Differential D7812

Fixes a yakuake "index out of range" crash produced by QDBus exposed function TabBar::sessionAtTab(int)
ClosedPublic
Actions

Authored by vtasoulas on Sep 14 2017, 9:47 AM.

Details

Reviewers
hein
alexeymin
Group Reviewers
KDE Applications
Commits
R369:09abe657c65b: Fixes a yakuake "index out of range" crash produced by QDBus exposed function…
Summary

The function TabBar::sessionAtTab(int index) is exposed through QDBus and if a user/script passes a negative number, yakuake crashes with index out of range.

This patch fixes that behaviour with a sanity check. If the user passes a negative number, return -1.

Test Plan

Run the command qdbus org.kde.yakuake /yakuake/tabs org.kde.yakuake.sessionAtTab -1
Yakuake will crash.

Apply the patch and re-run the above qdbus command. It shouldn't be crashing now.

Diff Detail

Repository
R369 Yakuake
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.
vtasoulas created this revision.Sep 14 2017, 9:47 AM
alexeymin accepted this revision.Sep 14 2017, 5:42 PM
alexeymin added a subscriber: alexeymin.

Strangely it does not crash for me, without this patch I get always zero:

lexx@gentoo ~/dev/yakuake $ qdbus org.kde.yakuake /yakuake/tabs org.kde.yakuake.sessionAtTab -1
0

For number exceeding tabs count I get response -1:

lexx@gentoo ~/dev/yakuake $ qdbus org.kde.yakuake /yakuake/tabs org.kde.yakuake.sessionAtTab 10
-1

with negative values I get random responses

lexx@gentoo ~/dev/yakuake $ qdbus org.kde.yakuake /yakuake/tabs org.kde.yakuake.sessionAtTab -2
1
lexx@gentoo ~/dev/yakuake $ qdbus org.kde.yakuake /yakuake/tabs org.kde.yakuake.sessionAtTab -3
49
lexx@gentoo ~/dev/yakuake $ qdbus org.kde.yakuake /yakuake/tabs org.kde.yakuake.sessionAtTab -4
3670066
lexx@gentoo ~/dev/yakuake $ qdbus org.kde.yakuake /yakuake/tabs org.kde.yakuake.sessionAtTab -5
38104336
lexx@gentoo ~/dev/yakuake $ qdbus org.kde.yakuake /yakuake/tabs org.kde.yakuake.sessionAtTab -6
6

With this patch for any wrong values (<0 and > tabs count) I always get -1 as expected, so I guess this is as it should be done? @vtasoulas what do you think about it?
This looks good and harmless anyway.

This revision is now accepted and ready to land.Sep 14 2017, 5:42 PM
hein accepted this revision.Sep 14 2017, 8:37 PM
vtasoulas added a comment.Sep 14 2017, 9:56 PM

@alexeymin yes, that's how it should be working.

m_tabs is a QList, so the indexes cannot take negative values.

The previous code was already returning -1 when a user was asking for a non existing session (index > m_tabs.count() - 1).
The current code returns -1 when negative indexes are requested as well.
Typically, yakuake will never call this function with a negative index, but since the function is exposed via QDbus, an external program/script/user may do that and crash yakuake (or get garbage values as in your case that yakuake doesn't crash).

Closed by commit R369:09abe657c65b: Fixes a yakuake "index out of range" crash produced by QDBus exposed function… (authored by vtasoulas, committed by alexeymin). · Explain WhySep 16 2017, 12:19 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathPackages
Mapp/tabbar.cpp (2 lines)

Diff 19583

View Options

app/tabbar.cpp

Loading...