[Bug 1196869] [NEW] DBUs-Signatures are not verified aganist too long or messages or to deep recursions

Walter Schneider Tue, 02 Jul 2013 02:53:40 -0700

Public bug reported:

The DBus-Signatures are not fully verified in qdbusutil.cpp.
The syntax is checked, but not the maximum length and the maximum recursion 
depth.
In qt4.5 this check was done by calling the valdidation-methods of libdbus 
itself.


Enclosed is a patch for DBUS_MAXIMUM_SIGNATURE_LENGTH and
DBUS_MAXIMUM_TYPE_RECURSION_DEPTH checks.

** Affects: qt4-x11 (Ubuntu)
     Importance: Undecided
         Status: New

** Patch added: "qt4-4.8.1-qdbus-signature-check.patch"
   
https://bugs.launchpad.net/bugs/1196869/+attachment/3721548/+files/qt4-4.8.1-qdbus-signature-check.patch

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1196869

Title:
  DBUs-Signatures are not verified aganist too long or messages or to
  deep recursions

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qt4-x11/+bug/1196869/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1196869] [NEW] DBUs-Signatures are not verified aganist too long or messages or to deep recursions

Reply via email to