Don't parse XML symbols longer than 4096 characters

It is slow and will use too much memory. Fixes: QTBUG-91889 Change-Id: I45c5e6038357c87bbb85b1ace17ef39a2a814ea0 Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> (cherry picked from commit 38e111158a38507c63fd70f9ee18b9116b537976) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
author: Allan Sandfeld Jensen <allan.jensen@qt.io> 2021-04-14 22:13:32 +0200
committer: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org> 2021-04-16 20:42:31 +0000
commit: b3fed16e9bf62d511f3c40e9c3dca01332ae8160 (patch)
tree: 6fc01f2915dda5c3cd9951baf262c6f5ae1ec9ca /src/corelib/serialization
parent: 609d0d41553f71543e3013833185de3950bbd00e (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/src/corelib/serialization/qxmlstream.cpp b/src/corelib/serialization/qxmlstream.cpp
index 769b33931e..5f9bed99b8 100644
--- a/src/corelib/serialization/qxmlstream.cpp
+++ b/src/corelib/serialization/qxmlstream.cpp
@@ -1297,6 +1297,11 @@ inline int QXmlStreamReaderPrivate::fastScanName(int *prefix)
     int n = 0;
     uint c;
     while ((c = getChar()) != StreamEOF) {
+        if (n >= 4096) {
+            // This is too long to be a sensible name, and
+            // can exhaust memory
+            return 0;
+        }
         switch (c) {
         case '\n':
         case ' ':
author	Allan Sandfeld Jensen <allan.jensen@qt.io>	2021-04-14 22:13:32 +0200
committer	Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>	2021-04-16 20:42:31 +0000
commit	b3fed16e9bf62d511f3c40e9c3dca01332ae8160 (patch)
tree	6fc01f2915dda5c3cd9951baf262c6f5ae1ec9ca /src/corelib/serialization
parent	609d0d41553f71543e3013833185de3950bbd00e (diff)