| commit | da09cfbf9dcd07c48fe95bdfb2968305de9b9690 | |
| author | Markus Armbruster <armbru@redhat.com> | |
| Thu, 23 Aug 2018 16:40:15 +0000 (23 18:40 +0200) | ||
| committer | Markus Armbruster <armbru@redhat.com> | |
| Fri, 24 Aug 2018 18:26:37 +0000 (24 20:26 +0200) | ||
| tree | 97b894695b7170ca371fb2a3bd82eb7b65e34e34 | treesnapshot (tar.gz zip) |
| parent | dd98e8481992741a6b5ec0bdfcee05c1c8f602d6 | commitdiff |
json: Enforce token count and size limits more tightly
Token count and size limits exist to guard against excessive heap
usage. We check them only after we created the token on the heap.
That's assigning a cowboy to the barn to lasso the horse after it has
bolted. Close the barn door instead: check before we create the
token.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-49-armbru@redhat.com>
Token count and size limits exist to guard against excessive heap
usage. We check them only after we created the token on the heap.
That's assigning a cowboy to the barn to lasso the horse after it has
bolted. Close the barn door instead: check before we create the
token.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20180823164025.12553-49-armbru@redhat.com>
| qobject/json-streamer.c | diffblobblamehistory |