View Revisions: Issue #3332

Summary 0003332: QLM license code incorrectly casts string, ignores error return from Soraco function
Revision 2019-06-15 11:21 by WA9PIE
Description This code is in LicenseValidator::WriteProductProperties():

string props = license->GetProductProperties(_bstr_t(""), _bstr_t(this->activationKey), &bstrResponse);


This code causes the application to crash because GetProductProperties() might return NULL, and NULL can't be successfully assigned to a std::string.

GetProductProperties() is declared to return a _bstr_t, which means an implicit cast is happening. That cast is dubious, since std::string is intended to represent a plain string (as compared to std::wstring which represents a wide dstring), while _bstr_t objects usually represent wide-character strings.

The correctness of the cast should be reviewed. The code should be fixed so that the error indicated by GetProductProperties() returning NULL is correctly handled and doesn't crash the application.

Revision 2019-06-07 09:49 by K7ZCZ
Description
This code is in LicenseValidator::WriteProductProperties():

string props = license->GetProductProperties(_bstr_t(""), _bstr_t(this->activationKey), &bstrResponse);


This code causes the application to crash because GetProductProperties() might return NULL, and NULL can't be successfully assigned to a std::string.

GetProductProperties() is declared to return a _bstr_t, which means an implicit cast is happening. That cast is dubious, since std::string is intended to represent a plain string (as compared to std::wstring which represents a wide dstring), while _bstr_t objects usually represent wide-character strings.

The correctness of the cast should be reviewed. The code should be fixed so that the error indicated by GetProductProperties() returning NULL is correctly handled and doesn't crash the application.