summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2007-02-05BUG: Lack of a << made opieplayer2 uncompilable.erik1-1/+1
FIX: It is put in now.
2007-02-05BUG: My change to a switch statement made opie-gutenbrowser uncompilable.erik1-11/+9
FIX: The code there is just strange. I tore out the switch statement and replaced it with a simple if block instead.
2007-01-31A few files that dereference pointers w/out checking that the pointer iserik3-28/+14
valid.
2007-01-31A few files that have dynamically allocated arrays that are not properlyerik3-3/+3
de-allocated (forgot to use []).
2007-01-31I expanded my audit to include any app I could get to compile in i386.erik8-235/+235
In that expansion a whole new crop of unchecked returns has sprung up. This commit fixes those weeds or should I say potential bugs.
2007-01-31The queryByExample member function was not properly overridden by the childerik2-2/+2
class. This means that the last child in the chain would be called instead. Seeing as how the function is not really implemented in this class I am sure that they do want the override so a user is A. not fooled into thinking it is and B. running into a parent function doing the wrong thing.
2007-01-31Show events on all visible days in the month view, not just those within the ↵paule2-18/+46
current month. Fixes bug #1351.
2007-01-31Don't allow configuring buttons with no remote layout selectedpaule1-0/+8
2007-01-31Specify correct parameters to needToAuthenticate() and login() so that ↵paule1-2/+2
appropriate setting is read when determining whether to authenticate or not. Fixes bug #1830.
2007-01-31Reinstate startup system year validity check and update year to 2007; show ↵paule1-8/+19
date/time settings application on starting if option is enabled
2007-01-29Each file in this commit exhibits a problem where a variable is made inerik4-14/+7
some way but never used. This is a tricky problem with Qt since almost all UI forms are made but not used (like QLabel). But I am pretty confident that these changes are correct and do not have any aspect of a change to the UI. In most cases, there are just variables that are made and then copied over (like in iteration over lists or assignment of pointers based on conditionals).
2007-01-29Each file in this commit has an issue where the initial value of a variableerik14-56/+56
is assumed to be something but no initial value is given. This commit changes that by either assigning an initial value or removing the assumption on an initial value (usually the former).
2007-01-29Reformat according to current Opie coding style.erik1-70/+92
2007-01-29Reformat according to current Opie style.erik1-232/+234
2007-01-29Strictly removal of cruft (commented out old code).erik1-22/+0
2007-01-29Fix needToAuthenticate() so that its operation matches the doc commentspaule1-2/+2
2007-01-29Change buttons from QLabel to QPushButton, which enables entering the PIN ↵paule2-476/+366
using directional buttons and space/enter (which is all that is available on some PDAs if the screen is uncalibrated). In addition, you can now enter numbers using number keys if your device has them.
2007-01-28Change to not use new for message boxes; rename sendIR parameter to a more ↵paule2-12/+12
appropriate name
2007-01-28More fixes for remote selectionpaule2-0/+25
2007-01-28Don't allow creating remote layouts with a blank name; remove old commented ↵paule1-13/+4
out code
2007-01-28Remove unused source filespaule2-53/+0
2007-01-28Correctly select first remote upon loading configuration; pass current ↵paule1-14/+34
button action to button dialog; show error if user clicks on New without first typing a new name; show error if user clicks New with Remotes as a name
2007-01-28Correctly select first remote upon loading configuration; show a warning ↵paule1-4/+15
message if user presses a button that has not been configured
2007-01-28Correctly select first remote upon loading configurationpaule3-2/+6
2007-01-28Load in current button action on openingpaule2-17/+34
2007-01-28Refactored out all communication with LIRC into new LircHandler classpaule13-755/+344
2007-01-26Both files in this commit exhibit the wrong way to use temporary files.erik2-28/+72
For TEHistory.cpp, it uses tmpfile() which produces a file which has a name that can be guessed. For vmemo.cpp, it uses tmpname() which only creates a predictable string. Both uses have been switched to using mkstemp() wrapped around umask(). This produces a much less predictable file that also has guaranteed restrictive permissions. I went a little farther in vmemo because it calls out to the shell using system to 'mv' the new file. That is kinda wasteful so I switched it to use rename instead.
2007-01-26Both packageslave.cpp and textedit.cpp have instances of possibly exploitableerik2-44/+49
race conditions associated to files. The big deal is that it is quite typical to use strings of pathnames to track files. But because that does not leverage the filesystem would be attackers may be able to exploit time lags in uses of filesystem functions (like stat and chmod or open) to get files with suspect data into the files that the applications are working with. This commit closes that potential hole even though there are no known exploits. Better safe then sorry. There is no change in the behavior of the apps.
2007-01-26The Expand call does not check for null termination of the URL stringserik1-2/+4
that it is expanding. Since strlen() is used with the URLs after Expand is used, it is good idea to make sure that Expand terminates the strings. This commit changes that so that the URL strings are guaranteed to be terminated after expansion.
2007-01-26A couple of places where a string is overrun. This fixes both of them.erik2-4/+5
2007-01-26Each file in this commit exhibit an example of what prevent callserik4-65/+49
'reverse inull'. All that means is that a pointer gets dereferenced. Then a pointer gets checked for validity before being dereferenced again. This almost always points to shenanigans. For example, the konsole.cpp file has this konsoleInit() call which passes in a const char** shell variable. Since it is a double pointer the programmer who wrote the code made the mistake of mixing the checking of the pointer and the pointer that points to the pointer. This commit attempts to correct that. Of course there are other instances of the same thing. But they all boil down to a small mistake which might have produced strange side effects.
2007-01-26Both files in this commit exhibit use after free errors.erik2-4/+4
One of them was introduced in my memory leak fixing (whoops). I was freeing a structure of stock data before one last call to it. So switching the free to after that call fixed it. The kcheckers.cpp fix is one where the game board could be deleted and then a new one is not created because someone attempted to request a game board type that is not supported. This is fixed by using the default directive for one of the game board types in the switch statement. Which means it could default to Russian boards. Score one for the Russians!
2007-01-24There was quite a bit of deadwood in this file. I am removing it to makeerik1-65/+0
the file more readable (and smaller overall).
2007-01-24Each file in this commit has the issue where it is possible for code toerik6-38/+51
overrun static buffers. This could lead to serious problems. Granted it is almost impossible to do that. But it isn't totally impossible. So this commit makes it impossible to overrun.
2007-01-24Each file in this commit has the issue where a function can return aerik2-50/+49
negative result but the result is used in a context that can only be positive.
2007-01-24Each file in this commit has an instance where a pointer is checked aterik8-74/+83
one point in the code and then not checked in another point in the code. If it needed to be checked once, it needs to be checked the other time. If not the application could segfault.
2007-01-24Eac one the files in this commit had an instance where a code path iserik3-16/+2
never traversed because of conditionals operating on values that never change.
2007-01-24Every file in this commit has a memory leak of some kind or another. I thinkerik13-172/+270
all of them are minor and should not effect properly running code. But if I were you I would give libstocks and the stockticker plugin in Today a wide berth. That library is atrocious.
2007-01-24OBEX push server has a more common description.korovkin1-1/+1
2007-01-23A couple more return values that need to be checked.erik2-3/+14
2007-01-22Each file in this commit had a problem where a function might returnerik3-5/+10
a null value for a pointer and that null value was not checked.
2007-01-22Every file in this commit makes a call to a function which returns a value.erik14-92/+109
Each file also didn't check the return value. This commit changes it so that every single non-checked call in these files is checked.
2007-01-19core/opie-login/loginwindowimpl.cpp has a fix to properly free stringserik2-4/+22
that were dup'ed. noncore/apps/opie-reader/Bkmks.cpp deletes a temporary pointer that was not being properly disposed of.
2007-01-19Every file in this commit has a change to check the return value of a call.erik11-68/+94
2007-01-19Commit of Paul's patch to remove a macro and substitute it with aerik3-12/+15
class variable.
2007-01-19Every single file in this commit had a memory leak where a resource iserik9-32/+57
allocated in the constructor but not de-allocated in the destructor. This commit fixes that.
2007-01-19BUG: There are only 4095 items in the buffer that is zero'd out using 4096.erik1-1/+1
FIX: Fix the number used in memset.
2007-01-14When selecting a time zone, warn the user if the time zone file in ↵paule1-26/+35
/usr/share/zoneinfo for the selected time zone is missing
2007-01-14Add setting to show date/time settings on every restart (useful on devices ↵paule2-3/+16
where the date/time slips or is reset when the device is reset)
2007-01-13Actually read the doctab enable/disable setting.paule1-0/+7
Partially fixes bug #1618.