usb: limit combined packets to 1 MiB (CVE-2021-3527)
[qemu/kevin.git] / qapi / qobject-input-visitor.c
blob04b790412eb1d924e70638b1a1ec11dd43e57a01
1 /*
2 * Input Visitor
4 * Copyright (C) 2012-2017 Red Hat, Inc.
5 * Copyright IBM, Corp. 2011
7 * Authors:
8 * Anthony Liguori <aliguori@us.ibm.com>
10 * This work is licensed under the terms of the GNU LGPL, version 2.1 or later.
11 * See the COPYING.LIB file in the top-level directory.
15 #include "qemu/osdep.h"
16 #include <math.h>
17 #include "qapi/compat-policy.h"
18 #include "qapi/error.h"
19 #include "qapi/qobject-input-visitor.h"
20 #include "qapi/visitor-impl.h"
21 #include "qemu/queue.h"
22 #include "qapi/qmp/qjson.h"
23 #include "qapi/qmp/qbool.h"
24 #include "qapi/qmp/qdict.h"
25 #include "qapi/qmp/qerror.h"
26 #include "qapi/qmp/qlist.h"
27 #include "qapi/qmp/qnull.h"
28 #include "qapi/qmp/qnum.h"
29 #include "qapi/qmp/qstring.h"
30 #include "qemu/cutils.h"
31 #include "qemu/option.h"
33 typedef struct StackObject {
34 const char *name; /* Name of @obj in its parent, if any */
35 QObject *obj; /* QDict or QList being visited */
36 void *qapi; /* sanity check that caller uses same pointer */
38 GHashTable *h; /* If @obj is QDict: unvisited keys */
39 const QListEntry *entry; /* If @obj is QList: unvisited tail */
40 unsigned index; /* If @obj is QList: list index of @entry */
42 QSLIST_ENTRY(StackObject) node; /* parent */
43 } StackObject;
45 struct QObjectInputVisitor {
46 Visitor visitor;
47 CompatPolicyInput deprecated_policy;
49 /* Root of visit at visitor creation. */
50 QObject *root;
51 bool keyval; /* Assume @root made with keyval_parse() */
53 /* Stack of objects being visited (all entries will be either
54 * QDict or QList). */
55 QSLIST_HEAD(, StackObject) stack;
57 GString *errname; /* Accumulator for full_name() */
60 static QObjectInputVisitor *to_qiv(Visitor *v)
62 return container_of(v, QObjectInputVisitor, visitor);
66 * Find the full name of something @qiv is currently visiting.
67 * @qiv is visiting something named @name in the stack of containers
68 * @qiv->stack.
69 * If @n is zero, return its full name.
70 * If @n is positive, return the full name of the @n-th container
71 * counting from the top. The stack of containers must have at least
72 * @n elements.
73 * The returned string is valid until the next full_name_nth(@v) or
74 * destruction of @v.
76 static const char *full_name_nth(QObjectInputVisitor *qiv, const char *name,
77 int n)
79 StackObject *so;
80 char buf[32];
82 if (qiv->errname) {
83 g_string_truncate(qiv->errname, 0);
84 } else {
85 qiv->errname = g_string_new("");
88 QSLIST_FOREACH(so , &qiv->stack, node) {
89 if (n) {
90 n--;
91 } else if (qobject_type(so->obj) == QTYPE_QDICT) {
92 g_string_prepend(qiv->errname, name ?: "<anonymous>");
93 g_string_prepend_c(qiv->errname, '.');
94 } else {
95 snprintf(buf, sizeof(buf),
96 qiv->keyval ? ".%u" : "[%u]",
97 so->index);
98 g_string_prepend(qiv->errname, buf);
100 name = so->name;
102 assert(!n);
104 if (name) {
105 g_string_prepend(qiv->errname, name);
106 } else if (qiv->errname->str[0] == '.') {
107 g_string_erase(qiv->errname, 0, 1);
108 } else if (!qiv->errname->str[0]) {
109 return "<anonymous>";
112 return qiv->errname->str;
115 static const char *full_name(QObjectInputVisitor *qiv, const char *name)
117 return full_name_nth(qiv, name, 0);
120 static QObject *qobject_input_try_get_object(QObjectInputVisitor *qiv,
121 const char *name,
122 bool consume)
124 StackObject *tos;
125 QObject *qobj;
126 QObject *ret;
128 if (QSLIST_EMPTY(&qiv->stack)) {
129 /* Starting at root, name is ignored. */
130 assert(qiv->root);
131 return qiv->root;
134 /* We are in a container; find the next element. */
135 tos = QSLIST_FIRST(&qiv->stack);
136 qobj = tos->obj;
137 assert(qobj);
139 if (qobject_type(qobj) == QTYPE_QDICT) {
140 assert(name);
141 ret = qdict_get(qobject_to(QDict, qobj), name);
142 if (tos->h && consume && ret) {
143 bool removed = g_hash_table_remove(tos->h, name);
144 assert(removed);
146 } else {
147 assert(qobject_type(qobj) == QTYPE_QLIST);
148 assert(!name);
149 if (tos->entry) {
150 ret = qlist_entry_obj(tos->entry);
151 if (consume) {
152 tos->entry = qlist_next(tos->entry);
154 } else {
155 ret = NULL;
157 if (consume) {
158 tos->index++;
162 return ret;
165 static QObject *qobject_input_get_object(QObjectInputVisitor *qiv,
166 const char *name,
167 bool consume, Error **errp)
169 QObject *obj = qobject_input_try_get_object(qiv, name, consume);
171 if (!obj) {
172 error_setg(errp, QERR_MISSING_PARAMETER, full_name(qiv, name));
174 return obj;
177 static const char *qobject_input_get_keyval(QObjectInputVisitor *qiv,
178 const char *name,
179 Error **errp)
181 QObject *qobj;
182 QString *qstr;
184 qobj = qobject_input_get_object(qiv, name, true, errp);
185 if (!qobj) {
186 return NULL;
189 qstr = qobject_to(QString, qobj);
190 if (!qstr) {
191 switch (qobject_type(qobj)) {
192 case QTYPE_QDICT:
193 case QTYPE_QLIST:
194 error_setg(errp, "Parameters '%s.*' are unexpected",
195 full_name(qiv, name));
196 return NULL;
197 default:
198 /* Non-string scalar (should this be an assertion?) */
199 error_setg(errp, "Internal error: parameter %s invalid",
200 full_name(qiv, name));
201 return NULL;
205 return qstring_get_str(qstr);
208 static const QListEntry *qobject_input_push(QObjectInputVisitor *qiv,
209 const char *name,
210 QObject *obj, void *qapi)
212 GHashTable *h;
213 StackObject *tos = g_new0(StackObject, 1);
214 QDict *qdict = qobject_to(QDict, obj);
215 QList *qlist = qobject_to(QList, obj);
216 const QDictEntry *entry;
218 assert(obj);
219 tos->name = name;
220 tos->obj = obj;
221 tos->qapi = qapi;
223 if (qdict) {
224 h = g_hash_table_new(g_str_hash, g_str_equal);
225 for (entry = qdict_first(qdict);
226 entry;
227 entry = qdict_next(qdict, entry)) {
228 g_hash_table_insert(h, (void *)qdict_entry_key(entry), NULL);
230 tos->h = h;
231 } else {
232 assert(qlist);
233 tos->entry = qlist_first(qlist);
234 tos->index = -1;
237 QSLIST_INSERT_HEAD(&qiv->stack, tos, node);
238 return tos->entry;
242 static bool qobject_input_check_struct(Visitor *v, Error **errp)
244 QObjectInputVisitor *qiv = to_qiv(v);
245 StackObject *tos = QSLIST_FIRST(&qiv->stack);
246 GHashTableIter iter;
247 const char *key;
249 assert(tos && !tos->entry);
251 g_hash_table_iter_init(&iter, tos->h);
252 if (g_hash_table_iter_next(&iter, (void **)&key, NULL)) {
253 error_setg(errp, "Parameter '%s' is unexpected",
254 full_name(qiv, key));
255 return false;
257 return true;
260 static void qobject_input_stack_object_free(StackObject *tos)
262 if (tos->h) {
263 g_hash_table_unref(tos->h);
266 g_free(tos);
269 static void qobject_input_pop(Visitor *v, void **obj)
271 QObjectInputVisitor *qiv = to_qiv(v);
272 StackObject *tos = QSLIST_FIRST(&qiv->stack);
274 assert(tos && tos->qapi == obj);
275 QSLIST_REMOVE_HEAD(&qiv->stack, node);
276 qobject_input_stack_object_free(tos);
279 static bool qobject_input_start_struct(Visitor *v, const char *name, void **obj,
280 size_t size, Error **errp)
282 QObjectInputVisitor *qiv = to_qiv(v);
283 QObject *qobj = qobject_input_get_object(qiv, name, true, errp);
285 if (obj) {
286 *obj = NULL;
288 if (!qobj) {
289 return false;
291 if (qobject_type(qobj) != QTYPE_QDICT) {
292 error_setg(errp, QERR_INVALID_PARAMETER_TYPE,
293 full_name(qiv, name), "object");
294 return false;
297 qobject_input_push(qiv, name, qobj, obj);
299 if (obj) {
300 *obj = g_malloc0(size);
302 return true;
305 static void qobject_input_end_struct(Visitor *v, void **obj)
307 QObjectInputVisitor *qiv = to_qiv(v);
308 StackObject *tos = QSLIST_FIRST(&qiv->stack);
310 assert(qobject_type(tos->obj) == QTYPE_QDICT && tos->h);
311 qobject_input_pop(v, obj);
315 static bool qobject_input_start_list(Visitor *v, const char *name,
316 GenericList **list, size_t size,
317 Error **errp)
319 QObjectInputVisitor *qiv = to_qiv(v);
320 QObject *qobj = qobject_input_get_object(qiv, name, true, errp);
321 const QListEntry *entry;
323 if (list) {
324 *list = NULL;
326 if (!qobj) {
327 return false;
329 if (qobject_type(qobj) != QTYPE_QLIST) {
330 error_setg(errp, QERR_INVALID_PARAMETER_TYPE,
331 full_name(qiv, name), "array");
332 return false;
335 entry = qobject_input_push(qiv, name, qobj, list);
336 if (entry && list) {
337 *list = g_malloc0(size);
339 return true;
342 static GenericList *qobject_input_next_list(Visitor *v, GenericList *tail,
343 size_t size)
345 QObjectInputVisitor *qiv = to_qiv(v);
346 StackObject *tos = QSLIST_FIRST(&qiv->stack);
348 assert(tos && qobject_to(QList, tos->obj));
350 if (!tos->entry) {
351 return NULL;
353 tail->next = g_malloc0(size);
354 return tail->next;
357 static bool qobject_input_check_list(Visitor *v, Error **errp)
359 QObjectInputVisitor *qiv = to_qiv(v);
360 StackObject *tos = QSLIST_FIRST(&qiv->stack);
362 assert(tos && qobject_to(QList, tos->obj));
364 if (tos->entry) {
365 error_setg(errp, "Only %u list elements expected in %s",
366 tos->index + 1, full_name_nth(qiv, NULL, 1));
367 return false;
369 return true;
372 static void qobject_input_end_list(Visitor *v, void **obj)
374 QObjectInputVisitor *qiv = to_qiv(v);
375 StackObject *tos = QSLIST_FIRST(&qiv->stack);
377 assert(qobject_type(tos->obj) == QTYPE_QLIST && !tos->h);
378 qobject_input_pop(v, obj);
381 static bool qobject_input_start_alternate(Visitor *v, const char *name,
382 GenericAlternate **obj, size_t size,
383 Error **errp)
385 QObjectInputVisitor *qiv = to_qiv(v);
386 QObject *qobj = qobject_input_get_object(qiv, name, false, errp);
388 if (!qobj) {
389 *obj = NULL;
390 return false;
392 *obj = g_malloc0(size);
393 (*obj)->type = qobject_type(qobj);
394 return true;
397 static bool qobject_input_type_int64(Visitor *v, const char *name, int64_t *obj,
398 Error **errp)
400 QObjectInputVisitor *qiv = to_qiv(v);
401 QObject *qobj = qobject_input_get_object(qiv, name, true, errp);
402 QNum *qnum;
404 if (!qobj) {
405 return false;
407 qnum = qobject_to(QNum, qobj);
408 if (!qnum || !qnum_get_try_int(qnum, obj)) {
409 error_setg(errp, QERR_INVALID_PARAMETER_TYPE,
410 full_name(qiv, name), "integer");
411 return false;
413 return true;
416 static bool qobject_input_type_int64_keyval(Visitor *v, const char *name,
417 int64_t *obj, Error **errp)
419 QObjectInputVisitor *qiv = to_qiv(v);
420 const char *str = qobject_input_get_keyval(qiv, name, errp);
422 if (!str) {
423 return false;
426 if (qemu_strtoi64(str, NULL, 0, obj) < 0) {
427 /* TODO report -ERANGE more nicely */
428 error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
429 full_name(qiv, name), "integer");
430 return false;
432 return true;
435 static bool qobject_input_type_uint64(Visitor *v, const char *name,
436 uint64_t *obj, Error **errp)
438 QObjectInputVisitor *qiv = to_qiv(v);
439 QObject *qobj = qobject_input_get_object(qiv, name, true, errp);
440 QNum *qnum;
441 int64_t val;
443 if (!qobj) {
444 return false;
446 qnum = qobject_to(QNum, qobj);
447 if (!qnum) {
448 goto err;
451 if (qnum_get_try_uint(qnum, obj)) {
452 return true;
455 /* Need to accept negative values for backward compatibility */
456 if (qnum_get_try_int(qnum, &val)) {
457 *obj = val;
458 return true;
461 err:
462 error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
463 full_name(qiv, name), "uint64");
464 return false;
467 static bool qobject_input_type_uint64_keyval(Visitor *v, const char *name,
468 uint64_t *obj, Error **errp)
470 QObjectInputVisitor *qiv = to_qiv(v);
471 const char *str = qobject_input_get_keyval(qiv, name, errp);
473 if (!str) {
474 return false;
477 if (qemu_strtou64(str, NULL, 0, obj) < 0) {
478 /* TODO report -ERANGE more nicely */
479 error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
480 full_name(qiv, name), "integer");
481 return false;
483 return true;
486 static bool qobject_input_type_bool(Visitor *v, const char *name, bool *obj,
487 Error **errp)
489 QObjectInputVisitor *qiv = to_qiv(v);
490 QObject *qobj = qobject_input_get_object(qiv, name, true, errp);
491 QBool *qbool;
493 if (!qobj) {
494 return false;
496 qbool = qobject_to(QBool, qobj);
497 if (!qbool) {
498 error_setg(errp, QERR_INVALID_PARAMETER_TYPE,
499 full_name(qiv, name), "boolean");
500 return false;
503 *obj = qbool_get_bool(qbool);
504 return true;
507 static bool qobject_input_type_bool_keyval(Visitor *v, const char *name,
508 bool *obj, Error **errp)
510 QObjectInputVisitor *qiv = to_qiv(v);
511 const char *str = qobject_input_get_keyval(qiv, name, errp);
513 if (!str) {
514 return false;
517 if (!qapi_bool_parse(name, str, obj, NULL)) {
518 error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
519 full_name(qiv, name), "'on' or 'off'");
520 return false;
522 return true;
525 static bool qobject_input_type_str(Visitor *v, const char *name, char **obj,
526 Error **errp)
528 QObjectInputVisitor *qiv = to_qiv(v);
529 QObject *qobj = qobject_input_get_object(qiv, name, true, errp);
530 QString *qstr;
532 *obj = NULL;
533 if (!qobj) {
534 return false;
536 qstr = qobject_to(QString, qobj);
537 if (!qstr) {
538 error_setg(errp, QERR_INVALID_PARAMETER_TYPE,
539 full_name(qiv, name), "string");
540 return false;
543 *obj = g_strdup(qstring_get_str(qstr));
544 return true;
547 static bool qobject_input_type_str_keyval(Visitor *v, const char *name,
548 char **obj, Error **errp)
550 QObjectInputVisitor *qiv = to_qiv(v);
551 const char *str = qobject_input_get_keyval(qiv, name, errp);
553 *obj = g_strdup(str);
554 return !!str;
557 static bool qobject_input_type_number(Visitor *v, const char *name, double *obj,
558 Error **errp)
560 QObjectInputVisitor *qiv = to_qiv(v);
561 QObject *qobj = qobject_input_get_object(qiv, name, true, errp);
562 QNum *qnum;
564 if (!qobj) {
565 return false;
567 qnum = qobject_to(QNum, qobj);
568 if (!qnum) {
569 error_setg(errp, QERR_INVALID_PARAMETER_TYPE,
570 full_name(qiv, name), "number");
571 return false;
574 *obj = qnum_get_double(qnum);
575 return true;
578 static bool qobject_input_type_number_keyval(Visitor *v, const char *name,
579 double *obj, Error **errp)
581 QObjectInputVisitor *qiv = to_qiv(v);
582 const char *str = qobject_input_get_keyval(qiv, name, errp);
583 double val;
585 if (!str) {
586 return false;
589 if (qemu_strtod_finite(str, NULL, &val)) {
590 /* TODO report -ERANGE more nicely */
591 error_setg(errp, QERR_INVALID_PARAMETER_TYPE,
592 full_name(qiv, name), "number");
593 return false;
596 *obj = val;
597 return true;
600 static bool qobject_input_type_any(Visitor *v, const char *name, QObject **obj,
601 Error **errp)
603 QObjectInputVisitor *qiv = to_qiv(v);
604 QObject *qobj = qobject_input_get_object(qiv, name, true, errp);
606 *obj = NULL;
607 if (!qobj) {
608 return false;
611 *obj = qobject_ref(qobj);
612 return true;
615 static bool qobject_input_type_null(Visitor *v, const char *name,
616 QNull **obj, Error **errp)
618 QObjectInputVisitor *qiv = to_qiv(v);
619 QObject *qobj = qobject_input_get_object(qiv, name, true, errp);
621 *obj = NULL;
622 if (!qobj) {
623 return false;
626 if (qobject_type(qobj) != QTYPE_QNULL) {
627 error_setg(errp, QERR_INVALID_PARAMETER_TYPE,
628 full_name(qiv, name), "null");
629 return false;
631 *obj = qnull();
632 return true;
635 static bool qobject_input_type_size_keyval(Visitor *v, const char *name,
636 uint64_t *obj, Error **errp)
638 QObjectInputVisitor *qiv = to_qiv(v);
639 const char *str = qobject_input_get_keyval(qiv, name, errp);
641 if (!str) {
642 return false;
645 if (qemu_strtosz(str, NULL, obj) < 0) {
646 /* TODO report -ERANGE more nicely */
647 error_setg(errp, QERR_INVALID_PARAMETER_VALUE,
648 full_name(qiv, name), "size");
649 return false;
651 return true;
654 static void qobject_input_optional(Visitor *v, const char *name, bool *present)
656 QObjectInputVisitor *qiv = to_qiv(v);
657 QObject *qobj = qobject_input_try_get_object(qiv, name, false);
659 if (!qobj) {
660 *present = false;
661 return;
664 *present = true;
667 static bool qobject_input_deprecated_accept(Visitor *v, const char *name,
668 Error **errp)
670 QObjectInputVisitor *qiv = to_qiv(v);
672 switch (qiv->deprecated_policy) {
673 case COMPAT_POLICY_INPUT_ACCEPT:
674 return true;
675 case COMPAT_POLICY_INPUT_REJECT:
676 error_setg(errp, "Deprecated parameter '%s' disabled by policy",
677 name);
678 return false;
679 case COMPAT_POLICY_INPUT_CRASH:
680 default:
681 abort();
685 static void qobject_input_free(Visitor *v)
687 QObjectInputVisitor *qiv = to_qiv(v);
689 while (!QSLIST_EMPTY(&qiv->stack)) {
690 StackObject *tos = QSLIST_FIRST(&qiv->stack);
692 QSLIST_REMOVE_HEAD(&qiv->stack, node);
693 qobject_input_stack_object_free(tos);
696 qobject_unref(qiv->root);
697 if (qiv->errname) {
698 g_string_free(qiv->errname, TRUE);
700 g_free(qiv);
703 static QObjectInputVisitor *qobject_input_visitor_base_new(QObject *obj)
705 QObjectInputVisitor *v = g_malloc0(sizeof(*v));
707 assert(obj);
709 v->visitor.type = VISITOR_INPUT;
710 v->visitor.start_struct = qobject_input_start_struct;
711 v->visitor.check_struct = qobject_input_check_struct;
712 v->visitor.end_struct = qobject_input_end_struct;
713 v->visitor.start_list = qobject_input_start_list;
714 v->visitor.next_list = qobject_input_next_list;
715 v->visitor.check_list = qobject_input_check_list;
716 v->visitor.end_list = qobject_input_end_list;
717 v->visitor.start_alternate = qobject_input_start_alternate;
718 v->visitor.optional = qobject_input_optional;
719 v->visitor.deprecated_accept = qobject_input_deprecated_accept;
720 v->visitor.free = qobject_input_free;
722 v->root = qobject_ref(obj);
724 return v;
727 Visitor *qobject_input_visitor_new(QObject *obj)
729 QObjectInputVisitor *v = qobject_input_visitor_base_new(obj);
731 v->visitor.type_int64 = qobject_input_type_int64;
732 v->visitor.type_uint64 = qobject_input_type_uint64;
733 v->visitor.type_bool = qobject_input_type_bool;
734 v->visitor.type_str = qobject_input_type_str;
735 v->visitor.type_number = qobject_input_type_number;
736 v->visitor.type_any = qobject_input_type_any;
737 v->visitor.type_null = qobject_input_type_null;
739 return &v->visitor;
742 void qobject_input_visitor_set_policy(Visitor *v,
743 CompatPolicyInput deprecated)
745 QObjectInputVisitor *qiv = to_qiv(v);
747 qiv->deprecated_policy = deprecated;
750 Visitor *qobject_input_visitor_new_keyval(QObject *obj)
752 QObjectInputVisitor *v = qobject_input_visitor_base_new(obj);
754 v->visitor.type_int64 = qobject_input_type_int64_keyval;
755 v->visitor.type_uint64 = qobject_input_type_uint64_keyval;
756 v->visitor.type_bool = qobject_input_type_bool_keyval;
757 v->visitor.type_str = qobject_input_type_str_keyval;
758 v->visitor.type_number = qobject_input_type_number_keyval;
759 v->visitor.type_any = qobject_input_type_any;
760 v->visitor.type_null = qobject_input_type_null;
761 v->visitor.type_size = qobject_input_type_size_keyval;
762 v->keyval = true;
764 return &v->visitor;
767 Visitor *qobject_input_visitor_new_str(const char *str,
768 const char *implied_key,
769 Error **errp)
771 bool is_json = str[0] == '{';
772 QObject *obj;
773 QDict *args;
774 Visitor *v;
776 if (is_json) {
777 obj = qobject_from_json(str, errp);
778 if (!obj) {
779 return NULL;
781 args = qobject_to(QDict, obj);
782 assert(args);
783 v = qobject_input_visitor_new(QOBJECT(args));
784 } else {
785 args = keyval_parse(str, implied_key, NULL, errp);
786 if (!args) {
787 return NULL;
789 v = qobject_input_visitor_new_keyval(QOBJECT(args));
791 qobject_unref(args);
793 return v;