Review Request 126539: Check sockaddr_un buffer size before strcpy()ing into it.

Michael Pyne mpyne at kde.org
Mon Dec 28 01:34:14 UTC 2015


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://git.reviewboard.kde.org/r/126539/
-----------------------------------------------------------

(Updated Dec. 28, 2015, 1:34 a.m.)


Status
------

This change has been marked as submitted.


Review request for KDE Frameworks and Plasma.


Changes
-------

Submitted with commit 9543cc4058b24e4e5bfe8d324de309ca7050058b by Michael Pyne to branch master.


Repository: kwallet-pam


Description
-------

Coverity strikes again, and notes in CID 1335116 that copying the socket name into a fixed-size buffer here could overflow the buffer. I don't see any reason it would be wrong in all cases, so best to double-check.

Submitting for review mostly because I don't use pam_kwallet, otherwise the check is simple enough that I'd feel comfortable committing directly. Note that the len that is already calculated includes the null terminator already.


Diffs
-----

  pam_kwallet.c 345aa03 

Diff: https://git.reviewboard.kde.org/r/126539/diff/


Testing
-------

Code still compiles.


Thanks,

Michael Pyne

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/plasma-devel/attachments/20151228/df2469d8/attachment.html>


More information about the Plasma-devel mailing list