Review Request 125338: Fix out of bounds memory access in KNTLM::getAuth

David Faure faure at kde.org
Fri Oct 2 20:47:56 UTC 2015


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/125338/#review86252
-----------------------------------------------------------

Ship it!


Ship It!

- David Faure


On Sept. 21, 2015, 7:56 p.m., Albert Astals Cid wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/125338/
> -----------------------------------------------------------
> 
> (Updated Sept. 21, 2015, 7:56 p.m.)
> 
> 
> Review request for KDE Frameworks and Dawit Alemayehu.
> 
> 
> Repository: kio
> 
> 
> Description
> -------
> 
> Make sure the size of the byte array we just dumped into the struct is big enough before calculating the targetInfo, otherwise we're accessing memory that doesn't belong to us
> 
> Fix out of bounds memory access https://build.kde.org/job/kio%20master%20kf5-qt5/PLATFORM=Linux,compiler=gcc/102/testReport/junit/%28root%29/TestSuite/kioslave_httpauthenticationtest/
> 
> Also remove a cast to quint32 that is not necessary since the member is already a quint32
> 
> 
> Diffs
> -----
> 
>   src/kntlm/kntlm.cpp 77526dd 
> 
> Diff: https://git.reviewboard.kde.org/r/125338/diff/
> 
> 
> Testing
> -------
> 
> Valgrind doesn't complain anymore.
> 
> 
> Thanks,
> 
> Albert Astals Cid
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20151002/4efd9ba7/attachment.html>


More information about the Kde-frameworks-devel mailing list