diff options
author | Eirik Aavitsland <eirik.aavitsland@qt.io> | 2021-01-21 09:55:00 +0100 |
---|---|---|
committer | Jani Heikkinen <jani.heikkinen@qt.io> | 2021-05-11 09:59:17 +0000 |
commit | 0c8eb58ba07e248701ff28891c79dfe2fa32dc23 (patch) | |
tree | 7c90c309c6cb83e9367289a605981a97f7d5c9f5 | |
parent | b2265e7dd3617a344945e57a5006b3360b85f922 (diff) |
Gracefully reject requests for absurd font sizes
Avoid overflows.
Fixes: QTBUG-89899
Change-Id: Ic1a83c1704fe20be3d032358dc91ee8e751f2281
Reviewed-by: Eskil Abrahamsen Blomfeldt <eskil.abrahamsen-blomfeldt@qt.io>
(cherry picked from commit 679750684087cad7a48921c4174a53cdf4855049)
Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
(cherry picked from commit 781b55b24e190442d7e055a5e54e8acb44104519)
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
-rw-r--r-- | src/gui/text/qfontdatabase.cpp | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/gui/text/qfontdatabase.cpp b/src/gui/text/qfontdatabase.cpp index 008ddad5cd..b09891bcee 100644 --- a/src/gui/text/qfontdatabase.cpp +++ b/src/gui/text/qfontdatabase.cpp @@ -2675,6 +2675,12 @@ QFontEngine *QFontDatabase::findFont(const QFontDef &request, int script) return engine; } + if (request.pixelSize > 0xffff) { + // Stop absurd requests reaching the engines; pixel size is assumed to fit ushort + qCDebug(lcFontMatch, "Rejecting request for pixel size %g2, returning box engine", double(request.pixelSize)); + return new QFontEngineBox(32); // not request.pixelSize, to avoid overflow/DOS + } + QString family_name, foundry_name; parseFontName(request.family, foundry_name, family_name); |