[Bug 292032] New: KNetWalk 3.0.1 potential integer overflow, score cheat and division by zero crash

[Jaak Ristioja]

https://bugs.kde.org/show_bug.cgi?id=292032

           Summary: KNetWalk 3.0.1 potential integer overflow, score cheat
                    and division by zero crash
           Product: kde
           Version: 3.0.1
          Platform: unspecified
        OS/Version: All
            Status: UNCONFIRMED
          Severity: minor
          Priority: NOR
         Component: general
        AssignedTo: unassigned-bugs at kde.org
        ReportedBy: jaak at ristioja.ee


Version:           3.0.1 (using KDE 4.7.4) 
OS:                All

In MainWindow::rotationPerformed() method, m_clickCount is incremented but not
checked for overflow. This makes it possible to cheat on your score.
Additionally, for example, if m_clickCount reaches -3 or -2 at the moment the
game is won, then in MainWindow::gameOver() method, penalty may be set to 0.0,
resulting in a division by zero when calculating a value for the score
variable. :)

Reproducible: Didn't try

Steps to Reproduce:
I held down the keyboard button for rotate, but it seemed to take too long to
reproduce so I abandoned the effort. You're welcome to try thou...


Expected Results:  
Perhaps a "Game lost!" message would suffice when m_clickCount goes past
(INT_MAX - 1).

It's very unlikely this bug will ever be triggered in real life.

-- 
Configure bugmail: https://bugs.kde.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.