block/qapi: fix unbounded stack for dump_qdict

Using heap instead of stack for better safety.

Signed-off-by: Peter Xu <[email protected]>
Reviewed-by: Eric Blake <[email protected]>
Reviewed-by: Markus Armbruster <[email protected]>
Signed-off-by: Kevin Wolf <[email protected]>

diff --git a/block/qapi.c b/block/qapi.c
index e0e6e96ad2ad0e9c30124219c4302352b9640b9a..1961cdf707685e39c127229b1ef5266ea465421f 100644 (file)
--- a/block/qapi.c
+++ b/block/qapi.c
@@ -669,7 +669,7 @@ static void dump_qdict(fprintf_function func_fprintf, void *f, int indentation,
     for (entry = qdict_first(dict); entry; entry = qdict_next(dict, entry)) {
         QType type = qobject_type(entry->value);
         bool composite = (type == QTYPE_QDICT || type == QTYPE_QLIST);
-        char key[strlen(entry->key) + 1];
+        char *key = g_malloc(strlen(entry->key) + 1);
         int i;
 
         /* replace dashes with spaces in key (variable) names */
@@ -683,6 +683,7 @@ static void dump_qdict(fprintf_function func_fprintf, void *f, int indentation,
         if (!composite) {
             func_fprintf(f, "\n");
         }
+        g_free(key);
     }
 }