Review Request 126509: Silence Coverity warning about risk of buffer overflow by shrinking source buffer and using qstrncpy
Aleix Pol Gonzalez
aleixpol at kde.org
Fri Dec 25 01:36:33 UTC 2015
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/126509/#review90079
-----------------------------------------------------------
Ship it!
Ship It!
- Aleix Pol Gonzalez
On Dec. 25, 2015, 1:28 a.m., Michael Pyne wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/126509/
> -----------------------------------------------------------
>
> (Updated Dec. 25, 2015, 1:28 a.m.)
>
>
> Review request for KDE Frameworks.
>
>
> Repository: kinit
>
>
> Description
> -------
>
> Coverity CID 258481
>
> Basically, the socket name buffer was use was longer than sockaddr_un had room for.
> While this didn't cause bugs in practice, it's perhaps possible in
> theory to somehow come up with a socket path longer than 108 bytes.
>
> And either way, we're already checking for this, the check might as well
> be accurate.
>
> This is the last Coverity fix I have for KF5, all other KF5 Coverity issues are either already fixed or are less than "high" severity. :)
>
>
> Diffs
> -----
>
> src/kdeinit/kinit.cpp 80e70ae
>
> Diff: https://git.reviewboard.kde.org/r/126509/diff/
>
>
> Testing
> -------
>
> Builds, and I managed to login to a normal desktop with this code running, so yay.
>
>
> Thanks,
>
> Michael Pyne
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20151225/c023e14e/attachment.html>
More information about the Kde-frameworks-devel
mailing list