd = g_strdup_printf("{ 'execute': 'migrate'," "'arguments': { 'uri': '%s' } }", uri); rsp = qmp(cmd); g_free(cmd); you're responsible for escaping the interpolated values for JSON. Not done here, and therefore works only for sufficiently nice @uri. For instance, if @uri contained a single "'", qobject_from_vjsonf_nofail() would abort. A sufficiently nasty @uri could even inject unwanted members into the arguments object. Leaving interpolation into JSON to qmp() is more robust: rsp = qmp("{ 'execute': 'migrate', 'arguments': { 'uri': %s } }", uri); It's also more concise. Clean up the simple cases where we interpolate exactly a JSON value. Bonus: gets rid of non-literal format strings. A step towards compile-time format string checking without triggering -Wformat-nonliteral. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <20180806065344.7103-13-armbru@redhat.com>
H A D	libqtest.c	015715f554f19a809cd80ff53a3881fddfda1336 Mon Aug 06 06:53:33 UTC 2018 Markus Armbruster <armbru@redhat.com> tests: Clean up string interpolation into QMP input (simple cases) When you build QMP input manually like this cmd = g_strdup_printf("{ 'execute': 'migrate'," "'arguments': { 'uri': '%s' } }", uri); rsp = qmp(cmd); g_free(cmd); you're responsible for escaping the interpolated values for JSON. Not done here, and therefore works only for sufficiently nice @uri. For instance, if @uri contained a single "'", qobject_from_vjsonf_nofail() would abort. A sufficiently nasty @uri could even inject unwanted members into the arguments object. Leaving interpolation into JSON to qmp() is more robust: rsp = qmp("{ 'execute': 'migrate', 'arguments': { 'uri': %s } }", uri); It's also more concise. Clean up the simple cases where we interpolate exactly a JSON value. Bonus: gets rid of non-literal format strings. A step towards compile-time format string checking without triggering -Wformat-nonliteral. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <20180806065344.7103-13-armbru@redhat.com>
H A D	migration-test.c	015715f554f19a809cd80ff53a3881fddfda1336 Mon Aug 06 06:53:33 UTC 2018 Markus Armbruster <armbru@redhat.com> tests: Clean up string interpolation into QMP input (simple cases) When you build QMP input manually like this cmd = g_strdup_printf("{ 'execute': 'migrate'," "'arguments': { 'uri': '%s' } }", uri); rsp = qmp(cmd); g_free(cmd); you're responsible for escaping the interpolated values for JSON. Not done here, and therefore works only for sufficiently nice @uri. For instance, if @uri contained a single "'", qobject_from_vjsonf_nofail() would abort. A sufficiently nasty @uri could even inject unwanted members into the arguments object. Leaving interpolation into JSON to qmp() is more robust: rsp = qmp("{ 'execute': 'migrate', 'arguments': { 'uri': %s } }", uri); It's also more concise. Clean up the simple cases where we interpolate exactly a JSON value. Bonus: gets rid of non-literal format strings. A step towards compile-time format string checking without triggering -Wformat-nonliteral. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <20180806065344.7103-13-armbru@redhat.com>
/qemu/tests/qtest/libqos/
H A D	pci-pc.c	015715f554f19a809cd80ff53a3881fddfda1336 Mon Aug 06 06:53:33 UTC 2018 Markus Armbruster <armbru@redhat.com> tests: Clean up string interpolation into QMP input (simple cases) When you build QMP input manually like this cmd = g_strdup_printf("{ 'execute': 'migrate'," "'arguments': { 'uri': '%s' } }", uri); rsp = qmp(cmd); g_free(cmd); you're responsible for escaping the interpolated values for JSON. Not done here, and therefore works only for sufficiently nice @uri. For instance, if @uri contained a single "'", qobject_from_vjsonf_nofail() would abort. A sufficiently nasty @uri could even inject unwanted members into the arguments object. Leaving interpolation into JSON to qmp() is more robust: rsp = qmp("{ 'execute': 'migrate', 'arguments': { 'uri': %s } }", uri); It's also more concise. Clean up the simple cases where we interpolate exactly a JSON value. Bonus: gets rid of non-literal format strings. A step towards compile-time format string checking without triggering -Wformat-nonliteral. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <20180806065344.7103-13-armbru@redhat.com>
/qemu/tests/unit/
H A D	test-qga.c	015715f554f19a809cd80ff53a3881fddfda1336 Mon Aug 06 06:53:33 UTC 2018 Markus Armbruster <armbru@redhat.com> tests: Clean up string interpolation into QMP input (simple cases) When you build QMP input manually like this cmd = g_strdup_printf("{ 'execute': 'migrate'," "'arguments': { 'uri': '%s' } }", uri); rsp = qmp(cmd); g_free(cmd); you're responsible for escaping the interpolated values for JSON. Not done here, and therefore works only for sufficiently nice @uri. For instance, if @uri contained a single "'", qobject_from_vjsonf_nofail() would abort. A sufficiently nasty @uri could even inject unwanted members into the arguments object. Leaving interpolation into JSON to qmp() is more robust: rsp = qmp("{ 'execute': 'migrate', 'arguments': { 'uri': %s } }", uri); It's also more concise. Clean up the simple cases where we interpolate exactly a JSON value. Bonus: gets rid of non-literal format strings. A step towards compile-time format string checking without triggering -Wformat-nonliteral. Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Eric Blake <eblake@redhat.com> Message-Id: <20180806065344.7103-13-armbru@redhat.com>

Project(s)

Full Search
Definition
Symbol
File Path
History
Type