[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    Re: koffice/krita [POSSIBLY UNSAFE]
From:       Waldo Bastian <bastian () kde ! org>
Date:       2002-12-07 14:47:43
[Download RAW message or body]

On Saturday 07 December 2002 05:27, Patrick Julien wrote:
>   M +282 -105  core/builder/kis_image_magick_converter.cc   1.3 [POSSIBLY
> UNSAFE] 

Are you sure that MaxTextExtent is the proper maximumsize for ii -> filename?
Note that man strncpy says:

       The strncpy() function is similar, except that not more than n bytes of
       src are copied. Thus, if there is no null byte among the first  n
       bytes of src, the result will not be null-terminated.

So I suggest to use:
	strncpy(ii -> filename, uri.path().latin1(), MaxTextExtent-1);
	ii -> filename[MaxTextExtent-1] = '\0';

Not security related, but still:
        strncpy(ii -> filename, uri.path().latin1(), MaxTextExtent-1);
should be
	strncpy(ii -> filename, QFile::encodeName(uri.path()), MaxTextExtent-1);

Cheers,
Waldo
-- 
bastian@kde.org -=|[ SuSE, The Linux Desktop Experts ]|=- bastian@suse.com

[prev in list] [next in list] [prev in thread] [next in thread]