--- kfrontend/kgreeter.cpp (revision 706109) +++ kfrontend/kgreeter.cpp (working copy) @@ -42,6 +42,8 @@ #undef Unsorted // x headers suck - make qdir.h work with --enable-final #include #include +#include +#include #include #include #include @@ -59,6 +61,7 @@ #include #include #include +#include #include #include @@ -163,6 +166,9 @@ QString login; }; +#define FILE_LIMIT_ICON 20 +#define FILE_LIMIT_IMAGE 200 + void KGreeter::insertUser( const QImage &default_pix, const QString &username, struct passwd *ps ) @@ -181,16 +187,44 @@ nd = 1; QImage p; do { - QString fn = dp ? - QFile::decodeName( ps->pw_dir ) + "/.face" : - _faceDir + '/' + username + ".face"; - if (p.load( fn + ".icon" ) || p.load( fn )) { - QSize ns( 48, 48 ); - if (p.size() != ns) - p = p.convertDepth( 32 ).smoothScale( ns, QImage::ScaleMin ); - goto gotit; + dp ^= 1; + QCString fn = !dp ? + QCString( ps->pw_dir ) + '/' : + QFile::encodeName( _faceDir + '/' + username ); + fn += ".face.icon"; + int fd, ico; + if ((fd = open( fn.data(), O_RDONLY | O_NONBLOCK )) < 0) { + fn.truncate( fn.length() - 5 ); + if ((fd = open( fn.data(), O_RDONLY | O_NONBLOCK )) < 0) + continue; + ico = 0; + } else + ico = 1; + QFile f; + f.open( IO_ReadOnly, fd ); + int fs = f.size(); + if (fs > (ico ? FILE_LIMIT_ICON : FILE_LIMIT_IMAGE) * 1000) { + LogWarn( "%s exceeds file size limit (%dkB)\n", + fn.data(), ico ? FILE_LIMIT_ICON : FILE_LIMIT_IMAGE ); + continue; } - dp = 1 - dp; + QByteArray fc( fs ); + int rfs = f.readBlock( fc.data(), fs ); + ::close( fd ); + fc.resize( rfs > 0 ? rfs : 0 ); + QBuffer buf( fc ); + buf.open( IO_ReadOnly ); + QImageIO ir; + ir.setIODevice( &buf ); + if (!ir.read()) { + LogInfo( "%s is no valid image\n", fn.data() ); + continue; + } + p = ir.image(); + QSize ns( 48, 48 ); + if (p.size() != ns) + p = p.convertDepth( 32 ).smoothScale( ns, QImage::ScaleMin ); + goto gotit; } while (--nd >= 0); p = default_pix; gotit: