diff options
author | Albert Astals Cid <albert.astals.cid@kdab.com> | 2018-09-04 14:10:41 +0200 |
---|---|---|
committer | Albert Astals Cid <albert.astals.cid@kdab.com> | 2018-10-05 15:02:27 +0000 |
commit | 63e0c3e1b5b0abe22086589fc18db9984342ce19 (patch) | |
tree | db4e342379aecc299c56078f8ea0516adc3858b3 /mkspecs/hpuxi-g++-64 | |
parent | e7e8b027285f2bbc2c8a698095865c2608dd0204 (diff) |
qppmhandler: Fix undefined overflow behavior
image/qppmhandler.cpp:77:25: runtime error: signed integer overflow: 10 * 300000000 cannot be represented in type 'int'
#0 0x4cecb5 in read_pbm_int(QIODevice*) /src/qt/qtbase/src/gui/image/qppmhandler.cpp:77:25
#1 0x4cb1ac in read_pbm_body(QIODevice*, char, int, int, int, QImage*) /src/qt/qtbase/src/gui/image/qppmhandler.cpp:271:29
#2 0x4ca3d8 in QPpmHandler::read(QImage*) /src/qt/qtbase/src/gui/image/qppmhandler.cpp:509:10
#3 0x4b238d in QImageReader::read(QImage*) /src/qt/qtbase/src/gui/image/qimagereader.cpp:1253:22
#4 0x4b1b61 in QImageReader::read() /src/qt/qtbase/src/gui/image/qimagereader.cpp:1201:12
#5 0x486f66 in QImage::fromData(unsigned char const*, int, char const*) /src/qt/qtbase/src/gui/image/qimage.cpp:3624:37
#6 0x486cd8 in QImage::loadFromData(unsigned char const*, int, char const*) /src/qt/qtbase/src/gui/image/qimage.cpp:3590:13
#7 0x434b2e in LLVMFuzzerTestOneInput /src/qimage_fuzzer.cc:28:7
#8 0x44b167 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:570:15
#9 0x44a535 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:479:3
#10 0x44c428 in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:707:19
#11 0x44d1b5 in fuzzer::Fuzzer::Loop(std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) /src/libfuzzer/FuzzerLoop.cpp:838:5
#12 0x440a29 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:764:6
#13 0x434bf8 in main /src/libfuzzer/FuzzerMain.cpp:20:10
#14 0x7fba939a082f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
#15 0x409bb8 in _start (/out/qimage_fuzzer+0x409bb8)
Change-Id: I9ad78afc4ea9c5c8b7530aa17013abe91202e84b
Reviewed-by: Eirik Aavitsland <eirik.aavitsland@qt.io>
Diffstat (limited to 'mkspecs/hpuxi-g++-64')
0 files changed, 0 insertions, 0 deletions