Bug#914743: (no subject)

Mon, 26 Nov 2018 13:45:47 -0800 

KDE upstream bug #396980

Patch: https://phabricator.kde.org/D14554
-- 
Enneamer
diff -Nru kdepim-runtime-16.04.2/debian/patches/fix-array-access-bounds-in-IMAP-resource.patch kdepim-runtime-16.04.2/debian/patches/fix-array-access-bounds-in-IMAP-resource.patch
--- kdepim-runtime-16.04.2/debian/patches/fix-array-access-bounds-in-IMAP-resource.patch	1969-12-31 19:00:00.000000000 -0500
+++ kdepim-runtime-16.04.2/debian/patches/fix-array-access-bounds-in-IMAP-resource.patch	2018-11-26 15:48:39.000000000 -0500
@@ -0,0 +1,41 @@
+Fix array access bounds in IMAP resource
+
+ImapQuotaAttribute::serialized() processes IMAP roots assigning
+corresponding QUOTA and USAGE attributes to each root. It uses three
+dictionaries: mRoots, mLimits, and mUsages assuming that these
+dictionaries always have the same number of elements. In a case when
+mRoots contains more elements than other two dictionaries, this causes
+referencing to non-existent elements in mLimits and mUsages and
+segfaults.
+
+Fix this by using mLimits.size() and mUsages.size() in corresponding
+loops.
+
+BUG: 396980
+Developers: gkowal
+Reviewers: KDE PIM, dvratil
+Reviewed By: KDE PIM, dvratil
+Subscribers: mlaurent, cfeck, kde-pim
+Tags: KDE PIM
+
+Differential Revision: https://phabricator.kde.org/D14554
+--- a/resources/shared/singlefileresource/imapquotaattribute.cpp
++++ b/resources/shared/singlefileresource/imapquotaattribute.cpp
+@@ -91,7 +91,7 @@
+     result += " %%%% "; // Members separator
+ 
+     // Then the limit maps list
+-    for (int i = 0; i < mRoots.size(); ++i) {
++    for (int i = 0; i < mLimits.size(); ++i) {
+         const QMap<QByteArray, qint64> limits = mLimits[i];
+         for (auto it = limits.cbegin(), end = limits.cend(); it != end; ++it) {
+             result += it.key();
+@@ -107,7 +107,7 @@
+     result += " %%%% "; // Members separator
+ 
+     // Then the usage maps list
+-    for (int i = 0; i < mRoots.size(); ++i) {
++    for (int i = 0; i < mUsages.size(); ++i) {
+         const QMap<QByteArray, qint64> usages = mUsages[i];
+         for (auto it = usages.cbegin(), end = usages.cend(); it != end; ++it) {
+             result += it.key();
diff -Nru kdepim-runtime-16.04.2/debian/patches/series kdepim-runtime-16.04.2/debian/patches/series
--- kdepim-runtime-16.04.2/debian/patches/series	1969-12-31 19:00:00.000000000 -0500
+++ kdepim-runtime-16.04.2/debian/patches/series	2018-11-26 15:47:09.000000000 -0500
@@ -0,0 +1 @@
+fix-array-access-bounds-in-IMAP-resource.patch

Reply via email to