[Kde-pim] Review Request 123724: Use QTemporaryFile instead of hardcoding /tmp.

Jan Kundrát jkt at kde.org
Tue May 12 16:49:47 BST 2015


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/123724/#review80247
-----------------------------------------------------------


Was the old code a part of some release? If yes, this should get a CVE security announcement because it allows a local attacker to e.g. force you to overwirte some of your user's files.

- Jan Kundrát


On May 12, 2015, 12:49 p.m., Michael Palimaka wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://git.reviewboard.kde.org/r/123724/
> -----------------------------------------------------------
> 
> (Updated May 12, 2015, 12:49 p.m.)
> 
> 
> Review request for KDE Frameworks and KDEPIM.
> 
> 
> Repository: kpeople
> 
> 
> Description
> -------
> 
> Hardcoding files like this seems like a bad idea.
> 
> 
> Diffs
> -----
> 
>   autotests/persondatatests.h 30eeeb5cd647c713f1b438543a54516ced9f3ede 
>   autotests/persondatatests.cpp 73098d3717509ad80761bbd02000b4ce5060bbb2 
>   autotests/personsmodeltest.h 5b8879521f334459c4f73c2708b3368c543e40a3 
>   autotests/personsmodeltest.cpp b19d1baf8a2c2e617d4b6128df29fbab3b8e61a7 
> 
> Diff: https://git.reviewboard.kde.org/r/123724/diff/
> 
> 
> Testing
> -------
> 
> Tests still pass.
> 
> 
> Thanks,
> 
> Michael Palimaka
> 
>

_______________________________________________
KDE PIM mailing list kde-pim at kde.org
https://mail.kde.org/mailman/listinfo/kde-pim
KDE PIM home page at http://pim.kde.org/


More information about the kde-pim mailing list