Differential D20844

KTar::KTarPrivate::readLonglink: Fix crash in malformed files
ClosedPublic
Actions

Authored by aacid on Apr 26 2019, 1:54 PM.

Details

Reviewers
apol
Commits
R243:bcab80831a3f: KTar::KTarPrivate::readLonglink: Fix crash in malformed files
Summary

QByteArray::resize doesn't work for std::numeric_limits<int>::max()
https://bugreports.qt.io/browse/QTBUG-75470

https://codereview.qt-project.org/#/c/260072/1/src/corelib/tools/qbytearray.cpp
documents that it "alwaus"works until 2^31 - 32 so use that

oss-fuzz #14397

Diff Detail

Repository
R243 KArchive
Branch
arcpatch-D20844
Lint
No Linters Available
Unit
No Unit Test Coverage
Build Status
Buildable 11394
Build 11412: arc lint + arc unit
aacid created this revision.Apr 26 2019, 1:54 PM
Restricted Application added a project: Frameworks. · View Herald TranscriptApr 26 2019, 1:54 PM
Restricted Application added a subscriber: kde-frameworks-devel. · View Herald Transcript
aacid requested review of this revision.Apr 26 2019, 1:54 PM
apol added a subscriber: apol.Apr 26 2019, 2:06 PM
apol added inline comments.
src/ktar.cpp
289 ↗(On Diff #57042)

Doesn't QString have the same size limitation as QByteArray?

aacid added inline comments.Apr 26 2019, 2:49 PM
src/ktar.cpp
289 ↗(On Diff #57042)

I'll double check, also i now see that decodeName char creates a temporary qbytearray so that may be problematic too :/

aacid updated this revision to Diff 57296.Apr 30 2019, 10:51 PM
aacid edited the summary of this revision. (Show Details)

better fix

apol accepted this revision.May 9 2019, 9:49 AM
This revision is now accepted and ready to land.May 9 2019, 9:49 AM
aacid closed this revision.May 9 2019, 12:42 PM

Revision Contents
Changeset List

PathPackages
Msrc/ktar.cpp (2 lines)

Diff 57296

View Options

src/ktar.cpp

Loading...