Markus Armbruster <arm...@redhat.com> writes: > Eric Blake <ebl...@redhat.com> writes: > >> Just noticed this core dump (I was actually trying to exceed the 1024 >> hard-baked limit in qmp-input-visitor.c which tries to set an Error >> object, but it looks like that limit was unreachable due to this earlier >> assertion): >> >> $ printf '{"execute":"qmp_capabilities","id":%1025s' " " | tr ' ' { | >> ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -qmp stdio >> {"QMP": {"version": {"qemu": {"micro": 50, "minor": 4, "major": 2}, >> "package": ""}, "capabilities": []}} >> main-loop: WARNING: I/O thread spun for 1000 iterations >> ** >> ERROR:qobject/json-parser.c:294:parser_context_peek_token: assertion >> failed: (ctxt->tokens.pos < ctxt->tokens.count) >> Aborted (core dumped) >> >> I don't know the best way to deal with a client that abuses QMP >> protocol, but it would at least be nice to not abort. > > Handwritten parser crashes, surprise, surprise. > > 1023 works, 1024 crashes. Need to dig to find out why.
Regressed in commit 65c0f1e "json-parser: don't replicate tokens at each level of recursion", v1.2.0. Until then, we got a clean "{"error": {"class": "GenericError", "desc": "Invalid JSON syntax"}}".