Review Request 126509: Silence Coverity warning about risk of buffer overflow by shrinking source buffer and using qstrncpy

Michael Pyne mpyne at kde.org
Fri Dec 25 03:53:34 UTC 2015


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/126509/
-----------------------------------------------------------

(Updated Dec. 25, 2015, 3:53 a.m.)


Status
------

This change has been marked as submitted.


Review request for KDE Frameworks.


Repository: kinit


Description
-------

Coverity CID 258481

Basically, the socket name buffer was use was longer than sockaddr_un had room for.
While this didn't cause bugs in practice, it's perhaps possible in
theory to somehow come up with a socket path longer than 108 bytes.

And either way, we're already checking for this, the check might as well
be accurate.

This is the last Coverity fix I have for KF5, all other KF5 Coverity issues are either already fixed or are less than "high" severity. :)


Diffs
-----

  src/kdeinit/kinit.cpp 80e70ae 

Diff: https://git.reviewboard.kde.org/r/126509/diff/


Testing
-------

Builds, and I managed to login to a normal desktop with this code running, so yay.


Thanks,

Michael Pyne

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20151225/bc90437a/attachment.html>


More information about the Kde-frameworks-devel mailing list