Big documentation shortcoming: QString::arg()
Marc Mutz
mutz at kde.org
Wed Jul 10 18:56:50 BST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi!
Code using multiple QString::arg()'s on a string sequentially can be
tricked into replacing the wrong parts of texts. If :arg() is used to
insert (multiple) "user-supplied" strings, then the resulting program
may be vulnerable to quite a few attacks. A simple test program is
attached. Try e.g.
$ testqstring '%1 first text' 'second text'
1: s == 1: %1 first text; 2: %2
2: s == 1: second text first text; 2:
This is particularly dangerous if this mechnism is used to construct
command lines to be executed.
Of course, a careful programmer will never use arg() for this and always
check the to-be-inserted strings for "%n" and warn if one is found, but
nonetheless a big fat warning in the documentation of QString::arg()
should be in order.
Thanks,
Marc
- --
Marc Mutz <mutz at kde.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9LHVi3oWD+L2/6DgRAlqXAJ4lnwJYcdXqBIt7XFGy3tyW6xe+uwCeL8+h
QCjC1UGxKRYxM5XJ3VkN3Es=
=am39
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: testqstring.cpp
Type: text/x-c++src
Size: 264 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20020710/86b8c73b/attachment.cpp>
More information about the kde-core-devel
mailing list