<table><tr><td style="">ouwerkerk added a comment.
</td><a style="text-decoration: none; padding: 4px 8px; margin: 0 8px 8px; float: right; color: #464C5C; font-weight: bold; border-radius: 3px; background-color: #F7F7F9; background-image: linear-gradient(to bottom,#fff,#f1f0f1); display: inline-block; border: 1px solid rgba(71,87,120,.2);" href="https://phabricator.kde.org/D5627" rel="noreferrer">View Revision</a></tr></table><br /><div><div><p>Looks basically sane, don't have enough knowledge of the real inner workings of ksudoku to offer much more feedback than this on the proposed changes.</p>
<p>However we should probably take the time investigate a couple of follow-up changes:</p>
<ol class="remarkup-list">
<li class="remarkup-list-item">Certain serialisation/deserialisation functions may be consolidated into a couple of new shared functions to reduce the amount of duplicated logic there.</li>
<li class="remarkup-list-item">There is a somewhat oddly located "globals.h" which is included all over the place and smells. What to do about this?</li>
<li class="remarkup-list-item"><tt style="background: #ebebeb; font-size: 13px;">KSudoku::updateShapesList()</tt> should be cleaned up, to not do hacky things with file paths when there is perfectly good Qt API for this already.</li>
</ol></div></div><br /><div><strong>INLINE COMMENTS</strong><div><div style="margin: 6px 0 12px 0;"><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D5627#inline-22972" rel="noreferrer">View Inline</a><span style="color: #4b4d51; font-weight: bold;">ksudoku.cpp:899</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; "> <span class="n">KIO</span><span style="color: #aa2211">::</span><span class="n">file_copy</span> <span class="p">(</span><span class="n">Url</span><span class="p">,</span> <span class="n">QUrl</span><span style="color: #aa2211">::</span><span class="n">fromLocalFile</span><span class="p">(</span><span class="n">destDir</span> <span style="color: #aa2211">+</span> <span style="color: #766510">'/'</span> <span style="color: #aa2211">+</span> <span class="n">Url</span><span class="p">.</span><span class="n">fileName</span><span class="p">()));</span>
</div><div style="padding: 0 8px; margin: 0 4px; "> <span class="p">}</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">We should probably take the opportunity to tackle this here. <br />
The <tt style="background: #ebebeb; font-size: 13px;">QDir()</tt> could be used to get a proper path that is safe to pass to <tt style="background: #ebebeb; font-size: 13px;">QUrl::fromLocalFile()</tt>. <br />
Starting with the <tt style="background: #ebebeb; font-size: 13px;">QDir()</tt> call above at line 886:</p>
<div class="remarkup-code-block" style="margin: 12px 0;" data-code-lang="text" data-sigil="remarkup-code-block"><pre class="remarkup-code" style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; padding: 12px; margin: 0; background: rgba(71, 87, 120, 0.08);">QDir dest(destDir);
dest.mkpath(dest.path());
// some of the following code elided...
KIO::file_copy( Url, QUrl::fromLocalFile(dest.filePath(Url.fileName())));</pre></div></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D5627#inline-22969" rel="noreferrer">View Inline</a><span style="color: #4b4d51; font-weight: bold;">serializer.cpp:402</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; "><span class="n">SKGraph</span> <span style="color: #aa2211">*</span><span class="n">Serializer</span><span style="color: #aa2211">::</span><span class="n">loadCustomShape</span><span class="p">(</span><span style="color: #aa4000">const</span> <span class="n">QUrl</span> <span style="color: #aa2211">&</span><span class="n">url</span><span class="p">,</span> <span class="n">QWidget</span><span style="color: #aa2211">*</span> <span class="n">window</span><span class="p">,</span> <span class="n">QString</span> <span style="color: #aa2211">*</span><span class="n">errorMsg</span><span class="p">)</span> <span class="p">{</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(251, 175, 175, .7);"> <span style="color: #aa4000">if</span> <span class="p">(</span> <span class="n">url</span><span class="p">.</span><span class="n">isEmpty</span><span class="p">()</span> <span class="p">)</span> <span style="color: #aa4000">return</span> <span class="bright"></span><span style="color: #601200"><span class="bright">0</span></span><span class="p">;</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(251, 175, 175, .7);"> <span class="n">QString</span> <span class="n">tmpFile</span><span class="p">;</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">if</span> <span class="p">(</span> <span class="n">url</span><span class="p">.</span><span class="n">isEmpty</span><span class="p">()</span> <span class="p">)</span> <span style="color: #aa4000">return</span> <span class="bright"></span><span style="color: #aa4000"><span class="bright">nullptr</span></span><span class="p">;</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">The body of this function is basically the same as the next one which returns a <tt style="background: #ebebeb; font-size: 13px;">Game</tt> instead. Maybe we should extract and consolidate the bulk of this to a new shared function?</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D5627#inline-22968" rel="noreferrer">View Inline</a><span style="color: #4b4d51; font-weight: bold;">serializer.cpp:465</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="p">}</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">if</span><span class="p">(</span><span class="n">tmpFile</span><span class="p">.</span><span class="n">open</span><span class="p">())</span> <span class="p">{</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span style="color: #aa4000">int</span> <span class="n">errorLine</span><span class="p">;</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">Is this safe? The docs for <tt style="background: #ebebeb; font-size: 13px;">QTemporaryFile</tt> say:</p>
<blockquote style="border-left: 3px solid #a7b5bf; color: #464c5c; font-style: italic; margin: 4px 0 12px 0; padding: 4px 12px; background-color: #f8f9fc;"><p style="padding: 0; margin: 8px;">The file is guaranteed to have been created by this function (i.e., it has never existed before).</p></blockquote>
<p style="padding: 0; margin: 8px;">Therefore: is it possible that two successive calls to <tt style="background: #ebebeb; font-size: 13px;">.open()</tt> refer to different temporary files? Wouldn't it be better to have a <tt style="background: #ebebeb; font-size: 13px;">const bool openedOK = tmpFile.open();</tt> before the first check and then use that, as the <tt style="background: #ebebeb; font-size: 13px;">QTemporaryFile</tt> is never closed in between?</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D5627#inline-22970" rel="noreferrer">View Inline</a><span style="color: #4b4d51; font-weight: bold;">serializer.cpp:721</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="p">{</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="n">KMessageBox</span><span style="color: #aa2211">::</span><span class="n">error</span><span class="p">(</span><span class="n">window</span><span class="p">,</span> <span class="n">i18n</span><span class="p">(</span><span style="color: #766510">"Unable to upload file."</span><span class="p">),</span> <span class="n">i18n</span><span class="p">(</span><span style="color: #766510">"Error Writing File"</span><span class="p">));</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"> <span class="p">}</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">You should probably <tt style="background: #ebebeb; font-size: 13px;">return false;</tt> here.</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D5627#inline-22971" rel="noreferrer">View Inline</a><span style="color: #4b4d51; font-weight: bold;">symbols.cpp:41</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; "> <span style="color: #aa4000">if</span><span class="p">(</span><span class="n">symbol</span> <span style="color: #aa2211">==</span> <span style="color: #766510">'.'</span><span class="p">)</span> <span style="color: #aa4000">return</span> <span class="n">UNUSABLE</span><span class="p">;</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">According to the <tt style="background: #ebebeb; font-size: 13px;">QChar</tt> docs the result of trying <tt style="background: #ebebeb; font-size: 13px;">.toLatin1()</tt> on something that isn't 'Latin 1' will be 0.<br />
More generally depending on how this code path is reached, quite a lot of invalid 'Latin 1' chars exist and may be returned.<br />
As a result trusting <tt style="background: #ebebeb; font-size: 13px;">c - 'a';</tt> blindly may be a bit dangerous.</p>
<p style="padding: 0; margin: 8px;">It's probably better to do a range check and if the character falls outside it return either <tt style="background: #ebebeb; font-size: 13px;">VACANT</tt> or <tt style="background: #ebebeb; font-size: 13px;">UNUSABLE</tt>.</p></div></div></div></div></div><br /><div><strong>REPOSITORY</strong><div><div>R417 KSudoku</div></div></div><br /><div><strong>REVISION DETAIL</strong><div><a href="https://phabricator.kde.org/D5627" rel="noreferrer">https://phabricator.kde.org/D5627</a></div></div><br /><div><strong>To: </strong>stikonas, KDE Games, ltoscano, ouwerkerk<br /></div>