QtScript considered dangerous

Thomas Lübking thomas.luebking at gmail.com
Fri May 25 12:52:49 BST 2012


2012/5/25, Martin Sandsmark <sandsmark at iskrembilen.com>:
> On Fri, May 25, 2012 at 12:03:43PM +0200, Dominik Haumann wrote:
>> Right, maybe an increase of the allowed memory would work, or similar
>> changes...
>
> Isn't the problem that the pointer size it uses is too small?

It likely asserts in the casting comparism.

tl;dr : the code looks fragile.

ntl;wr

The function seems supposed to subtract two 64bit pointers into a
32bit one but whether the issue is that the the parameters fail* or
the reinterpret_cast<intptr_t> stuff is broken in libc cannot be said
w/o adding more detailed debgging code and testing the thing.

if the offset would indeed be < 2^31 (2^32 for uints) but the intptr_t
casting stuff fails, one could try to simply subtract the void*'s

I don't know what this is ultimately supposed to do and be good for,
but hashing the 64bits into 32bits is likely far more robust (and the
application/class could also just reserve memory in the lower 32bit
range for such specific purposes)

*ie "from - to" results in a value beyond 32bit limits, what can
easily happen if you just subtract one random 64bit value from
another, so the higher** in virtual memory the pointers are, the more
likely a "naive" approach on this would fail
Also notice that signed logics are used, what would theoretically
allow for legal negative values, what is no good idea -> helllo
wrapping, but we wanted to get into the lower 32 bits

** 2^64-2^63 is much *much* bigger than 2^32 and 2^33-2^32 just gets
you in - evil exponential scale, isn't ;-)




More information about the kde-core-devel mailing list