[KPhotoAlbum] Patch to speed up scanning for new images
Jan Kundrát
jkt at gentoo.org
Fri May 11 10:28:29 BST 2007
Shawn Willden wrote:
> I don't think it's a such a large concern in this case. As long as the
> system-defined MAXNAMLEN really is the maximum filename length on the system,
> it's safe, no overflow is possible. And, actually, it's even safer than that
> since you allocated sizeof(struct dirent) + MAXNAMLEN + 1 bytes, and struct
> dirent already allocates 256 bytes for the name. So, on my system, your code
> allocates 512 bytes, where no more than 256 should ever be needed. As the
> security advisory Jan linked to says, some systems have a small dirent
> structure, but the code should be safe even on those, as long as MAXNAMLEN is
> correct.
Please see the lcg-rollout ML archive that I linked to in my first
message. I'm worried by use of MAXNAMELEN as it's a constant from the
system that performs the compilation. Unless I'm mistaken, you have to
use pathconf() (see the ML) for allocating memory at runtime as the
compiler doesn't know what the maximal size on the *target* machine is.
If this is totally moot, I apologize :).
Cheers,
-jkt
--
cd /local/pub && more beer > /dev/mouth
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://mail.kde.org/pipermail/kphotoalbum/attachments/20070511/c1adaf5b/attachment.sig>
More information about the Kphotoalbum
mailing list