https://bugs.kde.org/show_bug.cgi?id=362586
Sebastian Kügler <se...@kde.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Version Fixed In| |5.6.4
Latest Commit| |http://commits.kde.org/kscr
| |een/3cd5c74d5523b2f2b2e9517
| |4dbaf7ece10d74a50
Resolution|--- |FIXED
--- Comment #10 from Sebastian Kügler <se...@kde.org> ---
Git commit 3cd5c74d5523b2f2b2e95174dbaf7ece10d74a50 by Sebastian Kügler.
Committed on 06/05/2016 at 12:03.
Pushed by sebas into branch 'master'.
guard access to unsafe config pointer
Summary:
This fixes a crashing race condition in the kscreen kded module when
the config cannot be deserialized from the filesystem. In this case,
Serializer returns a nullptr which is then derefenced without
validation.
In practice, we just can't be sure the file can be read, so we need to
make sure that we're not passing configs around which may be empty.
Down the road, I think we should be a bit more careful also in
libkscreen, there's some API that can receive ConfigPtrs, which aren't
validated before dereferencing.
FIXED-IN:5.6.4
CHANGELOG:Fix crasher in kscreen kded daemon
Test Plan:
Can't really test this scenario, since I can't reproduce the crash. All
testing I've done passes, and I've added a bunch of autotests for invalid
configs (separate commit)
Reviewers: #plasma, graesslin
Reviewed By: #plasma, graesslin
Subscribers: graesslin, plasma-devel
Projects: #plasma
Differential Revision: https://phabricator.kde.org/D1533
M +2 -1 kded/daemon.cpp
http://commits.kde.org/kscreen/3cd5c74d5523b2f2b2e95174dbaf7ece10d74a50
--
You are receiving this mail because:
You are watching all bug changes.
