[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: [PATCH] .desktop security ++
From: Michael Pyne <mpyne () purinchu ! net>
Date: 2009-02-21 19:37:40
Message-ID: 200902211437.40616.mpyne () purinchu ! net
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
On Saturday 21 February 2009, David Faure wrote:
> On Saturday 21 February 2009, Michael Pyne wrote:
> > I'm not really happy about manually moving
> > bytes around (especially as v1 in my testing today had an infinite loop)
> > but I don't trust readAll()/write() for library code. Please look at
> > this to make sure I've done it right.
>
> I don't understand, what's wrong with readAll? kdecore sure uses it in
> quite a few places. And it's not like any .desktop file is going to be 100
> MB in size...
I guess I just don't trust the idea of "read a effective random number of
bytes". I know that .desktop are going to be small but I guess I'm just
worrying to much about someone leaving a large .desktop file to see what
happens. I'll change it back to readAll/write though just to make it more
clear what's happening I guess since at least it won't be worse than the rest
of kdecore. ;)
> > + // A mere half-write isn't a failure mode I care to code about
>
> It would be easy though
> if (saveFile.write(shebang) != shebang.size()) {
> ...
> }
Well ironically I ended up writing the code for that case like not 5 lines
later anyways. :-/ I'll fix that too.
> BTW: can you reindent to 4 spaces? kdelibs coding style, even if the rest
> of krun.cpp might not use it yet, but we'll get there eventually.
I will as I much prefer it but I'd like to do all of krun.{h,cpp} in one swell
foop then (it would be a whitespace-only commit).
Regards,
- Michael Pyne
[Attachment #5 (text/html)]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" \
"http://www.w3.org/TR/REC-html40/strict.dtd"><html><head><meta name="qrichtext" content="1" \
/><style type="text/css">p, li { white-space: pre-wrap; }</style></head><body style=" \
font-family:'Droid Sans Mono'; font-size:10pt; font-weight:400; font-style:normal;">On Saturday \
21 February 2009, David Faure wrote:<br> > On Saturday 21 February 2009, Michael Pyne \
wrote:<br> > > I'm not really happy about manually moving<br>
> > bytes around (especially as v1 in my testing today had an infinite loop)<br>
> > but I don't trust readAll()/write() for library code. Please look at<br>
> > this to make sure I've done it right.<br>
><br>
> I don't understand, what's wrong with readAll? kdecore sure uses it in<br>
> quite a few places. And it's not like any .desktop file is going to be 100<br>
> MB in size...<br>
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br></p>I guess I \
just don't trust the idea of "read a effective random number of bytes". I know that .desktop \
are going to be small but I guess I'm just worrying to much about someone leaving a large \
.desktop file to see what happens. I'll change it back to readAll/write though just to make it \
more clear what's happening I guess since at least it won't be worse than the rest of kdecore. \
;)<br> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br></p>> > + \
// A mere half-write isn't a failure mode I care to code about<br> ><br>
> It would be easy though<br>
> if (saveFile.write(shebang) != shebang.size()) {<br>
> ...<br>
> }<br>
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br></p>Well \
ironically I ended up writing the code for that case like not 5 lines later anyways. :-/ I'll \
fix that too.<br> <p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; \
margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;"><br></p>> BTW: can you reindent to 4 spaces? kdelibs coding style, even \
if the rest<br> > of krun.cpp might not use it yet, but we'll get there eventually.<br>
<p style="-qt-paragraph-type:empty; margin-top:0px; margin-bottom:0px; margin-left:0px; \
margin-right:0px; -qt-block-indent:0; text-indent:0px; -qt-user-state:0;"><br></p>I will as I \
much prefer it but I'd like to do all of krun.{h,cpp} in one swell foop then (it would be a \
whitespace-only commit).<br> <p style="-qt-paragraph-type:empty; margin-top:0px; \
margin-bottom:0px; margin-left:0px; margin-right:0px; -qt-block-indent:0; text-indent:0px; \
-qt-user-state:0;"><br></p>Regards,<br>
- Michael Pyne</p></body></html>
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic