[Pkg-kde-extras] Bug#865765: [qtcurve] Crash when using QtCurve widget style and Breeze preset

Sergey Sharybin sergey.vfx at gmail.com
Sun Jun 25 10:19:07 UTC 2017 

Hi,

Patch had some malformed header (was mixing information from previous
maintainer patch and residue of some older description). Here is an
updated patch with hopefully all headers filled correct.

Hopefully this one will work fine :)

On Sat, 24 Jun 2017 18:30:27 +0200 Sergey Sharybin <sergey.vfx at gmail.com> wrote:
> Package: qtcurve
> Version: 1.8.18+git20160320-3d8622c-3
> Severity: normal
> Tags: patch
>
> --- Please enter the report below this line. ---
>
> QtCurve uses `memcmp()` to compare strings against various constants
> when reading configuration file. This might easily end up with
> memcmp() reading past the input string boundary, when input string is
> shorter that the string which is compared against.
>
> For example, if slider style is set to "circular", it will be first be
> compared against "triangular", which is a longer string and will cause
> reads past the original string boundary.
>
> In order to reproduce the issue, KDE Plasma is to be configured to use
> QtCurve widget style (Settings -> Application Style -> Applications ->
> Widget Style). I am using Breeze preset for QtCurve. The error is very
> easily noticeable when running Qt5 application compiled with address
> sanitizer. Probably running any Qt application with Valgrind will show
> the error as well, but i did not try that.
>
> The solution i've tried is to use strncmp() instead of memcmp(), which
> will avoid reading past the string memory. Seems all strings are
> NULL-terminated in those comparisons, so it should be good enough
> approach. The patch is attached.
>
> P.S. Not sure the QtCurve versions are correctly detected, i've
> re-compiled the packaged locally with the patch mentioned above. The
> patch is against QtCurve from Stretch.
> P.P.S. I'm using self-compiled kernel, because previously i was on one
> from jessie-backports, which had issues with my machine. This
> shouldn't matter i think.
>
> --- System information. ---
> Architecture:
> Kernel:       Linux 4.11.5-vanilla
>
> Debian Release: 9.0
>   995 stable          dl.google.com
>   990 stable          security.debian.org
>   990 stable          ftp.de.debian.org
>
> --- Package information. ---
> Depends                    (Version) | Installed
> ====================================-+-===========
> gtk2-engines-qtcurve                 | 1.8.18+git20160320-3d8622c-3
> kde-style-qtcurve-qt4                | 1.8.18+git20160320-3d8622c-3
> kde-style-qtcurve-qt5                | 1.8.18+git20160320-3d8622c-3
> qtcurve-l10n                         | 1.8.18+git20160320-3d8622c-3
>
>
> Package's Recommends field is empty.
>
> Suggests                    (Version) | Installed
> =====================================-+-===========
> kwin-decoration-oxygen                | 4:5.8.4-1
> oxygen-icon-theme                     | 5:5.28.0-1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: replace_memcmp_with_strncmp_corrected.patch
Type: text/x-patch
Size: 49773 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-kde-extras/attachments/20170625/84a46d07/attachment-0001.bin>

More information about the pkg-kde-extras mailing list