Review Request 127865: Check size of unix domain socket path before copying to it.
Michael Pyne
mpyne at kde.org
Tue May 17 00:25:50 UTC 2016
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/127865/
-----------------------------------------------------------
(Updated May 17, 2016, 12:25 a.m.)
Status
------
This change has been marked as submitted.
Review request for KDE Frameworks.
Changes
-------
Submitted with commit 91e72d319bf99637dadbe4db5bac5305c954aa15 by Michael Pyne to branch master.
Repository: kcrash
Description
-------
Although we don't seem to run across this in practice, Coverity warns about filling in sockaddr_un::sun_path's buffer without checking the source string's length (CID 1175514), and the Linux unix(7) manpage notes that some implementations use as few as 92 bytes for this buffer.
Diffs
-----
src/kcrash.cpp 7d3b8a2
Diff: https://git.reviewboard.kde.org/r/127865/diff/
Testing
-------
Compiles w/out warnings, kcrashtest passes.
Thanks,
Michael Pyne
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20160517/1ab334b8/attachment.html>
More information about the Kde-frameworks-devel
mailing list