Review Request 127865: Check size of unix domain socket path before copying to it.
Michael Pyne
mpyne at kde.org
Sat May 14 22:49:12 UTC 2016
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/127865/#review95472
-----------------------------------------------------------
Ping?
- Michael Pyne
On May 8, 2016, 2:03 a.m., Michael Pyne wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/127865/
> -----------------------------------------------------------
>
> (Updated May 8, 2016, 2:03 a.m.)
>
>
> Review request for KDE Frameworks.
>
>
> Repository: kcrash
>
>
> Description
> -------
>
> Although we don't seem to run across this in practice, Coverity warns about filling in sockaddr_un::sun_path's buffer without checking the source string's length (CID 1175514), and the Linux unix(7) manpage notes that some implementations use as few as 92 bytes for this buffer.
>
>
> Diffs
> -----
>
> src/kcrash.cpp 7d3b8a2
>
> Diff: https://git.reviewboard.kde.org/r/127865/diff/
>
>
> Testing
> -------
>
> Compiles w/out warnings, kcrashtest passes.
>
>
> Thanks,
>
> Michael Pyne
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20160514/7df7616e/attachment-0001.html>
More information about the Kde-frameworks-devel
mailing list