From 946bde4a62fa9c4c47315defb2e31cf54d821246 Mon Sep 17 00:00:00 2001 From: tpearson Date: Wed, 26 Jan 2011 22:23:30 +0000 Subject: [PATCH] Patch a few buffer overrun problems and odd crash potentials git-svn-id: svn://anonsvn.kde.org/home/kde/branches/trinity/kdelibs@1217371 283d02a7-25f6-0310-bc7c-ecb5cbfe19da --- dcop/client/marshall.cpp | 2 +- dcop/dcopserver.cpp | 13 +++++++++---- dcop/dcopserver.h | 2 +- kdecore/kapplication.cpp | 2 +- kdecore/kconfig_compiler/kconfig_compiler.cpp | 2 +- kdecore/ksycoca.cpp | 18 ++++++++++-------- kdecore/ksycoca.h | 1 + kdecore/kurl.cpp | 2 +- kio/kio/slavebase.cpp | 2 ++ 9 files changed, 27 insertions(+), 17 deletions(-) diff --git a/dcop/client/marshall.cpp b/dcop/client/marshall.cpp index 496880aad..27a73495b 100644 --- a/dcop/client/marshall.cpp +++ b/dcop/client/marshall.cpp @@ -177,7 +177,7 @@ TQCString demarshal( TQDataStream &stream, const TQString &type ) TQBuffer buf( ba ); buf.open( IO_WriteOnly ); i.save( &buf, "XPM" ); - result = ba; + result = buf.buffer(); } else if ( type == "TQPoint" ) { TQPoint p; diff --git a/dcop/dcopserver.cpp b/dcop/dcopserver.cpp index ca810f390..ef37f0a32 100644 --- a/dcop/dcopserver.cpp +++ b/dcop/dcopserver.cpp @@ -131,6 +131,7 @@ static TQCString readQCString(TQDataStream &ds) if ((bytesLeft < 0 ) || (len > (uint) bytesLeft)) { qWarning("Corrupt data!\n"); + printf("bytesLeft: %d, len: %d\n", bytesLeft, len); return result; } result.TQByteArray::resize( (uint)len ); @@ -240,7 +241,7 @@ void DCOPIceWriteChar(register IceConn iceConn, unsigned long nbytes, char *ptr) { DCOPConnection* conn = the_server->findConn( iceConn ); #ifdef DCOP_DEBUG -qWarning("DCOPServer: DCOPIceWriteChar() Writing %d bytes to %d [%s]", nbytes, fd, conn ? conn->appId.data() : ""); +qWarning("DCOPServer: DCOPIceWriteChar() Writing %d bytes [%s]", nbytes, conn ? conn->appId.data() : ""); #endif if (conn) @@ -272,7 +273,7 @@ static void DCOPIceWrite(IceConn iceConn, const TQByteArray &_data) { DCOPConnection* conn = the_server->findConn( iceConn ); #ifdef DCOP_DEBUG -qWarning("DCOPServer: DCOPIceWrite() Writing %d bytes to %d [%s]", _data.size(), fd, conn ? conn->appId.data() : ""); +qWarning("DCOPServer: DCOPIceWrite() Writing %d bytes [%s]", _data.size(), conn ? conn->appId.data() : ""); #endif if (conn) { @@ -1518,7 +1519,9 @@ bool DCOPServer::receive(const TQCString &/*app*/, const TQCString &obj, TQCString slot = readQCString(args); TQ_INT8 Volatile; args >> Volatile; - //qDebug("DCOPServer: connectSignal(sender = %s senderObj = %s signal = %s recvObj = %s slot = %s)", sender.data(), senderObj.data(), signal.data(), receiverObj.data(), slot.data()); +#ifdef DCOP_DEBUG + qDebug("DCOPServer: connectSignal(sender = %s senderObj = %s signal = %s recvObj = %s slot = %s)", sender.data(), senderObj.data(), signal.data(), receiverObj.data(), slot.data()); +#endif bool b = dcopSignals->connectSignal(sender, senderObj, signal, conn, receiverObj, slot, (Volatile != 0)); replyType = "bool"; TQDataStream reply( replyData, IO_WriteOnly ); @@ -1534,7 +1537,9 @@ bool DCOPServer::receive(const TQCString &/*app*/, const TQCString &obj, TQCString signal = readQCString(args); TQCString receiverObj = readQCString(args); TQCString slot = readQCString(args); - //qDebug("DCOPServer: disconnectSignal(sender = %s senderObj = %s signal = %s recvObj = %s slot = %s)", sender.data(), senderObj.data(), signal.data(), receiverObj.data(), slot.data()); +#ifdef DCOP_DEBUG + qDebug("DCOPServer: disconnectSignal(sender = %s senderObj = %s signal = %s recvObj = %s slot = %s)", sender.data(), senderObj.data(), signal.data(), receiverObj.data(), slot.data()); +#endif bool b = dcopSignals->disconnectSignal(sender, senderObj, signal, conn, receiverObj, slot); replyType = "bool"; TQDataStream reply( replyData, IO_WriteOnly ); diff --git a/dcop/dcopserver.h b/dcop/dcopserver.h index 7abc6497a..0a5d96f0e 100644 --- a/dcop/dcopserver.h +++ b/dcop/dcopserver.h @@ -55,7 +55,7 @@ class TQTimer; // If you enable the following define DCOP will create // $HOME/.dcop.log file which will list all signals passing // through it. -//#define DCOP_LOG +// #define DCOP_LOG #ifdef DCOP_LOG class TQTextStream; class TQFile; diff --git a/kdecore/kapplication.cpp b/kdecore/kapplication.cpp index 07260813c..3b6b78367 100644 --- a/kdecore/kapplication.cpp +++ b/kdecore/kapplication.cpp @@ -617,7 +617,7 @@ KApplication::KApplication( int& argc, char** argv, const TQCString& rAppName, KApplication::KApplication( bool allowStyles, bool GUIenabled ) : TQApplication( *KCmdLineArgs::qt_argc(), *KCmdLineArgs::qt_argv(), - GUIenabled ), + TRUE ), // Qt4 requires that there always be a GUI KInstance( KCmdLineArgs::about), #ifdef Q_WS_X11 display(0L), diff --git a/kdecore/kconfig_compiler/kconfig_compiler.cpp b/kdecore/kconfig_compiler/kconfig_compiler.cpp index 1b1d82860..434208b70 100644 --- a/kdecore/kconfig_compiler/kconfig_compiler.cpp +++ b/kdecore/kconfig_compiler/kconfig_compiler.cpp @@ -933,7 +933,7 @@ TQString itemAccessorBody( CfgEntry *e ) //indents text adding X spaces per line TQString indent(TQString text, int spaces) -{ +{ TQString result; TQTextStream out(&result, IO_WriteOnly); TQTextStream in(&text, IO_ReadOnly); diff --git a/kdecore/ksycoca.cpp b/kdecore/ksycoca.cpp index f6b9ffa6a..255763ef0 100644 --- a/kdecore/ksycoca.cpp +++ b/kdecore/ksycoca.cpp @@ -87,7 +87,7 @@ int KSycoca::version() // Read-only constructor KSycoca::KSycoca() - : DCOPObject("ksycoca"), m_lstFactories(0), m_str(0), bNoDatabase(false), + : DCOPObject("ksycoca"), m_lstFactories(0), m_str(0), m_barray(0), bNoDatabase(false), m_sycoca_size(0), m_sycoca_mmap(0), m_timeStamp(0) { d = new KSycocaPrivate; @@ -110,6 +110,7 @@ bool KSycoca::openDatabase( bool openDummyIfNotFound ) m_sycoca_mmap = 0; m_str = 0; + m_barray = 0; TQString path; TQCString ksycoca_env = getenv("KDESYCOCA"); if (ksycoca_env.isEmpty()) @@ -154,9 +155,9 @@ bool KSycoca::openDatabase( bool openDummyIfNotFound ) #ifdef HAVE_MADVISE (void) madvise((char*)m_sycoca_mmap, m_sycoca_size, MADV_WILLNEED); #endif - TQByteArray b_array; - b_array.setRawData(m_sycoca_mmap, m_sycoca_size); - TQBuffer *buffer = new TQBuffer( b_array ); + m_barray = new TQByteArray(); + m_barray->setRawData(m_sycoca_mmap, m_sycoca_size); + TQBuffer *buffer = new TQBuffer( *m_barray ); buffer->open(IO_ReadWrite); m_str = new TQDataStream( buffer); } @@ -195,7 +196,7 @@ bool KSycoca::openDatabase( bool openDummyIfNotFound ) // Read-write constructor - only for KBuildSycoca KSycoca::KSycoca( bool /* dummy */ ) - : DCOPObject("ksycoca_building"), m_lstFactories(0), m_str(0), bNoDatabase(false), + : DCOPObject("ksycoca_building"), m_lstFactories(0), m_str(0), m_barray(0), bNoDatabase(false), m_sycoca_size(0), m_sycoca_mmap(0) { d = new KSycocaPrivate; @@ -226,13 +227,13 @@ KSycoca::~KSycoca() void KSycoca::closeDatabase() { - TQIODevice *device = 0; + QIODevice *device = 0; if (m_str) - device = m_str->tqdevice(); + device = m_str->device(); #ifdef HAVE_MMAP if (device && m_sycoca_mmap) { - TQBuffer *buf = (TQBuffer *) device; + TQBuffer *buf = static_cast(device); buf->buffer().resetRawData(m_sycoca_mmap, m_sycoca_size); // Solaris has munmap(char*, size_t) and everything else should // be happy with a char* for munmap(void*, size_t) @@ -246,6 +247,7 @@ void KSycoca::closeDatabase() delete device; if (TQT_TQIODEVICE(d->database) != device) delete d->database; + if (m_barray) delete m_barray; device = 0; d->database = 0; // It is very important to delete all factories here diff --git a/kdecore/ksycoca.h b/kdecore/ksycoca.h index 6b8fcd0f3..52e712989 100644 --- a/kdecore/ksycoca.h +++ b/kdecore/ksycoca.h @@ -169,6 +169,7 @@ protected: void closeDatabase(); KSycocaFactoryList *m_lstFactories; TQDataStream *m_str; + TQByteArray *m_barray; bool bNoDatabase; size_t m_sycoca_size; const char *m_sycoca_mmap; diff --git a/kdecore/kurl.cpp b/kdecore/kurl.cpp index 047f18dee..428ab2f20 100644 --- a/kdecore/kurl.cpp +++ b/kdecore/kurl.cpp @@ -83,7 +83,7 @@ static TQString encode( const TQString& segment, int encoding_offset, int encodi int old_length = isRawURI ? local.size() - 1 : local.length(); - if ( !old_length ) + if ( old_length < 1 ) return segment.isNull() ? TQString::null : TQString(""); // differentiate null and empty // a worst case approximation diff --git a/kio/kio/slavebase.cpp b/kio/kio/slavebase.cpp index cecaf9ec3..187e82524 100644 --- a/kio/kio/slavebase.cpp +++ b/kio/kio/slavebase.cpp @@ -334,6 +334,8 @@ void SlaveBase::dispatchLoop() return; } } +#else +#error The KIO slave system only works under UNIX #endif }