[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Suspicious code in kdegraphics-3.5.2
From: Michael Pyne <michael.pyne () kdemail ! net>
Date: 2006-04-22 6:26:56
Message-ID: 200604220227.01648.michael.pyne () kdemail ! net
[Download RAW message or body]
On Friday 21 April 2006 19:36, Christoph Bartoschek wrote:
> - kamera/kioslave/kamera.cpp:949
> - kamera/kioslave/kamera.cpp:989
>
> Use delete [] here.
Fixed.
> - kiconedit/kicongrid.cpp:2141-2149
>
> use delete [] here.
Fixed.
> - kiconedit/kicongrid.cpp:2018
>
> There are a lot of out of bounds accesses here. For example when n ==
> 15, i == 14 and j == 0.
n seems to be clipped to 8. (n = 1, 2, 4, 8), so I'm not sure that this is
actually a problem.
> - kghostview/kgvdocument.cpp:668
>
> The open files from and to are leaking here.
Fixed.
> - kpovmodeler/pmdockwidget.cpp:2474
>
> The loop breaks quite early.
I looked but I'm not sure what exactly they're trying to do so I left it
alone.
> - kpovmodeler/pmpovrayparser.cpp:6977
> - kpovmodeler/pmpovrayparser.cpp:6980
> - kpovmodeler/pmpovrayparser.cpp:6983
>
> ',' is always true.
Fixed. (I think ;)
> - kpovmodeler/pmspheresweep.cpp:436
>
> i is not initialized here.
Fixed.
> - kpovmodeler/pmvariant.cpp:893
>
> success is not set if PMVariant::ThreeState is chosen in line 860 and
> line 868 is not executed.
Fixed.
> - kfile-plugins/gif/gif-info.c:483
>
> outfile is still open here and not closed. This is a file leak.
Fixed.
> - kfile-plugins/gif/gif-info.c:290
>
> If line 284 is false, then gct and gct_size are uninitialized here.
Fixed.
> - kmrml/kmrml/lib/kmrml_config.cpp
>
> Can one be sure that two same constant strings always have the same
> address?
Fixed.
I don't have time to forwardport the changes to /trunk as I've been up for
about 20 hours. :) If no one does it by the time I return I'll do it myself.
Regards,
- Michael Pyne
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic