Major deserialization issue in release/20.12 git branch
David Faure
faure at kde.org
Thu Nov 26 22:13:04 GMT 2020
On jeudi 26 novembre 2020 15:34:40 CET David Faure wrote:
> parse error from icalcomponent_new_from_string. string= "Ê\u001C\u0001."
I debugged this further.
QDataStream &KCalendarCore::operator<<(QDataStream &out, const KCalendarCore::IncidenceBase::Ptr &i)
does
out << static_cast<quint32>(KCALCORE_MAGIC_NUMBER); // Magic number to identify KCalendarCore data
and QDataStream does byte-swapping on little-endian machines.
So it turns KCALCORE_MAGIC_NUMBER which is 0xca1c012e into 0x2e011cca.
But the new isSerializedBinary() in akonadi-calendar/serializers/akonadi_serializer_kcalcore.cpp
quint32 magic = 0;
data.peek(reinterpret_cast<char *>(&magic), sizeof(magic));
So it reads 0x2e011cca which obviously fails the test magic == IncidenceBase::magicSerializationIdentifier() in akonadi_serializer_kcalcore.cpp
One solution: if we don't want to make assumptions on how QDataStream works internally,
we should use QDataStream in the serializer too.
Another solution: making the assumption that QDataStream will always do this, and
byte-swap the magic on little-endian.
A dumb and easy solution (so I like it) : comparing with both versions of the expected magic.
--
David Faure, faure at kde.org, http://www.davidfaure.fr
Working on KDE Frameworks 5
More information about the kde-pim
mailing list