[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Review Request: Fix sanitization of dbus path in KMainWindow
From: Thomas =?utf-8?q?L=C3=BCbking?= <thomas.luebking () web ! de>
Date: 2009-08-16 13:15:14
Message-ID: 200908161515.14581.thomas.luebking () web ! de
[Download RAW message or body]
Am Friday 14 August 2009 schrieb Matthew Woehlke:
> Forgetting the intricasies of appName, KMainWindow currently applies the
> following sanitization to objectName():
>
> <replace QChar where !isLetterOrNumber with '_'>
>
> This is wrong because it would allow the illegal characters '.' and '-'
> to pass through. This should either be fixed, or else removed entirely
> on the theory that objectName() can't be invalid to begin with.
simple test* says:
QObject::setObjectName() (unline the Qt designer ui editor) does /not/
restrict the object name *at all*, so the patch fixes a /real/ bug (and not
just sanitizes a sane string sanitization)
Therefore please apply it to prevent apps from running into this unnecessary
assert.
on anybodies worries:
a) if you ever had such object name on a mainwindow it could have never been
used w/o an assert exit
b) if QChar::isLetter() wouldn't rank "_" as letter it would be replace by "_"
anyway
I however fear the other thread is the much more driving one.
Thomas
*code attached
["objectnametest.cc" (text/x-c++src)]
#include <QObject>
#include <QtDebug>
main (int argc, char **argv)
{
if (argc < 2)
qDebug() << "you forgot the object name";
else
{
QObject o; o.setObjectName(argv[1]);
qDebug() << o.objectName();
}
}
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic