[Kde-pim] Re: Review Request: When processing a parenthesized list, make sure there is enough data

Robert Marmorstein robert at narnia.homeunix.com
Tue Oct 19 09:08:31 BST 2010 


> On 2010-10-19 06:18:32, Torgny Nyblom wrote:
> > Hmm, my original review seems to have been lost and only a comment survived... anyway
> > 
> > 
> > Do you have the command that causes the crash? It seems "wrong" to me that we should have to have this workaround in the code as the waiting is done in a previous place.
> > 
> > But great thanks for writing the patch, it certainly highlights a problem and it seems that I'm the only one who do not agree with the solution at this point ;)
> > 
> > /Regards
> > Torgny
> 
> Andras Mantia wrote:
>     What the earlier waiting guarantees is that at least "i" characters are available in the m_data buffer. If m_position > i it might read outside of the buffer's length, so the extra waitForMoreData makes sense. This can happen (i is incremented, if (count == 0) m_position = i ), but of course I can't say just looking at the code what triggers this combination of events, so a test would be welcome.

>From my testing it seemed that the extra incrementing was happening in readLiteralPart().  


- Robert


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://svn.reviewboard.kde.org/r/5657/#review8221
-----------------------------------------------------------


On 2010-10-19 06:09:49, Robert Marmorstein wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://svn.reviewboard.kde.org/r/5657/
> -----------------------------------------------------------
> 
> (Updated 2010-10-19 06:09:49)
> 
> 
> Review request for KDE PIM, Kevin Krammer and Kevin Ottens.
> 
> 
> Summary
> -------
> 
> I experienced a crash in ImapStreamParser::readParenthesizedList() that was caused by m_position becoming larger than the size of the QByteArray.  I will admit I don't understand this code thorougly, but it looks to me like the correct solution is to use the waitForMoreData function to prevent this from happening, so here is a patch that does that.  Please feel free to be critical -- I would really like to understand this code, so any comments or suggestions will be delightfully accepted as constructive feedback.
> 
> 
> Diffs
> -----
> 
>   /trunk/KDE/kdepimlibs/kimap/imapstreamparser.cpp 1187364 
> 
> Diff: http://svn.reviewboard.kde.org/r/5657/diff
> 
> 
> Testing
> -------
> 
> The imap resource used to crash pretty much every time I started kontact or kmail.  Now it doesn't.  
> 
> 
> Thanks,
> 
> Robert
> 
>

_______________________________________________
KDE PIM mailing list kde-pim at kde.org
https://mail.kde.org/mailman/listinfo/kde-pim
KDE PIM home page at http://pim.kde.org/

More information about the kde-pim mailing list