On Thu, Oct 09, 2025 at 02:41:51PM +0200, Gerd Hoffmann wrote: > Hi, > > > > OK, what about sanitisation - if that text contains random binary what > > > happens, > > > or should we make sure it's sanitised? > > > > As prior art, the QGA 'guest-exec' command will return stdout/stderr > > of the command in base64 format. The downside is that it is bloated > > in size, but it is at least safe wrt JSON encoding. > > In theory the log should just be text, but I've managed to f*ck up > logging with broken patches in the past, with the result that random > binary crap landed in the log. > > So sending base64 in the json reply makes sense to me. Do we have a > qapi type for that? Or should I use string? > > > The HMP command could still dump the raw data IMHO, as that's human > > facing and base64 is horrible for human consumption. > > And probably a hmp implementation /not/ using the qmp command so we > don't convert text -> base64 -> text ...
Although that is indeed inefficient, our overall long term goal is for *all* HMP comamnds to be implemented by invoking a QMP command. This will ultimately get us to the point where QAPI describes our public facing functionality, and HMP could be moved to become an out-of-process client side interface to QMP. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
