Review Request 127865: Check size of unix domain socket path before copying to it.

Michael Pyne mpyne at kde.org
Sat May 14 22:49:12 UTC 2016


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/127865/#review95472
-----------------------------------------------------------



Ping?

- Michael Pyne


On May 8, 2016, 2:03 a.m., Michael Pyne wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/127865/
> -----------------------------------------------------------
> 
> (Updated May 8, 2016, 2:03 a.m.)
> 
> 
> Review request for KDE Frameworks.
> 
> 
> Repository: kcrash
> 
> 
> Description
> -------
> 
> Although we don't seem to run across this in practice, Coverity warns about filling in sockaddr_un::sun_path's buffer without checking the source string's length (CID 1175514), and the Linux unix(7) manpage notes that some implementations use as few as 92 bytes for this buffer.
> 
> 
> Diffs
> -----
> 
>   src/kcrash.cpp 7d3b8a2 
> 
> Diff: https://git.reviewboard.kde.org/r/127865/diff/
> 
> 
> Testing
> -------
> 
> Compiles w/out warnings, kcrashtest passes.
> 
> 
> Thanks,
> 
> Michael Pyne
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20160514/7df7616e/attachment-0001.html>


More information about the Kde-frameworks-devel mailing list