Suspicious code in kdenetwork-3.5.2
Alexander Neundorf
neundorf at kde.org
Tue Apr 18 23:19:23 BST 2006
On Wednesday 19 April 2006 00:05, Christoph Bartoschek wrote:
> If the if condition in line 85 is true, then line 86 crashes.
>
> - lanbrowsing/lisa/netmanager.cpp:183
>
> If user is NULL as indicated by line 174 and the if condition in line
> 181 is true, then line 183 crashes.
That's the code:
if ( user )
socketName+=user->pw_name;
else
//should never happen
socketName+="???";
::unlink(socketName.data());
sockaddr_un serverAddr;
if (socketName.length() >= sizeof(serverAddr.sun_path))
{
std::cout<<"NetManager::prepare: your user name \""<<user->pw_name<<"\"
is too long, exiting."<<std::endl;
The cout accesses user without checking for 0. But this happens only if
socketName gets too long. If user==0, then socketName will be
"/tmp/resLisa-???", i.e. not longer than sun_path.
So, does this need fixing or is a comment enough ?
Bye
Alex
--
Work: alexander.neundorf AT jenoptik.com - http://www.jenoptik-los.de
Home: neundorf AT kde.org - http://www.kde.org
alex AT neundorf.net - http://www.neundorf.net
More information about the kde-core-devel
mailing list