Review Request 125338: Fix out of bounds memory access in KNTLM::getAuth
Aleix Pol Gonzalez
aleixpol at kde.org
Thu Sep 24 15:15:55 UTC 2015
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/125338/#review85873
-----------------------------------------------------------
src/kntlm/kntlm.cpp (line 246)
<https://git.reviewboard.kde.org/r/125338/#comment59289>
Isn't this already checked in line 230? Or is `sizeof(Challenge)!=32`?
- Aleix Pol Gonzalez
On Sept. 21, 2015, 9:56 p.m., Albert Astals Cid wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/125338/
> -----------------------------------------------------------
>
> (Updated Sept. 21, 2015, 9:56 p.m.)
>
>
> Review request for KDE Frameworks and Dawit Alemayehu.
>
>
> Repository: kio
>
>
> Description
> -------
>
> Make sure the size of the byte array we just dumped into the struct is big enough before calculating the targetInfo, otherwise we're accessing memory that doesn't belong to us
>
> Fix out of bounds memory access https://build.kde.org/job/kio%20master%20kf5-qt5/PLATFORM=Linux,compiler=gcc/102/testReport/junit/%28root%29/TestSuite/kioslave_httpauthenticationtest/
>
> Also remove a cast to quint32 that is not necessary since the member is already a quint32
>
>
> Diffs
> -----
>
> src/kntlm/kntlm.cpp 77526dd
>
> Diff: https://git.reviewboard.kde.org/r/125338/diff/
>
>
> Testing
> -------
>
> Valgrind doesn't complain anymore.
>
>
> Thanks,
>
> Albert Astals Cid
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20150924/cfd1e113/attachment.html>
More information about the Kde-frameworks-devel
mailing list