Suspicious code in kdelibs/kdebase revision 864329

Aaron J. Seigo aseigo at kde.org
Thu Sep 25 00:00:09 BST 2008


On Wednesday 24 September 2008, Christoph Bartoschek wrote:
> Here are some remarks to some source files of kdelibs/kdebase:
>
>
> - kdelibs/kdeui/dialogs/kshortcutseditor.cpp:121
>
> Action has the value 2 (see 109).  However hier has only entries 0 and 1.
> Out of bounds access.

fixed.

> - kdelibs/kdeui/widgets/ktoolbar.cpp:1056
>
> This loop is executed at most once. Not forever.

false positive; not the most obvious bit of code, perhaps, but it's using the 
forever as a way to utilize break; statements as prettier gotos

-- 
Aaron J. Seigo
humru othro a kohnu se
GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA  EE75 D6B7 2EB1 A7F1 DB43

KDE core developer sponsored by Trolltech

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20080924/07478b62/attachment.sig>


More information about the kde-core-devel mailing list