D15826: [Balooshow] Avoid out-of-bounds access when accessing corrupt db data
Stefan BrĂ¼ns
noreply at phabricator.kde.org
Sat Sep 29 01:31:35 BST 2018
bruns created this revision.
bruns added reviewers: Baloo, Frameworks.
Herald added projects: Frameworks, Baloo.
Herald added a subscriber: kde-frameworks-devel.
bruns requested review of this revision.
REVISION SUMMARY
Looping over `word` without bounds check may cause illegal memory accesses,
potentially crashing balooshow. Add sanity checks for required lengths
and provide feedback in case an error has occured.
Invalid data may occur when the DB has beend corrupted.
TEST PLAN
corrupt database
run `balooshow -x <file>`
REPOSITORY
R293 Baloo
BRANCH
db_robustness2
REVISION DETAIL
https://phabricator.kde.org/D15826
AFFECTED FILES
src/tools/balooshow/main.cpp
To: bruns, #baloo, #frameworks
Cc: kde-frameworks-devel, ashaposhnikov, michaelh, astippich, spoorun, ngraham, bruns, abrahams
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-frameworks-devel/attachments/20180929/c2d05320/attachment.html>
More information about the Kde-frameworks-devel
mailing list