Unfortunately, not all GLib functions provide the level of
security we want, or behave how we want. So far,
g_file_get_contents() and g_get_host_name() have been identified.
Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
docs/glib-adoption.rst | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/docs/glib-adoption.rst b/docs/glib-adoption.rst
index f969ac80a1..bbc27fed6d 100644
--- a/docs/glib-adoption.rst
+++ b/docs/glib-adoption.rst
@@ -52,3 +52,20 @@ Objects
https://developer.gnome.org/gobject/stable/gobject-The-Base-Object-Type.html
Prefer ``GObject`` instead.
+
+
+Forbidden functions
+===================
+
+There are some functions where Libvirt offers superior quality to GLib. In
+those cases, GLib functions must NOT be used and Libvirt functions should be
+used instead.
+
+``g_file_get_contents``
+ Use ``virFileReadAll`` instead. The GLib function reads the entire file
+ into the memory without possibility to provide any limit on the buffer
+ size.
+
+``g_get_host_name``
+ Prefer ``virGetHostname``. The GLib function caches the hostname and thus
+ does not reflect (possible) hostname changes.
--
2.26.2
