[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: Security flaw in klock (fwd)
From:       Harri Porten <porten () tu-harburg ! de>
Date:       1999-06-24 11:50:19
[Download RAW message or body]

Martin Jones wrote:
> 
> So if the timer is triggered while we are waiting for
> kcheckpass to complete, the dialog is deleted.  When
> kcheckpass completes, we continue on but the dialog has
> been deleted from under us -> crash.
> 
> This is easier to replicate if kcheckpassis slow on your
> particular machine.  I can replicate this bug very easily
> by adding a sleep(2) to kcheckpass.  I am applying this

Ahh. I was already trying to modify some timeouts to force the bug.

> patch to the 1.1 and head branches.

Thanks Martin. I think our "reaction time" was quite good. One hour ?

Would you like to formulate a response for BugTraq as well (after we
have received confirmations that the bug is really fixed) ?

Harri.

[prev in list] [next in list] [prev in thread] [next in thread]