'Re: [PATCH] .desktop security ++'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: [PATCH] .desktop security ++
From:       Michael Pyne <mpyne () purinchu ! net>
Date:       2009-02-21 19:37:40
Message-ID: 200902211437.40616.mpyne () purinchu ! net
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


On Saturday 21 February 2009, David Faure wrote:
> On Saturday 21 February 2009, Michael Pyne wrote:
> >  I'm not really happy about manually moving
> > bytes around (especially as v1 in my testing today had an infinite loop)
> > but I don't trust readAll()/write() for library code.  Please look at
> > this to make sure I've done it right.
>
> I don't understand, what's wrong with readAll? kdecore sure uses it in
> quite a few places. And it's not like any .desktop file is going to be 100
> MB in size...

I guess I just don't trust the idea of "read a effective random number of 
bytes".  I know that .desktop are going to be small but I guess I'm just 
worrying to much about someone leaving a large .desktop file to see what 
happens.  I'll change it back to readAll/write though just to make it more 
clear what's happening I guess since at least it won't be worse than the rest 
of kdecore. ;)

> > +      // A mere half-write isn't a failure mode I care to code about
>
> It would be easy though
> if (saveFile.write(shebang) != shebang.size()) {
>     ...
> }

Well ironically I ended up writing the code for that case like not 5 lines 
later anyways. :-/  I'll fix that too.

> BTW: can you reindent to 4 spaces? kdelibs coding style, even if the rest
> of krun.cpp might not use it yet, but we'll get there eventually.

I will as I much prefer it but I'd like to do all of krun.{h,cpp} in one swell 
foop then (it would be a whitespace-only commit).

Regards,
 - Michael Pyne

[Attachment #5 (text/html)]

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" \
"http://www.w3.org/TR/REC-html40/strict.dtd"><html><head><meta name="qrichtext" \
content="1" /><style type="text/css">p, li { white-space: pre-wrap; \
}</style></head><body style=" font-family:'Droid Sans Mono'; font-size:10pt; \
font-weight:400; font-style:normal;">On Saturday 21 February 2009, David Faure \
wrote:<br> &gt; On Saturday 21 February 2009, Michael Pyne wrote:<br>
&gt; &gt;  I'm not really happy about manually moving<br>
&gt; &gt; bytes around (especially as v1 in my testing today had an infinite \
loop)<br> &gt; &gt; but I don't trust readAll()/write() for library code.  Please \
look at<br> &gt; &gt; this to make sure I've done it right.<br>
&gt;<br>
&gt; I don't understand, what's wrong with readAll? kdecore sure uses it in<br>
&gt; quite a few places. And it's not like any .desktop file is going to be 100<br>
&gt; MB in size...<br>
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;"><br></p>I guess I just don't trust the idea of "read a effective \
random number of bytes".  I know that .desktop are going to be small but I guess I'm \
just worrying to much about someone leaving a large .desktop file to see what \
happens.  I'll change it back to readAll/write though just to make it more clear \
what's happening I guess since at least it won't be worse than the rest of kdecore. \
;)<br> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;"><br></p>&gt; &gt; +      // A mere half-write isn't a failure mode \
I care to code about<br> &gt;<br>
&gt; It would be easy though<br>
&gt; if (saveFile.write(shebang) != shebang.size()) {<br>
&gt;     ...<br>
&gt; }<br>
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;"><br></p>Well ironically I ended up writing the code for that case \
like not 5 lines later anyways. :-/  I'll fix that too.<br> <p \
style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;"><br></p>&gt; BTW: can you reindent to 4 spaces? kdelibs coding \
style, even if the rest<br> &gt; of krun.cpp might not use it yet, but we'll get \
there eventually.<br> <p style="-qt-paragraph-type:empty; margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; \
text-indent:0px; -qt-user-state:0;"><br></p>I will as I much prefer it but I'd like \
to do all of krun.{h,cpp} in one swell foop then (it would be a whitespace-only \
commit).<br> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
                -qt-user-state:0;"><br></p>Regards,<br>
 - Michael Pyne</p></body></html>


["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic